Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/0G7F5D8Ah5Gsi2modeC6X38s5x8.roa
File:                     0G7F5D8Ah5Gsi2modeC6X38s5x8.roa (raw, json)
Hash identifier:          KEm6JJ1Gw8+KSL5xoGGE2Jl97YK10LBUs6PveEU4i9c=
Subject key identifier:   D0:6E:C5:E4:3F:00:87:91:AC:8B:69:A8:75:E0:BA:5F:7F:2C:E7:1F
Certificate issuer:       /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial:       0194126D96276677FDBF8B4729DC1AFF00EB
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/0G7F5D8Ah5Gsi2modeC6X38s5x8.roa
Signing time:             Sun 29 Dec 2024 12:39:19 +0000
ROA not before:           Sun 29 Dec 2024 12:39:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60811
IP address blocks:        5.160.192.0/24 maxlen: 24
                          5.160.193.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 01 Jan 2025 09:47:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:12:6d:96:27:66:77:fd:bf:8b:47:29:dc:1a:ff:00:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
        Validity
            Not Before: Dec 29 12:39:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d06ec5e43f008791ac8b69a875e0ba5f7f2ce71f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:de:2b:f0:60:e8:a3:e4:c2:f1:a9:d0:1c:77:
                    9d:3c:09:7d:3d:ea:73:39:2d:85:0e:56:57:f3:9b:
                    ed:3f:35:39:8a:be:2f:bf:46:2a:d2:c3:4e:47:44:
                    47:11:d2:60:fd:83:01:a6:74:42:82:2d:e0:ad:d5:
                    ab:ca:c6:94:85:11:7f:b6:fa:25:91:1b:ee:d5:f5:
                    ef:d5:9a:ca:4c:a6:cf:a8:02:22:24:a0:be:ca:1f:
                    f9:ca:1b:7b:29:d2:f4:de:29:44:50:26:86:fa:7a:
                    2c:b6:a6:94:03:5e:ac:cd:8d:7a:11:f1:d5:ff:73:
                    31:07:ff:6e:2a:e0:3a:52:01:cc:4e:b0:1b:73:af:
                    ea:ed:a6:9d:36:02:f3:3c:c7:5d:4f:46:f7:91:79:
                    1a:5c:f1:d0:75:57:62:e6:85:13:3a:fd:ba:27:8e:
                    1a:37:4d:5e:3a:9f:62:87:ec:93:11:ab:04:4b:21:
                    2e:20:cc:b7:d7:db:2e:76:9d:a1:dd:67:72:62:d4:
                    dd:af:22:0d:a1:90:b2:e1:5f:4d:75:e6:e3:e5:e9:
                    f3:93:07:69:7e:8a:05:75:b4:49:6a:64:91:f8:fb:
                    f7:0a:77:03:46:24:37:07:8a:5e:8e:7d:82:21:52:
                    da:12:e3:85:e3:74:e9:75:8b:da:9b:51:a3:d1:a4:
                    ce:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:6E:C5:E4:3F:00:87:91:AC:8B:69:A8:75:E0:BA:5F:7F:2C:E7:1F
            X509v3 Authority Key Identifier:
                keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/0G7F5D8Ah5Gsi2modeC6X38s5x8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.160.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         35:2f:ef:71:03:58:99:00:76:f5:b5:6f:f8:64:8d:5b:3b:7a:
         7d:7f:e6:27:13:81:88:84:61:21:56:a1:d7:fd:64:39:dd:45:
         b4:ac:86:d5:55:96:cd:61:d5:f6:95:cf:bc:05:be:ef:d3:0d:
         11:c3:1a:36:45:b4:6d:e2:36:05:89:88:99:98:63:3b:c7:33:
         75:9e:22:b1:43:c6:4d:3e:ba:5e:fb:59:a9:e7:ae:0e:49:7e:
         c1:a1:4b:98:af:42:e5:b6:68:18:cc:2b:fc:36:ac:fe:00:96:
         7e:e5:cf:8f:5e:8c:a8:24:86:2b:f8:02:12:e8:3d:13:6e:ff:
         11:32:6c:94:0d:40:b3:f2:67:b5:4c:54:ba:cd:8b:58:08:72:
         a6:b4:38:b1:3e:6b:c2:6e:d6:83:c8:1a:3f:af:a7:f5:ce:8c:
         1f:a6:3f:bd:d1:e5:b1:28:29:27:15:22:30:75:e8:4c:d9:e9:
         f6:6e:73:20:38:58:24:49:18:90:dd:29:92:ea:66:3f:99:87:
         19:4f:b5:06:7a:06:0a:f8:e9:f9:5d:55:43:d9:40:3e:69:bd:
         34:6c:99:2d:e1:c9:0b:c9:39:52:c3:86:b2:47:92:3b:53:1a:
         cc:61:5f:5f:4c:65:55:18:d1:7f:f5:c5:e1:d0:9c:81:7b:0e:
         14:18:0d:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQSbZYnZnf9v4tHKdwa/wDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjQxMjI5MTIzOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDZlYzVlNDNmMDA4NzkxYWM4YjY5YTg3NWUwYmE1ZjdmMmNlNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN4r8GDoo+TC8anQHHedPAl9Pepz
OS2FDlZX85vtPzU5ir4vv0Yq0sNOR0RHEdJg/YMBpnRCgi3grdWrysaUhRF/tvol
kRvu1fXv1ZrKTKbPqAIiJKC+yh/5yht7KdL03ilEUCaG+nostqaUA16szY16EfHV
/3MxB/9uKuA6UgHMTrAbc6/q7aadNgLzPMddT0b3kXkaXPHQdVdi5oUTOv26J44a
N01eOp9ih+yTEasESyEuIMy319sudp2h3WdyYtTdryINoZCy4V9Ndebj5enzkwdp
fooFdbRJamSR+Pv3CncDRiQ3B4pejn2CIVLaEuOF43TpdYvam1Gj0aTOaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNBuxeQ/AIeRrItpqHXgul9/LOcfMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvMEc3RjVEOEFoNUdzaTJtb2RlQzZYMzhzNXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBaDAMA0G
CSqGSIb3DQEBCwUAA4IBAQA1L+9xA1iZAHb1tW/4ZI1bO3p9f+YnE4GIhGEhVqHX
/WQ53UW0rIbVVZbNYdX2lc+8Bb7v0w0Rwxo2RbRt4jYFiYiZmGM7xzN1niKxQ8ZN
Prpe+1mp564OSX7BoUuYr0LltmgYzCv8Nqz+AJZ+5c+PXoyoJIYr+AIS6D0Tbv8R
MmyUDUCz8me1TFS6zYtYCHKmtDixPmvCbtaDyBo/r6f1zowfpj+90eWxKCknFSIw
dehM2en2bnMgOFgkSRiQ3SmS6mY/mYcZT7UGegYK+On5XVVD2UA+ab00bJkt4ckL
yTlSw4ayR5I7UxrMYV9fTGVVGNF/9cXh0JyBew4UGA3X
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:30:55 2025 by rpki-client