Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/Us2GmRlYRq2BIhyD-hVlB4JaoPU.roa
File:                     Us2GmRlYRq2BIhyD-hVlB4JaoPU.roa (raw, json)
Hash identifier:          1u8KyJCqIgFi6C+cFNEaXJqgTIdmHXGafUuJktu0ScQ=
Subject key identifier:   52:CD:86:99:19:58:46:AD:81:22:1C:83:FA:15:65:07:82:5A:A0:F5
Certificate issuer:       /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial:       018A90082FB92D940DA57B482B9DBD810B55
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/Us2GmRlYRq2BIhyD-hVlB4JaoPU.roa
Signing time:             Wed 13 Sep 2023 19:32:50 +0000
ROA not before:           Wed 13 Sep 2023 19:32:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207945
IP address blocks:        194.63.152.0/22 maxlen: 22
                          185.183.72.0/22 maxlen: 22
                          2a0f:6b80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:90:08:2f:b9:2d:94:0d:a5:7b:48:2b:9d:bd:81:0b:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
        Validity
            Not Before: Sep 13 19:32:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=52cd8699195846ad81221c83fa156507825aa0f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ac:e6:b2:7e:07:33:b0:7c:f0:52:da:6f:7a:
                    f7:71:d3:84:b0:7b:cb:c4:d2:37:a2:88:60:ce:b1:
                    28:1f:56:4e:46:69:86:71:fb:e8:63:91:3b:c0:ea:
                    76:7e:33:dd:a0:15:47:11:fd:d0:82:17:25:ce:c1:
                    61:1e:fb:d5:b6:19:26:68:50:1a:1d:0c:f8:c1:88:
                    40:15:ce:77:76:68:ef:17:86:2f:09:e6:51:5c:dc:
                    32:d1:18:4c:b8:8f:79:11:7a:3c:1e:66:d5:2d:02:
                    4d:38:89:e9:f4:fe:c8:a6:b1:3a:c0:44:10:a5:fb:
                    6a:79:ba:d4:01:1b:1f:a2:66:90:05:e9:cb:c7:29:
                    6f:de:a6:cb:f9:46:7c:d5:15:11:da:29:65:35:bf:
                    87:6d:d7:ae:7b:5c:d1:4c:70:74:fc:ea:e6:5e:4d:
                    2c:25:4c:93:c4:ab:71:44:ff:39:dd:67:a1:cf:8e:
                    b1:3e:90:75:a6:a9:3e:da:9d:bb:c7:89:29:50:b0:
                    a3:85:8d:5c:de:ad:c4:62:c7:cf:30:58:90:a0:28:
                    cb:9f:15:01:4a:da:e8:12:b5:9d:9d:3e:c9:df:e5:
                    2a:4b:3e:c5:0f:19:e0:19:75:e8:82:fb:0a:e1:f8:
                    70:10:f7:9d:68:db:05:55:36:5c:e6:a5:7d:46:30:
                    33:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:CD:86:99:19:58:46:AD:81:22:1C:83:FA:15:65:07:82:5A:A0:F5
            X509v3 Authority Key Identifier:
                keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/Us2GmRlYRq2BIhyD-hVlB4JaoPU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.183.72.0/22
                  194.63.152.0/22
                IPv6:
                  2a0f:6b80::/29

    Signature Algorithm: sha256WithRSAEncryption
         79:a2:be:4b:61:12:07:6e:0f:24:18:38:29:f7:6b:26:fc:a1:
         68:25:6e:99:2a:22:38:ca:20:a6:3c:ef:db:fe:7f:0b:07:b7:
         e9:d8:f7:ff:d9:6d:98:e4:8e:90:5f:bd:a8:20:88:16:81:53:
         4f:d6:fb:d8:ef:9e:b9:8a:fb:05:eb:ac:70:42:79:a9:75:be:
         4f:d1:0a:f3:81:97:6f:78:99:f0:8a:35:cd:e9:b1:87:46:86:
         c3:6f:0b:fe:a6:cc:21:21:0f:f2:01:dc:37:9e:24:ca:52:05:
         99:c1:7c:23:e6:3d:0e:41:35:ed:d1:45:d3:03:45:e7:b4:f5:
         c3:aa:a8:9b:c8:65:b6:62:8a:23:48:ac:2c:28:51:3f:7f:2d:
         d4:4a:4f:ac:f4:54:ff:b8:04:08:6e:0a:77:a9:6f:e8:7b:a9:
         d4:22:43:e6:e0:8c:90:48:e1:02:b0:aa:de:ad:8e:fd:a0:e5:
         26:01:c1:3b:9c:55:9e:b9:36:43:79:50:da:20:6c:51:18:f7:
         89:2c:be:e2:8b:a8:22:25:4f:41:a5:6d:5b:c5:21:fb:d4:ca:
         e8:6e:f8:95:69:96:89:0c:19:ea:55:62:48:8a:c9:0d:64:fa:
         0e:4d:64:e9:0b:c1:05:1a:92:ec:68:1a:57:b8:8b:ed:d1:d3:
         33:da:86:ce
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYqQCC+5LZQNpXtIK529gQtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjMwOTEzMTkzMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmNkODY5OTE5NTg0NmFkODEyMjFjODNmYTE1NjUwNzgyNWFhMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqzmsn4HM7B88FLab3r3cdOEsHvL
xNI3oohgzrEoH1ZORmmGcfvoY5E7wOp2fjPdoBVHEf3QghclzsFhHvvVthkmaFAa
HQz4wYhAFc53dmjvF4YvCeZRXNwy0RhMuI95EXo8HmbVLQJNOInp9P7IprE6wEQQ
pftqebrUARsfomaQBenLxylv3qbL+UZ81RUR2illNb+Hbdeue1zRTHB0/OrmXk0s
JUyTxKtxRP853Wehz46xPpB1pqk+2p27x4kpULCjhY1c3q3EYsfPMFiQoCjLnxUB
StroErWdnT7J3+UqSz7FDxngGXXogvsK4fhwEPedaNsFVTZc5qV9RjAznQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFLNhpkZWEatgSIcg/oVZQeCWqD1MB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvVXMyR21SbFlScTJCSWh5RC1oVmxCNEphb1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubdIAwQC
wj+YMA0EAgACMAcDBQMqD2uAMA0GCSqGSIb3DQEBCwUAA4IBAQB5or5LYRIHbg8k
GDgp92sm/KFoJW6ZKiI4yiCmPO/b/n8LB7fp2Pf/2W2Y5I6QX72oIIgWgVNP1vvY
7565ivsF66xwQnmpdb5P0QrzgZdveJnwijXN6bGHRobDbwv+pswhIQ/yAdw3niTK
UgWZwXwj5j0OQTXt0UXTA0XntPXDqqibyGW2YoojSKwsKFE/fy3USk+s9FT/uAQI
bgp3qW/oe6nUIkPm4IyQSOECsKrerY79oOUmAcE7nFWeuTZDeVDaIGxRGPeJLL7i
i6giJU9BpW1bxSH71MrobviVaZaJDBnqVWJIiskNZPoOTWTpC8EFGpLsaBpXuIvt
0dMz2obO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:27 2024 by rpki-client on console-ams.rpki-client.org