Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/2faeb5-6a1d-4a13-ba1f-4663bc9da964/1/1ngT91usbKDIGKHtBZrF2CmweSw.roa
File:                     1ngT91usbKDIGKHtBZrF2CmweSw.roa (raw, json)
Hash identifier:          0OgpVAH2mnfvyD+0c4u7K9Ekky+hXoOuQKOIaT1zXdw=
Subject key identifier:   D6:78:13:F7:5B:AC:6C:A0:C8:18:A1:ED:05:9A:C5:D8:29:B0:79:2C
Certificate issuer:       /CN=2182cd3ac5c4db67ea731a6b7198b7d6e4ff115c
Certificate serial:       01856BC0ECC98746AF68B6D219D170C014D0
Authority key identifier: 21:82:CD:3A:C5:C4:DB:67:EA:73:1A:6B:71:98:B7:D6:E4:FF:11:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYLNOsXE22fqcxprcZi31uT_EVw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/2faeb5-6a1d-4a13-ba1f-4663bc9da964/1/1ngT91usbKDIGKHtBZrF2CmweSw.roa
Signing time:             Sun 01 Jan 2023 05:14:43 +0000
ROA not before:           Sun 01 Jan 2023 05:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211262
IP address blocks:        37.252.220.0/24 maxlen: 24
                          2a05:5180::/29 maxlen: 64

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:c0:ec:c9:87:46:af:68:b6:d2:19:d1:70:c0:14:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2182cd3ac5c4db67ea731a6b7198b7d6e4ff115c
        Validity
            Not Before: Jan  1 05:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d67813f75bac6ca0c818a1ed059ac5d829b0792c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:20:e6:df:3c:40:5b:84:85:b5:62:e1:5e:9f:
                    13:3e:f1:26:72:03:79:ef:bf:70:1e:59:4a:3c:44:
                    d6:bb:27:0f:03:03:4a:21:4d:a3:a1:d1:92:d0:5a:
                    16:cd:08:4e:bb:87:58:35:38:28:98:41:c4:d5:2c:
                    ec:e5:44:08:f4:53:0f:35:05:52:27:a5:99:0e:d6:
                    f1:28:7e:43:f1:8c:e6:3a:64:9e:cb:a4:83:c6:0e:
                    13:b0:cb:3c:80:34:36:03:b6:83:bb:85:e9:64:46:
                    a8:6f:35:74:59:2f:77:5b:35:8a:c8:2d:c0:3b:67:
                    69:67:a5:13:86:1d:92:d6:93:7e:c8:5d:7c:ef:22:
                    f4:dc:a7:d1:55:cf:6b:a8:2c:5e:9f:51:ee:09:75:
                    79:60:8a:88:37:35:85:06:cc:1f:d9:5d:17:e1:15:
                    3d:16:8a:23:da:bc:51:ce:a9:36:d6:b5:01:63:af:
                    b6:c8:c5:94:9d:7b:10:7f:f5:b0:3c:e9:66:23:4e:
                    80:bf:55:b1:ed:ba:dd:46:f5:1e:1b:59:50:70:c0:
                    d4:8b:7d:c2:76:d1:ce:19:55:89:d6:df:f4:07:d4:
                    03:16:8a:0d:33:ee:04:4f:d0:c2:ab:eb:ca:7c:4e:
                    e4:71:be:d2:ca:ee:b8:0f:b4:e7:87:be:bd:82:23:
                    43:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:78:13:F7:5B:AC:6C:A0:C8:18:A1:ED:05:9A:C5:D8:29:B0:79:2C
            X509v3 Authority Key Identifier:
                keyid:21:82:CD:3A:C5:C4:DB:67:EA:73:1A:6B:71:98:B7:D6:E4:FF:11:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYLNOsXE22fqcxprcZi31uT_EVw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2faeb5-6a1d-4a13-ba1f-4663bc9da964/1/1ngT91usbKDIGKHtBZrF2CmweSw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2faeb5-6a1d-4a13-ba1f-4663bc9da964/1/IYLNOsXE22fqcxprcZi31uT_EVw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.252.220.0/24
                IPv6:
                  2a05:5180::/29

    Signature Algorithm: sha256WithRSAEncryption
         00:c5:f0:37:32:34:c9:c4:e5:54:2b:9a:66:c0:a6:1a:91:2e:
         a2:23:70:08:75:8d:47:5a:cf:89:04:98:1d:73:45:ab:77:ff:
         a5:98:c1:67:9f:aa:a2:f7:b3:4b:1c:99:02:5b:41:4c:d0:57:
         e5:db:8b:c9:c6:c4:9f:52:d1:0f:97:24:a3:28:7b:01:db:54:
         fe:b3:30:e2:5b:07:a2:f2:3c:f8:d6:e4:df:3c:ab:c7:3a:7a:
         91:1d:34:13:57:64:07:8d:ae:3d:c4:9d:2e:f6:9f:dc:38:7f:
         61:49:ac:51:ff:89:c1:3c:2b:f4:0f:fb:e4:0c:dd:45:fc:b5:
         40:cd:2f:06:4e:21:bf:6a:ea:a6:90:c3:a9:c4:aa:9e:24:d2:
         09:31:83:18:2c:8f:5c:ad:d5:c6:0c:dc:75:44:a9:70:95:09:
         fa:f5:aa:39:a7:67:1a:00:11:c0:b6:19:62:d7:d3:7e:8f:de:
         92:94:55:9f:a1:dd:e9:da:d0:68:7a:24:b2:cb:0b:ac:e4:2f:
         38:ed:2e:65:a1:04:25:74:bd:fc:ce:5c:cc:05:83:61:7e:05:
         d5:53:27:25:07:4c:28:d0:a5:b4:1c:72:72:93:ed:4a:86:d7:
         d7:f4:97:6d:84:f7:75:58:6a:31:37:c4:cb:be:1f:42:25:28:
         be:0e:94:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrwOzJh0avaLbSGdFwwBTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODJjZDNhYzVjNGRiNjdlYTczMWE2YjcxOThiN2Q2ZTRm
ZjExNWMwHhcNMjMwMTAxMDUxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjc4MTNmNzViYWM2Y2EwYzgxOGExZWQwNTlhYzVkODI5YjA3OTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiDm3zxAW4SFtWLhXp8TPvEmcgN5
779wHllKPETWuycPAwNKIU2jodGS0FoWzQhOu4dYNTgomEHE1Szs5UQI9FMPNQVS
J6WZDtbxKH5D8YzmOmSey6SDxg4TsMs8gDQ2A7aDu4XpZEaobzV0WS93WzWKyC3A
O2dpZ6UThh2S1pN+yF187yL03KfRVc9rqCxen1HuCXV5YIqINzWFBswf2V0X4RU9
Fooj2rxRzqk21rUBY6+2yMWUnXsQf/WwPOlmI06Av1Wx7brdRvUeG1lQcMDUi33C
dtHOGVWJ1t/0B9QDFooNM+4ET9DCq+vKfE7kcb7Syu64D7Tnh769giND4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNZ4E/dbrGygyBih7QWaxdgpsHksMB8GA1UdIwQY
MBaAFCGCzTrFxNtn6nMaa3GYt9bk/xFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlMTk9zWEUyMmZxY3hwcmNaaTMxdVRfRVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yZmFlYjUtNmExZC00YTEzLWJhMWYt
NDY2M2JjOWRhOTY0LzEvMW5nVDkxdXNiS0RJR0tIdEJackYyQ213ZVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yZmFlYjUtNmExZC00YTEzLWJhMWYtNDY2M2JjOWRhOTY0
LzEvSVlMTk9zWEUyMmZxY3hwcmNaaTMxdVRfRVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAJfzcMA0E
AgACMAcDBQMqBVGAMA0GCSqGSIb3DQEBCwUAA4IBAQAAxfA3MjTJxOVUK5pmwKYa
kS6iI3AIdY1HWs+JBJgdc0Wrd/+lmMFnn6qi97NLHJkCW0FM0Ffl24vJxsSfUtEP
lySjKHsB21T+szDiWwei8jz41uTfPKvHOnqRHTQTV2QHja49xJ0u9p/cOH9hSaxR
/4nBPCv0D/vkDN1F/LVAzS8GTiG/auqmkMOpxKqeJNIJMYMYLI9crdXGDNx1RKlw
lQn69ao5p2caABHAthli19N+j96SlFWfod3p2tBoeiSyywus5C847S5loQQldL38
zlzMBYNhfgXVUyclB0wo0KW0HHJyk+1KhtfX9JdthPd1WGoxN8TLvh9CJSi+DpS+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:27 2024 by rpki-client on console-fra.rpki-client.org