Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/pUs5MapezlDH-EkYKKPeFJMujz8.roa
File:                     pUs5MapezlDH-EkYKKPeFJMujz8.roa (raw, json)
Hash identifier:          4FAOcMpSUpVHFoufBwSweEqmYpSU9qCLPdoSq6VZLx8=
Subject key identifier:   A5:4B:39:31:AA:5E:CE:50:C7:F8:49:18:28:A3:DE:14:93:2E:8F:3F
Certificate issuer:       /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial:       01856B532E243974907943494226F14125C9
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/pUs5MapezlDH-EkYKKPeFJMujz8.roa
Signing time:             Sun 01 Jan 2023 03:14:51 +0000
ROA not before:           Sun 01 Jan 2023 03:14:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     393427
IP address blocks:        109.160.40.0/24 maxlen: 24
                          109.160.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Nov 2023 13:23:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:53:2e:24:39:74:90:79:43:49:42:26:f1:41:25:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
        Validity
            Not Before: Jan  1 03:14:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a54b3931aa5ece50c7f8491828a3de14932e8f3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:84:81:7a:6d:fe:c1:55:b2:9b:0f:cb:5e:18:
                    04:45:eb:f2:94:b9:91:5a:da:36:f6:c3:df:c6:03:
                    1f:f7:db:d7:89:20:dd:6b:57:71:76:b4:ad:38:b9:
                    87:50:84:f2:26:dc:1f:dd:ec:48:c6:68:35:82:58:
                    7b:39:7e:11:8b:a6:36:dd:40:40:26:71:59:19:ea:
                    91:37:b2:a1:d2:00:e1:bc:f9:9c:4f:10:37:95:36:
                    04:18:d3:25:6d:91:15:e5:f9:f0:d1:96:45:90:45:
                    8d:d2:cb:f2:9d:25:9e:b3:e0:a9:41:25:b4:64:7e:
                    c9:49:34:bb:f9:ac:ec:35:00:2b:17:a7:a0:9b:b9:
                    fd:9a:64:b5:92:4a:52:22:f2:9d:43:5e:d9:7b:72:
                    d7:65:b0:ff:54:f3:72:ad:65:73:62:d1:e4:fb:da:
                    83:9a:6d:e5:a4:cb:c8:b0:4c:25:91:da:44:ab:7b:
                    37:24:46:65:32:df:08:06:18:9b:7f:94:b6:59:72:
                    89:12:98:8f:ae:72:9d:d7:e8:6b:ff:c6:2d:1f:16:
                    db:37:27:86:1f:3a:0d:7d:3b:d0:ff:ff:81:94:18:
                    a3:60:73:2f:5d:6f:c9:bb:56:6c:a5:86:ba:58:60:
                    dd:27:50:0a:b0:f2:76:ed:75:7d:2c:74:4e:74:6d:
                    3b:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:4B:39:31:AA:5E:CE:50:C7:F8:49:18:28:A3:DE:14:93:2E:8F:3F
            X509v3 Authority Key Identifier:
                keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/pUs5MapezlDH-EkYKKPeFJMujz8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.160.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         22:d8:24:3e:57:d3:ce:d2:16:3d:34:a7:bb:80:53:45:1d:f0:
         fe:72:7a:9c:d6:5d:be:10:47:53:ee:48:5b:6b:cc:29:39:4a:
         62:bd:57:55:74:9d:4a:cd:e2:d6:52:f0:e0:98:7d:5c:a1:b2:
         66:d9:42:60:5f:ea:4b:60:33:cc:b2:d1:e8:ba:d1:85:63:11:
         bc:37:4d:0e:1e:82:7f:2a:ea:54:cd:76:25:e1:b2:cc:90:9a:
         47:e3:6d:7b:fc:2b:13:0c:3c:86:a7:50:39:d0:e2:f0:2e:4a:
         ed:9e:40:7b:b3:4c:68:6e:8b:45:00:46:34:60:56:4b:0f:48:
         b8:db:3a:7b:af:23:79:cf:f6:16:b2:8c:c4:82:3b:3d:90:da:
         5f:7b:3c:dc:d3:4e:74:a3:83:39:57:7b:48:9e:86:dc:d3:8b:
         6f:9f:9a:e6:dd:e8:f2:a2:6b:06:e0:dd:5f:04:e8:f2:2e:77:
         bf:c9:2f:87:b9:9e:f5:31:e4:23:76:f4:76:79:8e:03:2d:99:
         68:88:68:4c:95:b7:84:ef:17:71:bf:3e:5a:3e:cf:1c:47:45:
         6f:ab:e0:eb:5b:47:6b:4b:10:fc:1e:27:7a:f2:42:66:fb:3c:
         b5:d7:2f:63:95:8e:28:18:93:60:84:e3:14:0d:bc:f1:66:d4:
         f8:7a:e5:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrUy4kOXSQeUNJQibxQSXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMwMTAxMDMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTRiMzkzMWFhNWVjZTUwYzdmODQ5MTgyOGEzZGUxNDkzMmU4ZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYSBem3+wVWymw/LXhgERevylLmR
Wto29sPfxgMf99vXiSDda1dxdrStOLmHUITyJtwf3exIxmg1glh7OX4Ri6Y23UBA
JnFZGeqRN7Kh0gDhvPmcTxA3lTYEGNMlbZEV5fnw0ZZFkEWN0svynSWes+CpQSW0
ZH7JSTS7+azsNQArF6egm7n9mmS1kkpSIvKdQ17Ze3LXZbD/VPNyrWVzYtHk+9qD
mm3lpMvIsEwlkdpEq3s3JEZlMt8IBhibf5S2WXKJEpiPrnKd1+hr/8YtHxbbNyeG
HzoNfTvQ//+BlBijYHMvXW/Ju1ZspYa6WGDdJ1AKsPJ27XV9LHROdG07XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKVLOTGqXs5Qx/hJGCij3hSTLo8/MB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvcFVzNU1hcGV6bERILUVrWUtLUGVGSk11ano4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbaAoMA0G
CSqGSIb3DQEBCwUAA4IBAQAi2CQ+V9PO0hY9NKe7gFNFHfD+cnqc1l2+EEdT7khb
a8wpOUpivVdVdJ1KzeLWUvDgmH1cobJm2UJgX+pLYDPMstHoutGFYxG8N00OHoJ/
KupUzXYl4bLMkJpH4217/CsTDDyGp1A50OLwLkrtnkB7s0xobotFAEY0YFZLD0i4
2zp7ryN5z/YWsozEgjs9kNpfezzc0050o4M5V3tInobc04tvn5rm3ejyomsG4N1f
BOjyLne/yS+HuZ71MeQjdvR2eY4DLZloiGhMlbeE7xdxvz5aPs8cR0Vvq+DrW0dr
SxD8Hid68kJm+zy11y9jlY4oGJNghOMUDbzxZtT4euX6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:28 2024 by rpki-client on console-ams.rpki-client.org