Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/de956f-e55b-437e-85d9-686f836cbcad/1/UgWbJMslzCb8Zb_y4Gas2f6tlZI.roa
File:                     UgWbJMslzCb8Zb_y4Gas2f6tlZI.roa (raw, json)
Hash identifier:          polOV5MjFwkNyec75GXIE3lnLfBLzVduWR+m3VOqWRY=
Subject key identifier:   52:05:9B:24:CB:25:CC:26:FC:65:BF:F2:E0:66:AC:D9:FE:AD:95:92
Certificate issuer:       /CN=37b8221099486a3b133e0139e34b934264cdd700
Certificate serial:       0186E59C8B68DE6FBCCBDEB2DA9FF4F5AC93
Authority key identifier: 37:B8:22:10:99:48:6A:3B:13:3E:01:39:E3:4B:93:42:64:CD:D7:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N7giEJlIajsTPgE540uTQmTN1wA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/de956f-e55b-437e-85d9-686f836cbcad/1/UgWbJMslzCb8Zb_y4Gas2f6tlZI.roa
Signing time:             Wed 15 Mar 2023 14:11:27 +0000
ROA not before:           Wed 15 Mar 2023 14:11:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203541
IP address blocks:        37.61.184.0/21 maxlen: 21
                          2a06:c500::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e5:9c:8b:68:de:6f:bc:cb:de:b2:da:9f:f4:f5:ac:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37b8221099486a3b133e0139e34b934264cdd700
        Validity
            Not Before: Mar 15 14:11:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=52059b24cb25cc26fc65bff2e066acd9fead9592
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:2e:77:7f:b1:d3:18:b2:fd:8e:1f:11:cd:9f:
                    22:92:6b:3a:02:44:10:cd:8f:b8:a6:85:d2:7c:f9:
                    f9:11:f3:de:a4:ab:c5:4e:36:b0:2f:e9:0d:09:9a:
                    5d:ac:c1:01:6c:4e:4f:b4:e8:49:34:68:74:d3:71:
                    10:f0:54:00:cf:79:c9:28:fa:73:b0:6b:44:0e:4c:
                    08:07:b0:fb:08:c8:5c:a6:ec:af:cf:1d:e8:ce:54:
                    68:8d:85:54:73:33:08:39:a9:86:7e:15:16:7f:af:
                    70:c9:38:7e:de:90:ea:d3:c6:6a:44:be:f2:fe:21:
                    88:21:0b:5c:0d:02:86:6e:89:2d:67:e4:92:d5:33:
                    c1:98:eb:31:7b:7e:33:39:be:d0:b9:d7:12:18:39:
                    70:6f:ee:b5:8f:68:b5:9d:9f:a5:83:1e:de:cd:19:
                    fe:f9:e9:a5:84:07:a4:c0:7d:78:a4:81:db:2e:54:
                    0a:27:92:1b:8d:aa:01:4d:2b:0c:f1:c0:bc:70:e6:
                    b6:dc:e1:b5:c3:c9:1a:5b:e8:bc:09:5e:43:bb:36:
                    01:d1:33:ab:6a:b0:ee:29:b6:4c:59:3e:33:b8:10:
                    15:a5:5c:39:8d:84:ed:73:5c:6f:03:37:c9:15:7b:
                    76:d2:32:37:d3:ac:cf:95:29:e2:51:93:77:2b:a3:
                    39:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:05:9B:24:CB:25:CC:26:FC:65:BF:F2:E0:66:AC:D9:FE:AD:95:92
            X509v3 Authority Key Identifier:
                keyid:37:B8:22:10:99:48:6A:3B:13:3E:01:39:E3:4B:93:42:64:CD:D7:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N7giEJlIajsTPgE540uTQmTN1wA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/de956f-e55b-437e-85d9-686f836cbcad/1/UgWbJMslzCb8Zb_y4Gas2f6tlZI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/de956f-e55b-437e-85d9-686f836cbcad/1/N7giEJlIajsTPgE540uTQmTN1wA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.61.184.0/21
                IPv6:
                  2a06:c500::/29

    Signature Algorithm: sha256WithRSAEncryption
         30:1d:fa:5c:23:6d:0f:89:c4:c4:62:35:b3:ab:7e:7b:20:3b:
         aa:95:60:0c:26:62:11:f3:16:47:08:02:a5:9c:53:15:3e:85:
         bf:d2:18:33:6b:89:ed:c8:ef:a8:c1:38:62:b2:c7:32:db:e8:
         f0:93:4a:1d:e4:05:94:e5:56:b6:fa:25:dc:0e:f7:a6:62:ac:
         ce:b5:10:31:cd:75:9d:f1:6d:40:c8:1c:c0:71:2a:a1:20:5f:
         f4:c6:20:34:59:20:26:4f:16:4d:bc:89:17:51:19:cc:d8:78:
         d6:b2:ee:fa:40:04:b3:4d:41:78:4f:46:6e:84:05:d4:75:d8:
         9f:6a:20:47:91:12:41:f8:b2:4e:fe:31:ec:83:e9:4d:a9:12:
         9c:bf:7b:3d:a3:0d:3d:39:83:6b:f4:29:0b:62:2e:c0:35:48:
         92:0b:e3:2c:a3:79:88:d2:52:c9:99:b3:31:ce:a7:9a:61:8b:
         2c:09:24:04:da:60:eb:46:35:5e:d6:41:08:dc:13:2c:8a:75:
         ee:9e:8d:19:94:32:70:3a:28:39:49:46:fc:12:d9:d0:e1:9f:
         c4:79:ca:cc:b7:58:61:79:ac:0f:7f:62:2d:ff:cc:1f:94:a3:
         7b:cd:ae:30:65:12:c7:fd:dc:2b:87:39:62:bd:c3:81:8b:06:
         0d:f7:0e:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYblnIto3m+8y96y2p/09ayTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3YjgyMjEwOTk0ODZhM2IxMzNlMDEzOWUzNGI5MzQyNjRj
ZGQ3MDAwHhcNMjMwMzE1MTQxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjA1OWIyNGNiMjVjYzI2ZmM2NWJmZjJlMDY2YWNkOWZlYWQ5NTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6i53f7HTGLL9jh8RzZ8ikms6AkQQ
zY+4poXSfPn5EfPepKvFTjawL+kNCZpdrMEBbE5PtOhJNGh003EQ8FQAz3nJKPpz
sGtEDkwIB7D7CMhcpuyvzx3ozlRojYVUczMIOamGfhUWf69wyTh+3pDq08ZqRL7y
/iGIIQtcDQKGboktZ+SS1TPBmOsxe34zOb7QudcSGDlwb+61j2i1nZ+lgx7ezRn+
+emlhAekwH14pIHbLlQKJ5IbjaoBTSsM8cC8cOa23OG1w8kaW+i8CV5DuzYB0TOr
arDuKbZMWT4zuBAVpVw5jYTtc1xvAzfJFXt20jI306zPlSniUZN3K6M5pQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFIFmyTLJcwm/GW/8uBmrNn+rZWSMB8GA1UdIwQY
MBaAFDe4IhCZSGo7Ez4BOeNLk0JkzdcAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjdnaUVKbElhanNUUGdFNTQwdVRRbVROMXdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9kZTk1NmYtZTU1Yi00MzdlLTg1ZDkt
Njg2ZjgzNmNiY2FkLzEvVWdXYkpNc2x6Q2I4WmJfeTRHYXMyZjZ0bFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9kZTk1NmYtZTU1Yi00MzdlLTg1ZDktNjg2ZjgzNmNiY2Fk
LzEvTjdnaUVKbElhanNUUGdFNTQwdVRRbVROMXdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDJT24MA0E
AgACMAcDBQMqBsUAMA0GCSqGSIb3DQEBCwUAA4IBAQAwHfpcI20PicTEYjWzq357
IDuqlWAMJmIR8xZHCAKlnFMVPoW/0hgza4ntyO+owThisscy2+jwk0od5AWU5Va2
+iXcDvemYqzOtRAxzXWd8W1AyBzAcSqhIF/0xiA0WSAmTxZNvIkXURnM2HjWsu76
QASzTUF4T0ZuhAXUddifaiBHkRJB+LJO/jHsg+lNqRKcv3s9ow09OYNr9CkLYi7A
NUiSC+Mso3mI0lLJmbMxzqeaYYssCSQE2mDrRjVe1kEI3BMsinXuno0ZlDJwOig5
SUb8EtnQ4Z/EecrMt1hheawPf2It/8wflKN7za4wZRLH/dwrhzlivcOBiwYN9w7y
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:08 2024 by rpki-client on console-fra.rpki-client.org