Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/JT2n-16NZ4k_Twr2zO41JlUmOYk.roa
File:                     JT2n-16NZ4k_Twr2zO41JlUmOYk.roa (raw, json)
Hash identifier:          kKkg/5kUwhoq9nTBLMp+8cGI9QcEXtOW2BMSAk19Au0=
Subject key identifier:   25:3D:A7:FB:5E:8D:67:89:3F:4F:0A:F6:CC:EE:35:26:55:26:39:89
Certificate issuer:       /CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6
Certificate serial:       01857155482DA5B16197F2EFA9B65AF10B40
Authority key identifier: 88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/JT2n-16NZ4k_Twr2zO41JlUmOYk.roa
Signing time:             Mon 02 Jan 2023 07:14:52 +0000
ROA not before:           Mon 02 Jan 2023 07:14:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34549
IP address blocks:        192.144.44.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 22 Nov 2023 15:24:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:55:48:2d:a5:b1:61:97:f2:ef:a9:b6:5a:f1:0b:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6
        Validity
            Not Before: Jan  2 07:14:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=253da7fb5e8d67893f4f0af6ccee352655263989
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:cc:96:e7:b0:b0:05:a8:b1:b7:70:95:f3:bb:
                    f8:78:a8:59:0d:b5:28:0d:7f:2d:dc:4d:bb:25:fa:
                    b6:6c:ae:eb:8c:7f:70:4d:35:cd:e0:16:7c:b9:96:
                    a3:6e:de:be:d3:8b:c9:d0:e6:e2:d9:1c:0a:9d:3e:
                    95:d9:0a:8c:ca:9b:12:1f:55:f9:1b:5f:57:7a:84:
                    60:e7:72:21:85:15:ba:47:1a:36:22:b5:df:82:ad:
                    07:b1:f4:52:89:89:12:93:47:18:ac:c2:fb:98:68:
                    85:3a:3b:d1:f5:c9:33:75:94:a4:e3:b4:d3:63:54:
                    28:1d:86:fb:0a:d9:2c:64:65:32:60:ea:c8:02:e1:
                    f4:5b:64:6c:a6:96:45:96:6a:09:c8:96:9e:80:29:
                    cb:cf:b6:bb:f8:96:ef:7d:8f:db:c6:71:8e:41:48:
                    16:38:a0:c9:e4:d6:2a:a6:d2:6e:ca:66:7c:3f:6e:
                    b6:84:3f:10:d0:b1:d6:25:c4:b2:f3:2f:87:91:e7:
                    02:a4:b2:29:e3:b3:f7:9d:07:df:d1:f9:7c:f2:85:
                    35:05:70:88:3c:0e:63:58:97:c6:d8:9a:0b:b0:6d:
                    a8:d9:e4:70:a6:8a:88:e2:09:c8:a4:c8:6c:e2:5c:
                    5a:97:74:a2:d6:75:cb:33:2a:29:b3:fa:81:00:9c:
                    9f:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:3D:A7:FB:5E:8D:67:89:3F:4F:0A:F6:CC:EE:35:26:55:26:39:89
            X509v3 Authority Key Identifier:
                keyid:88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/JT2n-16NZ4k_Twr2zO41JlUmOYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.144.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         05:2e:f3:9c:b2:12:56:24:4b:7e:30:d9:54:96:bd:a7:60:12:
         ac:f1:8f:35:53:d6:1a:a3:8c:d1:06:ee:56:86:f4:c2:d8:37:
         51:4a:dd:e8:fb:5a:44:4b:7a:a2:09:e2:d7:23:3e:6e:23:04:
         67:11:95:38:26:a2:c8:b7:cf:ef:5e:75:6e:b2:7e:23:a2:59:
         45:36:63:60:0e:1e:1e:20:04:2c:52:e7:83:17:45:31:09:48:
         2c:93:f7:82:3d:e9:9d:aa:8f:5e:a2:73:12:87:96:2e:38:5d:
         06:2d:3c:ac:70:25:14:a2:9c:8d:41:ea:14:0a:39:1b:3d:f5:
         c5:81:a1:b3:0b:20:23:f9:ab:7c:a3:25:4c:6f:9e:7c:fd:4a:
         53:c5:ef:02:dc:10:a9:f5:e9:32:8f:cf:f3:70:96:59:cb:01:
         73:78:ab:85:f7:fe:23:3c:f5:88:bf:a2:6f:a0:69:d6:a3:81:
         dc:5f:9b:49:1a:bb:9d:a1:70:25:cf:56:54:53:26:ef:f4:56:
         cc:f3:c2:6e:54:13:50:21:d5:f7:b4:8f:a8:b1:91:1b:3a:80:
         d5:df:be:27:cc:78:a6:d6:88:b9:3f:49:97:02:65:e8:c5:5b:
         8a:b7:89:0a:3f:13:50:85:de:fc:f7:c9:50:40:ac:f7:76:25:
         db:0a:87:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVUgtpbFhl/LvqbZa8QtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MjFhMzlhZWQ5ZGE0ZWUzYWI2NjM5ZDI0NDUwOGZhMWU4
ZDIwZjYwHhcNMjMwMTAyMDcxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTNkYTdmYjVlOGQ2Nzg5M2Y0ZjBhZjZjY2VlMzUyNjU1MjYzOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssyW57CwBaixt3CV87v4eKhZDbUo
DX8t3E27Jfq2bK7rjH9wTTXN4BZ8uZajbt6+04vJ0Obi2RwKnT6V2QqMypsSH1X5
G19XeoRg53IhhRW6Rxo2IrXfgq0HsfRSiYkSk0cYrML7mGiFOjvR9ckzdZSk47TT
Y1QoHYb7CtksZGUyYOrIAuH0W2RsppZFlmoJyJaegCnLz7a7+JbvfY/bxnGOQUgW
OKDJ5NYqptJuymZ8P262hD8Q0LHWJcSy8y+HkecCpLIp47P3nQff0fl88oU1BXCI
PA5jWJfG2JoLsG2o2eRwpoqI4gnIpMhs4lxal3Si1nXLMyops/qBAJyfcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCU9p/tejWeJP08K9szuNSZVJjmJMB8GA1UdIwQY
MBaAFIgho5rtnaTuOrZjnSRFCPoejSD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAt
ZjYwZDZmNzE4MmExLzEvSlQybi0xNk5aNGtfVHdyMnpPNDFKbFVtT1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAtZjYwZDZmNzE4MmEx
LzEvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJAsMA0G
CSqGSIb3DQEBCwUAA4IBAQAFLvOcshJWJEt+MNlUlr2nYBKs8Y81U9Yao4zRBu5W
hvTC2DdRSt3o+1pES3qiCeLXIz5uIwRnEZU4JqLIt8/vXnVusn4jollFNmNgDh4e
IAQsUueDF0UxCUgsk/eCPemdqo9eonMSh5YuOF0GLTyscCUUopyNQeoUCjkbPfXF
gaGzCyAj+at8oyVMb558/UpTxe8C3BCp9ekyj8/zcJZZywFzeKuF9/4jPPWIv6Jv
oGnWo4HcX5tJGrudoXAlz1ZUUybv9FbM88JuVBNQIdX3tI+osZEbOoDV374nzHim
1oi5P0mXAmXoxVuKt4kKPxNQhd7898lQQKz3diXbCofD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:28 2024 by rpki-client on console-fra.rpki-client.org