Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/1331cf-b3f0-47d9-9e40-7914383363f7/1/tNH_ogsVRcb6tKsz9SZYsjOsLiw.roa
File:                     tNH_ogsVRcb6tKsz9SZYsjOsLiw.roa (raw, json)
Hash identifier:          EcWtRkiHNEFVQhldG+edQTMvE+4knzBNZnyXeOg4+MA=
Subject key identifier:   B4:D1:FF:A2:0B:15:45:C6:FA:B4:AB:33:F5:26:58:B2:33:AC:2E:2C
Certificate issuer:       /CN=713f83dee92d8d3e28d7362dfc7187553d88c75c
Certificate serial:       018572C3552192F1B2200C24D43E4C413710
Authority key identifier: 71:3F:83:DE:E9:2D:8D:3E:28:D7:36:2D:FC:71:87:55:3D:88:C7:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cT-D3uktjT4o1zYt_HGHVT2Ix1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/1331cf-b3f0-47d9-9e40-7914383363f7/1/tNH_ogsVRcb6tKsz9SZYsjOsLiw.roa
Signing time:             Mon 02 Jan 2023 13:54:41 +0000
ROA not before:           Mon 02 Jan 2023 13:54:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9096
IP address blocks:        193.110.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:c3:55:21:92:f1:b2:20:0c:24:d4:3e:4c:41:37:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=713f83dee92d8d3e28d7362dfc7187553d88c75c
        Validity
            Not Before: Jan  2 13:54:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b4d1ffa20b1545c6fab4ab33f52658b233ac2e2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:90:75:f3:c5:65:e3:63:66:53:fa:2b:74:d6:
                    3d:1e:5f:c6:89:b8:4a:0d:fa:3b:7b:1a:ff:61:a4:
                    e3:93:29:c9:5f:07:83:2c:cd:3b:9f:ad:80:73:b4:
                    91:d2:7e:d4:a0:7d:92:8d:9f:fd:06:ea:f9:8e:d1:
                    3c:7f:14:5a:36:89:09:1c:dd:b6:b7:23:3c:48:99:
                    ad:2e:f3:57:9d:73:91:22:38:0b:0c:a7:c7:ee:20:
                    38:2e:39:a6:38:66:99:ea:65:c7:cd:0c:af:76:10:
                    ca:07:57:8a:df:37:07:fb:64:d5:09:43:51:44:a0:
                    02:d6:c1:99:bd:32:7e:d9:7a:67:27:5d:de:52:dc:
                    dc:7c:68:75:b1:ac:e3:3f:43:63:4f:26:bc:a6:a1:
                    0b:be:c0:e6:7e:d8:3c:7b:91:ca:5d:ab:ad:0e:94:
                    a6:68:7a:61:12:36:b1:29:4a:20:c6:3e:0d:7a:5d:
                    a5:c7:59:21:bc:ac:1f:45:d7:fb:a5:ea:1a:ac:6a:
                    18:01:8c:e8:b3:19:24:b7:ae:ce:3d:68:b6:06:ed:
                    bb:f6:e7:cf:4a:c9:af:01:71:f2:b9:73:7e:a1:d3:
                    a1:6e:70:1b:39:b8:83:0a:6d:1c:f2:f9:1a:10:1d:
                    8c:99:00:53:57:8c:58:1b:25:13:59:f9:9a:75:15:
                    90:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:D1:FF:A2:0B:15:45:C6:FA:B4:AB:33:F5:26:58:B2:33:AC:2E:2C
            X509v3 Authority Key Identifier:
                keyid:71:3F:83:DE:E9:2D:8D:3E:28:D7:36:2D:FC:71:87:55:3D:88:C7:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cT-D3uktjT4o1zYt_HGHVT2Ix1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/1331cf-b3f0-47d9-9e40-7914383363f7/1/tNH_ogsVRcb6tKsz9SZYsjOsLiw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/1331cf-b3f0-47d9-9e40-7914383363f7/1/cT-D3uktjT4o1zYt_HGHVT2Ix1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.110.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:23:57:3a:38:37:c7:a8:dc:26:14:15:25:4b:0f:16:9f:36:
         d7:6a:20:37:f7:09:f8:9c:4f:a3:b1:f6:32:8b:21:ab:bf:09:
         b4:e8:e6:c7:09:29:63:68:d1:c9:8b:ea:67:7a:88:8c:40:82:
         81:66:62:f7:2c:5c:f8:91:7e:20:ce:de:14:07:17:5d:d4:b5:
         10:c5:85:fb:f3:58:63:60:1a:87:8e:69:96:6f:79:ea:4c:0e:
         48:37:5b:96:e8:5f:e0:5f:8f:d2:7b:3a:cc:c9:5c:0e:09:df:
         11:6f:de:1f:06:a6:76:40:01:97:0c:d2:ab:32:96:43:04:ae:
         c6:4d:b1:82:e9:77:4c:25:4f:93:25:08:85:d2:1f:7e:67:ea:
         dc:fe:33:b8:eb:1e:da:f0:0f:c3:d3:e7:e4:43:01:aa:ce:24:
         ac:01:52:5d:0d:b9:d3:14:e0:85:92:f6:0a:8e:20:18:ca:b0:
         fa:a3:0a:3c:85:9d:cf:96:b0:bc:1c:6b:33:96:fd:b7:2e:f5:
         18:ca:23:ac:17:ce:83:3b:f0:af:68:1a:3c:cc:34:94:61:00:
         9e:0c:ec:bb:7a:95:15:97:ba:8a:20:1c:19:9a:c1:89:1d:0d:
         e5:00:0c:8c:9e:24:8b:55:13:94:6b:ef:84:ad:4d:ad:4d:55:
         e6:45:09:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw1UhkvGyIAwk1D5MQTcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxM2Y4M2RlZTkyZDhkM2UyOGQ3MzYyZGZjNzE4NzU1M2Q4
OGM3NWMwHhcNMjMwMTAyMTM1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQxZmZhMjBiMTU0NWM2ZmFiNGFiMzNmNTI2NThiMjMzYWMyZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZB188Vl42NmU/ordNY9Hl/GibhK
Dfo7exr/YaTjkynJXweDLM07n62Ac7SR0n7UoH2SjZ/9Bur5jtE8fxRaNokJHN22
tyM8SJmtLvNXnXORIjgLDKfH7iA4LjmmOGaZ6mXHzQyvdhDKB1eK3zcH+2TVCUNR
RKAC1sGZvTJ+2XpnJ13eUtzcfGh1sazjP0NjTya8pqELvsDmftg8e5HKXautDpSm
aHphEjaxKUogxj4Nel2lx1khvKwfRdf7peoarGoYAYzosxkkt67OPWi2Bu279ufP
SsmvAXHyuXN+odOhbnAbObiDCm0c8vkaEB2MmQBTV4xYGyUTWfmadRWQ6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTR/6ILFUXG+rSrM/UmWLIzrC4sMB8GA1UdIwQY
MBaAFHE/g97pLY0+KNc2Lfxxh1U9iMdcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1QtRDN1a3RqVDRvMXpZdF9IR0hWVDJJeDF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xMzMxY2YtYjNmMC00N2Q5LTllNDAt
NzkxNDM4MzM2M2Y3LzEvdE5IX29nc1ZSY2I2dEtzejlTWllzak9zTGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xMzMxY2YtYjNmMC00N2Q5LTllNDAtNzkxNDM4MzM2M2Y3
LzEvY1QtRDN1a3RqVDRvMXpZdF9IR0hWVDJJeDF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW6KMA0G
CSqGSIb3DQEBCwUAA4IBAQBPI1c6ODfHqNwmFBUlSw8WnzbXaiA39wn4nE+jsfYy
iyGrvwm06ObHCSljaNHJi+pneoiMQIKBZmL3LFz4kX4gzt4UBxdd1LUQxYX781hj
YBqHjmmWb3nqTA5IN1uW6F/gX4/SezrMyVwOCd8Rb94fBqZ2QAGXDNKrMpZDBK7G
TbGC6XdMJU+TJQiF0h9+Z+rc/jO46x7a8A/D0+fkQwGqziSsAVJdDbnTFOCFkvYK
jiAYyrD6owo8hZ3PlrC8HGszlv23LvUYyiOsF86DO/CvaBo8zDSUYQCeDOy7epUV
l7qKIBwZmsGJHQ3lAAyMniSLVROUa++ErU2tTVXmRQmm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:24 2024 by rpki-client on console-ams.rpki-client.org