Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TQH35XaXPAXBI8V07LesxhVrjw4.roa
File:                     TQH35XaXPAXBI8V07LesxhVrjw4.roa (raw, json)
Hash identifier:          +cjP4aL5DCJhQGhl2hEMzRr5JhfJ1LMMNpOaCkb/2j4=
Subject key identifier:   4D:01:F7:E5:76:97:3C:05:C1:23:C5:74:EC:B7:AC:C6:15:6B:8F:0E
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018EB3C6CF3014DA9CA0DBDE6CC95C46817A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TQH35XaXPAXBI8V07LesxhVrjw4.roa
Signing time:             Sat 06 Apr 2024 14:18:54 +0000
ROA not before:           Sat 06 Apr 2024 14:18:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215240
IP address blocks:        93.123.39.0/24 maxlen: 24
                          94.156.8.0/24 maxlen: 24
                          94.156.79.0/24 maxlen: 24
                          147.78.103.0/24 maxlen: 24
                          185.216.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Jul 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:b3:c6:cf:30:14:da:9c:a0:db:de:6c:c9:5c:46:81:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Apr  6 14:18:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4d01f7e576973c05c123c574ecb7acc6156b8f0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a0:03:7a:a9:f8:a8:da:de:c2:cf:e7:b8:ce:
                    0e:47:1b:43:4d:dc:6b:6d:6b:9c:25:ec:c9:28:3a:
                    91:e7:76:a3:e8:85:88:17:bd:c2:15:01:7c:04:41:
                    24:3c:10:a0:c1:33:bf:a4:a3:25:5b:64:b1:64:a1:
                    ba:74:f4:74:c8:44:e4:cf:f2:c1:a4:8f:27:1b:8b:
                    d4:18:52:86:fd:3c:4a:c7:9e:3b:e7:e7:e6:1f:f5:
                    fa:09:cd:fc:de:e6:e3:01:e1:94:f1:ac:40:dd:6e:
                    59:f4:47:a2:ac:50:e1:1e:57:a2:95:38:28:5e:ab:
                    03:eb:9c:9f:d0:e9:54:e4:64:24:2c:e5:be:af:e0:
                    44:bd:d8:61:aa:79:58:c3:69:7a:48:87:0e:20:3d:
                    ae:aa:0d:93:2a:2e:40:88:c8:27:44:37:72:42:a5:
                    32:85:2c:04:e0:a6:59:63:1d:f3:dd:c8:48:7e:e7:
                    c0:1d:9d:63:3b:c6:cc:15:85:4b:eb:d7:e3:71:b1:
                    f5:5c:1c:b8:3e:20:58:de:45:b5:5c:83:05:b9:72:
                    6e:52:2a:3f:01:a3:af:9e:1e:7d:60:b5:dc:fd:3c:
                    b9:69:48:a5:1e:c6:39:91:c8:0c:27:8e:48:d3:63:
                    46:a7:b1:89:17:1f:13:7a:d6:10:5e:e6:a5:38:45:
                    16:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:01:F7:E5:76:97:3C:05:C1:23:C5:74:EC:B7:AC:C6:15:6B:8F:0E
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TQH35XaXPAXBI8V07LesxhVrjw4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.123.39.0/24
                  94.156.8.0/24
                  94.156.79.0/24
                  147.78.103.0/24
                  185.216.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:73:a0:d0:e3:0b:2f:9f:02:af:09:2c:30:97:b9:ee:47:3d:
         6e:65:e5:37:74:82:93:31:ac:58:ce:cd:f5:41:a1:cc:0a:d6:
         7b:0f:c0:36:db:1e:e5:bc:4d:68:e4:d4:94:3c:78:0e:fc:0b:
         06:af:37:96:60:58:37:7e:1f:3d:50:d7:9b:8b:ab:2c:02:63:
         f0:da:ca:f9:c3:ac:05:ee:f3:a6:d2:13:09:9e:d9:90:22:85:
         e3:bf:74:5a:ca:0c:35:24:12:bf:3d:aa:09:3a:19:ee:c6:6f:
         96:7a:48:65:c4:01:8a:0d:7b:06:1f:ea:a2:29:7c:68:dc:62:
         7d:48:30:d3:da:23:56:d7:a7:d2:ff:8b:f3:fc:96:aa:39:7c:
         89:29:b7:45:0b:e7:1c:da:e8:c7:3e:1b:db:06:2b:82:b4:d5:
         d4:92:d0:d7:7a:4a:8b:04:96:f4:74:df:55:86:ec:3a:75:eb:
         02:d8:67:d9:a9:11:d6:b1:c6:96:4b:f5:c7:1a:91:bf:ef:37:
         a6:93:4d:e1:d7:4a:07:26:9f:17:be:ce:37:18:92:ac:ea:49:
         40:4f:66:f3:7d:1e:02:ca:34:0b:73:db:91:3b:ed:a5:6b:9f:
         fa:0d:50:95:c7:09:72:05:27:ad:54:f5:36:29:62:c9:c8:2b:
         2f:02:a7:d8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6zxs8wFNqcoNvebMlcRoF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDA2MTQxODU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDAxZjdlNTc2OTczYzA1YzEyM2M1NzRlY2I3YWNjNjE1NmI4ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6ADeqn4qNrews/nuM4ORxtDTdxr
bWucJezJKDqR53aj6IWIF73CFQF8BEEkPBCgwTO/pKMlW2SxZKG6dPR0yETkz/LB
pI8nG4vUGFKG/TxKx5475+fmH/X6Cc383ubjAeGU8axA3W5Z9EeirFDhHleilTgo
XqsD65yf0OlU5GQkLOW+r+BEvdhhqnlYw2l6SIcOID2uqg2TKi5AiMgnRDdyQqUy
hSwE4KZZYx3z3chIfufAHZ1jO8bMFYVL69fjcbH1XBy4PiBY3kW1XIMFuXJuUio/
AaOvnh59YLXc/Ty5aUilHsY5kcgMJ45I02NGp7GJFx8TetYQXualOEUWKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE0B9+V2lzwFwSPFdOy3rMYVa48OMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVFFIMzVYYVhQQVhCSThWMDdMZXN4aFZyanc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAXXsnAwQA
XpwIAwQAXpxPAwQAk05nAwQAudhGMA0GCSqGSIb3DQEBCwUAA4IBAQB7c6DQ4wsv
nwKvCSwwl7nuRz1uZeU3dIKTMaxYzs31QaHMCtZ7D8A22x7lvE1o5NSUPHgO/AsG
rzeWYFg3fh89UNebi6ssAmPw2sr5w6wF7vOm0hMJntmQIoXjv3Raygw1JBK/PaoJ
Ohnuxm+WekhlxAGKDXsGH+qiKXxo3GJ9SDDT2iNW16fS/4vz/JaqOXyJKbdFC+cc
2ujHPhvbBiuCtNXUktDXekqLBJb0dN9Vhuw6desC2GfZqRHWscaWS/XHGpG/7zem
k03h10oHJp8Xvs43GJKs6klAT2bzfR4CyjQLc9uRO+2la5/6DVCVxwlyBSetVPU2
KWLJyCsvAqfY
-----END CERTIFICATE-----
Generated at Thu Jul 25 07:42:31 2024 by rpki-client on console-ams.rpki-client.org