Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/th_C5ynoiL6QjRkGoZTJMEr1my0.roa
File:                     th_C5ynoiL6QjRkGoZTJMEr1my0.roa (raw, json)
Hash identifier:          cUZv7mowjwUUAMp2KOrUNOGx1lKke+L//+I15iD9+MA=
Subject key identifier:   B6:1F:C2:E7:29:E8:88:BE:90:8D:19:06:A1:94:C9:30:4A:F5:9B:2D
Certificate issuer:       /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial:       019159111E6A2D845DA65331EB0225CE1B87
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/th_C5ynoiL6QjRkGoZTJMEr1my0.roa
Signing time:             Fri 16 Aug 2024 02:42:59 +0000
ROA not before:           Fri 16 Aug 2024 02:42:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        77.90.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 23 Aug 2024 01:24:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:59:11:1e:6a:2d:84:5d:a6:53:31:eb:02:25:ce:1b:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
        Validity
            Not Before: Aug 16 02:42:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b61fc2e729e888be908d1906a194c9304af59b2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:fb:1c:09:20:ce:d3:8d:ab:8b:35:f2:d1:7e:
                    cd:a2:01:a4:d5:08:16:64:25:32:a8:2c:72:b3:c1:
                    be:20:03:ae:07:87:59:d1:8a:96:16:3b:b8:89:36:
                    5e:13:fb:97:ea:38:23:c6:6a:de:b4:ea:46:57:64:
                    d5:76:2b:f8:f5:27:72:97:af:86:c9:ef:ea:b7:64:
                    ab:ed:b2:59:2b:97:05:63:5f:0e:d3:d6:1a:c7:49:
                    d8:a7:d3:91:a9:15:f7:1f:94:2a:c1:b9:1e:12:1b:
                    11:0c:c6:ba:c3:95:a2:dc:48:85:74:21:32:bf:7c:
                    c5:2e:e0:3d:15:c9:a9:48:ad:9d:78:f6:56:47:53:
                    32:b7:e1:28:b5:86:9f:d8:94:e2:27:31:8c:0d:91:
                    61:cb:43:c2:39:2f:60:1c:78:b1:48:03:d0:7c:56:
                    eb:86:e7:6c:85:07:eb:61:c5:5e:f7:fd:19:85:87:
                    86:48:cc:31:10:70:f9:8d:b8:cc:d3:10:11:fd:e9:
                    9a:7c:d9:12:85:67:1e:9d:2b:1b:2e:ea:0c:41:48:
                    65:b5:45:f1:0a:b0:ff:fc:38:0e:c0:63:21:fa:4e:
                    b3:cb:e3:7f:e9:ca:59:73:8c:1f:20:64:33:7a:20:
                    fb:ce:d0:99:af:b3:d5:1e:cf:d1:2f:8a:e3:75:c7:
                    5e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:1F:C2:E7:29:E8:88:BE:90:8D:19:06:A1:94:C9:30:4A:F5:9B:2D
            X509v3 Authority Key Identifier:
                keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/th_C5ynoiL6QjRkGoZTJMEr1my0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.90.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:8d:2c:a2:c6:5b:ea:72:6b:de:f0:7a:a5:af:b9:cb:ae:37:
         36:05:d1:2e:eb:ea:11:8c:67:55:a5:10:dc:9d:f1:26:59:d7:
         7a:fd:d1:b8:45:ce:0b:b3:3b:65:9c:6b:02:fb:fd:19:d3:e1:
         77:0e:03:d4:5e:8d:58:82:d0:91:b4:12:fb:ea:59:52:3b:e9:
         dc:88:d8:e3:60:29:d7:22:31:95:2c:c9:01:ef:e8:6a:e0:fe:
         16:72:e0:90:23:d9:e2:9f:36:98:6e:cc:c0:24:a5:d0:7d:4e:
         35:e8:07:24:a1:86:ba:81:88:0a:c8:4c:be:2b:7e:dc:37:ab:
         64:06:73:2a:ed:26:61:cd:be:e8:97:c9:06:47:43:e2:a8:a9:
         f5:7f:99:55:68:60:af:bd:b1:02:cf:de:bf:00:44:23:ae:4b:
         de:92:a4:ad:6f:cd:12:7c:f0:41:24:f9:4f:8c:bf:7c:a5:b2:
         92:d4:0c:4a:f0:a4:83:02:56:ae:b1:c4:ff:3e:fe:37:16:b9:
         ea:5f:91:45:bc:d4:e6:ca:13:dc:63:02:e8:a8:31:da:15:74:
         ac:0f:8b:05:6f:0f:e0:c6:23:97:71:30:e5:86:da:6c:e3:2f:
         2d:e8:6d:ee:85:58:81:45:fd:23:b3:f3:33:d5:af:14:bb:1d:
         03:11:86:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFZER5qLYRdplMx6wIlzhuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwODE2MDI0MjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjFmYzJlNzI5ZTg4OGJlOTA4ZDE5MDZhMTk0YzkzMDRhZjU5YjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fscCSDO042rizXy0X7NogGk1QgW
ZCUyqCxys8G+IAOuB4dZ0YqWFju4iTZeE/uX6jgjxmretOpGV2TVdiv49Sdyl6+G
ye/qt2Sr7bJZK5cFY18O09Yax0nYp9ORqRX3H5QqwbkeEhsRDMa6w5Wi3EiFdCEy
v3zFLuA9FcmpSK2dePZWR1Myt+EotYaf2JTiJzGMDZFhy0PCOS9gHHixSAPQfFbr
hudshQfrYcVe9/0ZhYeGSMwxEHD5jbjM0xAR/emafNkShWcenSsbLuoMQUhltUXx
CrD//DgOwGMh+k6zy+N/6cpZc4wfIGQzeiD7ztCZr7PVHs/RL4rjdcdeBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYfwucp6Ii+kI0ZBqGUyTBK9ZstMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdGhfQzV5bm9pTDZRalJrR29aVEpNRXIxbXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVo2MA0G
CSqGSIb3DQEBCwUAA4IBAQC3jSyixlvqcmve8Hqlr7nLrjc2BdEu6+oRjGdVpRDc
nfEmWdd6/dG4Rc4LsztlnGsC+/0Z0+F3DgPUXo1YgtCRtBL76llSO+nciNjjYCnX
IjGVLMkB7+hq4P4WcuCQI9ninzaYbszAJKXQfU416AckoYa6gYgKyEy+K37cN6tk
BnMq7SZhzb7ol8kGR0PiqKn1f5lVaGCvvbECz96/AEQjrkvekqStb80SfPBBJPlP
jL98pbKS1AxK8KSDAlauscT/Pv43FrnqX5FFvNTmyhPcYwLoqDHaFXSsD4sFbw/g
xiOXcTDlhtps4y8t6G3uhViBRf0js/Mz1a8Uux0DEYZq
-----END CERTIFICATE-----
Generated at Fri Aug 23 07:13:26 2024 by rpki-client on console-ams.rpki-client.org