Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/TfIFOJb3Ln1TxoxuoR572sZXrk8.roa
File:                     TfIFOJb3Ln1TxoxuoR572sZXrk8.roa (raw, json)
Hash identifier:          +xX99/qeL8LKPLH06coJWE9e0XMqkChQegzywfmGF2g=
Subject key identifier:   4D:F2:05:38:96:F7:2E:7D:53:C6:8C:6E:A1:1E:7B:DA:C6:57:AE:4F
Certificate issuer:       /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial:       018EAD9C6F2776B73179756CAF83CF60F457
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/TfIFOJb3Ln1TxoxuoR572sZXrk8.roa
Signing time:             Fri 05 Apr 2024 09:34:54 +0000
ROA not before:           Fri 05 Apr 2024 09:34:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        94.154.44.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 Apr 2024 17:25:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:ad:9c:6f:27:76:b7:31:79:75:6c:af:83:cf:60:f4:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
        Validity
            Not Before: Apr  5 09:34:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4df2053896f72e7d53c68c6ea11e7bdac657ae4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:02:cf:f9:d0:8a:5b:a6:57:cd:5e:1a:a7:2a:
                    10:a9:88:db:dc:c2:d7:55:ac:a5:9d:b2:09:2d:f1:
                    d6:18:9e:9a:60:ba:4d:3d:f6:64:69:dd:5d:70:c9:
                    6e:ef:42:cb:e2:de:24:d2:47:fe:ea:47:07:0c:ec:
                    8b:48:a4:13:a1:42:07:52:eb:a9:b3:6d:64:4f:b2:
                    84:3f:3f:2a:2a:8d:08:35:4d:50:d6:5f:66:7d:0a:
                    86:1a:ec:75:9c:94:8f:73:47:9a:73:f0:59:85:83:
                    3a:74:ed:b2:1c:76:23:88:81:0e:f6:91:8e:20:26:
                    96:40:b5:58:2e:06:ca:5d:00:c3:43:08:0f:0a:61:
                    2a:08:62:f3:9b:58:15:f1:81:b3:e7:2a:b9:24:ef:
                    d4:38:7e:f8:3c:ae:f7:8b:44:d0:b1:69:4a:89:6d:
                    d2:b7:f3:27:8e:ed:f8:b0:c8:aa:3c:d6:48:22:dc:
                    71:44:51:30:61:a1:e5:99:2f:4a:02:50:bb:91:49:
                    09:d7:83:f8:6b:f3:ce:c3:35:3e:71:9d:b7:1a:1e:
                    a1:6d:9a:43:3f:ea:b6:91:d4:eb:ad:8f:03:ee:da:
                    f4:98:ce:7c:9b:c0:f5:38:f6:69:06:f7:30:4c:cf:
                    b7:3d:d3:19:19:17:92:23:c8:2f:84:04:51:71:b1:
                    be:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:F2:05:38:96:F7:2E:7D:53:C6:8C:6E:A1:1E:7B:DA:C6:57:AE:4F
            X509v3 Authority Key Identifier:
                keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/TfIFOJb3Ln1TxoxuoR572sZXrk8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.154.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:6c:f9:e5:37:e2:5a:df:f3:02:ee:18:0e:02:b1:62:cb:63:
         10:eb:11:52:99:ce:82:dc:00:cf:95:28:36:56:b6:da:8d:bd:
         56:b8:e0:b2:79:f2:23:27:41:3c:b9:f3:04:d1:a4:43:7f:e4:
         26:5d:19:35:1f:7f:ed:d2:ae:88:fb:bd:24:19:e2:c3:2e:e2:
         87:57:8a:ca:7e:8e:ff:80:47:99:23:39:4f:1b:74:f3:15:7a:
         49:dd:13:b5:f6:29:e1:37:7c:26:b9:20:a5:79:1d:c5:d6:6f:
         fe:4f:51:a3:b2:b3:2e:bc:96:ef:90:aa:7f:a0:65:a0:d1:7e:
         55:e0:1e:40:86:21:99:2a:9c:d3:43:4a:23:52:45:86:0e:98:
         14:12:db:e2:18:e6:44:3e:14:f8:87:55:e8:c1:f9:cb:c8:19:
         f4:c3:88:d9:50:be:63:75:fc:6e:1a:62:85:2e:76:ce:a1:f5:
         56:f7:81:43:13:c3:6f:a2:ae:06:1e:8e:16:5b:79:1a:d7:24:
         50:c0:5e:53:bd:7b:dc:c7:42:f8:4d:50:fd:e0:e9:f8:0a:00:
         17:da:3e:aa:b6:09:bb:0e:b0:f2:ef:c9:33:c8:c8:12:67:30:
         eb:72:44:e2:a5:20:53:db:77:f2:40:d7:c4:74:8e:44:a3:cf:
         75:4d:93:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6tnG8ndrcxeXVsr4PPYPRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwNDA1MDkzNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGYyMDUzODk2ZjcyZTdkNTNjNjhjNmVhMTFlN2JkYWM2NTdhZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwLP+dCKW6ZXzV4apyoQqYjb3MLX
VaylnbIJLfHWGJ6aYLpNPfZkad1dcMlu70LL4t4k0kf+6kcHDOyLSKQToUIHUuup
s21kT7KEPz8qKo0INU1Q1l9mfQqGGux1nJSPc0eac/BZhYM6dO2yHHYjiIEO9pGO
ICaWQLVYLgbKXQDDQwgPCmEqCGLzm1gV8YGz5yq5JO/UOH74PK73i0TQsWlKiW3S
t/Mnju34sMiqPNZIItxxRFEwYaHlmS9KAlC7kUkJ14P4a/POwzU+cZ23Gh6hbZpD
P+q2kdTrrY8D7tr0mM58m8D1OPZpBvcwTM+3PdMZGReSI8gvhARRcbG+1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE3yBTiW9y59U8aMbqEee9rGV65PMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvVGZJRk9KYjNMbjFUeG94dW9SNTcyc1pYcms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXposMA0G
CSqGSIb3DQEBCwUAA4IBAQCMbPnlN+Ja3/MC7hgOArFiy2MQ6xFSmc6C3ADPlSg2
Vrbajb1WuOCyefIjJ0E8ufME0aRDf+QmXRk1H3/t0q6I+70kGeLDLuKHV4rKfo7/
gEeZIzlPG3TzFXpJ3RO19inhN3wmuSCleR3F1m/+T1GjsrMuvJbvkKp/oGWg0X5V
4B5AhiGZKpzTQ0ojUkWGDpgUEtviGOZEPhT4h1XowfnLyBn0w4jZUL5jdfxuGmKF
LnbOofVW94FDE8Nvoq4GHo4WW3ka1yRQwF5TvXvcx0L4TVD94On4CgAX2j6qtgm7
DrDy78kzyMgSZzDrckTipSBT23fyQNfEdI5Eo891TZOb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:55 2024 by rpki-client on console-ams.rpki-client.org