Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/tthLMK1U2_4Zt1vOBM_-yGxOGAM.roa
File:                     tthLMK1U2_4Zt1vOBM_-yGxOGAM.roa (raw, json)
Hash identifier:          1qjR/ogGo2ywXwmt/O8W2L52mfVjf8fiXxjvSz6hCa0=
Subject key identifier:   B6:D8:4B:30:AD:54:DB:FE:19:B7:5B:CE:04:CF:FE:C8:6C:4E:18:03
Certificate issuer:       /CN=331bce2ee806e93621112dbd618536f775f44fba
Certificate serial:       01856FE6FAD8F5A7E6F79C0A696759BC20F0
Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/tthLMK1U2_4Zt1vOBM_-yGxOGAM.roa
Signing time:             Mon 02 Jan 2023 00:34:46 +0000
ROA not before:           Mon 02 Jan 2023 00:34:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197654
IP address blocks:        185.130.56.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 Mar 2023 22:02:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:e6:fa:d8:f5:a7:e6:f7:9c:0a:69:67:59:bc:20:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba
        Validity
            Not Before: Jan  2 00:34:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b6d84b30ad54dbfe19b75bce04cffec86c4e1803
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:88:5c:85:ba:83:04:69:e7:cf:42:01:33:5a:
                    44:16:95:3e:be:a6:34:4b:87:4a:8f:dc:0a:fd:a5:
                    f1:98:d0:cb:cf:93:af:77:a1:d2:42:2a:bb:87:bb:
                    f7:ca:75:5d:49:79:b2:aa:73:43:a2:38:f1:16:96:
                    1c:7e:7d:dc:80:20:8c:e8:74:de:a4:85:70:7f:2c:
                    0a:f0:6b:f4:be:bb:8f:0e:98:01:56:ea:0a:de:3f:
                    3b:c3:5d:d0:a6:0c:29:d2:8c:6d:5f:c2:8a:21:3c:
                    1c:fa:02:68:a9:8c:3f:51:84:01:0c:e9:81:e8:84:
                    e2:26:b7:58:c2:88:f9:70:95:f7:55:fd:e7:7d:e7:
                    a9:0c:aa:74:9a:34:f6:b7:21:30:0d:6e:68:f5:25:
                    68:59:a7:82:69:d4:75:63:6f:ab:c3:92:f5:8b:6b:
                    cc:c5:1f:6b:53:30:c5:c5:10:25:e1:65:c2:66:54:
                    e3:1e:6b:0b:1f:21:be:7c:bd:df:38:da:3b:5a:52:
                    21:a5:c0:3a:08:7f:de:55:f3:40:80:4f:36:de:52:
                    38:d6:9a:79:dd:16:69:10:7e:04:0d:b3:50:e6:4d:
                    87:2e:02:6f:fd:16:8a:a1:9c:15:a2:d8:c6:94:19:
                    58:0e:26:4e:2f:40:f9:bc:5a:1b:41:37:02:ba:3f:
                    92:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:D8:4B:30:AD:54:DB:FE:19:B7:5B:CE:04:CF:FE:C8:6C:4E:18:03
            X509v3 Authority Key Identifier:
                keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/tthLMK1U2_4Zt1vOBM_-yGxOGAM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.130.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:63:46:ea:b9:81:c0:81:a3:65:52:19:42:cd:4f:20:11:8c:
         61:de:de:29:a5:d7:89:51:79:96:d1:13:ee:3b:d2:2d:26:ca:
         bf:eb:ee:79:0e:c1:62:f9:98:ac:cb:07:61:85:19:a3:22:88:
         9f:d6:1d:a4:59:e4:ce:e2:6b:40:7b:23:99:8e:2c:92:eb:6f:
         e2:88:16:e2:c0:8b:11:bd:e9:c3:e2:4c:c9:0d:cf:16:ef:34:
         c1:e8:ff:06:62:fe:41:6e:98:81:e7:ec:17:04:3c:7f:7b:fd:
         70:15:d9:55:8e:49:83:50:bc:64:83:70:81:d7:52:da:1f:9e:
         2a:18:e6:23:f9:2a:b2:57:9e:2e:49:92:3e:56:52:2a:5a:0e:
         b7:4f:10:85:66:d1:f2:86:36:2f:f0:47:71:5b:07:35:4e:2c:
         85:fb:91:82:84:5e:d1:40:c6:aa:46:3c:c9:39:4b:ea:2f:d5:
         7c:e3:b6:6c:3f:2d:8e:36:94:ed:23:56:77:88:fa:20:4a:1a:
         93:12:fc:1f:86:8c:e8:0e:e8:f6:31:d7:ca:35:50:fc:da:93:
         02:cc:82:15:07:d4:fc:5d:72:d3:fd:6c:31:bc:c2:ae:c1:e9:
         8a:4a:ba:bd:74:ad:69:c4:d7:28:18:88:d5:d4:0e:d9:c3:09:
         79:5c:03:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5vrY9afm95wKaWdZvCDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWJjZTJlZTgwNmU5MzYyMTExMmRiZDYxODUzNmY3NzVm
NDRmYmEwHhcNMjMwMTAyMDAzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQ4NGIzMGFkNTRkYmZlMTliNzViY2UwNGNmZmVjODZjNGUxODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsohchbqDBGnnz0IBM1pEFpU+vqY0
S4dKj9wK/aXxmNDLz5Ovd6HSQiq7h7v3ynVdSXmyqnNDojjxFpYcfn3cgCCM6HTe
pIVwfywK8Gv0vruPDpgBVuoK3j87w13Qpgwp0oxtX8KKITwc+gJoqYw/UYQBDOmB
6ITiJrdYwoj5cJX3Vf3nfeepDKp0mjT2tyEwDW5o9SVoWaeCadR1Y2+rw5L1i2vM
xR9rUzDFxRAl4WXCZlTjHmsLHyG+fL3fONo7WlIhpcA6CH/eVfNAgE823lI41pp5
3RZpEH4EDbNQ5k2HLgJv/RaKoZwVotjGlBlYDiZOL0D5vFobQTcCuj+SPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbYSzCtVNv+GbdbzgTP/shsThgDMB8GA1UdIwQY
MBaAFDMbzi7oBuk2IREtvWGFNvd19E+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYt
YWVhYzE2MjI3YzI1LzEvdHRoTE1LMVUyXzRadDF2T0JNXy15R3hPR0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYtYWVhYzE2MjI3YzI1
LzEvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYI4MA0G
CSqGSIb3DQEBCwUAA4IBAQBwY0bquYHAgaNlUhlCzU8gEYxh3t4ppdeJUXmW0RPu
O9ItJsq/6+55DsFi+ZisywdhhRmjIoif1h2kWeTO4mtAeyOZjiyS62/iiBbiwIsR
venD4kzJDc8W7zTB6P8GYv5BbpiB5+wXBDx/e/1wFdlVjkmDULxkg3CB11LaH54q
GOYj+SqyV54uSZI+VlIqWg63TxCFZtHyhjYv8EdxWwc1TiyF+5GChF7RQMaqRjzJ
OUvqL9V847ZsPy2ONpTtI1Z3iPogShqTEvwfhozoDuj2MdfKNVD82pMCzIIVB9T8
XXLT/WwxvMKuwemKSrq9dK1pxNcoGIjV1A7Zwwl5XAMZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:20 2024 by rpki-client on console-fra.rpki-client.org