Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/TfkBSZush5GlCrEORDjS0DCRK3I.roa
File:                     TfkBSZush5GlCrEORDjS0DCRK3I.roa (raw, json)
Hash identifier:          R+pNT1tWslOsyXqp7N2QJhnzDcoUJMwlwuQnxoZVD7I=
Subject key identifier:   4D:F9:01:49:9B:AC:87:91:A5:0A:B1:0E:44:38:D2:D0:30:91:2B:72
Certificate issuer:       /CN=2890da765a999f719875c51eecf4c7d6148a1bd9
Certificate serial:       01857321E2E1927450AA062457261B34DCAA
Authority key identifier: 28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/TfkBSZush5GlCrEORDjS0DCRK3I.roa
Signing time:             Mon 02 Jan 2023 15:37:58 +0000
ROA not before:           Mon 02 Jan 2023 15:37:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206783
IP address blocks:        45.143.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:21:e2:e1:92:74:50:aa:06:24:57:26:1b:34:dc:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2890da765a999f719875c51eecf4c7d6148a1bd9
        Validity
            Not Before: Jan  2 15:37:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4df901499bac8791a50ab10e4438d2d030912b72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:8a:82:34:81:7a:97:23:0e:50:da:4b:c5:59:
                    2e:be:a5:d5:68:8e:9a:e8:4c:d6:e2:7f:e3:50:fd:
                    04:1f:b1:42:e2:2d:14:df:24:32:3f:f9:17:9d:56:
                    6a:54:97:a6:97:d5:3e:89:dc:c7:2d:89:ee:c3:c9:
                    11:2c:b9:a0:36:2e:c4:bc:c9:3c:6f:37:d7:ec:57:
                    83:be:13:54:dd:81:33:ef:3a:c6:5a:5e:d2:64:05:
                    8f:57:f3:16:00:07:ae:29:89:08:ff:dd:cd:06:97:
                    5b:c8:c7:c0:e4:5a:43:c1:7b:5c:78:d6:cb:b9:a5:
                    ae:83:f0:81:cb:1c:70:de:64:ec:aa:3f:fe:f5:1d:
                    83:57:f6:fd:2a:6e:9b:35:0e:7f:88:be:fd:f8:ab:
                    05:5e:43:08:97:80:86:bb:3f:74:d3:c6:e8:8a:94:
                    53:5f:82:48:6f:61:f2:c8:b4:09:b9:ec:8d:8f:04:
                    4e:f1:1f:07:b7:2c:53:9e:73:65:6a:d6:ac:6c:8e:
                    c1:75:1e:13:95:af:83:8d:80:a2:46:54:22:cd:3e:
                    99:1b:22:08:46:8d:2c:53:08:5c:40:b4:fa:21:3b:
                    42:20:3f:5e:c7:86:38:16:cc:21:35:2f:87:07:9f:
                    5c:f0:83:6f:a8:5f:5f:16:74:c4:13:9e:fe:12:35:
                    b9:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:F9:01:49:9B:AC:87:91:A5:0A:B1:0E:44:38:D2:D0:30:91:2B:72
            X509v3 Authority Key Identifier:
                keyid:28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/TfkBSZush5GlCrEORDjS0DCRK3I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/KJDadlqZn3GYdcUe7PTH1hSKG9k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.143.207.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:5f:dd:a9:3f:8f:00:c2:e2:74:4c:91:55:51:53:5a:97:e2:
         b7:aa:8f:93:85:22:15:69:9a:11:c8:88:00:49:54:a5:7a:bf:
         64:07:63:e9:09:cd:1b:5e:66:60:27:da:3f:76:12:b0:a6:1f:
         f4:94:58:73:f7:70:e9:c5:8d:f4:8e:12:d7:c1:6b:53:06:43:
         4b:74:36:4c:80:d7:3e:ea:06:58:c1:f0:10:9b:82:58:b4:ce:
         4b:72:31:d7:e7:4d:6b:ea:c0:8a:2d:4b:9b:8e:d0:6b:4e:62:
         0b:51:f9:84:21:7d:c0:ee:43:9a:93:d4:de:e3:53:1b:2c:48:
         f7:71:30:90:48:6e:88:7f:ef:45:1d:c2:ba:b0:59:ff:4a:cb:
         b7:c3:7c:9f:15:93:8a:99:9d:95:13:cc:64:58:fc:90:98:04:
         35:2f:64:00:c4:fe:67:a9:09:1b:31:b2:a2:7f:78:16:3d:26:
         4c:01:c5:73:e4:9c:cc:76:65:59:a0:ca:99:cb:48:cb:d0:1b:
         d9:ec:1b:29:32:4a:f4:0f:59:44:10:c8:ce:a5:f6:5c:06:a6:
         74:8d:31:a9:9f:09:10:da:3c:94:5c:64:79:1a:3b:1d:64:cb:
         86:ff:e0:9e:92:bc:0a:5a:08:43:6d:e0:a3:8e:41:2f:80:70:
         a6:18:a2:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIeLhknRQqgYkVyYbNNyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4OTBkYTc2NWE5OTlmNzE5ODc1YzUxZWVjZjRjN2Q2MTQ4
YTFiZDkwHhcNMjMwMTAyMTUzNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGY5MDE0OTliYWM4NzkxYTUwYWIxMGU0NDM4ZDJkMDMwOTEyYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIqCNIF6lyMOUNpLxVkuvqXVaI6a
6EzW4n/jUP0EH7FC4i0U3yQyP/kXnVZqVJeml9U+idzHLYnuw8kRLLmgNi7EvMk8
bzfX7FeDvhNU3YEz7zrGWl7SZAWPV/MWAAeuKYkI/93NBpdbyMfA5FpDwXtceNbL
uaWug/CByxxw3mTsqj/+9R2DV/b9Km6bNQ5/iL79+KsFXkMIl4CGuz9008boipRT
X4JIb2HyyLQJueyNjwRO8R8HtyxTnnNlatasbI7BdR4Tla+DjYCiRlQizT6ZGyII
Ro0sUwhcQLT6ITtCID9ex4Y4FswhNS+HB59c8INvqF9fFnTEE57+EjW54wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE35AUmbrIeRpQqxDkQ40tAwkStyMB8GA1UdIwQY
MBaAFCiQ2nZamZ9xmHXFHuz0x9YUihvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEt
MjhmYzcwNjNkOTUyLzEvVGZrQlNadXNoNUdsQ3JFT1JEalMwRENSSzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEtMjhmYzcwNjNkOTUy
LzEvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY/PMA0G
CSqGSIb3DQEBCwUAA4IBAQCLX92pP48AwuJ0TJFVUVNal+K3qo+ThSIVaZoRyIgA
SVSler9kB2PpCc0bXmZgJ9o/dhKwph/0lFhz93DpxY30jhLXwWtTBkNLdDZMgNc+
6gZYwfAQm4JYtM5LcjHX501r6sCKLUubjtBrTmILUfmEIX3A7kOak9Te41MbLEj3
cTCQSG6If+9FHcK6sFn/Ssu3w3yfFZOKmZ2VE8xkWPyQmAQ1L2QAxP5nqQkbMbKi
f3gWPSZMAcVz5JzMdmVZoMqZy0jL0BvZ7BspMkr0D1lEEMjOpfZcBqZ0jTGpnwkQ
2jyUXGR5GjsdZMuG/+CekrwKWghDbeCjjkEvgHCmGKKy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:00 2024 by rpki-client on console-fra.rpki-client.org