Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/TNTJQv7RFqBRRLeBVj9qe5dpim4.roa
File:                     TNTJQv7RFqBRRLeBVj9qe5dpim4.roa (raw, json)
Hash identifier:          qG5PHNCe2yFc5WmgunJwIB2LDoD82pctLRZRDl/NIsY=
Subject key identifier:   4C:D4:C9:42:FE:D1:16:A0:51:44:B7:81:56:3F:6A:7B:97:69:8A:6E
Certificate issuer:       /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial:       01857127962E8DFFCEF34078A4EE85BF3C80
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/TNTJQv7RFqBRRLeBVj9qe5dpim4.roa
Signing time:             Mon 02 Jan 2023 06:24:57 +0000
ROA not before:           Mon 02 Jan 2023 06:24:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8468
IP address blocks:        5.144.154.0/23 maxlen: 23
                          2a02:98:d51::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Nov 2023 10:19:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:27:96:2e:8d:ff:ce:f3:40:78:a4:ee:85:bf:3c:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
        Validity
            Not Before: Jan  2 06:24:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4cd4c942fed116a05144b781563f6a7b97698a6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a3:88:06:27:cc:1a:64:f3:4f:ca:0a:a6:15:
                    5e:43:ee:34:c3:6e:e2:b1:a0:f3:33:82:dc:72:b7:
                    0d:13:6c:26:f0:84:67:65:b3:ea:f4:36:53:9f:da:
                    0e:10:01:19:14:27:fe:7f:c5:37:5a:b5:44:61:15:
                    a9:4b:68:70:02:b5:d1:c0:db:4a:22:e7:42:d3:e9:
                    fe:a7:2e:b2:9b:15:e7:86:68:53:8b:65:b2:f8:0a:
                    b4:9e:bf:4f:ab:e4:26:42:58:5e:09:4b:80:b1:5d:
                    dd:70:e7:94:da:81:74:02:93:a5:78:c8:78:05:6a:
                    ea:42:b3:1d:1b:55:7e:fd:be:b7:b5:3a:ec:8f:1c:
                    65:6b:1d:81:80:9b:45:c7:03:0c:06:65:b7:23:8c:
                    96:b9:e0:b5:4b:42:7c:4b:a0:bb:42:2f:d7:97:39:
                    ff:f7:32:2d:2d:9e:ac:49:0e:a9:0f:49:c7:12:a5:
                    c5:d5:b1:10:3b:f7:94:49:6e:89:59:fb:46:55:3f:
                    74:08:55:7e:2c:d1:a7:6b:bd:91:d3:60:52:3e:34:
                    82:96:f7:ae:ff:1b:3a:8e:0c:c8:d5:51:ef:fc:6a:
                    c8:8f:d2:5f:9c:61:f3:f5:99:ea:33:22:f1:a0:b7:
                    f5:de:42:3c:38:f7:04:b3:f9:4f:de:c5:d9:49:d8:
                    27:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:D4:C9:42:FE:D1:16:A0:51:44:B7:81:56:3F:6A:7B:97:69:8A:6E
            X509v3 Authority Key Identifier:
                keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/TNTJQv7RFqBRRLeBVj9qe5dpim4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.144.154.0/23
                IPv6:
                  2a02:98:d51::/48

    Signature Algorithm: sha256WithRSAEncryption
         12:f0:6c:24:23:18:70:2c:b5:ca:f7:78:5d:e9:ce:e5:54:30:
         3e:7b:82:7a:28:35:f3:e4:c8:b0:3f:a8:a2:ae:4a:6b:2d:30:
         0d:9c:d2:de:70:dd:df:c6:6d:b2:da:0c:73:3d:e6:8e:4e:7f:
         6d:d1:d2:8a:a1:21:90:2f:ee:9f:fa:95:a5:98:3d:dd:f3:77:
         58:86:26:aa:8e:71:37:df:11:e4:f0:f1:fe:85:0a:62:af:ca:
         65:2e:2f:4d:8e:bf:46:7f:37:8d:6f:40:02:e0:63:a7:c7:a2:
         ff:bc:70:08:fe:f4:22:a6:6e:8d:74:4e:21:97:11:49:2d:cf:
         c7:19:76:c6:b6:1a:07:21:a1:9a:97:d9:d1:7d:fd:7f:7e:44:
         8f:d0:ed:31:70:e5:1c:5a:7e:82:3b:99:03:1f:62:fb:ba:16:
         e2:45:84:75:c3:c0:3e:a1:3e:c5:ea:c3:d6:47:f5:37:25:0f:
         28:c9:98:14:44:3a:ec:c0:b0:c2:57:ed:fd:a7:45:0f:b9:18:
         71:68:51:8d:29:ab:a9:42:1d:c4:ed:7d:56:2e:16:61:e0:62:
         1e:2c:18:14:bf:0c:57:d5:fa:b0:19:b4:2a:84:45:bd:09:12:
         52:18:ce:0d:b3:97:db:3b:b3:31:b4:4e:80:a8:9e:54:ea:34:
         9e:75:2c:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxJ5Yujf/O80B4pO6FvzyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjMwMTAyMDYyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Q0Yzk0MmZlZDExNmEwNTE0NGI3ODE1NjNmNmE3Yjk3Njk4YTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaOIBifMGmTzT8oKphVeQ+40w27i
saDzM4LccrcNE2wm8IRnZbPq9DZTn9oOEAEZFCf+f8U3WrVEYRWpS2hwArXRwNtK
IudC0+n+py6ymxXnhmhTi2Wy+Aq0nr9Pq+QmQlheCUuAsV3dcOeU2oF0ApOleMh4
BWrqQrMdG1V+/b63tTrsjxxlax2BgJtFxwMMBmW3I4yWueC1S0J8S6C7Qi/Xlzn/
9zItLZ6sSQ6pD0nHEqXF1bEQO/eUSW6JWftGVT90CFV+LNGna72R02BSPjSClveu
/xs6jgzI1VHv/GrIj9JfnGHz9ZnqMyLxoLf13kI8OPcEs/lP3sXZSdgncwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEzUyUL+0RagUUS3gVY/anuXaYpuMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvVE5USlF2N1JGcUJSUkxlQlZqOXFlNWRwaW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBBZCaMA8E
AgACMAkDBwAqAgCYDVEwDQYJKoZIhvcNAQELBQADggEBABLwbCQjGHAstcr3eF3p
zuVUMD57gnooNfPkyLA/qKKuSmstMA2c0t5w3d/GbbLaDHM95o5Of23R0oqhIZAv
7p/6laWYPd3zd1iGJqqOcTffEeTw8f6FCmKvymUuL02Ov0Z/N41vQALgY6fHov+8
cAj+9CKmbo10TiGXEUktz8cZdsa2GgchoZqX2dF9/X9+RI/Q7TFw5RxafoI7mQMf
Yvu6FuJFhHXDwD6hPsXqw9ZH9TclDyjJmBREOuzAsMJX7f2nRQ+5GHFoUY0pq6lC
HcTtfVYuFmHgYh4sGBS/DFfV+rAZtCqERb0JElIYzg2zl9s7szG0ToConlTqNJ51
LNQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:41 2024 by rpki-client on console-ams.rpki-client.org