Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/TCcoYcLGXwq1ZgXpUN3bdiah9wE.roa
File:                     TCcoYcLGXwq1ZgXpUN3bdiah9wE.roa (raw, json)
Hash identifier:          FzixvRs6USQlr8ptM6FLIIOGCS5pkbTbZRGpUeWW7D4=
Subject key identifier:   4C:27:28:61:C2:C6:5F:0A:B5:66:05:E9:50:DD:DB:76:26:A1:F7:01
Certificate issuer:       /CN=23ef9de2152aef1b2a62a31fb2f35e8590b3ad84
Certificate serial:       018C1B6715D6089121BDD781FA2A35A2288D
Authority key identifier: 23:EF:9D:E2:15:2A:EF:1B:2A:62:A3:1F:B2:F3:5E:85:90:B3:AD:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I--d4hUq7xsqYqMfsvNehZCzrYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/TCcoYcLGXwq1ZgXpUN3bdiah9wE.roa
Signing time:             Wed 29 Nov 2023 14:06:29 +0000
ROA not before:           Wed 29 Nov 2023 14:06:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208244
IP address blocks:        5.180.115.0/24 maxlen: 24
                          83.171.196.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Wed 29 Nov 2023 18:19:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1b:67:15:d6:08:91:21:bd:d7:81:fa:2a:35:a2:28:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23ef9de2152aef1b2a62a31fb2f35e8590b3ad84
        Validity
            Not Before: Nov 29 14:06:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4c272861c2c65f0ab56605e950dddb7626a1f701
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9a:12:91:f3:d2:d2:1f:23:fb:67:03:a8:7d:
                    32:81:41:16:e6:92:96:98:2c:96:d7:dd:17:58:72:
                    ce:1f:1c:e0:8b:ce:2a:fd:3f:21:93:55:87:69:e9:
                    8f:69:80:a1:57:95:b3:cf:a0:ea:51:ef:29:43:bd:
                    ca:9e:03:28:fe:00:aa:d1:a6:1b:95:24:f0:74:88:
                    b0:67:f5:f8:fd:01:fa:14:95:d3:00:75:28:ab:50:
                    04:be:5a:01:51:f6:de:64:e0:e3:62:43:e8:0d:ee:
                    7e:0e:0b:ff:fe:77:3a:c0:74:44:b6:bf:a3:8c:87:
                    68:36:25:ee:91:96:fe:5d:51:88:75:cb:fd:91:95:
                    79:b7:94:bf:6b:25:b4:8f:7a:af:1b:ce:c3:2d:22:
                    13:fd:9c:fb:64:90:3f:66:1a:43:57:29:10:73:1c:
                    d0:fc:71:68:7a:2f:6c:b2:51:e4:5f:b4:1f:d9:82:
                    d2:a3:ce:89:dd:f8:36:6b:67:63:77:59:6d:32:07:
                    69:9f:0d:90:fa:82:13:bc:c3:09:ee:38:f1:9f:93:
                    2a:1c:47:70:6c:e8:03:4f:f8:0e:d4:89:dc:8a:d2:
                    aa:28:10:ab:00:8e:76:b6:94:d7:33:a8:c6:e7:8a:
                    52:42:36:88:08:28:d1:c1:ae:8e:78:61:b9:52:d9:
                    3e:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:27:28:61:C2:C6:5F:0A:B5:66:05:E9:50:DD:DB:76:26:A1:F7:01
            X509v3 Authority Key Identifier:
                keyid:23:EF:9D:E2:15:2A:EF:1B:2A:62:A3:1F:B2:F3:5E:85:90:B3:AD:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I--d4hUq7xsqYqMfsvNehZCzrYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/TCcoYcLGXwq1ZgXpUN3bdiah9wE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.115.0/24
                  83.171.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:26:6a:55:87:de:6c:c0:95:eb:36:74:b9:64:78:6e:50:da:
         04:ad:68:c5:49:84:79:cf:79:ef:5b:14:11:ed:b2:c3:59:f1:
         74:f1:1b:63:65:fc:c8:32:e3:14:16:b0:92:61:2c:7d:fa:ba:
         51:57:35:81:fc:cc:59:f9:cf:0d:66:6a:70:8f:4d:e4:ca:3e:
         7d:f7:cd:a9:95:bb:96:5f:91:67:b2:fa:5c:da:2a:68:0d:c8:
         78:21:d2:4c:d5:a4:32:70:ea:ff:93:52:ed:94:f1:d4:92:27:
         17:08:ce:2a:90:08:cb:cb:20:fe:e9:b9:7f:66:fa:99:42:0b:
         34:9e:f6:f2:8e:bb:00:6a:70:e8:7b:84:6e:36:ac:0a:fb:6e:
         1a:45:3c:89:46:1f:aa:a4:11:f5:0f:49:a6:e9:51:85:e0:30:
         9e:91:97:7f:0d:24:52:91:e1:0d:c5:9d:c6:45:3d:8a:d3:9b:
         b3:03:ad:e8:51:8b:a6:72:4f:a5:ad:b7:d2:54:74:bb:ec:bf:
         8b:7f:fe:70:d5:c4:94:6e:b6:bf:a8:a8:d4:11:1e:d4:01:a5:
         1a:04:e5:be:b7:b3:28:be:7b:09:c0:8c:63:f1:aa:41:7e:f3:
         41:f8:b5:67:25:dc:50:29:b1:f4:5c:c3:73:6c:0b:03:38:8d:
         2b:c1:98:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwbZxXWCJEhvdeB+io1oiiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZWY5ZGUyMTUyYWVmMWIyYTYyYTMxZmIyZjM1ZTg1OTBi
M2FkODQwHhcNMjMxMTI5MTQwNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzI3Mjg2MWMyYzY1ZjBhYjU2NjA1ZTk1MGRkZGI3NjI2YTFmNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZoSkfPS0h8j+2cDqH0ygUEW5pKW
mCyW190XWHLOHxzgi84q/T8hk1WHaemPaYChV5Wzz6DqUe8pQ73KngMo/gCq0aYb
lSTwdIiwZ/X4/QH6FJXTAHUoq1AEvloBUfbeZODjYkPoDe5+Dgv//nc6wHREtr+j
jIdoNiXukZb+XVGIdcv9kZV5t5S/ayW0j3qvG87DLSIT/Zz7ZJA/ZhpDVykQcxzQ
/HFoei9sslHkX7Qf2YLSo86J3fg2a2djd1ltMgdpnw2Q+oITvMMJ7jjxn5MqHEdw
bOgDT/gO1IncitKqKBCrAI52tpTXM6jG54pSQjaICCjRwa6OeGG5Utk+owIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEwnKGHCxl8KtWYF6VDd23YmofcBMB8GA1UdIwQY
MBaAFCPvneIVKu8bKmKjH7LzXoWQs62EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS0tZDRoVXE3eHNxWXFNZnN2TmVoWkN6cllRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jM2YzY2MtYzU2Yi00ZDM1LWI3N2Yt
M2JjNmViMGEzNDdmLzEvVENjb1ljTEdYd3ExWmdYcFVOM2JkaWFoOXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jM2YzY2MtYzU2Yi00ZDM1LWI3N2YtM2JjNmViMGEzNDdm
LzEvSS0tZDRoVXE3eHNxWXFNZnN2TmVoWkN6cllRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbRzAwQC
U6vEMA0GCSqGSIb3DQEBCwUAA4IBAQA5JmpVh95swJXrNnS5ZHhuUNoErWjFSYR5
z3nvWxQR7bLDWfF08RtjZfzIMuMUFrCSYSx9+rpRVzWB/MxZ+c8NZmpwj03kyj59
982plbuWX5Fnsvpc2ipoDch4IdJM1aQycOr/k1LtlPHUkicXCM4qkAjLyyD+6bl/
ZvqZQgs0nvbyjrsAanDoe4RuNqwK+24aRTyJRh+qpBH1D0mm6VGF4DCekZd/DSRS
keENxZ3GRT2K05uzA63oUYumck+lrbfSVHS77L+Lf/5w1cSUbra/qKjUER7UAaUa
BOW+t7MovnsJwIxj8apBfvNB+LVnJdxQKbH0XMNzbAsDOI0rwZhy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:13 2024 by rpki-client on console-fra.rpki-client.org