Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/tm-jzzZpPMUcr21vq_BleBym7nA.roa
File:                     tm-jzzZpPMUcr21vq_BleBym7nA.roa (raw, json)
Hash identifier:          DYx+7f+xH+MzM6ENU+G5ZnWMYC9qKSgwQ9+IqcsPgZk=
Subject key identifier:   B6:6F:A3:CF:36:69:3C:C5:1C:AF:6D:6F:AB:F0:65:78:1C:A6:EE:70
Certificate issuer:       /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial:       018A552E4236E4FC453DD165A935D2FE360E
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/tm-jzzZpPMUcr21vq_BleBym7nA.roa
Signing time:             Sat 02 Sep 2023 09:16:49 +0000
ROA not before:           Sat 02 Sep 2023 09:16:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49195
IP address blocks:        2a0a:280:2d00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:55:2e:42:36:e4:fc:45:3d:d1:65:a9:35:d2:fe:36:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
        Validity
            Not Before: Sep  2 09:16:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b66fa3cf36693cc51caf6d6fabf065781ca6ee70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:56:5e:66:b2:1d:bc:c0:53:ea:3f:30:59:05:
                    02:7a:20:43:21:83:02:5c:96:05:f5:24:72:87:fd:
                    e8:cd:97:ee:e5:f2:e7:69:93:b3:ab:80:26:69:c4:
                    bc:dc:fe:84:ba:5f:75:2b:c6:cb:7c:58:46:d5:d2:
                    28:ad:90:23:c0:66:85:15:db:2a:d6:79:ae:46:c2:
                    dc:24:47:80:27:e4:1a:d4:b2:16:06:2a:f5:14:dc:
                    c2:64:e5:c2:ca:a9:e9:eb:7a:bb:7e:cf:6e:dd:05:
                    b5:05:25:dd:0f:b1:64:48:6f:7c:9f:34:cc:01:e3:
                    98:41:5e:26:5e:2c:7a:b0:61:ef:0a:69:d0:6c:b0:
                    35:82:46:25:1e:66:5e:0a:78:57:82:e4:d8:c5:de:
                    e4:6f:b3:8c:09:2e:a4:9b:2a:6b:7a:ac:4b:49:a8:
                    82:96:96:7f:5c:92:1c:a6:2e:91:48:29:99:72:f4:
                    46:e4:cb:78:f0:88:73:f5:b9:ff:02:3b:e1:33:b2:
                    30:aa:75:e2:6e:c9:58:cf:77:b7:25:a7:b1:cb:0a:
                    90:85:a7:03:eb:b2:0f:8a:db:4b:aa:f9:7f:82:41:
                    dc:4d:17:43:fb:16:fc:a2:05:76:db:5b:50:f3:ee:
                    19:79:00:d6:8e:7c:c5:ee:b6:d4:15:e6:4c:dd:eb:
                    16:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:6F:A3:CF:36:69:3C:C5:1C:AF:6D:6F:AB:F0:65:78:1C:A6:EE:70
            X509v3 Authority Key Identifier:
                keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/tm-jzzZpPMUcr21vq_BleBym7nA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:280:2d00::/40

    Signature Algorithm: sha256WithRSAEncryption
         48:43:2a:ce:4f:7d:e3:05:09:90:d1:ba:eb:e3:7f:51:f7:2a:
         59:88:c0:c6:38:32:84:d0:7b:67:69:84:aa:b1:56:25:4a:33:
         ba:14:bf:4a:ea:f1:70:0f:84:de:77:f5:ec:c0:aa:7a:5c:73:
         49:44:d0:8c:39:14:41:08:0d:bf:94:96:e6:78:d6:ff:88:d8:
         aa:cd:47:6b:69:e0:58:b1:e9:4c:f0:3d:bd:a1:bb:86:e7:b8:
         df:65:09:ac:5f:ae:0b:fe:3d:05:87:b3:a7:58:14:7e:47:f3:
         aa:26:94:42:c8:40:d1:c2:ed:56:91:67:70:d3:f2:48:95:b9:
         d2:74:3e:ec:8f:e0:34:9a:b1:70:2e:f1:ce:bd:3c:00:c7:a3:
         95:f0:a0:ce:9c:87:6d:f4:20:fd:64:8f:d2:7d:3e:26:10:48:
         62:ce:55:f9:a0:74:b3:18:ba:fc:d4:7c:a1:32:0a:64:01:c8:
         f0:fd:0e:46:3c:ad:6f:dc:ab:a1:43:70:38:d9:45:63:b2:95:
         2f:c2:bd:37:af:37:02:fe:b0:2a:ba:88:a4:af:26:0b:e8:0e:
         14:51:19:71:96:1a:b3:f1:7a:0f:b6:dc:97:0f:36:f2:6a:e1:
         9c:b8:a5:8c:33:41:c3:32:e7:c8:25:7e:a2:13:73:ed:24:e7:
         9c:ae:81:c4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYpVLkI25PxFPdFlqTXS/jYOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwOTAyMDkxNjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZmYTNjZjM2NjkzY2M1MWNhZjZkNmZhYmYwNjU3ODFjYTZlZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVZeZrIdvMBT6j8wWQUCeiBDIYMC
XJYF9SRyh/3ozZfu5fLnaZOzq4AmacS83P6Eul91K8bLfFhG1dIorZAjwGaFFdsq
1nmuRsLcJEeAJ+Qa1LIWBir1FNzCZOXCyqnp63q7fs9u3QW1BSXdD7FkSG98nzTM
AeOYQV4mXix6sGHvCmnQbLA1gkYlHmZeCnhXguTYxd7kb7OMCS6kmypreqxLSaiC
lpZ/XJIcpi6RSCmZcvRG5Mt48Ihz9bn/AjvhM7IwqnXibslYz3e3JaexywqQhacD
67IPittLqvl/gkHcTRdD+xb8ogV221tQ8+4ZeQDWjnzF7rbUFeZM3esWgwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLZvo882aTzFHK9tb6vwZXgcpu5wMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvdG0tanp6WnBQTVVjcjIxdnFfQmxlQnltN25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgC0w
DQYJKoZIhvcNAQELBQADggEBAEhDKs5PfeMFCZDRuuvjf1H3KlmIwMY4MoTQe2dp
hKqxViVKM7oUv0rq8XAPhN539ezAqnpcc0lE0Iw5FEEIDb+UluZ41v+I2KrNR2tp
4Fix6UzwPb2hu4bnuN9lCaxfrgv+PQWHs6dYFH5H86omlELIQNHC7VaRZ3DT8kiV
udJ0PuyP4DSasXAu8c69PADHo5XwoM6ch230IP1kj9J9PiYQSGLOVfmgdLMYuvzU
fKEyCmQByPD9DkY8rW/cq6FDcDjZRWOylS/CvTevNwL+sCq6iKSvJgvoDhRRGXGW
GrPxeg+23JcPNvJq4Zy4pYwzQcMy58glfqITc+0k55yugcQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:22 2024 by rpki-client on console-fra.rpki-client.org