Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/TnwvrY43wMA4aYQfz_qPrjQEB2M.roa
File:                     TnwvrY43wMA4aYQfz_qPrjQEB2M.roa (raw, json)
Hash identifier:          slfWYPPDYTb4DHR9V8Q21+tQwzrgZ+0J489FIOfuYYg=
Subject key identifier:   4E:7C:2F:AD:8E:37:C0:C0:38:69:84:1F:CF:FA:8F:AE:34:04:07:63
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       0185F3165FE1B4A0BF56B4342E17F4585339
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/TnwvrY43wMA4aYQfz_qPrjQEB2M.roa
Signing time:             Fri 27 Jan 2023 11:56:47 +0000
ROA not before:           Fri 27 Jan 2023 11:56:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     53363
IP address blocks:        91.194.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 Nov 2023 10:50:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:f3:16:5f:e1:b4:a0:bf:56:b4:34:2e:17:f4:58:53:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Jan 27 11:56:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e7c2fad8e37c0c03869841fcffa8fae34040763
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:73:69:7d:ce:95:90:db:b8:e0:40:bf:54:86:
                    4b:2b:05:c4:08:4b:2a:9e:19:e7:4e:01:77:c5:a8:
                    da:1f:8f:cb:e5:df:01:4a:42:f0:71:1b:a6:46:e7:
                    9e:94:c4:7a:05:cc:27:31:21:46:b1:65:ff:a1:9e:
                    0c:78:f6:22:93:f5:c5:2a:50:ec:b0:54:6e:e0:a7:
                    ac:39:53:8c:de:88:10:32:d6:e8:d0:2c:1c:8b:10:
                    d9:d5:b0:45:36:dc:8c:c7:22:0b:32:87:49:a7:f4:
                    13:b7:76:d0:5c:39:cb:0d:15:73:78:a6:80:5f:92:
                    53:b4:af:f7:4e:cb:7d:09:60:7c:e4:19:e3:f8:67:
                    34:a6:06:cc:43:e9:0c:ec:36:b7:95:e9:ae:28:f7:
                    7f:c1:4c:73:53:20:ca:07:f5:2d:22:4d:a2:bb:c3:
                    aa:65:7e:17:08:81:7f:61:36:eb:fd:0d:61:af:46:
                    3f:ea:41:ad:8b:d8:bf:a6:5e:85:56:f0:c4:9c:e3:
                    b6:2e:9b:dd:27:06:f7:2b:91:4d:68:c3:9b:92:48:
                    b6:34:c1:b6:9c:3e:dc:7a:bf:e9:46:17:41:c7:86:
                    38:9d:8d:c1:9f:dd:73:56:18:87:a6:5e:96:bf:cf:
                    ec:0c:2a:0c:89:3a:50:fe:da:75:9f:a0:44:c2:36:
                    2f:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:7C:2F:AD:8E:37:C0:C0:38:69:84:1F:CF:FA:8F:AE:34:04:07:63
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/TnwvrY43wMA4aYQfz_qPrjQEB2M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.194.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         de:4f:cd:94:ce:86:c7:99:ca:14:2f:8d:c1:ef:02:be:1c:d8:
         97:ac:8d:da:56:67:36:39:63:95:0e:0a:2f:cc:fd:c4:48:5b:
         38:d5:ac:d1:77:04:f8:1e:7a:f5:bf:15:3c:aa:e8:30:25:a9:
         07:42:de:48:e9:ad:91:9d:57:85:c8:16:54:08:54:eb:ea:35:
         bc:26:fc:8e:9f:97:ad:c7:b7:b7:2b:6e:96:3e:fe:27:e2:0f:
         13:b3:6a:78:b0:15:08:0d:1e:74:c1:53:ef:cd:47:43:da:bc:
         67:06:82:a8:8a:93:1c:c1:d0:cc:c2:7e:00:f5:67:94:f1:a3:
         d6:d3:49:93:de:ab:6b:f6:8d:d0:1f:71:ac:bd:64:77:26:78:
         a6:73:7e:c4:ba:9b:da:e2:4f:22:13:1d:b5:a1:6b:19:8c:48:
         31:47:20:56:b5:87:89:22:5e:2f:70:f0:9c:94:af:f1:de:91:
         e3:f2:e6:94:b9:74:92:cb:57:44:b0:e1:92:35:24:99:f5:5f:
         e7:98:b3:be:49:a0:bf:bf:7e:7c:32:d0:7d:ab:60:09:cb:3a:
         3e:99:3a:25:ea:2d:db:0b:93:17:89:85:ed:7c:f6:04:07:52:
         fb:21:f4:f9:4d:f0:45:50:05:a9:f5:95:1d:e5:38:40:56:f4:
         e7:cd:da:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXzFl/htKC/VrQ0Lhf0WFM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwMTI3MTE1NjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTdjMmZhZDhlMzdjMGMwMzg2OTg0MWZjZmZhOGZhZTM0MDQwNzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnNpfc6VkNu44EC/VIZLKwXECEsq
nhnnTgF3xajaH4/L5d8BSkLwcRumRueelMR6BcwnMSFGsWX/oZ4MePYik/XFKlDs
sFRu4KesOVOM3ogQMtbo0CwcixDZ1bBFNtyMxyILModJp/QTt3bQXDnLDRVzeKaA
X5JTtK/3Tst9CWB85Bnj+Gc0pgbMQ+kM7Da3lemuKPd/wUxzUyDKB/UtIk2iu8Oq
ZX4XCIF/YTbr/Q1hr0Y/6kGti9i/pl6FVvDEnOO2LpvdJwb3K5FNaMObkki2NMG2
nD7cer/pRhdBx4Y4nY3Bn91zVhiHpl6Wv8/sDCoMiTpQ/tp1n6BEwjYvKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE58L62ON8DAOGmEH8/6j640BAdjMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvVG53dnJZNDN3TUE0YVlRZnpfcVByalFFQjJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8ILMA0G
CSqGSIb3DQEBCwUAA4IBAQDeT82UzobHmcoUL43B7wK+HNiXrI3aVmc2OWOVDgov
zP3ESFs41azRdwT4Hnr1vxU8qugwJakHQt5I6a2RnVeFyBZUCFTr6jW8JvyOn5et
x7e3K26WPv4n4g8Ts2p4sBUIDR50wVPvzUdD2rxnBoKoipMcwdDMwn4A9WeU8aPW
00mT3qtr9o3QH3GsvWR3Jnimc37Eupva4k8iEx21oWsZjEgxRyBWtYeJIl4vcPCc
lK/x3pHj8uaUuXSSy1dEsOGSNSSZ9V/nmLO+SaC/v358MtB9q2AJyzo+mTol6i3b
C5MXiYXtfPYEB1L7IfT5TfBFUAWp9ZUd5ThAVvTnzdom
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org