Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/tvgS8ahMFVMq4gIFAh-MT7WHy5s.roa
File:                     tvgS8ahMFVMq4gIFAh-MT7WHy5s.roa (raw, json)
Hash identifier:          eVCX1AWQu0HEl4pyKaypnwYmLQPcfiW9OWYd6mKhL4M=
Subject key identifier:   B6:F8:12:F1:A8:4C:15:53:2A:E2:02:05:02:1F:8C:4F:B5:87:CB:9B
Certificate issuer:       /CN=77c6fb655461d73fcf21e8612c318706a089a5c2
Certificate serial:       018CC3492C86D3ACB1C4224FBB1BB8A0E07A
Authority key identifier: 77:C6:FB:65:54:61:D7:3F:CF:21:E8:61:2C:31:87:06:A0:89:A5:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d8b7ZVRh1z_PIehhLDGHBqCJpcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/tvgS8ahMFVMq4gIFAh-MT7WHy5s.roa
Signing time:             Mon 01 Jan 2024 04:30:01 +0000
ROA not before:           Mon 01 Jan 2024 04:30:01 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211090
IP address blocks:        185.172.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 13 Feb 2024 10:06:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:2c:86:d3:ac:b1:c4:22:4f:bb:1b:b8:a0:e0:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77c6fb655461d73fcf21e8612c318706a089a5c2
        Validity
            Not Before: Jan  1 04:30:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b6f812f1a84c15532ae20205021f8c4fb587cb9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:65:52:79:0a:d4:bf:7e:52:97:bd:6d:52:02:
                    80:90:9d:7a:85:06:4c:a6:1f:cf:3f:ef:12:21:30:
                    be:64:fd:52:41:06:45:48:c2:b8:7a:63:4d:93:ee:
                    03:6f:c7:8a:7b:17:ce:0d:e2:b4:ea:34:ce:06:35:
                    7c:44:79:9e:e6:83:88:e7:c9:f1:05:4d:db:08:c1:
                    ed:dd:3b:9f:f3:f7:91:4a:31:b1:ff:eb:0f:4d:52:
                    ba:14:0e:a7:9f:46:8e:be:a1:29:ab:0d:42:3c:b7:
                    87:2a:ed:7f:ea:24:9d:6a:d8:cc:c6:a1:e1:44:63:
                    db:6f:1a:11:06:60:4b:1d:b7:45:ec:48:4c:bc:b3:
                    17:e4:50:8c:1c:75:49:40:98:1e:f3:e8:ea:bf:f0:
                    d7:fc:8a:25:53:92:7e:80:f1:21:cc:e9:8c:35:b5:
                    1f:18:d4:c7:db:0e:42:19:f0:16:70:19:26:b7:3a:
                    75:e2:4a:30:a8:7e:82:75:8c:df:7c:a8:d7:5d:3b:
                    7f:65:40:03:37:20:da:ef:35:1d:3c:1a:c5:5b:13:
                    0c:66:d2:b3:00:c9:29:e7:35:be:68:f1:17:13:1c:
                    12:85:2a:22:53:33:ce:d6:fc:46:13:48:e2:4a:81:
                    ae:9a:d6:37:3d:69:69:68:09:55:10:78:11:04:ed:
                    fa:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:F8:12:F1:A8:4C:15:53:2A:E2:02:05:02:1F:8C:4F:B5:87:CB:9B
            X509v3 Authority Key Identifier:
                keyid:77:C6:FB:65:54:61:D7:3F:CF:21:E8:61:2C:31:87:06:A0:89:A5:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8b7ZVRh1z_PIehhLDGHBqCJpcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/tvgS8ahMFVMq4gIFAh-MT7WHy5s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/d8b7ZVRh1z_PIehhLDGHBqCJpcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:6c:a4:b4:39:2e:81:2c:5d:85:61:d3:fd:6b:a1:79:40:bb:
         85:9d:87:2c:45:b2:52:29:e5:a9:a8:96:2e:87:dc:15:0d:22:
         4b:6e:d2:fb:2f:13:ed:dc:dd:db:f0:a9:60:61:6f:5d:a4:a6:
         6d:99:a9:7d:ae:be:56:f7:96:5a:ca:ae:6f:3f:2c:df:2a:fb:
         ce:d8:01:b4:dd:41:df:70:fa:b5:2e:a1:b7:a1:fb:94:61:b3:
         72:30:45:7a:19:75:f5:65:20:bc:ef:61:7e:88:88:12:80:30:
         ee:32:a1:45:b6:71:02:5e:91:49:6e:84:ab:17:72:60:85:06:
         07:a9:9a:b8:09:9b:83:fe:51:15:70:8e:ae:6e:ab:92:9f:49:
         e1:73:46:c6:fe:88:53:54:35:a9:e1:d6:ab:f5:05:93:1d:05:
         e2:50:40:ed:50:39:5a:78:93:bc:e8:8f:81:00:32:7c:6c:f9:
         9d:46:30:f6:35:93:e1:e4:28:53:bc:14:ba:cc:33:d0:99:cb:
         cd:02:dd:02:7f:dd:f0:e7:13:94:32:bf:9c:1f:79:a2:dc:ce:
         04:4a:d1:3d:ae:2a:1d:58:73:b8:93:18:ef:fe:78:eb:cb:48:
         d3:0f:7f:1d:15:f3:bf:5f:94:38:0e:c4:b3:b6:60:8c:c7:20:
         be:bc:35:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSSyG06yxxCJPuxu4oOB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YzZmYjY1NTQ2MWQ3M2ZjZjIxZTg2MTJjMzE4NzA2YTA4
OWE1YzIwHhcNMjQwMTAxMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmY4MTJmMWE4NGMxNTUzMmFlMjAyMDUwMjFmOGM0ZmI1ODdjYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumVSeQrUv35Sl71tUgKAkJ16hQZM
ph/PP+8SITC+ZP1SQQZFSMK4emNNk+4Db8eKexfODeK06jTOBjV8RHme5oOI58nx
BU3bCMHt3Tuf8/eRSjGx/+sPTVK6FA6nn0aOvqEpqw1CPLeHKu1/6iSdatjMxqHh
RGPbbxoRBmBLHbdF7EhMvLMX5FCMHHVJQJge8+jqv/DX/IolU5J+gPEhzOmMNbUf
GNTH2w5CGfAWcBkmtzp14kowqH6CdYzffKjXXTt/ZUADNyDa7zUdPBrFWxMMZtKz
AMkp5zW+aPEXExwShSoiUzPO1vxGE0jiSoGumtY3PWlpaAlVEHgRBO36pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLb4EvGoTBVTKuICBQIfjE+1h8ubMB8GA1UdIwQY
MBaAFHfG+2VUYdc/zyHoYSwxhwagiaXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhiN1pWUmgxel9QSWVoaExER0hCcUNKcGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kZjBlMTEtNTkzYS00ZWU0LThkY2Yt
YWIzMDgxYjJhYmE0LzEvdHZnUzhhaE1GVk1xNGdJRkFoLU1UN1dIeTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kZjBlMTEtNTkzYS00ZWU0LThkY2YtYWIzMDgxYjJhYmE0
LzEvZDhiN1pWUmgxel9QSWVoaExER0hCcUNKcGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaznMA0G
CSqGSIb3DQEBCwUAA4IBAQCObKS0OS6BLF2FYdP9a6F5QLuFnYcsRbJSKeWpqJYu
h9wVDSJLbtL7LxPt3N3b8KlgYW9dpKZtmal9rr5W95Zayq5vPyzfKvvO2AG03UHf
cPq1LqG3ofuUYbNyMEV6GXX1ZSC872F+iIgSgDDuMqFFtnECXpFJboSrF3JghQYH
qZq4CZuD/lEVcI6ubquSn0nhc0bG/ohTVDWp4dar9QWTHQXiUEDtUDlaeJO86I+B
ADJ8bPmdRjD2NZPh5ChTvBS6zDPQmcvNAt0Cf93w5xOUMr+cH3mi3M4EStE9riod
WHO4kxjv/njry0jTD38dFfO/X5Q4DsSztmCMxyC+vDXy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:44 2024 by rpki-client on console-fra.rpki-client.org