Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/TioOVo_rKk3I-0EXDx3agrq9NTw.roa
File:                     TioOVo_rKk3I-0EXDx3agrq9NTw.roa (raw, json)
Hash identifier:          8ge2xMZRplGtDxtWa4gX+fwFuqfHnn74GFLZ5mEqExQ=
Subject key identifier:   4E:2A:0E:56:8F:EB:2A:4D:C8:FB:41:17:0F:1D:DA:82:BA:BD:35:3C
Certificate issuer:       /CN=335ca521362226d03c1829003d81d498aa838f33
Certificate serial:       0185E2ABF0E64073623E8987D233C82A5382
Authority key identifier: 33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/TioOVo_rKk3I-0EXDx3agrq9NTw.roa
Signing time:             Tue 24 Jan 2023 07:26:37 +0000
ROA not before:           Tue 24 Jan 2023 07:26:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200393
IP address blocks:        185.186.223.0/24 maxlen: 24
                          2a11:1e40:3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 01 Feb 2023 17:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e2:ab:f0:e6:40:73:62:3e:89:87:d2:33:c8:2a:53:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=335ca521362226d03c1829003d81d498aa838f33
        Validity
            Not Before: Jan 24 07:26:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e2a0e568feb2a4dc8fb41170f1dda82babd353c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:52:1e:c7:21:5a:f0:35:4f:74:21:5e:96:30:
                    9f:f0:8d:16:67:eb:24:c7:ae:6b:d7:fd:45:cc:48:
                    98:bc:32:e7:83:d8:a3:0c:d9:9b:cd:de:b6:08:37:
                    c8:cb:84:09:98:25:04:ef:30:95:81:3d:3d:a0:4e:
                    97:b4:f0:82:d5:86:d0:07:c9:62:2a:db:d4:07:40:
                    0b:73:47:85:63:ff:19:9c:f5:4e:61:32:38:a5:4f:
                    1c:f8:9b:a1:01:33:7b:37:bc:e0:3c:d2:60:46:7d:
                    cc:9e:f3:8c:72:82:bd:8a:70:1b:4c:2a:5f:2a:c4:
                    6b:fd:c9:64:25:d6:d6:d4:a3:63:bd:5d:d6:4c:95:
                    8f:d8:e8:a7:15:9d:52:8a:49:a3:9b:d9:1b:d5:2c:
                    ef:84:dc:f6:c3:57:9d:4d:8e:7d:29:38:45:cc:94:
                    bc:42:5c:9d:08:0e:6b:a2:08:a6:9b:da:de:22:b2:
                    d9:61:87:9f:2a:9c:7a:0b:a5:29:80:c4:76:41:15:
                    8f:d1:ee:99:91:98:9a:e9:f0:83:b2:ff:47:3a:ec:
                    f1:58:28:0d:c7:ba:c6:f4:3e:c0:15:49:84:5f:da:
                    c9:bc:ce:16:31:4d:68:ea:5c:6a:b7:a2:b4:56:57:
                    90:09:a0:e8:50:33:54:b6:29:70:ba:de:59:9e:66:
                    6d:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:2A:0E:56:8F:EB:2A:4D:C8:FB:41:17:0F:1D:DA:82:BA:BD:35:3C
            X509v3 Authority Key Identifier:
                keyid:33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/TioOVo_rKk3I-0EXDx3agrq9NTw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/M1ylITYiJtA8GCkAPYHUmKqDjzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.186.223.0/24
                IPv6:
                  2a11:1e40:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:5c:a9:3e:66:5e:53:34:0a:5c:c4:b2:05:97:35:a4:d2:d3:
         bf:5c:1f:59:b3:ec:5c:90:30:6d:1c:b7:eb:95:6c:35:26:05:
         ae:bd:8f:ce:f4:cd:5b:a3:47:95:b0:87:dc:ba:bd:36:d1:9a:
         cd:47:e8:35:a4:87:b8:43:71:79:b1:6a:5f:ec:bd:9e:53:46:
         20:cb:77:ce:9b:e9:b8:8b:4a:e0:f7:cf:c7:14:c7:03:8a:3e:
         80:6f:e9:d6:82:fb:85:e7:73:6b:dd:64:05:88:71:d1:6e:fe:
         9d:4a:b0:ee:e1:3c:53:35:cf:35:e8:68:37:30:5f:2e:e2:8a:
         07:1c:7a:b4:f4:ae:1b:f9:cc:86:f0:b8:8e:36:3e:ee:a7:0b:
         55:f5:cb:48:84:46:a1:08:16:a8:b5:60:62:74:8e:2e:be:96:
         58:28:92:14:b7:28:6f:ad:63:8f:1b:95:f5:2e:03:f6:9c:f2:
         6d:61:0c:e1:95:60:19:8f:02:eb:47:07:b5:8e:79:c1:0b:bb:
         d7:04:5f:0f:52:18:a6:72:cb:3f:b1:53:bb:28:03:d4:fd:09:
         b4:cf:d9:de:a6:8b:64:b0:c6:b5:57:09:c0:6b:89:be:6b:65:
         7a:4c:05:3f:3f:28:b1:76:54:cb:76:c8:20:00:df:cf:aa:3f:
         a6:a8:6f:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXiq/DmQHNiPomH0jPIKlOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNWNhNTIxMzYyMjI2ZDAzYzE4MjkwMDNkODFkNDk4YWE4
MzhmMzMwHhcNMjMwMTI0MDcyNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTJhMGU1NjhmZWIyYTRkYzhmYjQxMTcwZjFkZGE4MmJhYmQzNTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslIexyFa8DVPdCFeljCf8I0WZ+sk
x65r1/1FzEiYvDLng9ijDNmbzd62CDfIy4QJmCUE7zCVgT09oE6XtPCC1YbQB8li
KtvUB0ALc0eFY/8ZnPVOYTI4pU8c+JuhATN7N7zgPNJgRn3MnvOMcoK9inAbTCpf
KsRr/clkJdbW1KNjvV3WTJWP2OinFZ1Sikmjm9kb1SzvhNz2w1edTY59KThFzJS8
QlydCA5rogimm9reIrLZYYefKpx6C6UpgMR2QRWP0e6ZkZia6fCDsv9HOuzxWCgN
x7rG9D7AFUmEX9rJvM4WMU1o6lxqt6K0VleQCaDoUDNUtilwut5ZnmZtkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE4qDlaP6ypNyPtBFw8d2oK6vTU8MB8GA1UdIwQY
MBaAFDNcpSE2IibQPBgpAD2B1Jiqg48zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgt
OTc0YzQ0YWI5Y2ZiLzEvVGlvT1ZvX3JLazNJLTBFWER4M2FncnE5TlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgtOTc0YzQ0YWI5Y2Zi
LzEvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAubrfMA8E
AgACMAkDBwAqER5AAAMwDQYJKoZIhvcNAQELBQADggEBAAxcqT5mXlM0ClzEsgWX
NaTS079cH1mz7FyQMG0ct+uVbDUmBa69j870zVujR5Wwh9y6vTbRms1H6DWkh7hD
cXmxal/svZ5TRiDLd86b6biLSuD3z8cUxwOKPoBv6daC+4Xnc2vdZAWIcdFu/p1K
sO7hPFM1zzXoaDcwXy7iigccerT0rhv5zIbwuI42Pu6nC1X1y0iERqEIFqi1YGJ0
ji6+llgokhS3KG+tY48blfUuA/ac8m1hDOGVYBmPAutHB7WOecELu9cEXw9SGKZy
yz+xU7soA9T9CbTP2d6mi2SwxrVXCcBrib5rZXpMBT8/KLF2VMt2yCAA38+qP6ao
byA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org