Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/53c051-5572-4f83-a7d6-e6fe691d9489/1/TPfPp6oIRdxMRWwk6GMNLsFI148.roa
File:                     TPfPp6oIRdxMRWwk6GMNLsFI148.roa (raw, json)
Hash identifier:          K57mX0EMIHQcik3q0BpQWT1ruDQy3uIu2PzHNoMYyp0=
Subject key identifier:   4C:F7:CF:A7:AA:08:45:DC:4C:45:6C:24:E8:63:0D:2E:C1:48:D7:8F
Certificate issuer:       /CN=109192c073862e6220c5f9106d7c55e3fc6c5d4b
Certificate serial:       01856F3022A6B6E214092DDBDB191F129F9E
Authority key identifier: 10:91:92:C0:73:86:2E:62:20:C5:F9:10:6D:7C:55:E3:FC:6C:5D:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EJGSwHOGLmIgxfkQbXxV4_xsXUs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/53c051-5572-4f83-a7d6-e6fe691d9489/1/TPfPp6oIRdxMRWwk6GMNLsFI148.roa
Signing time:             Sun 01 Jan 2023 21:15:03 +0000
ROA not before:           Sun 01 Jan 2023 21:15:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61425
IP address blocks:        5.198.128.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:30:22:a6:b6:e2:14:09:2d:db:db:19:1f:12:9f:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=109192c073862e6220c5f9106d7c55e3fc6c5d4b
        Validity
            Not Before: Jan  1 21:15:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4cf7cfa7aa0845dc4c456c24e8630d2ec148d78f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ca:36:fc:9c:70:7e:9c:36:fe:59:68:68:db:
                    d7:ab:88:d1:a2:f2:68:b9:df:f4:4c:b3:80:67:4d:
                    00:60:62:51:75:69:54:1a:6d:16:2d:a4:7c:0e:07:
                    6b:25:5a:3c:e5:53:7e:8b:c2:6f:d2:17:e2:2b:46:
                    a9:bd:88:a8:9c:f4:46:06:93:9b:87:2c:fe:01:6d:
                    1e:a2:65:1d:96:39:2b:63:a7:5f:c6:a5:4f:a3:11:
                    c7:93:cd:52:8a:e3:53:3c:c4:b7:14:65:30:a3:03:
                    67:56:ab:9b:02:a0:3c:6d:68:7b:c0:3a:eb:84:aa:
                    58:96:70:42:91:4a:ad:e9:76:a6:b8:ab:d1:8f:e9:
                    8a:cd:7d:58:b9:35:d0:1e:65:1c:13:f0:cb:73:4c:
                    28:5d:48:41:bf:e3:2d:67:e8:d1:72:07:79:7a:d4:
                    fd:b0:2e:6f:22:4d:b7:bd:f3:9c:c9:6a:86:49:c7:
                    2f:26:20:23:80:fd:f0:c8:00:8b:46:51:8b:c7:f2:
                    15:92:b6:a0:f3:19:29:8b:03:b6:52:da:4d:44:f9:
                    e2:15:63:48:0c:ae:c8:18:ea:ed:1c:9d:0b:81:75:
                    64:af:66:8d:cd:90:0a:76:15:45:22:c9:f5:c3:6c:
                    4b:16:52:bb:56:44:e0:57:bf:bd:b4:df:04:d5:5b:
                    60:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:F7:CF:A7:AA:08:45:DC:4C:45:6C:24:E8:63:0D:2E:C1:48:D7:8F
            X509v3 Authority Key Identifier:
                keyid:10:91:92:C0:73:86:2E:62:20:C5:F9:10:6D:7C:55:E3:FC:6C:5D:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EJGSwHOGLmIgxfkQbXxV4_xsXUs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/53c051-5572-4f83-a7d6-e6fe691d9489/1/TPfPp6oIRdxMRWwk6GMNLsFI148.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/53c051-5572-4f83-a7d6-e6fe691d9489/1/EJGSwHOGLmIgxfkQbXxV4_xsXUs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.198.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         14:6b:16:64:70:16:36:ab:14:2c:7e:f3:6c:02:67:a2:74:57:
         f5:d4:16:c8:11:97:00:29:d9:75:15:c8:a4:31:d2:00:bc:a5:
         7e:d8:f2:ba:d1:2f:26:28:00:e9:70:34:bb:de:cc:49:ab:55:
         0f:5c:59:b6:fc:27:0f:08:11:90:a8:32:bf:fb:bf:e5:4d:9d:
         80:20:bf:79:e7:77:d0:95:77:91:a1:a6:b4:db:10:1c:1d:76:
         2d:44:58:57:58:14:bc:52:a1:f8:0d:fc:e7:1e:88:05:db:f6:
         b9:65:20:5d:3b:12:13:0f:78:16:be:24:18:41:72:ca:54:ed:
         37:d9:8c:1f:5b:97:ae:d5:2c:73:30:1e:45:3e:1e:ed:a9:34:
         f1:f8:c2:40:bb:72:ec:a5:4f:12:3a:0b:33:ee:d3:2b:dd:29:
         cc:af:0e:e9:6b:d2:59:e5:c8:d3:90:81:4d:8b:64:1a:de:13:
         b3:96:60:b0:f1:91:c8:71:9a:34:75:52:16:a0:43:43:79:f4:
         a6:c5:00:14:36:c4:34:06:82:3a:f8:fe:0b:f0:0c:01:08:37:
         c1:d3:a7:db:f6:6e:9d:fc:91:b8:9a:e4:5d:64:89:05:3f:9e:
         77:01:0f:52:bc:ba:16:de:8b:57:40:7e:bc:1c:2a:b4:e8:fb:
         5b:2b:e6:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMCKmtuIUCS3b2xkfEp+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwOTE5MmMwNzM4NjJlNjIyMGM1ZjkxMDZkN2M1NWUzZmM2
YzVkNGIwHhcNMjMwMTAxMjExNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Y3Y2ZhN2FhMDg0NWRjNGM0NTZjMjRlODYzMGQyZWMxNDhkNzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoso2/Jxwfpw2/lloaNvXq4jRovJo
ud/0TLOAZ00AYGJRdWlUGm0WLaR8DgdrJVo85VN+i8Jv0hfiK0apvYionPRGBpOb
hyz+AW0eomUdljkrY6dfxqVPoxHHk81SiuNTPMS3FGUwowNnVqubAqA8bWh7wDrr
hKpYlnBCkUqt6XamuKvRj+mKzX1YuTXQHmUcE/DLc0woXUhBv+MtZ+jRcgd5etT9
sC5vIk23vfOcyWqGSccvJiAjgP3wyACLRlGLx/IVkrag8xkpiwO2UtpNRPniFWNI
DK7IGOrtHJ0LgXVkr2aNzZAKdhVFIsn1w2xLFlK7VkTgV7+9tN8E1VtgYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEz3z6eqCEXcTEVsJOhjDS7BSNePMB8GA1UdIwQY
MBaAFBCRksBzhi5iIMX5EG18VeP8bF1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUpHU3dIT0dMbUlneGZrUWJYeFY0X3hzWFVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81M2MwNTEtNTU3Mi00ZjgzLWE3ZDYt
ZTZmZTY5MWQ5NDg5LzEvVFBmUHA2b0lSZHhNUld3azZHTU5Mc0ZJMTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81M2MwNTEtNTU3Mi00ZjgzLWE3ZDYtZTZmZTY5MWQ5NDg5
LzEvRUpHU3dIT0dMbUlneGZrUWJYeFY0X3hzWFVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBcaAMA0G
CSqGSIb3DQEBCwUAA4IBAQAUaxZkcBY2qxQsfvNsAmeidFf11BbIEZcAKdl1Fcik
MdIAvKV+2PK60S8mKADpcDS73sxJq1UPXFm2/CcPCBGQqDK/+7/lTZ2AIL9553fQ
lXeRoaa02xAcHXYtRFhXWBS8UqH4DfznHogF2/a5ZSBdOxITD3gWviQYQXLKVO03
2YwfW5eu1SxzMB5FPh7tqTTx+MJAu3LspU8SOgsz7tMr3SnMrw7pa9JZ5cjTkIFN
i2Qa3hOzlmCw8ZHIcZo0dVIWoENDefSmxQAUNsQ0BoI6+P4L8AwBCDfB06fb9m6d
/JG4muRdZIkFP553AQ9SvLoW3otXQH68HCq06PtbK+al
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org