Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/TJ5kws_tniAwypicuIKxwLfeR8M.roa
File:                     TJ5kws_tniAwypicuIKxwLfeR8M.roa (raw, json)
Hash identifier:          nIwwyTNmIhXM75Ic2lY2qt6W0MlHylsDtyYsHyrHOMw=
Subject key identifier:   4C:9E:64:C2:CF:ED:9E:20:30:CA:98:9C:B8:82:B1:C0:B7:DE:47:C3
Certificate issuer:       /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial:       01888C374453EBF5760F01D5F595C6B9CDE4
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/TJ5kws_tniAwypicuIKxwLfeR8M.roa
Signing time:             Mon 05 Jun 2023 15:40:12 +0000
ROA not before:           Mon 05 Jun 2023 15:40:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50340
IP address blocks:        185.177.78.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8c:37:44:53:eb:f5:76:0f:01:d5:f5:95:c6:b9:cd:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
        Validity
            Not Before: Jun  5 15:40:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4c9e64c2cfed9e2030ca989cb882b1c0b7de47c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:9f:25:fd:af:de:a5:04:47:b9:86:33:db:9f:
                    af:2b:06:fd:d3:df:cb:c7:1a:83:99:a1:d5:43:17:
                    db:e6:ae:3c:24:93:ef:7f:74:9e:73:dc:2a:dd:71:
                    d8:a6:a1:83:5e:c2:c9:73:f1:aa:2a:88:e2:01:88:
                    52:96:cd:db:a9:c4:59:5c:53:dd:19:d4:7e:61:1c:
                    6b:1a:35:95:ab:ee:f7:96:80:56:5d:99:78:50:70:
                    59:97:0d:90:82:12:b2:e5:84:ac:d6:bc:3d:87:0a:
                    19:b6:a5:ac:32:4e:31:95:cd:2d:41:74:d8:d2:da:
                    a5:0e:25:70:8a:40:f5:62:24:e9:df:45:e8:f0:ea:
                    f7:df:78:2c:c9:38:08:69:cf:12:14:d8:e7:67:a6:
                    91:e4:06:12:6e:93:ae:76:31:2e:34:81:a2:ca:6a:
                    57:79:31:88:33:87:83:b4:54:e9:83:da:15:37:c7:
                    b3:c1:d2:f2:49:62:07:8c:d4:82:1a:1a:ee:fe:67:
                    37:4b:b9:c3:25:c8:0d:cb:b9:d1:0e:ed:11:62:c7:
                    05:ef:70:26:89:33:89:da:cf:49:9a:d6:41:34:7a:
                    7c:2f:ac:b4:33:10:18:6a:52:46:2e:ca:d6:45:e7:
                    2f:b7:b5:5a:37:33:84:d2:11:1b:81:79:31:70:b8:
                    72:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:9E:64:C2:CF:ED:9E:20:30:CA:98:9C:B8:82:B1:C0:B7:DE:47:C3
            X509v3 Authority Key Identifier:
                keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/TJ5kws_tniAwypicuIKxwLfeR8M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4c:88:dd:15:f1:ef:46:e3:57:57:20:f8:0d:ae:6a:74:e1:63:
         95:0d:fa:2e:3d:4c:42:48:10:b6:10:96:ac:19:f5:9c:a9:01:
         8b:13:97:f8:b3:73:9f:a4:69:19:5f:c6:b9:f2:78:24:17:19:
         a3:c7:0f:ad:b4:af:38:6a:7e:8c:1d:04:7b:aa:97:7e:77:66:
         95:4e:6a:1f:c6:77:87:26:7b:2e:17:97:41:b1:d1:62:b2:8f:
         31:b3:d0:bd:0d:e6:31:c4:ff:b5:8e:d5:f6:c0:84:65:ce:0b:
         03:f0:3a:9b:6e:91:e6:96:21:56:ce:ec:0a:14:2a:f1:8a:ac:
         88:d1:9b:cf:2f:2f:e4:38:92:dc:60:99:31:fb:fa:97:01:87:
         40:11:f6:f9:1b:25:94:f5:99:9d:ee:24:8f:65:66:f8:a9:5e:
         a8:8a:41:ea:6a:45:3f:c2:d3:63:22:80:a2:92:fe:9c:d4:b1:
         82:9a:07:58:10:1e:95:00:af:d9:69:21:a2:c7:cf:d6:01:d5:
         89:ee:f0:3b:ee:8c:6a:31:65:8e:3e:17:9e:3b:93:37:b6:bc:
         da:71:56:00:32:a2:13:bc:2c:66:87:d7:96:54:64:b3:1f:c9:
         04:93:c5:7a:b8:50:58:0e:bc:da:ab:02:c2:ec:20:f4:55:67:
         b2:b5:0e:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiMN0RT6/V2DwHV9ZXGuc3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwNjA1MTU0MDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzllNjRjMmNmZWQ5ZTIwMzBjYTk4OWNiODgyYjFjMGI3ZGU0N2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkp8l/a/epQRHuYYz25+vKwb909/L
xxqDmaHVQxfb5q48JJPvf3Sec9wq3XHYpqGDXsLJc/GqKojiAYhSls3bqcRZXFPd
GdR+YRxrGjWVq+73loBWXZl4UHBZlw2QghKy5YSs1rw9hwoZtqWsMk4xlc0tQXTY
0tqlDiVwikD1YiTp30Xo8Or333gsyTgIac8SFNjnZ6aR5AYSbpOudjEuNIGiympX
eTGIM4eDtFTpg9oVN8ezwdLySWIHjNSCGhru/mc3S7nDJcgNy7nRDu0RYscF73Am
iTOJ2s9JmtZBNHp8L6y0MxAYalJGLsrWRecvt7VaNzOE0hEbgXkxcLhypwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyeZMLP7Z4gMMqYnLiCscC33kfDMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvVEo1a3dzX3RuaUF3eXBpY3VJS3h3TGZlUjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBubFOMA0G
CSqGSIb3DQEBCwUAA4IBAQBMiN0V8e9G41dXIPgNrmp04WOVDfouPUxCSBC2EJas
GfWcqQGLE5f4s3OfpGkZX8a58ngkFxmjxw+ttK84an6MHQR7qpd+d2aVTmofxneH
JnsuF5dBsdFiso8xs9C9DeYxxP+1jtX2wIRlzgsD8DqbbpHmliFWzuwKFCrxiqyI
0ZvPLy/kOJLcYJkx+/qXAYdAEfb5GyWU9Zmd7iSPZWb4qV6oikHqakU/wtNjIoCi
kv6c1LGCmgdYEB6VAK/ZaSGix8/WAdWJ7vA77oxqMWWOPheeO5M3trzacVYAMqIT
vCxmh9eWVGSzH8kEk8V6uFBYDrzaqwLC7CD0VWeytQ6h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:37 2024 by rpki-client on console-fra.rpki-client.org