Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/286a48-8684-40f9-b662-97044c1d8299/1/TnvlpNhQovI1_lh1HiV9uy1PEmw.roa
File:                     TnvlpNhQovI1_lh1HiV9uy1PEmw.roa (raw, json)
Hash identifier:          TaPGbgAmWH58SGFb5b5felCh40/KXq2H+u8+6WIC5g8=
Subject key identifier:   4E:7B:E5:A4:D8:50:A2:F2:35:FE:58:75:1E:25:7D:BB:2D:4F:12:6C
Certificate issuer:       /CN=57d4f554d9762fe01b88550b4e637f7da6dad6e0
Certificate serial:       01897095928CDB4FC2B607B221FFF7910651
Authority key identifier: 57:D4:F5:54:D9:76:2F:E0:1B:88:55:0B:4E:63:7F:7D:A6:DA:D6:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V9T1VNl2L-AbiFULTmN_faba1uA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/286a48-8684-40f9-b662-97044c1d8299/1/TnvlpNhQovI1_lh1HiV9uy1PEmw.roa
Signing time:             Wed 19 Jul 2023 23:56:37 +0000
ROA not before:           Wed 19 Jul 2023 23:56:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211830
IP address blocks:        185.219.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:70:95:92:8c:db:4f:c2:b6:07:b2:21:ff:f7:91:06:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57d4f554d9762fe01b88550b4e637f7da6dad6e0
        Validity
            Not Before: Jul 19 23:56:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e7be5a4d850a2f235fe58751e257dbb2d4f126c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:08:97:ca:6a:82:52:37:c6:45:90:e7:9e:70:
                    30:60:f0:29:a6:cc:c1:f9:61:6a:fc:cc:6b:45:ac:
                    27:9b:93:4e:48:2e:d8:2e:30:0d:cc:32:3a:13:e5:
                    97:33:bf:f6:ed:d5:d2:69:a5:b5:c6:63:87:9d:65:
                    ce:4b:f8:a3:98:52:97:14:5d:c5:e4:9c:bb:d0:3c:
                    2f:91:68:99:a3:e5:55:54:c2:2e:76:e5:f1:57:62:
                    7b:8b:db:8a:cf:ee:0d:f8:a2:87:02:dd:b0:fa:9f:
                    24:29:c8:7c:7e:d4:8c:47:aa:2e:99:5a:ba:1d:58:
                    5f:4c:96:68:87:73:01:3f:1b:db:6d:c3:65:93:25:
                    aa:e3:ef:58:11:56:8a:4d:21:37:b7:7d:23:93:c8:
                    27:37:cb:f9:47:9c:40:42:c1:28:a1:2d:83:e9:78:
                    a6:e8:43:70:c4:1a:22:75:72:c3:7c:c5:6c:e9:dd:
                    c4:d3:58:d7:5f:4d:68:99:bf:1e:12:df:a1:a9:90:
                    db:9b:54:3a:60:9a:17:12:fb:15:ef:cb:ea:ef:95:
                    0a:de:75:43:d8:87:27:9d:5a:a0:85:3c:60:24:6e:
                    21:c3:50:9d:1d:7c:8d:a8:5d:88:43:f9:fb:74:bb:
                    a4:6b:e6:03:8b:2f:d8:60:53:c2:1d:77:49:5b:e4:
                    58:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:7B:E5:A4:D8:50:A2:F2:35:FE:58:75:1E:25:7D:BB:2D:4F:12:6C
            X509v3 Authority Key Identifier:
                keyid:57:D4:F5:54:D9:76:2F:E0:1B:88:55:0B:4E:63:7F:7D:A6:DA:D6:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V9T1VNl2L-AbiFULTmN_faba1uA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/286a48-8684-40f9-b662-97044c1d8299/1/TnvlpNhQovI1_lh1HiV9uy1PEmw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/286a48-8684-40f9-b662-97044c1d8299/1/V9T1VNl2L-AbiFULTmN_faba1uA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.219.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:5c:1f:e1:cd:e0:d3:cd:e2:6b:cd:40:89:78:72:d0:66:86:
         e8:b5:b7:31:2a:df:6f:a1:91:d2:8b:c1:2e:ae:81:98:82:36:
         06:df:db:0e:e1:ec:16:85:fa:aa:3d:17:97:12:dc:a8:2b:2f:
         15:c2:aa:99:22:13:14:db:85:31:47:48:d2:c2:c6:d0:32:34:
         86:25:db:96:51:16:cc:81:4d:52:fe:fd:b3:45:cc:0d:0e:19:
         f8:02:d7:91:be:eb:74:97:80:bc:d5:10:41:85:11:9d:95:8f:
         c6:3d:85:41:81:62:a0:96:9f:7b:5d:2b:b3:09:e6:b1:c3:98:
         53:12:1d:74:df:50:c8:ac:97:18:e5:59:5d:51:9c:11:35:bf:
         2d:0c:65:1b:30:15:5a:f3:b1:6b:b0:ea:6e:47:86:03:94:55:
         db:2a:94:6d:43:d7:3e:a2:2e:25:0e:7a:cf:b0:9b:8b:58:a0:
         58:ed:5e:37:8e:3f:24:06:b1:67:09:ae:70:59:c1:aa:ca:8c:
         1e:62:44:5c:80:79:4d:96:b7:79:4d:03:8e:96:82:c9:7f:43:
         bf:ed:81:72:ff:c0:e9:c8:6d:ec:4c:c2:b8:9c:82:70:82:90:
         6c:9c:bd:95:3e:a3:e0:59:97:7f:79:3c:a4:77:09:48:66:46:
         fd:f2:40:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlwlZKM20/CtgeyIf/3kQZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3ZDRmNTU0ZDk3NjJmZTAxYjg4NTUwYjRlNjM3ZjdkYTZk
YWQ2ZTAwHhcNMjMwNzE5MjM1NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTdiZTVhNGQ4NTBhMmYyMzVmZTU4NzUxZTI1N2RiYjJkNGYxMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAiXymqCUjfGRZDnnnAwYPAppszB
+WFq/MxrRawnm5NOSC7YLjANzDI6E+WXM7/27dXSaaW1xmOHnWXOS/ijmFKXFF3F
5Jy70DwvkWiZo+VVVMIuduXxV2J7i9uKz+4N+KKHAt2w+p8kKch8ftSMR6oumVq6
HVhfTJZoh3MBPxvbbcNlkyWq4+9YEVaKTSE3t30jk8gnN8v5R5xAQsEooS2D6Xim
6ENwxBoidXLDfMVs6d3E01jXX01omb8eEt+hqZDbm1Q6YJoXEvsV78vq75UK3nVD
2IcnnVqghTxgJG4hw1CdHXyNqF2IQ/n7dLuka+YDiy/YYFPCHXdJW+RYHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE575aTYUKLyNf5YdR4lfbstTxJsMB8GA1UdIwQY
MBaAFFfU9VTZdi/gG4hVC05jf32m2tbgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjlUMVZObDJMLUFiaUZVTFRtTl9mYWJhMXVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8yODZhNDgtODY4NC00MGY5LWI2NjIt
OTcwNDRjMWQ4Mjk5LzEvVG52bHBOaFFvdkkxX2xoMUhpVjl1eTFQRW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8yODZhNDgtODY4NC00MGY5LWI2NjItOTcwNDRjMWQ4Mjk5
LzEvVjlUMVZObDJMLUFiaUZVTFRtTl9mYWJhMXVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudsEMA0G
CSqGSIb3DQEBCwUAA4IBAQA1XB/hzeDTzeJrzUCJeHLQZobotbcxKt9voZHSi8Eu
roGYgjYG39sO4ewWhfqqPReXEtyoKy8VwqqZIhMU24UxR0jSwsbQMjSGJduWURbM
gU1S/v2zRcwNDhn4AteRvut0l4C81RBBhRGdlY/GPYVBgWKglp97XSuzCeaxw5hT
Eh1031DIrJcY5VldUZwRNb8tDGUbMBVa87FrsOpuR4YDlFXbKpRtQ9c+oi4lDnrP
sJuLWKBY7V43jj8kBrFnCa5wWcGqyoweYkRcgHlNlrd5TQOOloLJf0O/7YFy/8Dp
yG3sTMK4nIJwgpBsnL2VPqPgWZd/eTykdwlIZkb98kA7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:10 2024 by rpki-client on console-fra.rpki-client.org