Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lTWzCXqNey7Bfa3YnC3Y6fTF68o.roa
File:                     lTWzCXqNey7Bfa3YnC3Y6fTF68o.roa (raw, json)
Hash identifier:          F+a61o3K9aZkl6TC6uZhNYwZ6JhQ0Ns6sTROOGKzLts=
Subject key identifier:   95:35:B3:09:7A:8D:7B:2E:C1:7D:AD:D8:9C:2D:D8:E9:F4:C5:EB:CA
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       01863A08ED2878E7CF0527F77AAC5101D38E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lTWzCXqNey7Bfa3YnC3Y6fTF68o.roa
Signing time:             Fri 10 Feb 2023 06:35:08 +0000
ROA not before:           Fri 10 Feb 2023 06:35:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6830
IP address blocks:        88.216.22.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Apr 2023 14:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:3a:08:ed:28:78:e7:cf:05:27:f7:7a:ac:51:01:d3:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Feb 10 06:35:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9535b3097a8d7b2ec17dadd89c2dd8e9f4c5ebca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:97:3a:55:d6:ab:75:4e:05:00:1e:e3:97:9d:
                    a9:aa:8e:9b:32:14:cf:ca:fa:7b:d8:e7:94:a6:65:
                    a7:98:3e:2d:23:8d:21:b8:3a:cb:55:f4:7a:f7:19:
                    27:cb:f4:6e:e5:45:1f:1b:54:7a:0e:4c:54:76:3a:
                    20:7b:f5:fa:43:15:c3:bf:74:42:c3:7b:0d:2d:2e:
                    e3:a2:a5:db:38:c4:18:38:50:f7:36:af:04:00:97:
                    43:0f:50:10:d8:b2:41:2d:f0:e3:75:41:07:f8:ac:
                    0f:d8:ae:4a:19:2a:f0:60:c4:7d:da:2a:cb:cf:b6:
                    f0:e8:c8:65:be:c2:52:f1:32:f4:b9:76:71:7c:4c:
                    7e:98:83:e8:05:bf:52:4e:be:22:d2:16:47:aa:be:
                    c7:b6:94:4d:3f:ad:e6:34:4b:1f:2a:00:5c:7f:8a:
                    20:eb:4a:f5:ca:cf:10:a9:b2:21:98:a2:ec:8a:01:
                    a3:66:27:66:8b:6f:c2:4f:4e:b9:8a:87:6f:bd:62:
                    c2:6f:e9:9a:3e:57:f5:e8:b2:d8:a6:05:71:00:b5:
                    eb:00:df:6d:aa:64:8b:b6:d1:4f:9a:89:c3:7a:c9:
                    03:da:35:ea:f5:71:92:25:ae:ef:14:14:63:fa:eb:
                    ba:56:49:01:dc:26:8f:2d:0c:73:02:76:30:b3:f4:
                    dc:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:35:B3:09:7A:8D:7B:2E:C1:7D:AD:D8:9C:2D:D8:E9:F4:C5:EB:CA
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lTWzCXqNey7Bfa3YnC3Y6fTF68o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.216.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         39:47:59:4d:ec:f1:5e:27:3a:6d:fa:54:82:2d:5a:6f:43:54:
         52:66:1e:de:1b:83:39:ab:d5:b0:56:3f:e4:db:f1:58:6e:68:
         56:9d:e6:1b:63:f3:15:20:59:f9:35:5c:26:1d:31:94:83:69:
         92:94:bf:c8:c3:82:df:54:de:11:c8:a0:2f:5e:37:41:e9:fd:
         e9:f5:b4:10:bc:a1:57:5c:96:e8:5a:6f:57:d6:3f:8f:14:8d:
         73:d4:64:46:b1:1a:39:5a:f8:67:c4:47:69:c3:a2:68:e2:56:
         92:3b:44:16:b3:3c:8e:6a:e6:76:f9:e4:ac:21:42:b9:0a:3b:
         9a:a8:fa:bc:b7:36:28:fa:ae:b2:1b:40:ae:25:90:47:eb:10:
         8b:3b:72:95:a5:84:6f:5b:d6:cb:3e:9e:a3:2c:14:62:ae:43:
         70:dd:49:54:d0:cd:f0:31:d2:7a:a3:8a:46:a7:be:17:62:e2:
         bd:84:73:2a:fa:68:6e:90:40:51:25:b6:94:ff:fd:55:89:2d:
         f7:01:d2:28:56:8e:c2:45:3d:29:09:b6:db:a4:ec:e7:6b:dd:
         a3:9c:f1:c7:9a:13:f5:bc:f1:71:bc:83:f9:d4:52:5e:67:c8:
         d5:92:43:d4:4c:91:8e:66:b7:d4:d5:a2:d1:dd:77:a5:67:14:
         92:d4:fa:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY6CO0oeOfPBSf3eqxRAdOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjEwMDYzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTM1YjMwOTdhOGQ3YjJlYzE3ZGFkZDg5YzJkZDhlOWY0YzVlYmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5c6VdardU4FAB7jl52pqo6bMhTP
yvp72OeUpmWnmD4tI40huDrLVfR69xkny/Ru5UUfG1R6DkxUdjoge/X6QxXDv3RC
w3sNLS7joqXbOMQYOFD3Nq8EAJdDD1AQ2LJBLfDjdUEH+KwP2K5KGSrwYMR92irL
z7bw6MhlvsJS8TL0uXZxfEx+mIPoBb9STr4i0hZHqr7HtpRNP63mNEsfKgBcf4og
60r1ys8QqbIhmKLsigGjZidmi2/CT065iodvvWLCb+maPlf16LLYpgVxALXrAN9t
qmSLttFPmonDeskD2jXq9XGSJa7vFBRj+uu6VkkB3CaPLQxzAnYws/TciwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJU1swl6jXsuwX2t2Jwt2On0xevKMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbFRXekNYcU5leTdCZmEzWW5DM1k2ZlRGNjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNgWMA0G
CSqGSIb3DQEBCwUAA4IBAQA5R1lN7PFeJzpt+lSCLVpvQ1RSZh7eG4M5q9WwVj/k
2/FYbmhWneYbY/MVIFn5NVwmHTGUg2mSlL/Iw4LfVN4RyKAvXjdB6f3p9bQQvKFX
XJboWm9X1j+PFI1z1GRGsRo5WvhnxEdpw6Jo4laSO0QWszyOauZ2+eSsIUK5Cjua
qPq8tzYo+q6yG0CuJZBH6xCLO3KVpYRvW9bLPp6jLBRirkNw3UlU0M3wMdJ6o4pG
p74XYuK9hHMq+mhukEBRJbaU//1ViS33AdIoVo7CRT0pCbbbpOzna92jnPHHmhP1
vPFxvIP51FJeZ8jVkkPUTJGOZrfU1aLR3XelZxSS1Pra
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org