Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tfiq6hwdhyclI4A7S51cKU4vwho.roa
File:                     tfiq6hwdhyclI4A7S51cKU4vwho.roa (raw, json)
Hash identifier:          J3yEQhUpFn103UTkrP6lAYuTawu5OKTxgCCmAmRqSvE=
Subject key identifier:   B5:F8:AA:EA:1C:1D:87:27:25:23:80:3B:4B:9D:5C:29:4E:2F:C2:1A
Certificate issuer:       /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial:       018696D28AC7755F93A871601DB4822104D8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tfiq6hwdhyclI4A7S51cKU4vwho.roa
Signing time:             Tue 28 Feb 2023 07:00:25 +0000
ROA not before:           Tue 28 Feb 2023 07:00:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205570
IP address blocks:        84.32.90.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sun 02 Apr 2023 16:37:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:96:d2:8a:c7:75:5f:93:a8:71:60:1d:b4:82:21:04:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
        Validity
            Not Before: Feb 28 07:00:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b5f8aaea1c1d87272523803b4b9d5c294e2fc21a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:fd:21:43:b0:97:4c:9e:25:96:cc:07:84:ee:
                    41:f1:52:76:b6:69:28:43:33:21:81:3d:a1:97:3c:
                    ce:f3:92:9e:0a:44:42:57:2e:70:41:f8:a2:09:c7:
                    6c:c2:b6:8d:35:84:86:98:c4:70:65:82:7d:f4:4f:
                    bc:68:1b:df:e3:2f:1d:12:48:f7:00:95:d2:4f:64:
                    f7:5e:95:7c:84:72:6f:e8:1b:01:c7:f7:19:bb:aa:
                    f4:c4:0c:b8:67:54:c4:aa:bb:95:ae:4c:cd:4e:df:
                    ef:7b:6e:f7:0e:01:f5:1e:7a:84:a0:26:97:c9:67:
                    e9:33:55:49:04:98:d0:e2:82:42:4a:35:57:6f:a4:
                    ca:7f:3c:79:2a:38:80:fa:c4:25:9f:04:9c:2b:28:
                    ad:2e:cf:c1:1a:2c:a6:cc:3f:13:22:f9:ec:47:64:
                    17:14:0c:fa:97:29:9e:0b:5a:1a:b6:10:8d:69:8f:
                    f0:22:29:07:60:03:29:2f:c0:ff:c0:b5:40:66:42:
                    a9:5c:fc:01:2e:c0:72:ee:02:0b:89:6f:c5:86:30:
                    e2:04:47:33:69:cc:41:eb:37:7b:79:92:32:99:3f:
                    b3:72:e5:ce:00:91:e5:86:e5:11:e0:5a:5a:fd:d4:
                    26:36:75:40:6e:d5:0d:47:99:51:fb:ef:85:de:bd:
                    5e:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:F8:AA:EA:1C:1D:87:27:25:23:80:3B:4B:9D:5C:29:4E:2F:C2:1A
            X509v3 Authority Key Identifier:
                keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tfiq6hwdhyclI4A7S51cKU4vwho.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.32.90.0/23

    Signature Algorithm: sha256WithRSAEncryption
         21:06:b6:99:2f:10:d6:92:07:8f:04:4c:a7:17:2d:cb:5f:4c:
         ef:88:3d:53:dd:85:f9:04:19:4f:89:c3:02:0d:5f:a9:59:71:
         1e:79:78:24:af:3d:63:cd:66:5d:11:c9:39:49:80:f3:36:7a:
         14:20:d0:b8:39:7d:64:19:fe:17:0d:7a:44:3d:8d:cc:b6:ed:
         44:27:42:e8:d3:e2:f6:52:90:93:fb:3f:35:1d:52:a7:91:db:
         31:aa:6b:c4:48:54:b8:87:19:29:a9:67:7c:1b:e8:6f:af:e0:
         67:6e:54:b6:fa:71:da:0a:99:c5:43:ce:da:67:44:bc:b4:db:
         61:e2:42:2e:b6:ee:af:96:c8:8e:f2:a4:df:48:18:94:8b:24:
         87:39:4d:b5:6b:41:da:7b:4d:a2:16:da:34:c4:3f:30:88:84:
         7e:54:13:d7:33:10:3c:93:95:8d:cf:f9:04:8e:64:18:62:8f:
         0e:5d:66:60:98:aa:89:0c:2e:e5:ff:71:b2:2f:84:e2:12:7a:
         05:b1:2c:a8:ca:99:f1:7c:21:56:02:21:be:13:21:aa:b7:2f:
         a7:42:a0:94:93:8d:4e:10:41:26:45:dc:e6:84:7d:df:c9:6b:
         3d:ee:b9:78:6d:2f:8f:c7:24:8d:f9:cf:97:0b:e8:ed:bf:d0:
         43:da:dc:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaW0orHdV+TqHFgHbSCIQTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjI4MDcwMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWY4YWFlYTFjMWQ4NzI3MjUyMzgwM2I0YjlkNWMyOTRlMmZjMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/0hQ7CXTJ4llswHhO5B8VJ2tmko
QzMhgT2hlzzO85KeCkRCVy5wQfiiCcdswraNNYSGmMRwZYJ99E+8aBvf4y8dEkj3
AJXST2T3XpV8hHJv6BsBx/cZu6r0xAy4Z1TEqruVrkzNTt/ve273DgH1HnqEoCaX
yWfpM1VJBJjQ4oJCSjVXb6TKfzx5KjiA+sQlnwScKyitLs/BGiymzD8TIvnsR2QX
FAz6lymeC1oathCNaY/wIikHYAMpL8D/wLVAZkKpXPwBLsBy7gILiW/FhjDiBEcz
acxB6zd7eZIymT+zcuXOAJHlhuUR4Fpa/dQmNnVAbtUNR5lR+++F3r1eKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLX4quocHYcnJSOAO0udXClOL8IaMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdGZpcTZod2RoeWNsSTRBN1M1MWNLVTR2d2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVCBaMA0G
CSqGSIb3DQEBCwUAA4IBAQAhBraZLxDWkgePBEynFy3LX0zviD1T3YX5BBlPicMC
DV+pWXEeeXgkrz1jzWZdEck5SYDzNnoUINC4OX1kGf4XDXpEPY3Mtu1EJ0Lo0+L2
UpCT+z81HVKnkdsxqmvESFS4hxkpqWd8G+hvr+BnblS2+nHaCpnFQ87aZ0S8tNth
4kIutu6vlsiO8qTfSBiUiySHOU21a0Hae02iFto0xD8wiIR+VBPXMxA8k5WNz/kE
jmQYYo8OXWZgmKqJDC7l/3GyL4TiEnoFsSyoypnxfCFWAiG+EyGqty+nQqCUk41O
EEEmRdzmhH3fyWs97rl4bS+PxySN+c+XC+jtv9BD2tx+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org