Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/TJA4MfnZ-8BE40B41yzNzCk1Aok.roa
File:                     TJA4MfnZ-8BE40B41yzNzCk1Aok.roa (raw, json)
Hash identifier:          LhV802ZDlt9gminn6ozyMtW4rfRN1y9ytjsXdqC29UI=
Subject key identifier:   4C:90:38:31:F9:D9:FB:C0:44:E3:40:78:D7:2C:CD:CC:29:35:02:89
Certificate issuer:       /CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Certificate serial:       01856D78786B0419A7AA2B8DE3693176944E
Authority key identifier: 21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/TJA4MfnZ-8BE40B41yzNzCk1Aok.roa
Signing time:             Sun 01 Jan 2023 13:14:49 +0000
ROA not before:           Sun 01 Jan 2023 13:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     55163
IP address blocks:        144.2.18.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:78:78:6b:04:19:a7:aa:2b:8d:e3:69:31:76:94:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21e86ff9973c93abe6398f031966c29d75a3ba86
        Validity
            Not Before: Jan  1 13:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4c903831f9d9fbc044e34078d72ccdcc29350289
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:30:50:f7:2c:b6:24:2d:f2:e5:e6:91:42:35:
                    77:f4:ff:e1:13:b7:08:ee:0a:cc:ec:1d:ee:4a:8d:
                    d7:b5:ed:2a:0e:0d:6a:75:22:88:13:39:91:87:79:
                    af:17:82:e0:ea:fc:af:3b:18:0f:c7:77:61:08:d7:
                    4f:34:cf:47:b4:83:fc:53:d1:d7:86:64:60:cc:f2:
                    d5:e8:14:a5:b4:57:57:eb:58:14:13:00:36:1a:5b:
                    8f:09:f2:22:36:57:35:0c:92:ec:2f:db:c2:94:8d:
                    48:3f:0b:21:a2:96:ad:cf:da:79:81:1f:43:93:b4:
                    10:6d:c5:cc:79:2a:43:b7:8d:be:09:be:f1:d9:87:
                    04:60:52:97:de:ce:ef:63:f4:99:a9:0b:6c:5d:e7:
                    17:ef:4d:20:9d:c5:2b:95:c9:04:5b:2e:5a:73:7c:
                    e6:38:3e:7f:63:24:31:e1:e6:08:d6:45:fb:5e:e2:
                    50:d8:44:83:4e:2d:7f:75:76:cf:b9:91:39:66:38:
                    22:10:43:0e:62:a4:95:02:91:f4:0f:4c:2f:4d:a1:
                    a8:dc:cc:42:19:a2:ea:58:43:8e:9d:37:84:46:e8:
                    63:d2:13:b9:61:dc:ec:86:f2:5e:56:46:fc:c2:37:
                    be:73:86:71:32:ba:48:99:ac:7f:07:48:21:5f:9a:
                    6e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:90:38:31:F9:D9:FB:C0:44:E3:40:78:D7:2C:CD:CC:29:35:02:89
            X509v3 Authority Key Identifier:
                keyid:21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/TJA4MfnZ-8BE40B41yzNzCk1Aok.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.2.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:1b:af:67:89:3c:df:7b:31:e8:7f:6b:2d:57:53:c5:6f:d7:
         dd:fa:db:d4:55:fe:0c:5c:ee:c0:d0:c6:ad:7e:d2:91:e1:06:
         27:d4:c4:bf:93:5e:e3:37:f0:11:0e:49:77:3c:35:d7:60:f3:
         12:3f:db:91:20:40:9e:f9:37:e0:41:40:97:4c:84:07:d6:b0:
         71:24:f2:dd:82:a1:fa:39:64:02:ce:85:58:71:f0:05:35:b3:
         67:1b:54:be:ea:66:86:55:94:b5:06:7e:f0:c4:fc:19:8a:53:
         7f:cf:8c:ac:e3:01:94:99:1f:c4:f4:b8:5a:f9:e5:ab:94:4b:
         c4:f8:7c:1e:5f:65:4c:61:fa:45:e4:59:34:a8:fb:42:7e:6e:
         35:9d:e9:98:c9:87:36:7a:86:2e:de:d7:32:7b:ac:ef:11:85:
         62:ee:bb:65:fa:93:bc:9c:a9:f6:ea:ae:fe:22:6c:7d:ac:6b:
         6d:15:c0:58:49:91:df:22:6c:b2:bb:d6:80:ef:20:e6:91:51:
         58:4e:f5:99:e2:5f:b1:de:83:d0:0f:21:a3:63:bd:b1:d5:a2:
         4c:72:b9:74:44:3f:ca:81:37:30:cc:ca:13:fc:99:b2:fc:f8:
         53:73:73:95:18:d8:4e:58:e1:97:d7:5a:09:e7:67:64:d7:cd:
         85:37:a1:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteHhrBBmnqiuN42kxdpROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZTg2ZmY5OTczYzkzYWJlNjM5OGYwMzE5NjZjMjlkNzVh
M2JhODYwHhcNMjMwMTAxMTMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzkwMzgzMWY5ZDlmYmMwNDRlMzQwNzhkNzJjY2RjYzI5MzUwMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijBQ9yy2JC3y5eaRQjV39P/hE7cI
7grM7B3uSo3Xte0qDg1qdSKIEzmRh3mvF4Lg6vyvOxgPx3dhCNdPNM9HtIP8U9HX
hmRgzPLV6BSltFdX61gUEwA2GluPCfIiNlc1DJLsL9vClI1IPwshopatz9p5gR9D
k7QQbcXMeSpDt42+Cb7x2YcEYFKX3s7vY/SZqQtsXecX700gncUrlckEWy5ac3zm
OD5/YyQx4eYI1kX7XuJQ2ESDTi1/dXbPuZE5ZjgiEEMOYqSVApH0D0wvTaGo3MxC
GaLqWEOOnTeERuhj0hO5YdzshvJeVkb8wje+c4ZxMrpImax/B0ghX5pulwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyQODH52fvARONAeNcszcwpNQKJMB8GA1UdIwQY
MBaAFCHob/mXPJOr5jmPAxlmwp11o7qGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWIt
MzJmZWViNTY2ZWU2LzEvVEpBNE1mblotOEJFNDBCNDF5ek56Q2sxQW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWItMzJmZWViNTY2ZWU2
LzEvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkAISMA0G
CSqGSIb3DQEBCwUAA4IBAQA/G69niTzfezHof2stV1PFb9fd+tvUVf4MXO7A0Mat
ftKR4QYn1MS/k17jN/ARDkl3PDXXYPMSP9uRIECe+TfgQUCXTIQH1rBxJPLdgqH6
OWQCzoVYcfAFNbNnG1S+6maGVZS1Bn7wxPwZilN/z4ys4wGUmR/E9Lha+eWrlEvE
+HweX2VMYfpF5Fk0qPtCfm41nemYyYc2eoYu3tcye6zvEYVi7rtl+pO8nKn26q7+
Imx9rGttFcBYSZHfImyyu9aA7yDmkVFYTvWZ4l+x3oPQDyGjY72x1aJMcrl0RD/K
gTcwzMoT/Jmy/PhTc3OVGNhOWOGX11oJ52dk182FN6Hl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:47 2024 by rpki-client on console-fra.rpki-client.org