Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/TRfLd4GNH-dzoeKqha3pZi6D0Oc.roa
File:                     TRfLd4GNH-dzoeKqha3pZi6D0Oc.roa (raw, json)
Hash identifier:          5QtLtw4XSLIcFzxZUxs481Yqc3ggYK3nDQtWXZD+1Mw=
Subject key identifier:   4D:17:CB:77:81:8D:1F:E7:73:A1:E2:AA:85:AD:E9:66:2E:83:D0:E7
Certificate issuer:       /CN=4d583b6f56cf092728de593ad952aea19ce31886
Certificate serial:       018A641AFBBD4F6D564BF49E5DE08B03495A
Authority key identifier: 4D:58:3B:6F:56:CF:09:27:28:DE:59:3A:D9:52:AE:A1:9C:E3:18:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TVg7b1bPCSco3lk62VKuoZzjGIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/TRfLd4GNH-dzoeKqha3pZi6D0Oc.roa
Signing time:             Tue 05 Sep 2023 06:50:04 +0000
ROA not before:           Tue 05 Sep 2023 06:50:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210298
IP address blocks:        88.214.12.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:64:1a:fb:bd:4f:6d:56:4b:f4:9e:5d:e0:8b:03:49:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d583b6f56cf092728de593ad952aea19ce31886
        Validity
            Not Before: Sep  5 06:50:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4d17cb77818d1fe773a1e2aa85ade9662e83d0e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:af:b2:3c:41:50:40:be:1e:82:5a:3b:65:30:
                    09:83:bb:24:5e:9d:b8:20:61:0b:27:22:60:a7:81:
                    8a:5a:d5:98:9e:ec:94:23:3e:79:e4:78:ca:78:3e:
                    2b:44:e4:53:45:ea:06:3a:ed:8d:2b:28:a6:2d:fd:
                    41:72:0f:78:6e:b2:76:a0:e3:f5:1c:4f:3d:5c:56:
                    dc:d7:4f:89:7c:ce:35:51:6a:d6:15:d6:d5:3b:27:
                    55:cb:73:73:94:2d:db:e7:b4:bb:1b:c5:19:54:26:
                    a7:13:63:e1:1e:e7:2a:fe:15:1a:46:18:73:30:f3:
                    b2:c2:31:ae:bb:20:b8:75:79:14:5e:51:a2:98:47:
                    a5:ec:e7:a4:88:bb:d9:93:c2:00:4c:13:0b:11:26:
                    ee:0b:a0:a0:9c:0c:a9:64:ab:d4:06:c7:76:e0:a0:
                    f1:86:95:c5:88:65:74:98:f5:c4:a1:45:d0:84:1b:
                    15:0d:29:56:02:3f:cd:46:ac:5d:7a:49:d0:ca:e1:
                    66:bb:ed:8b:f0:14:e9:ef:46:ce:8d:f1:36:c9:96:
                    b4:4b:b2:e4:a5:26:47:04:04:aa:37:2b:6d:b3:38:
                    33:ed:49:68:b7:c5:f6:17:a4:a6:16:82:db:fe:ad:
                    ca:59:e6:3a:37:71:f6:07:95:56:0a:a6:9e:45:da:
                    a1:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:17:CB:77:81:8D:1F:E7:73:A1:E2:AA:85:AD:E9:66:2E:83:D0:E7
            X509v3 Authority Key Identifier:
                keyid:4D:58:3B:6F:56:CF:09:27:28:DE:59:3A:D9:52:AE:A1:9C:E3:18:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVg7b1bPCSco3lk62VKuoZzjGIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/TRfLd4GNH-dzoeKqha3pZi6D0Oc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/TVg7b1bPCSco3lk62VKuoZzjGIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.214.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         51:83:85:0c:7c:0b:d8:4a:b1:7d:2a:42:54:bd:d1:7d:cc:7f:
         87:cb:a5:d1:da:a6:ec:d2:9a:b9:69:43:70:aa:03:00:5a:c0:
         ff:c7:be:c1:42:52:64:a3:e0:d4:69:47:2f:c9:01:97:17:6a:
         78:0d:d7:07:d7:35:37:bf:b4:d3:21:17:8e:4b:e8:d4:3d:b1:
         ed:55:3a:1b:7f:b1:1b:21:41:68:ff:66:50:a6:ba:b8:0a:b1:
         45:29:78:b6:c6:35:62:56:75:75:d6:eb:72:e9:e6:88:1a:35:
         c9:61:6a:ee:72:c1:4a:3e:8d:74:ac:4b:ac:e8:3e:73:7f:55:
         cc:56:6b:6e:f1:52:7f:db:e3:1c:c7:f7:25:af:e8:8b:b7:e6:
         97:40:4f:72:36:c2:ec:74:a0:6c:b6:a2:8e:af:e8:eb:a3:9a:
         5c:b4:95:12:d7:c9:32:a8:37:4d:d7:84:9d:2f:f7:4a:10:f6:
         dd:1e:33:5a:4a:55:46:62:dd:ae:ca:71:e4:3f:d6:ba:89:da:
         01:87:91:6b:8c:c1:5e:50:32:9a:69:be:74:ea:a5:5d:f4:8f:
         c0:e2:90:91:d3:c1:c1:8c:02:eb:ab:aa:e0:63:8f:7b:3b:5b:
         37:dc:1d:7b:72:5a:64:c0:05:ee:de:0d:4f:c5:04:8d:69:a2:
         48:20:61:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpkGvu9T21WS/SeXeCLA0laMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNTgzYjZmNTZjZjA5MjcyOGRlNTkzYWQ5NTJhZWExOWNl
MzE4ODYwHhcNMjMwOTA1MDY1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE3Y2I3NzgxOGQxZmU3NzNhMWUyYWE4NWFkZTk2NjJlODNkMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgK+yPEFQQL4eglo7ZTAJg7skXp24
IGELJyJgp4GKWtWYnuyUIz555HjKeD4rRORTReoGOu2NKyimLf1Bcg94brJ2oOP1
HE89XFbc10+JfM41UWrWFdbVOydVy3NzlC3b57S7G8UZVCanE2PhHucq/hUaRhhz
MPOywjGuuyC4dXkUXlGimEel7OekiLvZk8IATBMLESbuC6CgnAypZKvUBsd24KDx
hpXFiGV0mPXEoUXQhBsVDSlWAj/NRqxdeknQyuFmu+2L8BTp70bOjfE2yZa0S7Lk
pSZHBASqNyttszgz7Ulot8X2F6SmFoLb/q3KWeY6N3H2B5VWCqaeRdqhOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0Xy3eBjR/nc6HiqoWt6WYug9DnMB8GA1UdIwQY
MBaAFE1YO29WzwknKN5ZOtlSrqGc4xiGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZnN2IxYlBDU2NvM2xrNjJWS3VvWnpqR0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy83MzU4YmQtYzcyZi00ZDliLWJiMGQt
MGI0ZjcxN2FhMzYzLzEvVFJmTGQ0R05ILWR6b2VLcWhhM3BaaTZEME9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy83MzU4YmQtYzcyZi00ZDliLWJiMGQtMGI0ZjcxN2FhMzYz
LzEvVFZnN2IxYlBDU2NvM2xrNjJWS3VvWnpqR0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNYMMA0G
CSqGSIb3DQEBCwUAA4IBAQBRg4UMfAvYSrF9KkJUvdF9zH+Hy6XR2qbs0pq5aUNw
qgMAWsD/x77BQlJko+DUaUcvyQGXF2p4DdcH1zU3v7TTIReOS+jUPbHtVTobf7Eb
IUFo/2ZQprq4CrFFKXi2xjViVnV11uty6eaIGjXJYWrucsFKPo10rEus6D5zf1XM
Vmtu8VJ/2+Mcx/clr+iLt+aXQE9yNsLsdKBstqKOr+jro5pctJUS18kyqDdN14Sd
L/dKEPbdHjNaSlVGYt2uynHkP9a6idoBh5FrjMFeUDKaab506qVd9I/A4pCR08HB
jALrq6rgY497O1s33B17clpkwAXu3g1PxQSNaaJIIGEL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:03 2024 by rpki-client on console-ams.rpki-client.org