Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/PtTKB-rRdm2pDYw-EJYqG4WTf4o.roa
File:                     PtTKB-rRdm2pDYw-EJYqG4WTf4o.roa (raw, json)
Hash identifier:          feW0E+b6wXIsnO5NRn7s4FTZfX3bCQH5XxLjXXr8X5I=
Subject key identifier:   3E:D4:CA:07:EA:D1:76:6D:A9:0D:8C:3E:10:96:2A:1B:85:93:7F:8A
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       018B3321CF784584229979D75037F264DCF7
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/PtTKB-rRdm2pDYw-EJYqG4WTf4o.roa
Signing time:             Sun 15 Oct 2023 11:38:55 +0000
ROA not before:           Sun 15 Oct 2023 11:38:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398343
IP address blocks:        91.216.185.0/24 maxlen: 24
                          86.105.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:33:21:cf:78:45:84:22:99:79:d7:50:37:f2:64:dc:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: Oct 15 11:38:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ed4ca07ead1766da90d8c3e10962a1b85937f8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:c5:5a:35:f3:57:03:74:7c:4c:b7:00:4a:53:
                    47:58:4c:d9:7e:fe:98:b8:62:bd:01:fb:af:b3:66:
                    ff:b4:d3:c4:36:11:e7:be:64:5b:ce:01:7e:7a:f4:
                    b4:8a:3a:ec:1a:cb:0e:51:e7:4b:28:9e:66:4f:8e:
                    9c:c4:7c:18:90:e2:54:0d:d5:01:9c:8b:41:d8:a3:
                    41:fc:24:47:17:83:54:79:ea:e9:90:9e:b6:7d:4b:
                    ec:9a:b3:45:26:b0:fa:6f:09:f2:90:08:53:32:85:
                    38:50:8b:33:45:ab:0e:7b:ad:cc:1d:71:5d:59:d0:
                    ee:81:8f:64:91:74:20:ed:04:3d:1d:90:e2:da:1f:
                    28:18:a1:3e:2b:71:5c:82:2c:e9:26:ba:11:ea:09:
                    b0:3c:1c:cc:0f:53:6c:d5:77:5d:2d:94:61:34:7a:
                    98:56:e8:61:38:aa:de:fc:97:43:2a:24:30:ec:08:
                    52:70:9f:96:2b:23:0c:b4:6b:f0:99:b3:7c:e4:76:
                    20:b6:ea:76:e1:fd:4c:69:2b:c9:ac:cf:32:32:c5:
                    fe:04:7d:9c:ae:b3:90:0e:a3:10:7a:89:e9:c1:7e:
                    2b:d7:7d:08:36:60:94:a4:f3:80:57:16:db:f1:61:
                    95:e8:82:3d:8d:78:d8:67:29:49:a2:71:62:16:08:
                    1d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:D4:CA:07:EA:D1:76:6D:A9:0D:8C:3E:10:96:2A:1B:85:93:7F:8A
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/PtTKB-rRdm2pDYw-EJYqG4WTf4o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.105.4.0/24
                  91.216.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:ee:cb:e9:fe:9f:dd:17:9e:a5:66:7f:b9:84:11:8c:e3:03:
         2e:f0:f9:24:d6:54:0e:f4:61:fa:59:33:c9:81:42:88:a2:30:
         13:5b:70:f7:3c:53:69:ac:10:49:d0:26:7b:2b:92:2f:3d:fc:
         aa:1e:6e:a3:d3:ba:41:0d:c3:91:2c:c5:fe:da:0b:d2:f2:90:
         9b:2f:11:39:05:0b:86:4f:e6:eb:a7:8a:8b:7c:e0:6d:6d:e1:
         ad:fe:f0:7e:0f:c2:23:57:79:81:2e:57:93:85:fc:c6:cb:a9:
         67:fa:31:40:d1:be:4c:4e:75:64:18:38:91:5b:cb:07:ab:a8:
         9a:d2:7a:8a:f4:1b:75:9d:6b:6b:f3:f1:a0:74:a6:c4:c5:47:
         7f:b8:82:1a:87:22:e5:3b:5b:48:06:97:d1:8a:16:68:4c:0f:
         d9:4f:68:d5:2e:dc:ea:c9:93:01:74:68:b2:93:eb:fb:c5:1b:
         3a:39:48:b2:fc:06:81:ea:e6:b9:35:4b:e7:ad:2b:5b:86:ba:
         3a:ef:11:aa:d5:dd:f9:f2:a3:28:56:94:8d:be:ce:61:22:c1:
         53:0c:19:64:0c:1e:13:50:22:67:30:78:00:c5:ad:33:df:0f:
         4b:a1:42:69:a9:cc:e2:08:86:62:d2:31:75:f7:1f:be:a7:70:
         79:51:6e:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYszIc94RYQimXnXUDfyZNz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMxMDE1MTEzODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWQ0Y2EwN2VhZDE3NjZkYTkwZDhjM2UxMDk2MmExYjg1OTM3ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcVaNfNXA3R8TLcASlNHWEzZfv6Y
uGK9Afuvs2b/tNPENhHnvmRbzgF+evS0ijrsGssOUedLKJ5mT46cxHwYkOJUDdUB
nItB2KNB/CRHF4NUeerpkJ62fUvsmrNFJrD6bwnykAhTMoU4UIszRasOe63MHXFd
WdDugY9kkXQg7QQ9HZDi2h8oGKE+K3FcgizpJroR6gmwPBzMD1Ns1XddLZRhNHqY
VuhhOKre/JdDKiQw7AhScJ+WKyMMtGvwmbN85HYgtup24f1MaSvJrM8yMsX+BH2c
rrOQDqMQeonpwX4r130INmCUpPOAVxbb8WGV6II9jXjYZylJonFiFggdiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD7Uygfq0XZtqQ2MPhCWKhuFk3+KMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvUHRUS0ItclJkbTJwRFl3LUVKWXFHNFdUZjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVmkEAwQA
W9i5MA0GCSqGSIb3DQEBCwUAA4IBAQAx7svp/p/dF56lZn+5hBGM4wMu8Pkk1lQO
9GH6WTPJgUKIojATW3D3PFNprBBJ0CZ7K5IvPfyqHm6j07pBDcORLMX+2gvS8pCb
LxE5BQuGT+brp4qLfOBtbeGt/vB+D8IjV3mBLleThfzGy6ln+jFA0b5MTnVkGDiR
W8sHq6ia0nqK9Bt1nWtr8/GgdKbExUd/uIIahyLlO1tIBpfRihZoTA/ZT2jVLtzq
yZMBdGiyk+v7xRs6OUiy/AaB6ua5NUvnrStbhro67xGq1d358qMoVpSNvs5hIsFT
DBlkDB4TUCJnMHgAxa0z3w9LoUJpqcziCIZi0jF19x++p3B5UW5q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org