Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/TtD52h-VvET93s867hl6gzmQhEc.roa
File:                     TtD52h-VvET93s867hl6gzmQhEc.roa (raw, json)
Hash identifier:          1DuUsBWSXCw4iA3YpO8QdHEWVYIf0OVgghFhEXOBE70=
Subject key identifier:   4E:D0:F9:DA:1F:95:BC:44:FD:DE:CF:3A:EE:19:7A:83:39:90:84:47
Certificate issuer:       /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Certificate serial:       018570798D00B4530BF00BD454DF620BA504
Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/TtD52h-VvET93s867hl6gzmQhEc.roa
Signing time:             Mon 02 Jan 2023 03:14:52 +0000
ROA not before:           Mon 02 Jan 2023 03:14:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29017
IP address blocks:        185.181.116.0/22 maxlen: 24
                          91.197.228.0/22 maxlen: 24
                          2a0a:cb80::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:8d:00:b4:53:0b:f0:0b:d4:54:df:62:0b:a5:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
        Validity
            Not Before: Jan  2 03:14:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4ed0f9da1f95bc44fddecf3aee197a8339908447
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:48:05:b0:10:15:0d:05:df:e4:46:75:e2:ce:
                    43:34:3d:82:6b:4b:81:5f:ad:ec:6d:2b:64:21:eb:
                    65:3e:78:e6:9f:51:84:4b:9a:4a:b2:6f:9c:ef:11:
                    fd:c9:5a:d8:0f:f1:76:ed:dd:0a:3b:79:43:7f:0e:
                    6b:9e:06:98:35:ef:ff:d5:68:4e:0a:63:1b:8b:b6:
                    ce:6b:2e:f9:b9:31:7d:c1:c3:a1:fa:8d:ce:4a:1d:
                    2a:30:bc:6d:a9:41:54:ca:e6:80:19:8d:12:f1:10:
                    63:7b:26:76:5f:5f:06:d1:ee:df:68:ef:53:ef:0e:
                    b2:79:b6:a9:31:76:41:bf:c9:13:7c:49:e1:20:19:
                    72:16:c4:6b:64:9b:fe:f4:a9:1e:70:2c:aa:3c:a5:
                    90:26:01:42:5d:50:a2:75:67:a9:de:95:39:90:1f:
                    08:37:00:b4:53:3b:d7:b1:76:7a:ce:be:20:7b:5d:
                    d9:2d:df:51:bb:91:9e:32:95:10:94:48:21:e9:c3:
                    c7:8f:31:9f:a3:75:ee:12:75:69:d3:63:92:c0:56:
                    1c:a3:a4:ef:ad:f0:02:7f:a8:7b:98:bc:52:bd:f9:
                    2f:a1:25:9a:4a:b6:9d:a0:b2:04:9a:91:91:81:4f:
                    6a:88:ea:00:1f:57:fb:47:f7:bc:bf:5b:19:dd:d1:
                    b0:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:D0:F9:DA:1F:95:BC:44:FD:DE:CF:3A:EE:19:7A:83:39:90:84:47
            X509v3 Authority Key Identifier:
                keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/TtD52h-VvET93s867hl6gzmQhEc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.197.228.0/22
                  185.181.116.0/22
                IPv6:
                  2a0a:cb80::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:a9:2f:12:8a:2e:47:a7:41:bd:3f:83:54:0f:d6:52:b9:6c:
         56:a6:a5:2a:00:c0:95:4a:e6:0e:77:2d:f4:f7:b8:12:bc:35:
         e1:a2:86:1b:0f:6a:1a:37:ab:a6:38:13:c2:fd:63:96:74:14:
         27:1b:aa:00:62:2f:53:96:25:4f:38:1f:ef:10:52:a8:06:3b:
         9a:7b:a5:76:ad:5e:b3:95:8a:b2:c6:fc:de:49:0a:44:93:df:
         40:6a:d5:b5:64:24:46:a9:84:18:91:24:bc:0c:6a:7d:51:c1:
         9b:e7:92:e3:e7:f5:0d:f7:dd:74:3e:2b:e3:85:ff:22:0e:cc:
         e5:85:20:f1:aa:b8:b5:e5:3b:7b:c9:3b:4c:a0:44:7e:2f:22:
         a2:55:42:df:00:d7:25:45:33:a5:04:3e:ad:33:df:52:b5:8a:
         5f:96:e2:27:db:ab:3f:f7:ba:9b:c3:eb:ba:ee:e8:85:54:2e:
         cd:3a:55:5c:5a:1a:af:d5:d6:3d:fb:ab:24:38:6a:fc:2b:2a:
         56:20:36:d1:85:34:28:18:c4:95:f6:cd:87:73:64:43:cc:a2:
         3c:8e:17:14:e9:f3:04:d6:82:e7:d9:65:7f:0e:a0:95:d3:cb:
         71:be:41:8c:4a:dc:16:80:0a:ae:0c:5a:53:18:01:68:1f:71:
         f1:d4:68:33
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVweY0AtFML8AvUVN9iC6UEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm
MTFkZmMwHhcNMjMwMTAyMDMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQwZjlkYTFmOTViYzQ0ZmRkZWNmM2FlZTE5N2E4MzM5OTA4NDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0gFsBAVDQXf5EZ14s5DND2Ca0uB
X63sbStkIetlPnjmn1GES5pKsm+c7xH9yVrYD/F27d0KO3lDfw5rngaYNe//1WhO
CmMbi7bOay75uTF9wcOh+o3OSh0qMLxtqUFUyuaAGY0S8RBjeyZ2X18G0e7faO9T
7w6yebapMXZBv8kTfEnhIBlyFsRrZJv+9KkecCyqPKWQJgFCXVCidWep3pU5kB8I
NwC0UzvXsXZ6zr4ge13ZLd9Ru5GeMpUQlEgh6cPHjzGfo3XuEnVp02OSwFYco6Tv
rfACf6h7mLxSvfkvoSWaSradoLIEmpGRgU9qiOoAH1f7R/e8v1sZ3dGwTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE7Q+doflbxE/d7POu4ZeoM5kIRHMB8GA1UdIwQY
MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt
ZDE2M2I1NDk5ZTY4LzEvVHRENTJoLVZ2RVQ5M3M4NjdobDZnem1RaEVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4
LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC
ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQB0qS8Sii5Hp0G9
P4NUD9ZSuWxWpqUqAMCVSuYOdy3097gSvDXhooYbD2oaN6umOBPC/WOWdBQnG6oA
Yi9TliVPOB/vEFKoBjuae6V2rV6zlYqyxvzeSQpEk99AatW1ZCRGqYQYkSS8DGp9
UcGb55Lj5/UN9910Pivjhf8iDszlhSDxqri15Tt7yTtMoER+LyKiVULfANclRTOl
BD6tM99StYpfluIn26s/97qbw+u67uiFVC7NOlVcWhqv1dY9+6skOGr8KypWIDbR
hTQoGMSV9s2Hc2RDzKI8jhcU6fME1oLn2WV/DqCV08txvkGMStwWgAquDFpTGAFo
H3Hx1Ggz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org