Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TK-VxEuJO4BAMTw6e29PNtuWGTo.roa
File:                     TK-VxEuJO4BAMTw6e29PNtuWGTo.roa (raw, json)
Hash identifier:          VcLULe7PreURdXfygpNna2oRzoD6s65hBDrRY7VaESg=
Subject key identifier:   4C:AF:95:C4:4B:89:3B:80:40:31:3C:3A:7B:6F:4F:36:DB:96:19:3A
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0185DE06AB745F34010C25F69D56220884DD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TK-VxEuJO4BAMTw6e29PNtuWGTo.roa
Signing time:             Mon 23 Jan 2023 09:47:37 +0000
ROA not before:           Mon 23 Jan 2023 09:47:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212219
IP address blocks:        82.153.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 14 Apr 2023 08:37:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:de:06:ab:74:5f:34:01:0c:25:f6:9d:56:22:08:84:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jan 23 09:47:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4caf95c44b893b8040313c3a7b6f4f36db96193a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:28:3b:3d:be:a4:c8:c4:f0:0b:04:da:9e:6c:
                    13:41:66:da:14:62:c0:44:00:c1:e1:7c:1f:32:f5:
                    20:68:74:f7:f2:6c:30:7d:d3:c4:a6:41:3c:4f:3a:
                    a7:bb:8c:41:62:4a:2b:f2:fc:da:69:6d:f0:9c:b4:
                    f1:f3:7c:6d:eb:54:95:61:aa:de:b2:57:79:4f:de:
                    72:f5:db:8a:3e:cf:03:29:65:7e:1d:1c:00:66:12:
                    54:0d:47:16:92:9d:6c:a5:f4:e5:8e:74:f3:26:9a:
                    ff:73:71:45:cc:c3:cb:56:1c:41:2b:26:f9:d3:a7:
                    9e:c7:a7:02:ae:14:c0:25:4c:bc:b8:d2:b1:59:04:
                    fb:a8:ae:cf:2a:c1:79:95:02:bb:d6:c4:f5:76:0d:
                    c3:59:04:b4:46:76:31:4b:1d:9d:f2:db:ca:75:f6:
                    98:35:1c:4b:9b:37:55:07:ad:a3:3c:4c:b3:6a:23:
                    39:a4:f0:aa:24:aa:da:93:9c:7a:5e:37:19:7e:ad:
                    f4:b3:e5:be:86:6b:ae:d4:e8:ae:58:c7:b1:0d:c4:
                    05:c8:d0:c8:96:f4:98:29:25:62:17:3e:eb:72:8a:
                    86:87:b9:80:cc:90:0f:0a:72:d7:df:8d:03:1f:b2:
                    19:4a:32:cd:45:e1:ee:8c:4f:9d:69:ff:c2:00:10:
                    fc:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:AF:95:C4:4B:89:3B:80:40:31:3C:3A:7B:6F:4F:36:DB:96:19:3A
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TK-VxEuJO4BAMTw6e29PNtuWGTo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:36:a4:c4:2a:85:6d:2a:bc:da:26:1c:32:95:01:73:24:7a:
         d1:a8:58:76:fe:e9:8b:3e:92:f5:3a:1e:05:28:a4:52:5f:f2:
         1d:3e:15:1e:14:1f:13:8a:d2:0e:d2:56:06:37:56:40:03:be:
         fe:31:6e:cc:b6:48:15:17:04:fb:17:c0:52:6b:ab:8f:04:35:
         3e:c7:a0:fd:73:a2:5f:5c:43:36:50:b4:34:65:85:d0:ae:b6:
         b6:37:52:77:f9:ff:86:5d:f7:17:72:5a:85:67:53:77:f3:ea:
         3e:10:28:42:da:2d:a1:72:9d:b2:1f:86:31:4a:7c:3e:fa:2c:
         18:82:cf:f2:8a:11:0e:81:9f:e2:b1:dd:bf:4e:ea:c9:44:32:
         ba:de:f3:fa:92:25:a4:40:f4:ac:4c:e9:41:45:35:bf:86:f7:
         9e:ce:44:b4:7f:e4:d6:3c:4d:d6:53:e0:0e:85:63:d2:ab:9e:
         d0:e0:e4:c9:74:9a:cb:58:a6:ee:88:d9:52:04:ad:55:3a:5a:
         34:7b:ad:73:5a:56:5a:2b:b1:0e:cd:98:37:17:77:31:51:c5:
         fe:f7:44:bb:a4:a4:e6:70:39:ff:9c:6f:4a:ab:c3:79:cd:42:
         17:b6:c5:b6:41:61:c1:b1:bf:c8:fc:f7:be:3a:9b:63:e7:71:
         f9:08:3d:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXeBqt0XzQBDCX2nVYiCITdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTIzMDk0NzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FmOTVjNDRiODkzYjgwNDAzMTNjM2E3YjZmNGYzNmRiOTYxOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyg7Pb6kyMTwCwTanmwTQWbaFGLA
RADB4XwfMvUgaHT38mwwfdPEpkE8Tzqnu4xBYkor8vzaaW3wnLTx83xt61SVYare
sld5T95y9duKPs8DKWV+HRwAZhJUDUcWkp1spfTljnTzJpr/c3FFzMPLVhxBKyb5
06eex6cCrhTAJUy8uNKxWQT7qK7PKsF5lQK71sT1dg3DWQS0RnYxSx2d8tvKdfaY
NRxLmzdVB62jPEyzaiM5pPCqJKrak5x6XjcZfq30s+W+hmuu1OiuWMexDcQFyNDI
lvSYKSViFz7rcoqGh7mAzJAPCnLX340DH7IZSjLNReHujE+daf/CABD8vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyvlcRLiTuAQDE8OntvTzbblhk6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVEstVnhFdUpPNEJBTVR3NmUyOVBOdHVXR1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpn2MA0G
CSqGSIb3DQEBCwUAA4IBAQCCNqTEKoVtKrzaJhwylQFzJHrRqFh2/umLPpL1Oh4F
KKRSX/IdPhUeFB8TitIO0lYGN1ZAA77+MW7MtkgVFwT7F8BSa6uPBDU+x6D9c6Jf
XEM2ULQ0ZYXQrra2N1J3+f+GXfcXclqFZ1N38+o+EChC2i2hcp2yH4YxSnw++iwY
gs/yihEOgZ/isd2/TurJRDK63vP6kiWkQPSsTOlBRTW/hveezkS0f+TWPE3WU+AO
hWPSq57Q4OTJdJrLWKbuiNlSBK1VOlo0e61zWlZaK7EOzZg3F3cxUcX+90S7pKTm
cDn/nG9Kq8N5zUIXtsW2QWHBsb/I/Pe+Optj53H5CD2H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org