Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Tl4o-AYjnY71iWKEQNYaEZHJxvc.roa
File:                     Tl4o-AYjnY71iWKEQNYaEZHJxvc.roa (raw, json)
Hash identifier:          oIKJXUHXmaiIx7LkI5ekPktvg/i9cG40D5x4/ligmkA=
Subject key identifier:   4E:5E:28:F8:06:23:9D:8E:F5:89:62:84:40:D6:1A:11:91:C9:C6:F7
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01885877C779BEB222C8A271057A2B4876BC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Tl4o-AYjnY71iWKEQNYaEZHJxvc.roa
Signing time:             Fri 26 May 2023 14:30:24 +0000
ROA not before:           Fri 26 May 2023 14:30:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51559
IP address blocks:        82.153.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Nov 2023 09:06:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:58:77:c7:79:be:b2:22:c8:a2:71:05:7a:2b:48:76:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: May 26 14:30:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e5e28f806239d8ef589628440d61a1191c9c6f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:24:d5:f8:88:77:85:39:af:0b:72:bf:16:4f:
                    a9:53:8c:ef:98:55:7b:d9:15:f9:ce:36:e3:92:8c:
                    43:e8:1e:c0:82:11:c3:db:0f:2b:b5:3f:f5:82:23:
                    e5:a2:b6:24:37:ea:0e:a1:b6:36:49:8f:04:2a:4d:
                    18:58:6d:04:9c:ac:6e:b0:a5:87:0d:8c:54:53:ea:
                    53:a2:f3:b8:32:95:74:18:38:88:56:55:44:70:f4:
                    05:46:55:71:ea:fa:7f:b7:74:f8:62:88:3e:84:d1:
                    87:58:6b:59:67:13:95:60:24:5f:e7:80:98:4b:79:
                    d7:33:05:75:72:64:4a:8c:dc:3f:c1:04:af:2d:3a:
                    d7:09:97:d2:f9:98:c9:75:8b:e5:ae:36:9a:08:d9:
                    9a:4f:ae:46:8f:13:bb:b0:3a:a7:02:33:6d:71:ba:
                    ac:3e:d4:55:19:73:51:59:24:ef:a7:97:a7:9b:ed:
                    3b:51:64:ef:b4:12:e7:2a:47:bc:81:96:a6:58:4b:
                    fe:68:86:69:98:e0:dd:b3:18:e8:77:18:20:3c:5f:
                    cb:e4:86:5f:69:2d:50:8c:1b:50:ec:b1:ae:b1:fe:
                    5a:f0:76:3a:95:fc:c5:94:19:58:67:e0:d5:28:42:
                    8b:5d:a5:24:98:c9:f6:1f:de:68:96:69:9d:78:e9:
                    b5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:5E:28:F8:06:23:9D:8E:F5:89:62:84:40:D6:1A:11:91:C9:C6:F7
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Tl4o-AYjnY71iWKEQNYaEZHJxvc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.153.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:49:33:fd:bf:b7:0c:af:16:21:ba:36:a4:cb:4a:c0:76:b6:
         b5:f7:be:29:c3:07:1d:5f:10:11:72:e2:e8:2d:fb:b2:7e:6b:
         28:4b:2a:5c:77:ae:b8:dc:7b:0b:f3:b6:ba:d3:c7:24:dc:e3:
         40:58:00:ed:67:b9:66:15:40:31:bb:9b:32:85:04:b4:01:a2:
         86:da:a3:94:3d:dc:c6:c7:c4:de:30:fb:cc:f5:c6:56:e5:23:
         69:c1:53:71:1d:8c:3a:36:38:f2:9a:cd:55:b0:b1:c8:08:a6:
         f5:01:da:9a:89:c6:7f:1c:a3:43:f7:60:6d:23:33:a5:e7:c0:
         b2:55:40:92:bf:65:2e:6e:95:f7:b7:74:07:e6:31:8d:bf:bc:
         f2:de:9c:f8:35:23:05:51:56:fd:df:97:0f:3e:97:76:bb:29:
         ab:c3:09:37:b3:93:8c:15:80:43:ac:55:04:2b:c1:e3:c1:ad:
         84:ec:44:92:9a:b6:eb:a3:62:ac:d0:b9:59:55:db:e8:15:dd:
         e2:d8:5d:51:cf:a3:bd:4b:15:4b:80:40:39:cb:18:ba:16:02:
         86:71:cd:34:95:cd:e3:0a:f3:f7:09:99:8d:a8:e3:a5:48:8c:
         93:57:34:60:93:a7:d9:d1:6b:bc:28:0d:ab:a8:50:02:97:e4:
         6f:ba:1f:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhYd8d5vrIiyKJxBXorSHa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTI2MTQzMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTVlMjhmODA2MjM5ZDhlZjU4OTYyODQ0MGQ2MWExMTkxYzljNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyTV+Ih3hTmvC3K/Fk+pU4zvmFV7
2RX5zjbjkoxD6B7AghHD2w8rtT/1giPlorYkN+oOobY2SY8EKk0YWG0EnKxusKWH
DYxUU+pTovO4MpV0GDiIVlVEcPQFRlVx6vp/t3T4Yog+hNGHWGtZZxOVYCRf54CY
S3nXMwV1cmRKjNw/wQSvLTrXCZfS+ZjJdYvlrjaaCNmaT65GjxO7sDqnAjNtcbqs
PtRVGXNRWSTvp5enm+07UWTvtBLnKke8gZamWEv+aIZpmODdsxjodxggPF/L5IZf
aS1QjBtQ7LGusf5a8HY6lfzFlBlYZ+DVKEKLXaUkmMn2H95olmmdeOm1XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5eKPgGI52O9YlihEDWGhGRycb3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVGw0by1BWWpuWTcxaVdLRVFOWWFFWkhKeHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplGMA0G
CSqGSIb3DQEBCwUAA4IBAQBcSTP9v7cMrxYhujaky0rAdra1974pwwcdXxARcuLo
LfuyfmsoSypcd6643HsL87a608ck3ONAWADtZ7lmFUAxu5syhQS0AaKG2qOUPdzG
x8TeMPvM9cZW5SNpwVNxHYw6Njjyms1VsLHICKb1AdqaicZ/HKND92BtIzOl58Cy
VUCSv2UubpX3t3QH5jGNv7zy3pz4NSMFUVb935cPPpd2uymrwwk3s5OMFYBDrFUE
K8Hjwa2E7ESSmrbro2Ks0LlZVdvoFd3i2F1Rz6O9SxVLgEA5yxi6FgKGcc00lc3j
CvP3CZmNqOOlSIyTVzRgk6fZ0Wu8KA2rqFACl+Rvuh8j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org