Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/tjbpr_sMyDsEOL3A7HTOLKJMz64.roa
File:                     tjbpr_sMyDsEOL3A7HTOLKJMz64.roa (raw, json)
Hash identifier:          3wWqBY06p5o0MWzB/GTqHLrWtfs5HUrrFvQssXbNNUQ=
Subject key identifier:   B6:36:E9:AF:FB:0C:C8:3B:04:38:BD:C0:EC:74:CE:2C:A2:4C:CF:AE
Certificate issuer:       /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial:       018570305F5EF289B6E5B5C4181E1CDF8FB2
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/tjbpr_sMyDsEOL3A7HTOLKJMz64.roa
Signing time:             Mon 02 Jan 2023 01:54:56 +0000
ROA not before:           Mon 02 Jan 2023 01:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24822
IP address blocks:        217.65.109.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:30:5f:5e:f2:89:b6:e5:b5:c4:18:1e:1c:df:8f:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
        Validity
            Not Before: Jan  2 01:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b636e9affb0cc83b0438bdc0ec74ce2ca24ccfae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:58:d8:67:81:26:89:6a:c5:8a:3f:9a:82:ea:
                    3d:cb:17:2c:4e:d9:b4:a7:dd:4f:5f:ab:5f:5c:9a:
                    0c:52:df:02:b1:0e:72:12:46:30:64:2c:f0:25:1e:
                    93:9e:64:44:bc:5c:54:81:0d:83:6b:4f:49:2b:27:
                    d0:9d:b0:51:43:5c:b6:46:64:c7:9e:be:f8:dd:54:
                    c7:f5:a4:3d:42:45:4f:91:be:34:4f:01:24:86:6b:
                    cc:55:1a:69:c9:39:75:59:88:61:b2:60:4a:45:10:
                    64:86:46:86:e7:84:e8:b2:38:51:02:bc:4d:2b:df:
                    5e:af:06:62:00:e6:e1:33:f4:c9:d0:ed:e8:ae:23:
                    a3:96:29:b9:09:b2:32:94:3a:f4:9b:8a:f9:6e:d2:
                    60:0b:d1:a9:83:a1:d8:e7:55:65:19:fe:07:55:9e:
                    f6:f7:a5:9f:c6:62:c0:bc:14:6e:30:af:e4:75:65:
                    ae:5d:fd:46:b5:1d:56:98:1a:66:b1:5d:cc:4c:96:
                    50:e3:d3:53:13:9c:5b:6b:cd:83:30:e8:0e:34:a9:
                    37:a1:10:11:a2:5e:56:ff:0b:3a:51:27:13:88:ce:
                    4e:dd:8a:7c:05:9c:52:f5:52:e6:33:5e:05:3c:bb:
                    15:c8:e9:22:1c:e1:fe:27:9f:22:25:32:05:4e:93:
                    b9:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:36:E9:AF:FB:0C:C8:3B:04:38:BD:C0:EC:74:CE:2C:A2:4C:CF:AE
            X509v3 Authority Key Identifier:
                keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/tjbpr_sMyDsEOL3A7HTOLKJMz64.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.65.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:0a:dc:7a:9c:80:9b:93:32:c8:dc:87:78:32:ed:54:c5:12:
         64:0c:75:c7:2e:ce:ef:94:5f:86:58:7e:fb:11:43:ab:17:51:
         b3:3e:22:37:ab:56:25:16:0d:19:9e:98:10:47:69:a6:48:0c:
         8c:db:fe:54:f2:9c:4f:d2:3a:c9:80:75:67:60:70:f3:63:1b:
         b9:7d:be:49:c5:22:6a:3c:ba:a8:92:9a:b8:1c:f8:d4:40:77:
         7a:aa:af:e3:b3:99:8b:e0:45:7c:63:ed:d8:16:21:7d:60:52:
         a8:f9:82:45:09:af:7d:e8:c3:f9:df:bb:e6:8b:fb:3a:99:75:
         e9:cf:e8:52:79:4f:24:5f:c6:6c:e8:9f:4f:4b:71:26:55:4e:
         e2:dc:07:d6:27:30:e9:d2:32:fd:b5:2b:90:a3:52:a6:02:aa:
         46:f1:94:43:aa:4f:20:47:43:f1:8e:5b:c1:90:dc:9c:98:91:
         e1:53:e0:93:9b:6b:49:cf:a1:94:b5:ea:6e:15:52:56:2a:3e:
         d8:86:fc:12:d9:65:a2:a5:e0:c9:87:5c:1c:86:29:0c:39:41:
         4a:23:3e:18:b6:8b:9e:0a:f5:2f:6c:fa:a5:d5:7f:a7:7d:74:
         8c:19:8c:ca:e3:94:c6:15:12:a3:0b:54:e2:fa:bf:2e:47:f8:
         79:b1:54:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMF9e8om25bXEGB4c34+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjM2ZTlhZmZiMGNjODNiMDQzOGJkYzBlYzc0Y2UyY2EyNGNjZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVjYZ4EmiWrFij+aguo9yxcsTtm0
p91PX6tfXJoMUt8CsQ5yEkYwZCzwJR6TnmREvFxUgQ2Da09JKyfQnbBRQ1y2RmTH
nr743VTH9aQ9QkVPkb40TwEkhmvMVRppyTl1WYhhsmBKRRBkhkaG54TosjhRArxN
K99erwZiAObhM/TJ0O3oriOjlim5CbIylDr0m4r5btJgC9Gpg6HY51VlGf4HVZ72
96WfxmLAvBRuMK/kdWWuXf1GtR1WmBpmsV3MTJZQ49NTE5xba82DMOgONKk3oRAR
ol5W/ws6UScTiM5O3Yp8BZxS9VLmM14FPLsVyOkiHOH+J58iJTIFTpO5JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLY26a/7DMg7BDi9wOx0ziyiTM+uMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvdGpicHJfc015RHNFT0wzQTdIVE9MS0pNejY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2UFtMA0G
CSqGSIb3DQEBCwUAA4IBAQBJCtx6nICbkzLI3Id4Mu1UxRJkDHXHLs7vlF+GWH77
EUOrF1GzPiI3q1YlFg0ZnpgQR2mmSAyM2/5U8pxP0jrJgHVnYHDzYxu5fb5JxSJq
PLqokpq4HPjUQHd6qq/js5mL4EV8Y+3YFiF9YFKo+YJFCa996MP537vmi/s6mXXp
z+hSeU8kX8Zs6J9PS3EmVU7i3AfWJzDp0jL9tSuQo1KmAqpG8ZRDqk8gR0PxjlvB
kNycmJHhU+CTm2tJz6GUtepuFVJWKj7YhvwS2WWipeDJh1wchikMOUFKIz4Ytoue
CvUvbPql1X+nfXSMGYzK45TGFRKjC1Ti+r8uR/h5sVR1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org