Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/236aba-e8f2-4e06-a064-ff96928a6df4/1/TK-vfFPaY2DrxMkCC60H-2dn1yU.roa
File:                     TK-vfFPaY2DrxMkCC60H-2dn1yU.roa (raw, json)
Hash identifier:          uzMwTpN6sNJAq/BGkCdV8N86WfVLjgbKqe1YeO1Ajfc=
Subject key identifier:   4C:AF:AF:7C:53:DA:63:60:EB:C4:C9:02:0B:AD:07:FB:67:67:D7:25
Certificate issuer:       /CN=13e19aef683969eb982f2ddb219b4652af26b96d
Certificate serial:       0187998C9BA789055F27572A772D8C3EC52C
Authority key identifier: 13:E1:9A:EF:68:39:69:EB:98:2F:2D:DB:21:9B:46:52:AF:26:B9:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E-Ga72g5aeuYLy3bIZtGUq8muW0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/236aba-e8f2-4e06-a064-ff96928a6df4/1/TK-vfFPaY2DrxMkCC60H-2dn1yU.roa
Signing time:             Wed 19 Apr 2023 12:45:41 +0000
ROA not before:           Wed 19 Apr 2023 12:45:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199967
IP address blocks:        185.196.97.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:99:8c:9b:a7:89:05:5f:27:57:2a:77:2d:8c:3e:c5:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13e19aef683969eb982f2ddb219b4652af26b96d
        Validity
            Not Before: Apr 19 12:45:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4cafaf7c53da6360ebc4c9020bad07fb6767d725
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:fd:01:c8:84:4a:29:d7:22:52:64:ad:6a:02:
                    84:c2:e5:1c:0f:6b:ca:fa:46:63:07:86:7f:61:89:
                    95:7c:09:9d:49:aa:cd:16:66:52:00:42:a0:17:c6:
                    ab:27:d2:7f:8d:10:06:9f:c8:c5:41:8c:ff:70:c2:
                    90:76:f9:29:48:98:97:61:9d:a2:cc:01:dd:0e:31:
                    30:65:c6:0d:c1:80:a0:5e:df:66:ed:ea:65:93:2a:
                    49:e2:f8:d1:38:b7:24:ce:39:c6:0f:40:6c:22:f4:
                    de:c4:ba:4c:6f:33:6b:fe:af:e6:79:e4:d6:63:6d:
                    e5:3f:ff:e2:2a:b3:f5:27:46:92:7a:8d:46:bd:d9:
                    38:68:19:97:f4:e0:fd:f9:4e:b9:1d:41:a7:e3:68:
                    81:0d:1d:d3:6f:ef:87:14:ed:d0:d7:67:fa:27:d1:
                    78:07:0b:d6:0c:b7:dc:79:fa:82:d1:51:a9:38:d5:
                    71:47:1e:99:46:d2:06:eb:4f:82:96:56:2c:0f:a1:
                    35:37:26:1e:4c:9c:46:47:b8:de:32:33:ce:11:7a:
                    bf:8a:eb:fe:36:d5:b4:b1:80:2e:e8:ca:d7:7c:0b:
                    5c:ce:30:91:40:1b:c7:79:06:eb:69:e4:ee:a2:bc:
                    b8:86:86:5c:1b:50:cb:06:8a:17:a7:b1:95:cd:ba:
                    de:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:AF:AF:7C:53:DA:63:60:EB:C4:C9:02:0B:AD:07:FB:67:67:D7:25
            X509v3 Authority Key Identifier:
                keyid:13:E1:9A:EF:68:39:69:EB:98:2F:2D:DB:21:9B:46:52:AF:26:B9:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-Ga72g5aeuYLy3bIZtGUq8muW0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/236aba-e8f2-4e06-a064-ff96928a6df4/1/TK-vfFPaY2DrxMkCC60H-2dn1yU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/236aba-e8f2-4e06-a064-ff96928a6df4/1/E-Ga72g5aeuYLy3bIZtGUq8muW0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.196.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:5a:f4:96:9f:74:7c:cb:c3:3c:68:ef:d1:90:a2:4c:d8:b6:
         ce:86:2f:ce:53:0e:56:c7:50:1f:ee:e7:d9:38:58:c0:1d:dd:
         63:b7:1b:b1:d0:71:9b:77:25:a2:77:8b:c0:e5:77:ba:b1:b7:
         bb:e0:f5:2d:a9:f0:3d:cd:c0:53:f0:79:52:f7:e1:04:6d:1a:
         46:b4:d4:51:74:ca:ae:ab:73:ac:41:b3:4a:90:cf:92:58:76:
         0c:da:c3:fb:21:0d:cd:89:12:64:17:52:69:5d:a5:af:26:4d:
         41:ab:9a:bf:1f:61:49:37:64:4d:4d:e4:e0:ee:46:b7:c2:54:
         a1:b5:4c:31:c7:c4:72:7c:f4:0d:a0:b4:8b:3a:02:c8:f4:a7:
         52:1a:8c:df:c8:35:6c:b2:85:be:49:48:8a:56:0a:f4:34:5d:
         7d:6b:19:a4:59:f0:ba:0e:81:84:16:68:52:c2:9b:6a:fd:d8:
         f4:f7:44:64:68:76:29:0e:e4:93:31:a0:51:0e:b8:36:c5:8c:
         02:8f:0f:8e:b2:c4:5e:f1:4c:73:30:b5:8a:81:0f:d9:03:cd:
         49:9b:b6:d4:7e:9c:77:82:21:6a:fa:ac:47:27:44:06:f7:26:
         ad:62:d3:d8:73:d0:d1:dc:c3:05:74:34:ab:26:89:44:11:80:
         30:85:ca:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeZjJuniQVfJ1cqdy2MPsUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZTE5YWVmNjgzOTY5ZWI5ODJmMmRkYjIxOWI0NjUyYWYy
NmI5NmQwHhcNMjMwNDE5MTI0NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FmYWY3YzUzZGE2MzYwZWJjNGM5MDIwYmFkMDdmYjY3NjdkNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf0ByIRKKdciUmStagKEwuUcD2vK
+kZjB4Z/YYmVfAmdSarNFmZSAEKgF8arJ9J/jRAGn8jFQYz/cMKQdvkpSJiXYZ2i
zAHdDjEwZcYNwYCgXt9m7eplkypJ4vjROLckzjnGD0BsIvTexLpMbzNr/q/meeTW
Y23lP//iKrP1J0aSeo1Gvdk4aBmX9OD9+U65HUGn42iBDR3Tb++HFO3Q12f6J9F4
BwvWDLfcefqC0VGpONVxRx6ZRtIG60+CllYsD6E1NyYeTJxGR7jeMjPOEXq/iuv+
NtW0sYAu6MrXfAtczjCRQBvHeQbraeTuory4hoZcG1DLBooXp7GVzbrePwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyvr3xT2mNg68TJAgutB/tnZ9clMB8GA1UdIwQY
MBaAFBPhmu9oOWnrmC8t2yGbRlKvJrltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRS1HYTcyZzVhZXVZTHkzYkladEdVcThtdVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yMzZhYmEtZThmMi00ZTA2LWEwNjQt
ZmY5NjkyOGE2ZGY0LzEvVEstdmZGUGFZMkRyeE1rQ0M2MEgtMmRuMXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yMzZhYmEtZThmMi00ZTA2LWEwNjQtZmY5NjkyOGE2ZGY0
LzEvRS1HYTcyZzVhZXVZTHkzYkladEdVcThtdVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucRhMA0G
CSqGSIb3DQEBCwUAA4IBAQBwWvSWn3R8y8M8aO/RkKJM2LbOhi/OUw5Wx1Af7ufZ
OFjAHd1jtxux0HGbdyWid4vA5Xe6sbe74PUtqfA9zcBT8HlS9+EEbRpGtNRRdMqu
q3OsQbNKkM+SWHYM2sP7IQ3NiRJkF1JpXaWvJk1Bq5q/H2FJN2RNTeTg7ka3wlSh
tUwxx8RyfPQNoLSLOgLI9KdSGozfyDVssoW+SUiKVgr0NF19axmkWfC6DoGEFmhS
wptq/dj090RkaHYpDuSTMaBRDrg2xYwCjw+OssRe8UxzMLWKgQ/ZA81Jm7bUfpx3
giFq+qxHJ0QG9yatYtPYc9DR3MMFdDSrJolEEYAwhcqz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:28 2024 by rpki-client on console-ams.rpki-client.org