Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/tkPdBlpaSwASXS_1yiSTk1CIXws.roa
File:                     tkPdBlpaSwASXS_1yiSTk1CIXws.roa (raw, json)
Hash identifier:          xK2cJy+8VIBCgbliNkpPNvJS/WmCZVvKabzDYFG1uLE=
Subject key identifier:   B6:43:DD:06:5A:5A:4B:00:12:5D:2F:F5:CA:24:93:93:50:88:5F:0B
Certificate issuer:       /CN=1c7433fafa59f0d512a2bebb097e69463cc06759
Certificate serial:       018571BA145141DE71BD63513EC8ECB068D4
Authority key identifier: 1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/tkPdBlpaSwASXS_1yiSTk1CIXws.roa
Signing time:             Mon 02 Jan 2023 09:04:58 +0000
ROA not before:           Mon 02 Jan 2023 09:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42926
IP address blocks:        185.123.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:14:51:41:de:71:bd:63:51:3e:c8:ec:b0:68:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c7433fafa59f0d512a2bebb097e69463cc06759
        Validity
            Not Before: Jan  2 09:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b643dd065a5a4b00125d2ff5ca24939350885f0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:b8:28:fc:c6:50:20:ad:80:7f:72:88:27:d3:
                    26:86:50:da:6e:3f:b1:3a:af:2c:b9:f1:94:10:41:
                    46:69:e9:31:56:af:eb:6a:81:f0:67:ef:64:2c:31:
                    d1:26:6d:cb:f1:15:1e:4f:c5:15:ed:c5:00:3d:6d:
                    4e:83:d2:38:d9:a5:53:80:99:a6:de:8e:b9:e0:af:
                    a0:fd:6c:90:85:9c:dd:bd:b2:e7:15:f3:f9:66:5b:
                    ff:d8:51:7f:63:75:79:53:8d:5a:26:4c:cd:04:2a:
                    5d:e3:67:31:b1:15:53:d7:02:3f:0d:31:a1:0a:20:
                    ac:9c:b6:a8:5d:bc:7f:c8:de:12:ff:e7:9b:d3:e6:
                    83:4c:ff:c2:13:33:39:a6:dd:54:0b:b2:b3:38:2e:
                    c7:02:dc:2f:1b:56:ae:47:42:bc:04:df:88:0e:1e:
                    26:30:d6:b9:81:5f:29:c2:21:9a:4c:ef:5a:63:7f:
                    c5:cf:ec:c6:c6:b0:d3:41:ff:54:9a:18:f2:0f:8e:
                    db:78:77:0b:83:41:44:7e:34:16:c1:69:86:04:70:
                    80:c5:d5:e1:42:12:b3:e5:f7:8d:16:d2:0d:9e:f2:
                    34:93:b1:ab:08:44:9a:20:74:e4:4c:a1:bf:d7:1c:
                    3e:0d:15:4c:aa:65:be:7b:ee:57:95:76:14:d2:ac:
                    c0:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:43:DD:06:5A:5A:4B:00:12:5D:2F:F5:CA:24:93:93:50:88:5F:0B
            X509v3 Authority Key Identifier:
                keyid:1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/tkPdBlpaSwASXS_1yiSTk1CIXws.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/HHQz-vpZ8NUSor67CX5pRjzAZ1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.123.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:5b:3e:73:c2:8e:6b:74:0d:58:74:43:66:42:c9:60:10:be:
         b3:02:ce:69:50:71:be:2b:58:0f:c6:2a:e6:dd:04:eb:83:0c:
         24:6e:eb:fb:c0:de:aa:ea:bc:e4:9c:90:82:d3:4b:6c:b3:45:
         ba:72:c5:b2:bf:0c:92:ed:f1:a5:f2:32:f3:d5:bd:19:4f:8d:
         a6:76:5f:02:e9:6b:fd:19:de:aa:59:52:58:b6:9a:40:dc:7d:
         e0:4d:17:d3:ac:de:ee:04:31:f5:49:d3:f1:ea:94:ea:a4:6b:
         45:0e:ba:1e:12:7a:cf:ac:f9:56:b6:38:ed:e5:70:68:f5:30:
         48:fc:09:d6:3b:e2:b0:d5:fe:6a:b3:95:1f:da:bc:91:7f:fb:
         ed:23:a0:5d:40:8d:ab:9e:89:cd:ef:12:36:c8:3e:d8:8e:3c:
         07:47:cb:c2:22:a9:8d:e1:7c:df:fd:a5:6d:66:78:1b:e4:98:
         28:f3:5b:09:94:d2:95:d1:85:a9:1f:1e:ed:9f:a6:58:f0:9c:
         ed:e9:70:7c:7b:2c:49:9b:70:15:57:21:91:06:eb:81:7c:d0:
         00:92:af:f8:73:45:22:17:7c:b8:6b:5d:3e:c9:41:f1:32:87:
         89:8e:fc:67:94:03:17:7b:72:c0:c6:f7:60:d7:3c:f8:ce:ea:
         39:7f:f0:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxuhRRQd5xvWNRPsjssGjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzQzM2ZhZmE1OWYwZDUxMmEyYmViYjA5N2U2OTQ2M2Nj
MDY3NTkwHhcNMjMwMTAyMDkwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQzZGQwNjVhNWE0YjAwMTI1ZDJmZjVjYTI0OTM5MzUwODg1ZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLgo/MZQIK2Af3KIJ9MmhlDabj+x
Oq8sufGUEEFGaekxVq/raoHwZ+9kLDHRJm3L8RUeT8UV7cUAPW1Og9I42aVTgJmm
3o654K+g/WyQhZzdvbLnFfP5Zlv/2FF/Y3V5U41aJkzNBCpd42cxsRVT1wI/DTGh
CiCsnLaoXbx/yN4S/+eb0+aDTP/CEzM5pt1UC7KzOC7HAtwvG1auR0K8BN+IDh4m
MNa5gV8pwiGaTO9aY3/Fz+zGxrDTQf9UmhjyD47beHcLg0FEfjQWwWmGBHCAxdXh
QhKz5feNFtINnvI0k7GrCESaIHTkTKG/1xw+DRVMqmW+e+5XlXYU0qzAfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZD3QZaWksAEl0v9cokk5NQiF8LMB8GA1UdIwQY
MBaAFBx0M/r6WfDVEqK+uwl+aUY8wGdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0Nzkt
MTJmNDFhMGNjMGMxLzEvdGtQZEJscGFTd0FTWFNfMXlpU1RrMUNJWHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0NzktMTJmNDFhMGNjMGMx
LzEvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXs2MA0G
CSqGSIb3DQEBCwUAA4IBAQB5Wz5zwo5rdA1YdENmQslgEL6zAs5pUHG+K1gPxirm
3QTrgwwkbuv7wN6q6rzknJCC00tss0W6csWyvwyS7fGl8jLz1b0ZT42mdl8C6Wv9
Gd6qWVJYtppA3H3gTRfTrN7uBDH1SdPx6pTqpGtFDroeEnrPrPlWtjjt5XBo9TBI
/AnWO+Kw1f5qs5Uf2ryRf/vtI6BdQI2rnonN7xI2yD7YjjwHR8vCIqmN4Xzf/aVt
Zngb5Jgo81sJlNKV0YWpHx7tn6ZY8Jzt6XB8eyxJm3AVVyGRBuuBfNAAkq/4c0Ui
F3y4a10+yUHxMoeJjvxnlAMXe3LAxvdg1zz4zuo5f/Bv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:12 2024 by rpki-client on console-fra.rpki-client.org