Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/TXi6Bz_bWFqasjwu4nrdQzMmbt0.roa
File:                     TXi6Bz_bWFqasjwu4nrdQzMmbt0.roa (raw, json)
Hash identifier:          Bf3rBbCg1DHMcABlaFxmEbgUh7E9DqdiNyjehDSiwZU=
Subject key identifier:   4D:78:BA:07:3F:DB:58:5A:9A:B2:3C:2E:E2:7A:DD:43:33:26:6E:DD
Certificate issuer:       /CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
Certificate serial:       018939AE96E4E9F2EB53F57FF991E0ABB789
Authority key identifier: BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/TXi6Bz_bWFqasjwu4nrdQzMmbt0.roa
Signing time:             Sun 09 Jul 2023 08:04:50 +0000
ROA not before:           Sun 09 Jul 2023 08:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50673
IP address blocks:        185.192.144.0/24 maxlen: 24
                          185.192.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:39:ae:96:e4:e9:f2:eb:53:f5:7f:f9:91:e0:ab:b7:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
        Validity
            Not Before: Jul  9 08:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4d78ba073fdb585a9ab23c2ee27add4333266edd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:39:ce:b9:86:8f:1c:9d:ab:33:77:e1:40:f9:
                    0a:f0:32:a5:7f:2e:8f:91:41:ba:2f:d6:2d:63:2e:
                    84:de:a0:3b:60:da:d6:cd:e6:e0:5d:7e:dc:7f:07:
                    86:86:2c:90:31:79:a7:49:2c:16:da:b5:92:e1:e3:
                    53:f0:5f:c1:70:c1:b8:81:e6:96:24:e7:4a:85:2d:
                    ed:5e:76:83:83:1a:d5:77:78:3d:70:e4:4b:88:1b:
                    15:75:64:6b:22:3f:8f:d0:67:55:81:89:ba:24:fb:
                    a6:ca:91:93:b4:00:57:32:2b:27:26:78:a5:7c:df:
                    bc:ac:bc:cf:99:51:1a:fb:14:3e:8e:3e:6f:bc:03:
                    3e:04:91:99:68:df:b2:82:2c:05:95:32:28:bb:d1:
                    4a:58:c0:6c:fc:36:e3:14:32:83:20:5a:9d:66:5a:
                    2a:e3:c7:cb:be:bf:41:f4:ca:c0:16:62:bf:59:7e:
                    6a:b3:66:a9:fb:b7:cc:66:4b:9e:ec:d0:c1:c3:d2:
                    05:a9:bf:9a:85:83:8e:1e:b3:ae:4a:f2:1f:da:6d:
                    b9:e2:9b:2f:de:e9:90:72:3f:31:5b:af:88:ae:6c:
                    34:ff:e3:c2:87:06:9d:6d:43:7b:d9:db:b6:4e:f3:
                    3d:ca:55:dd:18:00:45:96:3a:16:7b:43:ca:fe:a3:
                    1e:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:78:BA:07:3F:DB:58:5A:9A:B2:3C:2E:E2:7A:DD:43:33:26:6E:DD
            X509v3 Authority Key Identifier:
                keyid:BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/TXi6Bz_bWFqasjwu4nrdQzMmbt0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/v8Rw6bWOVX6owdvtrrnGpfxFUSU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.192.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:50:9d:ee:82:23:74:a2:04:51:07:88:10:f6:09:4f:55:ff:
         27:d1:4e:f7:df:a6:5e:0d:a7:64:01:bc:c1:18:6a:f1:e7:a0:
         8a:a7:77:a0:e6:34:9d:05:09:02:06:d5:f9:a7:13:04:3a:3e:
         9f:d4:00:ad:4d:b6:30:44:2b:6c:f7:5f:bc:80:c5:3b:9a:d0:
         56:19:7a:8d:d7:60:41:5b:28:f4:95:b7:c0:cd:da:6d:b9:bf:
         35:fd:2d:dc:4e:a0:7a:aa:6d:68:5a:a7:d9:6c:29:f0:fc:c8:
         76:8d:dd:12:8d:b2:36:b7:84:a0:aa:63:31:b2:38:a9:ba:07:
         89:7c:57:a7:e8:ad:4f:7c:7b:8f:10:8f:04:de:9d:d1:58:36:
         1a:0e:3e:d0:b9:63:ad:d6:88:c0:d8:ae:7f:42:9e:57:70:25:
         47:4e:97:f6:99:32:4d:1f:d9:23:3c:eb:44:5e:e1:ba:3d:18:
         83:1c:1c:7b:de:51:d2:ff:80:06:16:78:ea:b9:16:ed:36:5a:
         4a:44:51:46:0a:97:90:3e:a3:1e:80:8a:da:bc:a1:c6:d2:a8:
         a6:16:0d:77:88:f6:de:44:d2:e7:f4:d5:e8:e3:86:82:66:d7:
         9a:3d:4b:b4:de:c7:e7:15:10:e3:15:ee:86:28:e5:49:62:d0:
         e5:a5:4f:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYk5rpbk6fLrU/V/+ZHgq7eJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYzQ3MGU5YjU4ZTU1N2VhOGMxZGJlZGFlYjljNmE1ZmM0
NTUxMjUwHhcNMjMwNzA5MDgwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDc4YmEwNzNmZGI1ODVhOWFiMjNjMmVlMjdhZGQ0MzMzMjY2ZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsznOuYaPHJ2rM3fhQPkK8DKlfy6P
kUG6L9YtYy6E3qA7YNrWzebgXX7cfweGhiyQMXmnSSwW2rWS4eNT8F/BcMG4geaW
JOdKhS3tXnaDgxrVd3g9cORLiBsVdWRrIj+P0GdVgYm6JPumypGTtABXMisnJnil
fN+8rLzPmVEa+xQ+jj5vvAM+BJGZaN+ygiwFlTIou9FKWMBs/DbjFDKDIFqdZloq
48fLvr9B9MrAFmK/WX5qs2ap+7fMZkue7NDBw9IFqb+ahYOOHrOuSvIf2m254psv
3umQcj8xW6+Irmw0/+PChwadbUN72du2TvM9ylXdGABFljoWe0PK/qMeGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE14ugc/21hamrI8LuJ63UMzJm7dMB8GA1UdIwQY
MBaAFL/EcOm1jlV+qMHb7a65xqX8RVElMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzkt
YTJhYTY1NDBmODc1LzEvVFhpNkJ6X2JXRnFhc2p3dTRucmRRek1tYnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzktYTJhYTY1NDBmODc1
LzEvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucCQMA0G
CSqGSIb3DQEBCwUAA4IBAQAoUJ3ugiN0ogRRB4gQ9glPVf8n0U7336ZeDadkAbzB
GGrx56CKp3eg5jSdBQkCBtX5pxMEOj6f1ACtTbYwRCts91+8gMU7mtBWGXqN12BB
Wyj0lbfAzdptub81/S3cTqB6qm1oWqfZbCnw/Mh2jd0SjbI2t4SgqmMxsjipugeJ
fFen6K1PfHuPEI8E3p3RWDYaDj7QuWOt1ojA2K5/Qp5XcCVHTpf2mTJNH9kjPOtE
XuG6PRiDHBx73lHS/4AGFnjquRbtNlpKRFFGCpeQPqMegIravKHG0qimFg13iPbe
RNLn9NXo44aCZteaPUu03sfnFRDjFe6GKOVJYtDlpU+g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:05 2024 by rpki-client on console-ams.rpki-client.org