Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/57ffc5-584f-4bfa-ab85-b9153b3320c1/1/TLUh_6daed9FuPkmGaFkFavfElA.roa
File:                     TLUh_6daed9FuPkmGaFkFavfElA.roa (raw, json)
Hash identifier:          7aI0Gm7KBRqsSL59j+ka8l5wOHeT42+Vq3T2xRVqkTY=
Subject key identifier:   4C:B5:21:FF:A7:5A:79:DF:45:B8:F9:26:19:A1:64:15:AB:DF:12:50
Certificate issuer:       /CN=ed850483cce1337b1c6c2fddea9c5dbb4a7e191a
Certificate serial:       01856E8B1E66610CC84F8F5BBA61AD004FBE
Authority key identifier: ED:85:04:83:CC:E1:33:7B:1C:6C:2F:DD:EA:9C:5D:BB:4A:7E:19:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7YUEg8zhM3scbC_d6pxdu0p-GRo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/57ffc5-584f-4bfa-ab85-b9153b3320c1/1/TLUh_6daed9FuPkmGaFkFavfElA.roa
Signing time:             Sun 01 Jan 2023 18:14:49 +0000
ROA not before:           Sun 01 Jan 2023 18:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15600
IP address blocks:        185.73.120.0/22 maxlen: 24
                          2a05:41c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:8b:1e:66:61:0c:c8:4f:8f:5b:ba:61:ad:00:4f:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ed850483cce1337b1c6c2fddea9c5dbb4a7e191a
        Validity
            Not Before: Jan  1 18:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4cb521ffa75a79df45b8f92619a16415abdf1250
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:fa:42:41:b4:4b:2d:28:c1:06:a0:72:64:e0:
                    bd:f3:1c:5f:a9:44:b3:75:cd:9d:28:24:79:0f:47:
                    d8:4e:41:aa:5c:0c:16:a3:67:c8:16:85:80:78:3f:
                    69:6e:62:e6:1e:5a:dd:ed:3a:10:b2:6d:96:93:b5:
                    6f:9c:b4:88:d2:a2:2e:db:30:7f:32:81:24:2b:89:
                    d1:84:c2:e1:7f:39:37:be:47:57:49:7a:65:19:fa:
                    db:88:27:8a:b4:dd:0e:35:5e:1c:4a:95:80:f9:4c:
                    0b:42:ac:83:b7:54:e2:7c:82:1a:43:71:30:1a:b4:
                    20:73:90:53:9b:fe:cf:77:09:72:68:55:f1:11:fa:
                    db:47:88:18:af:41:a6:62:7f:0e:d2:28:ef:a5:e1:
                    b4:28:b9:de:f8:d2:80:6d:f7:61:db:cf:2b:d1:a4:
                    4d:f8:57:0d:02:79:a2:18:66:a1:64:1b:a3:64:69:
                    1b:c7:94:93:1d:fc:92:f4:f4:5b:57:a5:ab:f8:14:
                    b4:d4:85:d7:84:93:99:4b:88:1d:18:93:90:5e:c0:
                    27:0a:55:dd:67:7f:5f:82:df:d2:91:66:e3:19:21:
                    e0:94:b6:cc:c4:f4:de:9d:0e:d3:e1:49:b5:75:dc:
                    c8:1f:09:a7:20:5c:ce:7e:2e:65:3f:5d:06:63:b2:
                    97:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:B5:21:FF:A7:5A:79:DF:45:B8:F9:26:19:A1:64:15:AB:DF:12:50
            X509v3 Authority Key Identifier:
                keyid:ED:85:04:83:CC:E1:33:7B:1C:6C:2F:DD:EA:9C:5D:BB:4A:7E:19:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7YUEg8zhM3scbC_d6pxdu0p-GRo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/57ffc5-584f-4bfa-ab85-b9153b3320c1/1/TLUh_6daed9FuPkmGaFkFavfElA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/57ffc5-584f-4bfa-ab85-b9153b3320c1/1/7YUEg8zhM3scbC_d6pxdu0p-GRo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.73.120.0/22
                IPv6:
                  2a05:41c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         62:b2:96:54:37:9d:ad:39:6e:ae:f0:bb:ad:63:a6:8b:14:7c:
         d8:67:a0:57:18:00:d0:ae:06:11:3d:22:35:4c:59:be:ca:76:
         3d:bb:13:87:2c:33:68:ae:eb:4a:8d:a5:fb:d4:d5:e7:3a:9d:
         2e:3d:56:d4:74:fc:e2:31:7a:a9:9a:a4:a5:c5:ad:36:6e:4b:
         75:73:b8:b3:6d:65:51:68:31:fd:a0:8b:fb:5a:e8:2e:9b:df:
         f4:88:64:ff:2b:ec:94:92:b9:8b:6d:94:8e:c3:f2:e1:33:db:
         a5:05:04:d3:93:9c:0e:a1:28:c4:0d:47:7f:5e:9c:59:06:5d:
         29:4f:c0:5e:c5:9a:91:80:d1:53:6a:aa:07:06:9c:1f:65:93:
         9e:d9:8a:47:f7:57:f4:0e:a5:88:d1:5b:1d:db:5f:39:ff:72:
         f9:00:20:7a:74:8c:38:54:be:3a:5c:9f:f9:be:46:42:5d:d4:
         88:c2:d2:51:49:a2:b7:a5:f9:76:7a:6d:33:d8:02:1e:54:59:
         99:b6:94:49:5a:19:27:53:46:90:ff:2d:c8:ee:3d:79:8e:7b:
         c5:31:b3:e7:3c:55:06:1b:7d:e5:b4:ab:bc:9e:99:55:e0:29:
         f1:8b:4b:de:8c:67:b9:27:db:1d:ee:87:c3:4e:78:57:82:f9:
         ed:e3:09:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuix5mYQzIT49bumGtAE++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkODUwNDgzY2NlMTMzN2IxYzZjMmZkZGVhOWM1ZGJiNGE3
ZTE5MWEwHhcNMjMwMTAxMTgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2I1MjFmZmE3NWE3OWRmNDViOGY5MjYxOWExNjQxNWFiZGYxMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfpCQbRLLSjBBqByZOC98xxfqUSz
dc2dKCR5D0fYTkGqXAwWo2fIFoWAeD9pbmLmHlrd7ToQsm2Wk7VvnLSI0qIu2zB/
MoEkK4nRhMLhfzk3vkdXSXplGfrbiCeKtN0ONV4cSpWA+UwLQqyDt1TifIIaQ3Ew
GrQgc5BTm/7PdwlyaFXxEfrbR4gYr0GmYn8O0ijvpeG0KLne+NKAbfdh288r0aRN
+FcNAnmiGGahZBujZGkbx5STHfyS9PRbV6Wr+BS01IXXhJOZS4gdGJOQXsAnClXd
Z39fgt/SkWbjGSHglLbMxPTenQ7T4Um1ddzIHwmnIFzOfi5lP10GY7KX+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEy1If+nWnnfRbj5JhmhZBWr3xJQMB8GA1UdIwQY
MBaAFO2FBIPM4TN7HGwv3eqcXbtKfhkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1lVRWc4emhNM3NjYkNfZDZweGR1MHAtR1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny81N2ZmYzUtNTg0Zi00YmZhLWFiODUt
YjkxNTNiMzMyMGMxLzEvVExVaF82ZGFlZDlGdVBrbUdhRmtGYXZmRWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny81N2ZmYzUtNTg0Zi00YmZhLWFiODUtYjkxNTNiMzMyMGMx
LzEvN1lVRWc4emhNM3NjYkNfZDZweGR1MHAtR1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUl4MA0E
AgACMAcDBQMqBUHAMA0GCSqGSIb3DQEBCwUAA4IBAQBispZUN52tOW6u8LutY6aL
FHzYZ6BXGADQrgYRPSI1TFm+ynY9uxOHLDNorutKjaX71NXnOp0uPVbUdPziMXqp
mqSlxa02bkt1c7izbWVRaDH9oIv7Wugum9/0iGT/K+yUkrmLbZSOw/LhM9ulBQTT
k5wOoSjEDUd/XpxZBl0pT8BexZqRgNFTaqoHBpwfZZOe2YpH91f0DqWI0Vsd2185
/3L5ACB6dIw4VL46XJ/5vkZCXdSIwtJRSaK3pfl2em0z2AIeVFmZtpRJWhknU0aQ
/y3I7j15jnvFMbPnPFUGG33ltKu8nplV4Cnxi0vejGe5J9sd7ofDTnhXgvnt4wnz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org