Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/TKnRTqScJZLheEji8Tqaj43B9qI.roa
File:                     TKnRTqScJZLheEji8Tqaj43B9qI.roa (raw, json)
Hash identifier:          AJZwUCgk+dQl5/U0CYCRjYy6XDoaXYHlj0PeD8W9X7M=
Subject key identifier:   4C:A9:D1:4E:A4:9C:25:92:E1:78:48:E2:F1:3A:9A:8F:8D:C1:F6:A2
Certificate issuer:       /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial:       0185719E7ADF4A12B93B1D75BE7B9996575B
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/TKnRTqScJZLheEji8Tqaj43B9qI.roa
Signing time:             Mon 02 Jan 2023 08:34:49 +0000
ROA not before:           Mon 02 Jan 2023 08:34:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34879
IP address blocks:        195.209.72.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 25 Jan 2023 06:34:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:9e:7a:df:4a:12:b9:3b:1d:75:be:7b:99:96:57:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
        Validity
            Not Before: Jan  2 08:34:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4ca9d14ea49c2592e17848e2f13a9a8f8dc1f6a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:9b:c1:2a:a4:07:a7:08:1d:d9:67:9a:c8:89:
                    68:92:2e:17:ac:e6:c8:9b:27:fa:7f:fe:ff:5e:4d:
                    60:97:9c:e7:d4:f2:2f:fc:ea:14:8c:11:16:a1:75:
                    c2:5c:44:fc:c6:e8:05:70:d4:71:30:eb:b6:39:fe:
                    58:3e:96:07:b6:0d:bd:51:34:e3:19:22:20:58:22:
                    db:e5:4f:20:90:e2:8f:d5:14:ec:6f:16:e0:2c:85:
                    02:0e:a8:f2:54:92:01:64:26:36:50:ad:8f:c6:c3:
                    68:4c:1b:5e:63:8d:92:65:bd:f7:22:78:2e:64:5b:
                    01:eb:e7:e3:80:8d:a3:20:a9:62:02:3a:35:ef:7e:
                    06:13:99:f1:de:29:d1:e2:4f:a2:ab:d9:ba:ad:0e:
                    04:c1:49:68:f9:f1:50:c6:22:04:74:a6:55:ed:80:
                    d1:ac:55:6b:69:f8:44:86:d9:08:4e:69:48:bf:00:
                    e9:ee:db:99:7f:38:3d:ab:6e:1b:f1:da:51:f7:06:
                    a9:37:e3:08:d3:b6:45:55:eb:69:83:11:a7:64:c3:
                    61:db:26:ec:e8:55:08:69:9d:85:38:c0:5e:ba:5b:
                    23:8a:64:4b:0e:89:70:43:5a:ed:91:ef:45:35:a4:
                    f3:80:aa:e3:9c:96:2f:e2:6d:ac:af:ce:59:09:a9:
                    79:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:A9:D1:4E:A4:9C:25:92:E1:78:48:E2:F1:3A:9A:8F:8D:C1:F6:A2
            X509v3 Authority Key Identifier:
                keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/TKnRTqScJZLheEji8Tqaj43B9qI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.209.72.0/23

    Signature Algorithm: sha256WithRSAEncryption
         33:34:80:63:03:2b:62:b4:f7:b8:9d:dc:19:3a:d1:59:79:02:
         32:4f:03:4d:2a:4d:37:f4:99:ad:ca:9c:a4:6d:ff:28:f7:b8:
         2c:c4:4a:43:fd:30:2c:4e:6c:cf:01:03:92:45:52:22:91:5a:
         9b:8a:5e:78:16:91:6a:62:2d:79:a2:05:fb:26:74:fc:c4:2f:
         b8:42:b7:1c:82:04:ff:ea:f3:f1:2c:ae:f0:79:83:15:bb:42:
         a5:7c:df:79:f0:f8:cb:4b:a9:c2:a7:18:b2:f1:a8:51:da:01:
         08:36:fb:dc:5a:f4:65:3d:d1:62:28:69:b9:78:3e:3e:f3:82:
         3c:e0:02:0d:e5:04:a1:d7:c7:bb:23:6d:6c:0d:40:81:55:f9:
         e1:69:01:59:38:be:fc:46:94:8f:8d:a0:a3:69:69:44:8d:e3:
         43:45:ec:1a:ab:67:3c:2a:0c:f0:71:2a:0f:18:e4:40:9c:c6:
         6b:81:86:c3:da:1f:51:98:48:cd:48:a4:db:57:4f:58:5f:12:
         2f:a2:0b:e2:8f:d5:e2:59:46:77:11:ef:fc:4b:25:27:2f:66:
         20:42:ed:5c:46:0c:85:8a:8a:ad:aa:4d:cd:bd:55:18:fd:9a:
         83:7c:a9:a5:7e:69:bb:c3:53:be:ca:76:4c:28:3d:3a:70:b4:
         68:f8:32:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxnnrfShK5Ox11vnuZlldbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMwMTAyMDgzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E5ZDE0ZWE0OWMyNTkyZTE3ODQ4ZTJmMTNhOWE4ZjhkYzFmNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZvBKqQHpwgd2WeayIloki4XrObI
myf6f/7/Xk1gl5zn1PIv/OoUjBEWoXXCXET8xugFcNRxMOu2Of5YPpYHtg29UTTj
GSIgWCLb5U8gkOKP1RTsbxbgLIUCDqjyVJIBZCY2UK2PxsNoTBteY42SZb33Ingu
ZFsB6+fjgI2jIKliAjo1734GE5nx3inR4k+iq9m6rQ4EwUlo+fFQxiIEdKZV7YDR
rFVrafhEhtkITmlIvwDp7tuZfzg9q24b8dpR9wapN+MI07ZFVetpgxGnZMNh2ybs
6FUIaZ2FOMBeulsjimRLDolwQ1rtke9FNaTzgKrjnJYv4m2sr85ZCal5owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyp0U6knCWS4XhI4vE6mo+NwfaiMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvVEtuUlRxU2NKWkxoZUVqaThUcWFqNDNCOXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw9FIMA0G
CSqGSIb3DQEBCwUAA4IBAQAzNIBjAytitPe4ndwZOtFZeQIyTwNNKk039Jmtypyk
bf8o97gsxEpD/TAsTmzPAQOSRVIikVqbil54FpFqYi15ogX7JnT8xC+4QrccggT/
6vPxLK7weYMVu0KlfN958PjLS6nCpxiy8ahR2gEINvvcWvRlPdFiKGm5eD4+84I8
4AIN5QSh18e7I21sDUCBVfnhaQFZOL78RpSPjaCjaWlEjeNDRewaq2c8KgzwcSoP
GORAnMZrgYbD2h9RmEjNSKTbV09YXxIvogvij9XiWUZ3Ee/8SyUnL2YgQu1cRgyF
ioqtqk3NvVUY/ZqDfKmlfmm7w1O+ynZMKD06cLRo+DJG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org