Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/bd55ee-c7a6-41b8-bb31-6a8c3b676b57/1/TZGO9pucj1-xh79aUKckvtths8k.roa
File:                     TZGO9pucj1-xh79aUKckvtths8k.roa (raw, json)
Hash identifier:          FEw5u5jDwDpnowimh0O/bSIl5gGsfFCBBBdKmwxRW90=
Subject key identifier:   4D:91:8E:F6:9B:9C:8F:5F:B1:87:BF:5A:50:A7:24:BE:DB:61:B3:C9
Certificate issuer:       /CN=8c9dccf9e2f37eb107496a7aaf13894ec476e375
Certificate serial:       0185710BE4F7BCB6BB904E2837271B6DC2D3
Authority key identifier: 8C:9D:CC:F9:E2:F3:7E:B1:07:49:6A:7A:AF:13:89:4E:C4:76:E3:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jJ3M-eLzfrEHSWp6rxOJTsR243U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/bd55ee-c7a6-41b8-bb31-6a8c3b676b57/1/TZGO9pucj1-xh79aUKckvtths8k.roa
Signing time:             Mon 02 Jan 2023 05:54:42 +0000
ROA not before:           Mon 02 Jan 2023 05:54:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21150
IP address blocks:        188.64.16.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0b:e4:f7:bc:b6:bb:90:4e:28:37:27:1b:6d:c2:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c9dccf9e2f37eb107496a7aaf13894ec476e375
        Validity
            Not Before: Jan  2 05:54:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4d918ef69b9c8f5fb187bf5a50a724bedb61b3c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f5:7c:b9:f7:0b:4f:4d:79:bf:1f:88:db:d1:
                    25:00:2f:db:21:4f:bc:05:1b:1d:87:f8:c0:8f:84:
                    36:04:73:38:e2:29:8e:c3:ce:11:49:3e:c8:ed:e6:
                    8a:5f:c9:4d:a1:81:3a:ff:7b:ff:e0:28:f5:17:53:
                    e9:81:ac:97:48:d8:5f:c6:9c:be:f3:5c:97:b0:f1:
                    80:ed:a8:3f:e5:f9:76:c4:1e:46:6f:0b:e5:21:e7:
                    16:73:03:ba:13:0d:62:aa:f5:b0:fc:ab:09:59:0c:
                    65:3a:80:a2:cf:1f:77:d2:91:1d:2b:1b:50:97:82:
                    ea:3b:28:fe:76:f5:b9:1e:40:60:5d:e3:ed:3e:b4:
                    f0:d2:e6:5a:97:eb:0c:66:b9:a1:bd:10:98:3e:25:
                    c7:cc:15:f7:8c:30:04:b6:7f:15:ba:d5:aa:75:04:
                    63:b5:58:ad:52:8e:a9:11:06:60:8c:f3:39:e0:08:
                    18:b8:1e:fd:14:69:a3:07:10:a0:0d:8e:b8:39:12:
                    5c:f8:8b:44:8e:f6:be:0d:17:d5:15:a5:96:98:9b:
                    28:c7:ff:87:9a:de:5f:af:3b:59:c4:92:82:63:3b:
                    32:3b:41:8d:7a:4c:a3:42:b1:c2:29:fb:90:6c:72:
                    f4:10:53:19:c4:25:ee:94:f8:45:6d:00:da:fc:7f:
                    ef:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:91:8E:F6:9B:9C:8F:5F:B1:87:BF:5A:50:A7:24:BE:DB:61:B3:C9
            X509v3 Authority Key Identifier:
                keyid:8C:9D:CC:F9:E2:F3:7E:B1:07:49:6A:7A:AF:13:89:4E:C4:76:E3:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jJ3M-eLzfrEHSWp6rxOJTsR243U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/bd55ee-c7a6-41b8-bb31-6a8c3b676b57/1/TZGO9pucj1-xh79aUKckvtths8k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/bd55ee-c7a6-41b8-bb31-6a8c3b676b57/1/jJ3M-eLzfrEHSWp6rxOJTsR243U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:95:19:e1:1f:d3:e5:6b:5d:bd:7a:82:ec:c1:1d:c1:7a:29:
         0b:f4:a7:e9:9d:47:ca:18:9b:27:5f:83:6b:92:c3:9b:95:8d:
         14:e5:dc:59:3d:7f:78:4f:20:2c:a8:30:80:da:a5:c6:05:24:
         a5:56:c6:a4:26:c1:b1:10:39:a7:9b:28:ba:08:a1:2f:81:58:
         10:ab:c8:67:49:6c:39:b8:1b:d3:53:fa:84:d2:f4:10:5a:91:
         73:26:43:4a:9a:c3:a5:2f:db:f6:37:e3:46:6d:53:08:ee:cf:
         d1:2d:70:77:fa:72:ba:29:08:40:c8:63:2a:12:d9:69:5d:c9:
         7e:01:23:37:f0:6c:6e:b4:ba:78:c8:bb:18:9c:69:43:d2:1b:
         9a:6a:ba:6d:d6:83:63:59:18:88:ad:a4:b9:16:0d:a1:38:1c:
         30:8d:af:f3:e3:ca:60:28:c9:da:96:02:42:a6:75:1e:0b:cd:
         71:78:1a:cf:51:1d:cd:54:d6:50:92:d0:e3:27:c6:b5:52:7c:
         26:53:a0:77:a4:47:7c:dd:b4:12:be:18:28:a5:e3:74:92:b9:
         f7:c5:8c:8c:90:48:15:9f:42:3b:42:41:15:a5:be:48:7b:ce:
         ff:c5:d3:7a:55:4a:43:a6:c4:29:e7:b0:63:48:c7:0d:72:c1:
         cc:43:49:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxC+T3vLa7kE4oNycbbcLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjOWRjY2Y5ZTJmMzdlYjEwNzQ5NmE3YWFmMTM4OTRlYzQ3
NmUzNzUwHhcNMjMwMTAyMDU1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDkxOGVmNjliOWM4ZjVmYjE4N2JmNWE1MGE3MjRiZWRiNjFiM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvV8ufcLT015vx+I29ElAC/bIU+8
BRsdh/jAj4Q2BHM44imOw84RST7I7eaKX8lNoYE6/3v/4Cj1F1PpgayXSNhfxpy+
81yXsPGA7ag/5fl2xB5GbwvlIecWcwO6Ew1iqvWw/KsJWQxlOoCizx930pEdKxtQ
l4LqOyj+dvW5HkBgXePtPrTw0uZal+sMZrmhvRCYPiXHzBX3jDAEtn8VutWqdQRj
tVitUo6pEQZgjPM54AgYuB79FGmjBxCgDY64ORJc+ItEjva+DRfVFaWWmJsox/+H
mt5frztZxJKCYzsyO0GNekyjQrHCKfuQbHL0EFMZxCXulPhFbQDa/H/vNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2RjvabnI9fsYe/WlCnJL7bYbPJMB8GA1UdIwQY
MBaAFIydzPni836xB0lqeq8TiU7EduN1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakozTS1lTHpmckVIU1dwNnJ4T0pUc1IyNDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iZDU1ZWUtYzdhNi00MWI4LWJiMzEt
NmE4YzNiNjc2YjU3LzEvVFpHTzlwdWNqMS14aDc5YVVLY2t2dHRoczhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iZDU1ZWUtYzdhNi00MWI4LWJiMzEtNmE4YzNiNjc2YjU3
LzEvakozTS1lTHpmckVIU1dwNnJ4T0pUc1IyNDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvEAQMA0G
CSqGSIb3DQEBCwUAA4IBAQBMlRnhH9Pla129eoLswR3BeikL9KfpnUfKGJsnX4Nr
ksOblY0U5dxZPX94TyAsqDCA2qXGBSSlVsakJsGxEDmnmyi6CKEvgVgQq8hnSWw5
uBvTU/qE0vQQWpFzJkNKmsOlL9v2N+NGbVMI7s/RLXB3+nK6KQhAyGMqEtlpXcl+
ASM38GxutLp4yLsYnGlD0huaarpt1oNjWRiIraS5Fg2hOBwwja/z48pgKMnalgJC
pnUeC81xeBrPUR3NVNZQktDjJ8a1UnwmU6B3pEd83bQSvhgopeN0krn3xYyMkEgV
n0I7QkEVpb5Ie87/xdN6VUpDpsQp57BjSMcNcsHMQ0kr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:25 2024 by rpki-client on console-ams.rpki-client.org