Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TjolmMMreTdJLTf8S72nhrog9XA.roa
File:                     TjolmMMreTdJLTf8S72nhrog9XA.roa (raw, json)
Hash identifier:          Z07zzuCAYjdePN3Uo/U63mTtULUA3Yqm5JjBuen2Fjc=
Subject key identifier:   4E:3A:25:98:C3:2B:79:37:49:2D:37:FC:4B:BD:A7:86:BA:20:F5:70
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185EEBB43DEDEF536054EEC5D04F1E4AAAE
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TjolmMMreTdJLTf8S72nhrog9XA.roa
Signing time:             Thu 26 Jan 2023 15:38:48 +0000
ROA not before:           Thu 26 Jan 2023 15:38:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201138
IP address blocks:        185.125.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 14 Mar 2023 17:55:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ee:bb:43:de:de:f5:36:05:4e:ec:5d:04:f1:e4:aa:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan 26 15:38:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e3a2598c32b7937492d37fc4bbda786ba20f570
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:af:bc:da:52:21:2e:55:0d:31:76:07:34:e9:
                    cb:7c:8a:e5:9c:7a:5a:88:e2:8c:7b:01:35:e8:e2:
                    a6:bc:40:e4:6e:e8:ae:84:3d:55:c4:c5:4c:2d:6c:
                    e9:72:61:34:1f:7d:ea:d5:07:c8:95:fe:93:52:1c:
                    b1:ac:ff:88:0d:35:9c:61:ab:ee:3a:3c:8e:09:91:
                    0f:53:6b:1f:71:fd:29:5a:03:1c:cf:ba:56:04:2d:
                    b9:00:9c:ae:53:cb:a7:72:dc:d0:11:67:b7:e4:65:
                    b6:4c:be:ca:f3:43:ad:e1:e3:12:c1:b3:14:92:62:
                    51:38:26:3a:de:b4:79:2c:09:b7:1b:f1:54:67:58:
                    37:78:76:26:b4:4d:b7:d7:91:79:29:05:3e:9c:c1:
                    46:d8:a6:7a:be:fb:96:55:73:ff:37:04:86:c2:28:
                    6b:ca:95:5f:bb:7e:d3:d8:5c:29:46:ec:d9:06:99:
                    63:e2:6f:49:c9:8e:67:e8:3f:df:58:b4:6b:1d:c1:
                    54:a6:44:41:60:07:0a:23:80:4a:c2:7d:89:60:33:
                    51:3f:09:23:cb:3b:34:ae:78:4f:9e:14:4d:e2:85:
                    f8:60:79:ff:39:08:2d:a8:a1:67:fd:a7:ab:58:bc:
                    ba:fa:0c:3b:80:04:2b:f3:80:46:5d:63:cb:1a:6c:
                    0f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:3A:25:98:C3:2B:79:37:49:2D:37:FC:4B:BD:A7:86:BA:20:F5:70
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TjolmMMreTdJLTf8S72nhrog9XA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.125.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:b7:ef:2a:19:d7:e1:7e:0e:a9:4b:2c:bf:4e:20:88:57:59:
         68:31:5b:fa:40:ae:a7:bd:25:0d:ff:bb:2c:c9:b9:9d:b3:09:
         b5:40:51:db:c0:b7:fe:28:f4:6e:f8:0e:c0:41:c0:b7:41:99:
         1f:f2:19:bd:0b:c1:e9:80:27:ff:72:54:69:16:08:d7:8e:b3:
         99:17:d5:88:a1:ce:69:51:1f:2d:41:b9:52:4b:9d:dc:14:b1:
         d4:4c:5d:c0:c4:68:12:78:1e:94:3d:50:8e:47:d5:19:65:78:
         56:f6:90:b1:b7:76:32:a5:d1:3a:bd:bf:2b:89:72:e6:56:fb:
         50:60:bf:1c:9f:65:37:a3:59:b9:75:3d:d0:20:4e:0d:e5:fe:
         4a:86:1a:55:73:a1:03:74:70:54:54:8e:d1:e3:43:6d:c8:93:
         a6:7c:e7:5b:1e:21:c6:35:8c:44:46:0e:1a:65:f1:3d:2d:0b:
         ae:4a:ab:64:51:59:08:dd:0a:45:8d:02:bd:3d:09:d1:b4:47:
         60:88:da:7b:41:69:be:16:14:f0:d1:1c:cf:1f:5b:14:5d:2a:
         92:6c:75:3c:75:80:44:2c:c1:3d:5f:7d:ef:f1:b3:7a:aa:a2:
         ab:92:c9:64:e7:57:85:ed:3c:fe:ba:ff:5e:04:65:c4:ee:60:
         94:cd:f3:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXuu0Pe3vU2BU7sXQTx5KquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTI2MTUzODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTNhMjU5OGMzMmI3OTM3NDkyZDM3ZmM0YmJkYTc4NmJhMjBmNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuq+82lIhLlUNMXYHNOnLfIrlnHpa
iOKMewE16OKmvEDkbuiuhD1VxMVMLWzpcmE0H33q1QfIlf6TUhyxrP+IDTWcYavu
OjyOCZEPU2sfcf0pWgMcz7pWBC25AJyuU8unctzQEWe35GW2TL7K80Ot4eMSwbMU
kmJROCY63rR5LAm3G/FUZ1g3eHYmtE2315F5KQU+nMFG2KZ6vvuWVXP/NwSGwihr
ypVfu37T2FwpRuzZBplj4m9JyY5n6D/fWLRrHcFUpkRBYAcKI4BKwn2JYDNRPwkj
yzs0rnhPnhRN4oX4YHn/OQgtqKFn/aerWLy6+gw7gAQr84BGXWPLGmwP7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE46JZjDK3k3SS03/Eu9p4a6IPVwMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVGpvbG1NTXJlVGRKTFRmOFM3Mm5ocm9nOVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX3lMA0G
CSqGSIb3DQEBCwUAA4IBAQAXt+8qGdfhfg6pSyy/TiCIV1loMVv6QK6nvSUN/7ss
ybmdswm1QFHbwLf+KPRu+A7AQcC3QZkf8hm9C8HpgCf/clRpFgjXjrOZF9WIoc5p
UR8tQblSS53cFLHUTF3AxGgSeB6UPVCOR9UZZXhW9pCxt3YypdE6vb8riXLmVvtQ
YL8cn2U3o1m5dT3QIE4N5f5KhhpVc6EDdHBUVI7R40NtyJOmfOdbHiHGNYxERg4a
ZfE9LQuuSqtkUVkI3QpFjQK9PQnRtEdgiNp7QWm+FhTw0RzPH1sUXSqSbHU8dYBE
LME9X33v8bN6qqKrkslk51eF7Tz+uv9eBGXE7mCUzfMY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org