Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/TmVG_JGuloScZ-wzQJUbEgqrlQ8.roa
File:                     TmVG_JGuloScZ-wzQJUbEgqrlQ8.roa (raw, json)
Hash identifier:          iHm9H2q97NuqlvUD8leGB6LSWCnIH9tOSY13SYUy2+U=
Subject key identifier:   4E:65:46:FC:91:AE:96:84:9C:67:EC:33:40:95:1B:12:0A:AB:95:0F
Certificate issuer:       /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial:       018C9013AFABC37F54D3004039381BB5A2A9
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/TmVG_JGuloScZ-wzQJUbEgqrlQ8.roa
Signing time:             Fri 22 Dec 2023 05:50:58 +0000
ROA not before:           Fri 22 Dec 2023 05:50:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.255.5.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:90:13:af:ab:c3:7f:54:d3:00:40:39:38:1b:b5:a2:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
        Validity
            Not Before: Dec 22 05:50:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e6546fc91ae96849c67ec3340951b120aab950f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:5d:7a:04:55:55:f3:1f:42:cd:7e:82:70:89:
                    06:7f:f5:56:3f:e9:3c:5c:fb:67:0b:23:9a:b0:9b:
                    5f:0d:18:ed:60:f4:3a:6d:b2:07:d3:0a:98:70:8f:
                    3a:64:22:b2:cc:61:bd:46:61:60:33:d0:34:e0:ee:
                    69:78:b4:88:44:8c:b9:45:3c:53:51:cc:9d:d9:78:
                    40:3f:54:be:d9:ac:ca:6b:ba:24:63:f5:43:c2:2d:
                    8c:77:d6:8c:92:f3:1e:7c:aa:fc:30:de:87:14:94:
                    2a:67:d4:bb:a0:78:41:57:69:e1:22:ff:8b:7b:3b:
                    d2:22:c6:f6:40:65:23:4d:b3:22:c1:00:9c:8e:8d:
                    ba:10:56:9c:de:eb:53:db:08:62:ea:2a:a7:5d:53:
                    2b:4c:96:5d:67:55:92:19:72:3f:47:4c:51:17:99:
                    73:26:fa:f5:47:8d:02:b9:83:bf:9d:76:dc:12:fd:
                    3f:9f:b0:8f:b4:77:13:86:f7:ee:b4:c2:58:07:09:
                    24:9b:c2:4a:8e:07:20:cd:59:16:4f:2d:ce:b1:c5:
                    ac:a5:1f:50:d1:46:25:27:c0:22:33:6f:69:e6:cf:
                    d6:0c:b5:d1:38:bc:08:e6:74:36:35:9c:96:10:51:
                    d4:b5:d5:ab:8e:de:64:44:cb:d1:94:22:f3:fe:db:
                    23:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:65:46:FC:91:AE:96:84:9C:67:EC:33:40:95:1B:12:0A:AB:95:0F
            X509v3 Authority Key Identifier:
                keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/TmVG_JGuloScZ-wzQJUbEgqrlQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:ec:be:4a:ff:7f:da:c3:29:34:de:87:e1:48:c3:c7:e0:67:
         0f:e6:b0:46:e2:35:73:fe:e4:e4:c5:7c:13:36:b6:63:49:45:
         ed:68:c7:81:b1:f5:c7:51:8d:d9:3d:7b:83:db:19:22:5f:b6:
         78:e1:50:a6:de:bd:10:b2:71:d9:da:3d:bd:02:c2:8e:9a:69:
         f3:65:67:81:6c:45:4a:7f:a2:86:b6:5a:07:6a:ef:1a:07:36:
         2f:8c:ef:21:da:fd:0c:61:40:35:8c:8c:90:60:f6:84:b7:a7:
         33:06:f5:f4:e0:f1:8b:60:f6:db:55:71:b6:8b:0a:e2:32:c0:
         e7:77:fa:4d:bd:fb:6d:7f:2c:13:3e:2a:a9:8b:01:4a:d7:52:
         9d:da:24:47:32:97:8b:63:55:76:24:71:e1:2e:0e:46:e9:17:
         ac:a0:76:88:3e:f2:b2:70:7c:34:22:f8:79:d4:65:b6:7d:9f:
         7e:bf:bd:d8:d4:24:b4:58:08:cd:d7:91:e5:54:34:40:a1:8a:
         6c:af:8a:c0:8f:87:ed:3f:74:98:6b:f1:51:14:19:97:aa:ff:
         97:09:67:86:69:56:e2:66:49:5a:ec:a2:0a:f8:65:eb:e7:08:
         16:ba:37:e3:93:a7:3f:70:b5:24:6f:a0:f6:c1:4f:4e:aa:b7:
         4b:b4:4e:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyQE6+rw39U0wBAOTgbtaKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjMxMjIyMDU1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTY1NDZmYzkxYWU5Njg0OWM2N2VjMzM0MDk1MWIxMjBhYWI5NTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq116BFVV8x9CzX6CcIkGf/VWP+k8
XPtnCyOasJtfDRjtYPQ6bbIH0wqYcI86ZCKyzGG9RmFgM9A04O5peLSIRIy5RTxT
Ucyd2XhAP1S+2azKa7okY/VDwi2Md9aMkvMefKr8MN6HFJQqZ9S7oHhBV2nhIv+L
ezvSIsb2QGUjTbMiwQCcjo26EFac3utT2whi6iqnXVMrTJZdZ1WSGXI/R0xRF5lz
Jvr1R40CuYO/nXbcEv0/n7CPtHcThvfutMJYBwkkm8JKjgcgzVkWTy3OscWspR9Q
0UYlJ8AiM29p5s/WDLXROLwI5nQ2NZyWEFHUtdWrjt5kRMvRlCLz/tsjEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5lRvyRrpaEnGfsM0CVGxIKq5UPMB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEvVG1WR19KR3Vsb1NjWi13elFKVWJFZ3FybFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf8FMA0G
CSqGSIb3DQEBCwUAA4IBAQAj7L5K/3/awyk03ofhSMPH4GcP5rBG4jVz/uTkxXwT
NrZjSUXtaMeBsfXHUY3ZPXuD2xkiX7Z44VCm3r0QsnHZ2j29AsKOmmnzZWeBbEVK
f6KGtloHau8aBzYvjO8h2v0MYUA1jIyQYPaEt6czBvX04PGLYPbbVXG2iwriMsDn
d/pNvfttfywTPiqpiwFK11Kd2iRHMpeLY1V2JHHhLg5G6ResoHaIPvKycHw0Ivh5
1GW2fZ9+v73Y1CS0WAjN15HlVDRAoYpsr4rAj4ftP3SYa/FRFBmXqv+XCWeGaVbi
Zkla7KIK+GXr5wgWujfjk6c/cLUkb6D2wU9OqrdLtE44
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org