Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TRezaNvyKVP6SjDwETDbatX1f78.roa
File:                     TRezaNvyKVP6SjDwETDbatX1f78.roa (raw, json)
Hash identifier:          AerKnhVIbeHxGbH0LOfbYTHf1ExfsLF66rHuhHzpjXY=
Subject key identifier:   4D:17:B3:68:DB:F2:29:53:FA:4A:30:F0:11:30:DB:6A:D5:F5:7F:BF
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       018D8E5BC6A4038EFB323EC81C85EEAC2B62
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TRezaNvyKVP6SjDwETDbatX1f78.roa
Signing time:             Fri 09 Feb 2024 14:53:15 +0000
ROA not before:           Fri 09 Feb 2024 14:53:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21859
IP address blocks:        185.230.66.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 18 Feb 2024 11:18:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:8e:5b:c6:a4:03:8e:fb:32:3e:c8:1c:85:ee:ac:2b:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Feb  9 14:53:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4d17b368dbf22953fa4a30f01130db6ad5f57fbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:ad:ab:b8:bb:e1:13:68:5b:5a:74:e5:84:53:
                    df:fd:49:07:00:e3:f1:68:38:a2:fd:bf:5a:cc:11:
                    b6:97:26:4d:bb:c3:c6:6c:45:c2:33:f4:f9:3e:0d:
                    2b:b7:5a:b9:9f:fa:a6:03:89:2a:4d:44:74:71:4c:
                    0d:7f:5f:34:26:31:58:d4:9e:ef:98:6d:cc:ee:f4:
                    6d:88:d4:80:4e:99:ac:7c:4b:16:e2:73:4a:33:27:
                    8a:7e:8f:9b:3b:d8:7d:4a:97:de:e5:74:ec:c8:33:
                    d1:bb:19:d9:5e:66:2c:28:a4:65:19:62:8f:24:b0:
                    0c:ee:40:da:84:a0:76:4c:7f:17:8c:92:00:7d:5b:
                    e5:73:82:15:fe:a4:67:f2:d5:0b:5e:1c:36:1c:7f:
                    bb:50:02:bb:91:8c:16:f0:43:72:87:01:a4:c1:c0:
                    43:8f:ac:b1:97:79:21:64:f9:8f:15:da:eb:df:0f:
                    23:fc:59:78:4a:8a:70:d7:d6:2f:5e:c5:ef:34:37:
                    60:a3:45:d9:4c:a1:fe:f2:b2:39:32:b4:d0:10:bf:
                    b0:0d:fb:b6:f2:55:99:41:6c:3b:6f:e0:e9:e3:d7:
                    1a:4d:d2:86:11:8a:ea:9f:c1:9b:f6:93:bc:15:7f:
                    40:37:c6:99:52:e9:95:46:5f:84:c4:bb:11:7a:d1:
                    cc:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:17:B3:68:DB:F2:29:53:FA:4A:30:F0:11:30:DB:6A:D5:F5:7F:BF
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TRezaNvyKVP6SjDwETDbatX1f78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.230.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:01:ed:40:09:6a:2e:a3:ae:7c:63:2e:40:4c:2f:d7:e4:fe:
         81:4c:b4:42:5b:e0:4d:da:9f:ac:12:97:52:88:59:e2:82:09:
         95:62:e4:15:50:77:f2:be:53:81:79:86:01:9c:e4:2f:a1:93:
         fa:e1:d2:46:04:1f:f4:27:1a:ff:4f:37:4e:db:8e:e9:7e:9a:
         a8:3b:da:46:e1:49:05:03:71:63:16:90:2e:1e:97:dd:54:da:
         94:d1:7c:ee:41:be:e4:b3:02:1a:89:4b:9b:85:06:33:90:ff:
         1c:23:6d:e6:de:48:ab:94:2f:9b:6d:76:b3:e0:ef:1a:5e:4b:
         ed:0b:17:63:c1:2c:db:a1:be:c1:75:b7:6b:5b:38:f2:dc:ed:
         4c:a1:22:fb:c9:28:93:ac:26:fe:af:e4:d5:51:90:68:c8:44:
         10:3a:1d:34:e8:8f:74:a0:f9:ee:5c:a0:33:82:56:ba:c0:70:
         a5:20:ed:af:f5:85:50:e6:f1:bf:c7:6e:32:8b:09:dc:05:dc:
         1c:5b:ae:f9:3c:fd:4b:42:11:cf:d8:e0:78:9e:a1:61:39:19:
         14:07:41:5c:94:69:1a:85:91:c6:d0:b5:d0:b7:5d:c9:16:89:
         7b:d5:be:ab:00:44:44:d5:e6:58:c9:b7:44:51:b6:b6:6d:3e:
         d8:2d:1e:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2OW8akA477Mj7IHIXurCtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjA5MTQ1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE3YjM2OGRiZjIyOTUzZmE0YTMwZjAxMTMwZGI2YWQ1ZjU3ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK2ruLvhE2hbWnTlhFPf/UkHAOPx
aDii/b9azBG2lyZNu8PGbEXCM/T5Pg0rt1q5n/qmA4kqTUR0cUwNf180JjFY1J7v
mG3M7vRtiNSATpmsfEsW4nNKMyeKfo+bO9h9Spfe5XTsyDPRuxnZXmYsKKRlGWKP
JLAM7kDahKB2TH8XjJIAfVvlc4IV/qRn8tULXhw2HH+7UAK7kYwW8ENyhwGkwcBD
j6yxl3khZPmPFdrr3w8j/Fl4Sopw19YvXsXvNDdgo0XZTKH+8rI5MrTQEL+wDfu2
8lWZQWw7b+Dp49caTdKGEYrqn8Gb9pO8FX9AN8aZUumVRl+ExLsRetHMAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0Xs2jb8ilT+kow8BEw22rV9X+/MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVFJlemFOdnlLVlA2U2pEd0VURGJhdFgxZjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueZCMA0G
CSqGSIb3DQEBCwUAA4IBAQCBAe1ACWouo658Yy5ATC/X5P6BTLRCW+BN2p+sEpdS
iFniggmVYuQVUHfyvlOBeYYBnOQvoZP64dJGBB/0Jxr/TzdO247pfpqoO9pG4UkF
A3FjFpAuHpfdVNqU0XzuQb7kswIaiUubhQYzkP8cI23m3kirlC+bbXaz4O8aXkvt
CxdjwSzbob7BdbdrWzjy3O1MoSL7ySiTrCb+r+TVUZBoyEQQOh006I90oPnuXKAz
gla6wHClIO2v9YVQ5vG/x24yiwncBdwcW675PP1LQhHP2OB4nqFhORkUB0FclGka
hZHG0LXQt13JFol71b6rAERE1eZYybdEUba2bT7YLR5L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:26 2024 by rpki-client on console-ams.rpki-client.org