Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/oPaxVevTyNg7HBqYOypu0a3_TWM.roa
File:                     oPaxVevTyNg7HBqYOypu0a3_TWM.roa (raw, json)
Hash identifier:          CD2mHcfPfIncCCL2/oxhDsngyzi9y88QyfMgFWhbxkk=
Subject key identifier:   A0:F6:B1:55:EB:D3:C8:D8:3B:1C:1A:98:3B:2A:6E:D1:AD:FF:4D:63
Certificate issuer:       /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial:       01856CF85C5087973D4EA09B4E78A2FBAAFD
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/oPaxVevTyNg7HBqYOypu0a3_TWM.roa
Signing time:             Sun 01 Jan 2023 10:54:53 +0000
ROA not before:           Sun 01 Jan 2023 10:54:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     272697
IP address blocks:        130.185.238.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:f8:5c:50:87:97:3d:4e:a0:9b:4e:78:a2:fb:aa:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
        Validity
            Not Before: Jan  1 10:54:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a0f6b155ebd3c8d83b1c1a983b2a6ed1adff4d63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:5c:3f:8f:62:96:43:57:75:e4:28:1b:7d:8a:
                    57:0b:10:75:fb:d6:4d:be:78:05:e7:7c:79:f9:27:
                    2f:d7:ff:11:2f:00:75:7a:47:f7:32:7c:0b:eb:ad:
                    c6:6c:8f:2a:fb:60:4b:7e:08:f2:ab:6b:72:52:97:
                    43:a7:46:8b:62:4e:0d:87:6d:8d:2a:5e:d7:6c:78:
                    39:db:45:dd:ba:92:1a:bd:5a:b5:da:19:72:8f:5c:
                    39:35:6e:71:69:b4:01:8e:51:88:3f:a0:7f:ef:1d:
                    85:88:44:5c:58:be:35:22:29:b0:74:26:a0:a5:35:
                    ac:76:24:4d:f1:65:ef:ac:a7:d8:84:b6:c2:6c:6e:
                    6f:a6:f4:20:45:42:5e:8b:cf:eb:c2:dc:09:c9:69:
                    57:2d:5c:95:98:2b:9f:76:98:8f:17:a1:d2:60:da:
                    09:9b:1c:00:1c:ed:70:4d:95:c2:5f:2c:ec:2b:93:
                    25:64:57:fe:dc:60:95:66:3b:c1:23:c8:c5:ac:24:
                    fb:11:61:f2:ce:e2:a4:11:a7:29:57:00:95:b8:9d:
                    04:5d:57:3d:50:6c:58:79:65:03:d5:9b:f2:07:1f:
                    3f:ec:37:4c:86:5f:16:e3:e9:00:1a:da:ae:46:d7:
                    14:f4:bc:0f:2f:de:4f:00:c4:0b:0d:a3:de:80:cb:
                    1c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:F6:B1:55:EB:D3:C8:D8:3B:1C:1A:98:3B:2A:6E:D1:AD:FF:4D:63
            X509v3 Authority Key Identifier:
                keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/oPaxVevTyNg7HBqYOypu0a3_TWM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.185.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:d3:a8:2d:69:11:4b:77:e1:4e:a7:d9:94:d0:75:28:3a:53:
         5f:0f:dc:c3:44:68:39:3d:32:b9:44:36:a7:9c:4f:ad:6f:01:
         94:e6:1b:e0:fe:07:8c:13:6c:59:b7:bd:04:d9:ec:28:20:c0:
         3a:b7:44:f3:0c:7a:9b:f5:1f:bd:45:57:17:b2:11:29:84:95:
         04:24:fb:27:f7:ce:7e:91:1e:36:e2:b6:37:07:e3:82:90:25:
         cc:a9:d9:64:7c:10:69:c1:4b:6b:f7:2e:c6:dd:4e:97:56:ef:
         e7:bf:e8:96:7f:90:c4:e3:3c:a3:cd:78:d9:45:10:5f:d1:10:
         c3:af:ec:64:11:73:27:1d:a8:4e:1e:32:8c:12:93:fa:cd:2f:
         9e:d2:5b:c2:47:2c:d3:98:41:d6:a8:85:54:0b:10:07:ab:76:
         9e:6f:16:f3:c3:46:54:b4:50:6e:12:82:c9:2b:21:32:76:f9:
         57:37:41:46:6f:56:4b:2d:99:8b:7d:03:39:60:ed:0d:6f:df:
         e2:3c:60:23:d7:ea:c0:26:0a:54:00:fa:84:ed:e0:c2:9c:cf:
         78:99:48:1b:e0:93:a9:a6:7e:72:1d:f0:12:62:8a:d4:2e:a9:
         52:23:cc:1f:59:dd:93:6a:b0:db:61:5d:98:f0:5a:58:04:72:
         e8:60:bc:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+FxQh5c9TqCbTnii+6r9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjMwMTAxMTA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGY2YjE1NWViZDNjOGQ4M2IxYzFhOTgzYjJhNmVkMWFkZmY0ZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Fw/j2KWQ1d15CgbfYpXCxB1+9ZN
vngF53x5+Scv1/8RLwB1ekf3MnwL663GbI8q+2BLfgjyq2tyUpdDp0aLYk4Nh22N
Kl7XbHg520XdupIavVq12hlyj1w5NW5xabQBjlGIP6B/7x2FiERcWL41IimwdCag
pTWsdiRN8WXvrKfYhLbCbG5vpvQgRUJei8/rwtwJyWlXLVyVmCufdpiPF6HSYNoJ
mxwAHO1wTZXCXyzsK5MlZFf+3GCVZjvBI8jFrCT7EWHyzuKkEacpVwCVuJ0EXVc9
UGxYeWUD1ZvyBx8/7DdMhl8W4+kAGtquRtcU9LwPL95PAMQLDaPegMscAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKD2sVXr08jYOxwamDsqbtGt/01jMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvb1BheFZldlR5Tmc3SEJxWU95cHUwYTNfVFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgrnuMA0G
CSqGSIb3DQEBCwUAA4IBAQAS06gtaRFLd+FOp9mU0HUoOlNfD9zDRGg5PTK5RDan
nE+tbwGU5hvg/geME2xZt70E2ewoIMA6t0TzDHqb9R+9RVcXshEphJUEJPsn985+
kR424rY3B+OCkCXMqdlkfBBpwUtr9y7G3U6XVu/nv+iWf5DE4zyjzXjZRRBf0RDD
r+xkEXMnHahOHjKMEpP6zS+e0lvCRyzTmEHWqIVUCxAHq3aebxbzw0ZUtFBuEoLJ
KyEydvlXN0FGb1ZLLZmLfQM5YO0Nb9/iPGAj1+rAJgpUAPqE7eDCnM94mUgb4JOp
pn5yHfASYorULqlSI8wfWd2TarDbYV2Y8FpYBHLoYLy1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org