Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/tvDtxhbIw_hhPbAIH5YCHWgcjyY.roa
File:                     tvDtxhbIw_hhPbAIH5YCHWgcjyY.roa (raw, json)
Hash identifier:          AdZdx8D6AD9LKfeU48Caq3LjOcA3PLw3C5NF1CsvEHw=
Subject key identifier:   B6:F0:ED:C6:16:C8:C3:F8:61:3D:B0:08:1F:96:02:1D:68:1C:8F:26
Certificate issuer:       /CN=53787cd7946e10d88646ac79de57cc6ec59e4132
Certificate serial:       01856F4B6FF1F6082594278608C8A1C27889
Authority key identifier: 53:78:7C:D7:94:6E:10:D8:86:46:AC:79:DE:57:CC:6E:C5:9E:41:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3h815RuENiGRqx53lfMbsWeQTI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/tvDtxhbIw_hhPbAIH5YCHWgcjyY.roa
Signing time:             Sun 01 Jan 2023 21:44:52 +0000
ROA not before:           Sun 01 Jan 2023 21:44:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60008
IP address blocks:        185.54.125.0/24 maxlen: 24
                          185.54.124.0/23 maxlen: 23
                          185.54.124.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:6f:f1:f6:08:25:94:27:86:08:c8:a1:c2:78:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53787cd7946e10d88646ac79de57cc6ec59e4132
        Validity
            Not Before: Jan  1 21:44:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b6f0edc616c8c3f8613db0081f96021d681c8f26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:dd:21:60:97:4d:7a:eb:b0:e1:dd:07:17:61:
                    f3:ae:6c:60:5a:33:57:2c:8f:53:93:9c:8f:44:a0:
                    24:ee:86:c0:64:c3:e6:e0:c6:71:09:66:ad:3e:61:
                    19:fa:b4:b4:08:3e:9e:36:60:bc:e3:cb:32:a4:8a:
                    6f:52:8f:72:44:53:4f:1a:bc:33:6c:ea:2c:e0:ca:
                    63:ee:87:3f:a5:72:8f:cb:85:cb:a7:f7:29:68:fe:
                    80:d9:27:dd:ec:9f:ad:84:93:2e:ed:4a:17:ba:e3:
                    70:77:09:fc:6e:44:b6:24:4a:83:a8:dc:11:ed:29:
                    37:9b:95:8f:42:d1:1d:90:3b:a9:fd:79:9b:f3:84:
                    26:66:b1:94:12:28:6f:88:9a:0a:38:2e:8f:af:47:
                    27:67:32:89:7e:7f:c3:a3:dc:09:6e:49:3d:25:43:
                    4b:d6:0f:b5:f4:a4:03:d9:e5:7a:e6:68:89:61:d6:
                    6a:d1:d8:d1:28:11:d7:42:bc:8e:6d:69:0e:93:49:
                    e0:57:ab:d6:9b:c1:41:5d:77:9a:f3:9f:d2:9a:fd:
                    e7:9a:e2:83:30:6a:e0:e2:14:e6:40:c0:11:89:96:
                    ff:d7:a4:8b:e2:48:30:84:96:df:e5:d4:a9:c6:4b:
                    c9:82:5a:59:3e:49:2a:31:40:ff:81:bd:21:fc:a8:
                    e9:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:F0:ED:C6:16:C8:C3:F8:61:3D:B0:08:1F:96:02:1D:68:1C:8F:26
            X509v3 Authority Key Identifier:
                keyid:53:78:7C:D7:94:6E:10:D8:86:46:AC:79:DE:57:CC:6E:C5:9E:41:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3h815RuENiGRqx53lfMbsWeQTI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/tvDtxhbIw_hhPbAIH5YCHWgcjyY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/U3h815RuENiGRqx53lfMbsWeQTI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.54.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         53:a4:75:38:86:6f:3e:88:7c:89:ef:9f:94:cf:ab:b7:76:e6:
         07:ef:27:48:49:55:14:e0:77:64:04:fb:61:54:1c:da:47:97:
         44:3c:94:6b:0e:4e:ca:40:2d:53:d9:43:61:42:85:39:67:e0:
         ec:0e:a6:0d:b0:36:8f:18:07:17:22:1c:be:56:0b:88:29:56:
         40:cb:5a:b1:fb:c0:66:80:17:4f:6c:b1:2b:dd:a7:29:9b:95:
         d6:16:ad:1c:e0:b1:f6:15:c8:16:6b:5e:76:60:92:48:3f:88:
         70:c3:93:78:9c:68:43:67:70:72:6e:8b:e1:68:91:9d:38:74:
         d5:d8:69:7b:6b:06:7e:7c:20:5c:45:13:09:04:00:7d:15:57:
         7b:43:2c:f5:06:b7:c7:22:97:d0:c6:fb:ed:db:e1:49:f9:da:
         0d:3a:b0:5a:c9:82:99:25:db:41:bc:a2:6e:a9:cf:cc:04:44:
         87:a4:7f:7f:a5:e2:5c:60:7a:f7:ad:cb:92:dd:4e:5e:2c:92:
         1e:8f:ea:dc:a8:77:98:b1:cf:e6:e8:18:75:57:dc:ad:37:6f:
         71:20:5c:a7:fd:33:a5:c6:e7:e5:97:3e:17:e2:71:06:1c:96:
         a4:a4:9c:08:ba:04:fb:0a:54:de:a4:8f:1a:86:8a:a6:6d:4f:
         6d:02:ed:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS2/x9ggllCeGCMihwniJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzg3Y2Q3OTQ2ZTEwZDg4NjQ2YWM3OWRlNTdjYzZlYzU5
ZTQxMzIwHhcNMjMwMTAxMjE0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmYwZWRjNjE2YzhjM2Y4NjEzZGIwMDgxZjk2MDIxZDY4MWM4ZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw90hYJdNeuuw4d0HF2HzrmxgWjNX
LI9Tk5yPRKAk7obAZMPm4MZxCWatPmEZ+rS0CD6eNmC848sypIpvUo9yRFNPGrwz
bOos4Mpj7oc/pXKPy4XLp/cpaP6A2Sfd7J+thJMu7UoXuuNwdwn8bkS2JEqDqNwR
7Sk3m5WPQtEdkDup/Xmb84QmZrGUEihviJoKOC6Pr0cnZzKJfn/Do9wJbkk9JUNL
1g+19KQD2eV65miJYdZq0djRKBHXQryObWkOk0ngV6vWm8FBXXea85/Smv3nmuKD
MGrg4hTmQMARiZb/16SL4kgwhJbf5dSpxkvJglpZPkkqMUD/gb0h/KjpJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbw7cYWyMP4YT2wCB+WAh1oHI8mMB8GA1UdIwQY
MBaAFFN4fNeUbhDYhkased5XzG7FnkEyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNoODE1UnVFTmlHUnF4NTNsZk1ic1dlUVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9jNzc4MjUtNjhhMy00YjNlLWJjOTAt
NTIzZmQ4NmEwN2M3LzEvdHZEdHhoYkl3X2hoUGJBSUg1WUNIV2djanlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9jNzc4MjUtNjhhMy00YjNlLWJjOTAtNTIzZmQ4NmEwN2M3
LzEvVTNoODE1UnVFTmlHUnF4NTNsZk1ic1dlUVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuTZ8MA0G
CSqGSIb3DQEBCwUAA4IBAQBTpHU4hm8+iHyJ75+Uz6u3duYH7ydISVUU4HdkBPth
VBzaR5dEPJRrDk7KQC1T2UNhQoU5Z+DsDqYNsDaPGAcXIhy+VguIKVZAy1qx+8Bm
gBdPbLEr3acpm5XWFq0c4LH2FcgWa152YJJIP4hww5N4nGhDZ3BybovhaJGdOHTV
2Gl7awZ+fCBcRRMJBAB9FVd7Qyz1BrfHIpfQxvvt2+FJ+doNOrBayYKZJdtBvKJu
qc/MBESHpH9/peJcYHr3rcuS3U5eLJIej+rcqHeYsc/m6Bh1V9ytN29xIFyn/TOl
xufllz4X4nEGHJakpJwIugT7ClTepI8ahoqmbU9tAu0V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:28 2024 by rpki-client on console-ams.rpki-client.org