Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/THtvNkdVTU3Xm_IYXtIxZk03kAM.roa
File:                     THtvNkdVTU3Xm_IYXtIxZk03kAM.roa (raw, json)
Hash identifier:          eS8JhIYHCZveZ8c/AHaLcHLsNajFbEK7AoNVyKydFAo=
Subject key identifier:   4C:7B:6F:36:47:55:4D:4D:D7:9B:F2:18:5E:D2:31:66:4D:37:90:03
Certificate issuer:       /CN=4f3bd56e8b54e6da27bbe6622dac67cbf02a81ea
Certificate serial:       0185710C22A57F8A7AEEBBB620ADC50F7051
Authority key identifier: 4F:3B:D5:6E:8B:54:E6:DA:27:BB:E6:62:2D:AC:67:CB:F0:2A:81:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TzvVbotU5tonu-ZiLaxny_Aqgeo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/THtvNkdVTU3Xm_IYXtIxZk03kAM.roa
Signing time:             Mon 02 Jan 2023 05:54:58 +0000
ROA not before:           Mon 02 Jan 2023 05:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202401
IP address blocks:        194.39.204.0/22 maxlen: 24
                          2a0c:8fc0::/29 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:22:a5:7f:8a:7a:ee:bb:b6:20:ad:c5:0f:70:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f3bd56e8b54e6da27bbe6622dac67cbf02a81ea
        Validity
            Not Before: Jan  2 05:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4c7b6f3647554d4dd79bf2185ed231664d379003
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:d6:0b:c9:12:c1:84:f3:71:58:d8:01:89:ee:
                    1d:0c:a4:14:92:71:5c:0a:08:84:80:be:31:28:39:
                    da:4b:d4:96:38:e3:bf:67:43:66:53:16:6a:7f:bf:
                    1b:cd:41:f0:a9:5b:dc:ce:ea:af:c1:fe:f0:c1:41:
                    6e:13:00:6e:8e:c5:25:36:b0:20:e4:f6:43:8c:b4:
                    e2:49:41:87:61:d6:a1:2b:fe:27:89:28:15:66:0d:
                    4f:a4:84:24:2a:dc:87:e4:88:cf:6f:01:60:79:79:
                    33:78:2c:3d:47:83:1d:e8:97:25:f6:0a:65:17:36:
                    22:56:8a:f5:12:97:f8:5d:45:a8:c1:2e:d6:bc:91:
                    aa:dd:66:3e:2c:83:f8:c3:8e:3f:e3:29:f3:28:11:
                    bc:cd:d7:62:4f:f2:0f:c8:be:ee:18:00:a8:be:7b:
                    ce:a5:a3:3a:fd:97:86:48:e4:9f:2d:29:a1:07:cb:
                    47:fb:2a:fd:16:d0:2b:8f:db:1c:22:c4:57:0b:8e:
                    ae:8a:2d:f6:8f:04:28:91:4e:83:cb:3f:e2:56:6d:
                    0c:a5:b0:94:96:8b:af:05:2e:51:8c:5b:7f:14:67:
                    00:25:95:47:69:ad:88:fb:39:52:47:f3:9b:f3:0f:
                    8b:ea:cb:d6:6b:2e:aa:91:f2:01:ef:f8:f2:00:8d:
                    6d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:7B:6F:36:47:55:4D:4D:D7:9B:F2:18:5E:D2:31:66:4D:37:90:03
            X509v3 Authority Key Identifier:
                keyid:4F:3B:D5:6E:8B:54:E6:DA:27:BB:E6:62:2D:AC:67:CB:F0:2A:81:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzvVbotU5tonu-ZiLaxny_Aqgeo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/THtvNkdVTU3Xm_IYXtIxZk03kAM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/TzvVbotU5tonu-ZiLaxny_Aqgeo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.39.204.0/22
                IPv6:
                  2a0c:8fc0::/29

    Signature Algorithm: sha256WithRSAEncryption
         00:6e:f7:59:49:4c:ad:a6:1b:dc:4e:cd:1f:a2:09:fa:22:51:
         69:09:ca:76:ee:11:cd:80:79:0b:a2:74:24:91:dd:39:9d:03:
         b4:89:9d:5a:1a:3c:ff:28:08:28:e0:02:f7:ac:35:1a:80:43:
         b6:ef:a4:e2:2d:07:a9:9b:da:aa:33:93:ff:da:a7:1c:90:9d:
         ef:11:49:cd:c0:d2:f2:04:7f:00:31:00:9d:1e:a3:36:a8:8c:
         d9:90:5e:19:f7:69:45:5b:bc:d0:2f:e6:d8:67:f5:c4:26:b9:
         ee:23:24:ef:aa:ac:f2:67:83:06:59:32:a3:b1:22:33:5e:05:
         d4:3e:93:e9:16:21:f2:d6:c9:c8:4d:e4:1d:3b:a2:84:e3:99:
         d7:f4:d3:77:bf:81:6c:a4:7f:17:5f:fb:18:35:5f:eb:2d:98:
         c2:6c:54:2d:8e:56:90:0d:28:33:7a:7b:10:ea:22:42:96:88:
         9f:e4:b3:41:58:1e:21:09:8e:46:85:cb:de:72:4b:78:25:62:
         21:c2:6a:16:94:bb:48:e4:3a:05:e4:65:62:b8:5c:ad:8c:e8:
         21:59:0a:20:61:e0:4f:24:79:7f:4f:0c:d1:a8:3b:02:f9:12:
         3e:ec:11:06:d1:d6:af:25:77:9d:f2:5e:22:71:a7:4d:90:5c:
         2e:ed:ac:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxDCKlf4p67ru2IK3FD3BRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmM2JkNTZlOGI1NGU2ZGEyN2JiZTY2MjJkYWM2N2NiZjAy
YTgxZWEwHhcNMjMwMTAyMDU1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzdiNmYzNjQ3NTU0ZDRkZDc5YmYyMTg1ZWQyMzE2NjRkMzc5MDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7tYLyRLBhPNxWNgBie4dDKQUknFc
CgiEgL4xKDnaS9SWOOO/Z0NmUxZqf78bzUHwqVvczuqvwf7wwUFuEwBujsUlNrAg
5PZDjLTiSUGHYdahK/4niSgVZg1PpIQkKtyH5IjPbwFgeXkzeCw9R4Md6Jcl9gpl
FzYiVor1Epf4XUWowS7WvJGq3WY+LIP4w44/4ynzKBG8zddiT/IPyL7uGACovnvO
paM6/ZeGSOSfLSmhB8tH+yr9FtArj9scIsRXC46uii32jwQokU6Dyz/iVm0MpbCU
louvBS5RjFt/FGcAJZVHaa2I+zlSR/Ob8w+L6svWay6qkfIB7/jyAI1tEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEx7bzZHVU1N15vyGF7SMWZNN5ADMB8GA1UdIwQY
MBaAFE871W6LVObaJ7vmYi2sZ8vwKoHqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHp2VmJvdFU1dG9udS1aaUxheG55X0FxZ2VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZmUxNDktOGE3Mi00N2ZkLTg3MzUt
N2RjNWJkZGY5MWI1LzEvVEh0dk5rZFZUVTNYbV9JWVh0SXhaazAza0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZmUxNDktOGE3Mi00N2ZkLTg3MzUtN2RjNWJkZGY5MWI1
LzEvVHp2VmJvdFU1dG9udS1aaUxheG55X0FxZ2VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwifMMA0E
AgACMAcDBQMqDI/AMA0GCSqGSIb3DQEBCwUAA4IBAQAAbvdZSUytphvcTs0fogn6
IlFpCcp27hHNgHkLonQkkd05nQO0iZ1aGjz/KAgo4AL3rDUagEO276TiLQepm9qq
M5P/2qcckJ3vEUnNwNLyBH8AMQCdHqM2qIzZkF4Z92lFW7zQL+bYZ/XEJrnuIyTv
qqzyZ4MGWTKjsSIzXgXUPpPpFiHy1snITeQdO6KE45nX9NN3v4FspH8XX/sYNV/r
LZjCbFQtjlaQDSgzensQ6iJCloif5LNBWB4hCY5Ghcveckt4JWIhwmoWlLtI5DoF
5GViuFytjOghWQogYeBPJHl/TwzRqDsC+RI+7BEG0davJXed8l4icadNkFwu7azL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:20 2024 by rpki-client on console-fra.rpki-client.org