Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/5d6d69-8880-4a92-8756-5815fd3da297/1/TkDwTvK_J-q-VtHqdSpl6DZFHx0.roa
File:                     TkDwTvK_J-q-VtHqdSpl6DZFHx0.roa (raw, json)
Hash identifier:          lgwD9dVyfADu0llOQb9HycI1/jskTdDlyxL0XEv3ia0=
Subject key identifier:   4E:40:F0:4E:F2:BF:27:EA:BE:56:D1:EA:75:2A:65:E8:36:45:1F:1D
Certificate issuer:       /CN=f15096fe3390449c936e857061d4a6965d408a31
Certificate serial:       018572C3931D8F1EC42036DABA29C3848820
Authority key identifier: F1:50:96:FE:33:90:44:9C:93:6E:85:70:61:D4:A6:96:5D:40:8A:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8VCW_jOQRJyTboVwYdSmll1AijE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/5d6d69-8880-4a92-8756-5815fd3da297/1/TkDwTvK_J-q-VtHqdSpl6DZFHx0.roa
Signing time:             Mon 02 Jan 2023 13:54:57 +0000
ROA not before:           Mon 02 Jan 2023 13:54:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197883
IP address blocks:        5.42.193.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:c3:93:1d:8f:1e:c4:20:36:da:ba:29:c3:84:88:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f15096fe3390449c936e857061d4a6965d408a31
        Validity
            Not Before: Jan  2 13:54:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e40f04ef2bf27eabe56d1ea752a65e836451f1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:a4:c0:a3:e9:50:c9:59:ba:ce:69:f1:c1:f7:
                    20:35:07:35:40:59:53:62:22:3a:99:fb:19:1b:8c:
                    05:68:4a:bc:80:f8:5d:68:3a:db:b2:36:39:ac:f7:
                    3e:6b:95:b8:69:2f:72:8d:27:7a:fe:9c:b5:73:75:
                    7b:c0:a5:70:c2:c0:e6:8a:ec:8b:16:fb:63:5f:8b:
                    da:d0:18:f5:72:39:65:aa:7f:f4:ba:a6:f0:2a:4a:
                    c1:9b:e6:d8:12:91:e3:72:4f:a6:b3:06:a0:13:a1:
                    92:60:84:da:88:cb:6e:a9:a9:51:4c:96:86:b2:5f:
                    cf:ae:1c:9b:fb:c6:b8:d1:ed:af:f9:c5:dc:67:e2:
                    34:67:5f:a6:85:f0:65:e2:fe:88:c2:fa:ac:08:6f:
                    fd:cc:15:ab:88:43:5f:4d:08:8a:86:bd:3c:af:e8:
                    b5:5c:5d:3e:86:ef:fb:96:b8:eb:31:fa:bf:3d:25:
                    32:af:ad:76:b4:f1:bf:a0:dd:21:cc:15:9c:f5:c5:
                    dd:b9:71:36:46:48:46:84:f6:f3:3a:13:39:44:e9:
                    53:27:6e:08:03:e6:80:22:28:dd:e3:da:0b:b6:9b:
                    f9:b4:55:c3:cf:21:15:bb:26:58:80:77:de:b8:72:
                    9d:77:a0:32:88:90:48:25:85:04:cc:ec:45:79:6e:
                    a0:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:40:F0:4E:F2:BF:27:EA:BE:56:D1:EA:75:2A:65:E8:36:45:1F:1D
            X509v3 Authority Key Identifier:
                keyid:F1:50:96:FE:33:90:44:9C:93:6E:85:70:61:D4:A6:96:5D:40:8A:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8VCW_jOQRJyTboVwYdSmll1AijE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/5d6d69-8880-4a92-8756-5815fd3da297/1/TkDwTvK_J-q-VtHqdSpl6DZFHx0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/5d6d69-8880-4a92-8756-5815fd3da297/1/8VCW_jOQRJyTboVwYdSmll1AijE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.42.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:24:01:52:09:8b:88:e0:87:ea:79:fd:18:23:58:f4:47:4b:
         bd:a2:d9:ea:d5:79:02:d7:6f:b9:d7:2d:de:12:57:dd:ce:10:
         84:33:9a:d3:11:fb:19:66:e5:75:82:47:f7:79:2e:22:da:ad:
         ec:ce:52:93:7c:05:9e:d8:ca:11:4a:bd:dc:44:8d:aa:b9:73:
         5e:69:70:86:0b:2b:e9:64:ca:c9:5d:cf:a9:90:b9:5b:56:2c:
         99:9c:5e:4d:4d:26:8f:02:14:78:d9:1b:f5:44:5c:9c:9f:f8:
         37:70:29:72:8b:f7:ef:5e:69:6e:37:5f:c9:39:65:3d:03:41:
         e5:f3:e9:25:98:a9:41:5c:26:31:40:81:db:94:e1:7d:35:26:
         5b:5d:15:66:ed:9a:0f:00:3b:97:2a:43:35:18:0c:23:e3:45:
         ac:3a:b8:81:35:a7:46:de:d8:57:79:df:fe:f7:50:fb:0b:7e:
         d4:b9:bc:b3:da:c3:05:f8:45:64:51:8b:cb:5e:d1:d7:6e:97:
         89:34:fd:fb:62:b7:4d:f8:81:6b:bb:8a:f6:be:49:e0:03:5e:
         be:ab:1a:ef:ec:5e:0a:f2:af:cf:01:f6:80:0e:e8:73:7d:cb:
         f7:f0:99:6c:1b:64:f6:48:a7:27:e8:e2:72:9a:e4:9f:c0:db:
         ee:f6:3b:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw5Mdjx7EIDbauinDhIggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNTA5NmZlMzM5MDQ0OWM5MzZlODU3MDYxZDRhNjk2NWQ0
MDhhMzEwHhcNMjMwMTAyMTM1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQwZjA0ZWYyYmYyN2VhYmU1NmQxZWE3NTJhNjVlODM2NDUxZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6TAo+lQyVm6zmnxwfcgNQc1QFlT
YiI6mfsZG4wFaEq8gPhdaDrbsjY5rPc+a5W4aS9yjSd6/py1c3V7wKVwwsDmiuyL
FvtjX4va0Bj1cjllqn/0uqbwKkrBm+bYEpHjck+mswagE6GSYITaiMtuqalRTJaG
sl/Prhyb+8a40e2v+cXcZ+I0Z1+mhfBl4v6IwvqsCG/9zBWriENfTQiKhr08r+i1
XF0+hu/7lrjrMfq/PSUyr612tPG/oN0hzBWc9cXduXE2RkhGhPbzOhM5ROlTJ24I
A+aAIijd49oLtpv5tFXDzyEVuyZYgHfeuHKdd6AyiJBIJYUEzOxFeW6g0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5A8E7yvyfqvlbR6nUqZeg2RR8dMB8GA1UdIwQY
MBaAFPFQlv4zkESck26FcGHUppZdQIoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFZDV19qT1FSSnlUYm9Wd1lkU21sbDFBaWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81ZDZkNjktODg4MC00YTkyLTg3NTYt
NTgxNWZkM2RhMjk3LzEvVGtEd1R2S19KLXEtVnRIcWRTcGw2RFpGSHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81ZDZkNjktODg4MC00YTkyLTg3NTYtNTgxNWZkM2RhMjk3
LzEvOFZDV19qT1FSSnlUYm9Wd1lkU21sbDFBaWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrBMA0G
CSqGSIb3DQEBCwUAA4IBAQAJJAFSCYuI4Ifqef0YI1j0R0u9otnq1XkC12+51y3e
ElfdzhCEM5rTEfsZZuV1gkf3eS4i2q3szlKTfAWe2MoRSr3cRI2quXNeaXCGCyvp
ZMrJXc+pkLlbViyZnF5NTSaPAhR42Rv1RFycn/g3cClyi/fvXmluN1/JOWU9A0Hl
8+klmKlBXCYxQIHblOF9NSZbXRVm7ZoPADuXKkM1GAwj40WsOriBNadG3thXed/+
91D7C37Uubyz2sMF+EVkUYvLXtHXbpeJNP37YrdN+IFru4r2vkngA16+qxrv7F4K
8q/PAfaADuhzfcv38JlsG2T2SKcn6OJymuSfwNvu9jud
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:13 2024 by rpki-client on console-fra.rpki-client.org