Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/TZhzt1PkUcYHweaKxxTs-3xoT4Y.roa
File:                     TZhzt1PkUcYHweaKxxTs-3xoT4Y.roa (raw, json)
Hash identifier:          Zo68EGQZtR1cAPx53mGB1Gyz2xKNLgvwSkOJs7d9538=
Subject key identifier:   4D:98:73:B7:53:E4:51:C6:07:C1:E6:8A:C7:14:EC:FB:7C:68:4F:86
Certificate issuer:       /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial:       0193FBEC2BE937CE1F4483CCF7B8AAF2FB8D
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/TZhzt1PkUcYHweaKxxTs-3xoT4Y.roa
Signing time:             Wed 25 Dec 2024 03:46:19 +0000
ROA not before:           Wed 25 Dec 2024 03:46:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     214526
IP address blocks:        109.122.240.0/20 maxlen: 24
                          109.122.252.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 25 Dec 2024 03:50:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:fb:ec:2b:e9:37:ce:1f:44:83:cc:f7:b8:aa:f2:fb:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
        Validity
            Not Before: Dec 25 03:46:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4d9873b753e451c607c1e68ac714ecfb7c684f86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:da:47:80:66:b5:21:54:48:65:fb:28:9d:fe:
                    02:10:3e:04:64:fc:54:24:bc:a2:7e:ae:8f:53:94:
                    c1:f3:b7:17:a0:af:7a:34:74:59:11:ee:e4:59:36:
                    92:18:5b:58:05:b1:77:e5:f1:f4:0a:44:c0:f3:cc:
                    af:26:15:b0:a1:7e:1c:a1:3c:6f:7b:c2:30:ee:74:
                    3b:ee:a9:1c:67:5a:7e:1b:29:cb:30:64:b9:fb:78:
                    a4:87:99:ef:8d:62:f7:8f:9a:31:5c:ce:00:c0:af:
                    80:13:6c:d1:dc:25:9a:9f:42:4a:81:7e:b8:7d:0d:
                    dd:34:97:7d:c4:31:80:08:7b:68:db:d7:10:8a:4e:
                    0f:89:8d:f3:35:21:a2:f2:f6:6c:66:19:e0:fa:82:
                    e4:49:5f:27:84:5e:e6:07:80:29:20:7c:9a:66:2b:
                    77:66:00:8b:dc:b7:10:fb:c1:a3:01:1b:de:85:5b:
                    76:04:49:6d:97:9a:b8:46:c1:68:63:19:52:08:e0:
                    f7:0f:7d:64:e2:97:8f:0d:62:a6:13:a5:f8:3d:4c:
                    15:eb:74:d0:be:0d:a7:84:3e:9f:8a:3d:32:8e:75:
                    a0:23:a4:14:dc:34:90:d4:a0:aa:70:e2:df:60:af:
                    9c:4c:3b:14:05:83:5a:1c:0a:b6:49:a1:57:37:52:
                    9a:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:98:73:B7:53:E4:51:C6:07:C1:E6:8A:C7:14:EC:FB:7C:68:4F:86
            X509v3 Authority Key Identifier:
                keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/TZhzt1PkUcYHweaKxxTs-3xoT4Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.122.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         75:de:66:1c:39:35:bc:7b:44:5d:7e:f5:6a:9b:97:a2:ff:50:
         9b:5a:03:c7:b7:70:14:5e:a8:96:47:b9:30:b8:f6:53:9c:f1:
         73:24:a2:bb:9b:c9:49:25:98:f2:85:0e:a9:58:f2:05:9b:0b:
         43:ca:65:2c:ba:c7:34:be:f2:b1:f9:80:e7:98:99:38:52:d4:
         15:13:ec:c1:12:6b:25:2b:69:70:1b:c4:6a:30:8d:e2:2e:1d:
         25:d3:75:ac:17:6f:c4:58:00:bd:dc:32:c2:50:48:4e:37:71:
         72:b6:06:14:4b:8e:2f:ea:df:b7:27:d8:25:85:95:51:a4:01:
         90:65:89:bf:7e:bd:cf:5b:0c:1a:b2:ad:97:13:4a:ae:d6:df:
         04:09:3b:ba:7e:bd:de:fd:f2:dc:ff:35:50:75:67:85:b0:90:
         76:1f:e1:ca:0a:ff:12:98:32:ce:1e:2c:3a:54:f7:fc:27:73:
         d3:e5:cb:a0:8e:6e:9f:09:bd:b7:cf:74:3f:d2:9d:b7:f6:6a:
         a3:e0:92:49:21:3a:79:61:e5:08:d3:84:db:9b:22:9f:66:c6:
         23:0d:8a:7f:a3:9b:19:5b:f6:82:37:8c:9c:77:a3:ca:86:b4:
         d8:79:fa:dd:7a:3c:e8:c4:65:61:ac:89:bf:59:81:0d:ff:f5:
         c4:df:85:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP77CvpN84fRIPM97iq8vuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMjI1MDM0NjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDk4NzNiNzUzZTQ1MWM2MDdjMWU2OGFjNzE0ZWNmYjdjNjg0Zjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNpHgGa1IVRIZfsonf4CED4EZPxU
JLyifq6PU5TB87cXoK96NHRZEe7kWTaSGFtYBbF35fH0CkTA88yvJhWwoX4coTxv
e8Iw7nQ77qkcZ1p+GynLMGS5+3ikh5nvjWL3j5oxXM4AwK+AE2zR3CWan0JKgX64
fQ3dNJd9xDGACHto29cQik4PiY3zNSGi8vZsZhng+oLkSV8nhF7mB4ApIHyaZit3
ZgCL3LcQ+8GjARvehVt2BEltl5q4RsFoYxlSCOD3D31k4pePDWKmE6X4PUwV63TQ
vg2nhD6fij0yjnWgI6QU3DSQ1KCqcOLfYK+cTDsUBYNaHAq2SaFXN1KaJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2Yc7dT5FHGB8HmiscU7Pt8aE+GMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvVFpoenQxUGtVY1lId2VhS3h4VHMtM3hvVDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbXrwMA0G
CSqGSIb3DQEBCwUAA4IBAQB13mYcOTW8e0RdfvVqm5ei/1CbWgPHt3AUXqiWR7kw
uPZTnPFzJKK7m8lJJZjyhQ6pWPIFmwtDymUsusc0vvKx+YDnmJk4UtQVE+zBEmsl
K2lwG8RqMI3iLh0l03WsF2/EWAC93DLCUEhON3FytgYUS44v6t+3J9glhZVRpAGQ
ZYm/fr3PWwwasq2XE0qu1t8ECTu6fr3e/fLc/zVQdWeFsJB2H+HKCv8SmDLOHiw6
VPf8J3PT5cugjm6fCb23z3Q/0p239mqj4JJJITp5YeUI04TbmyKfZsYjDYp/o5sZ
W/aCN4ycd6PKhrTYefrdejzoxGVhrIm/WYEN//XE34UO
-----END CERTIFICATE-----
Generated at Fri May 2 00:07:16 2025 by rpki-client