Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/Cs7UyycYScBk1pFCzn0s-LMd9Bs.roa
File:                     Cs7UyycYScBk1pFCzn0s-LMd9Bs.roa (raw, json)
Hash identifier:          GJnFRrBek63OwsnCvkrBCazRvRKSDhNwyvg1e3ptN3Q=
Subject key identifier:   0A:CE:D4:CB:27:18:49:C0:64:D6:91:42:CE:7D:2C:F8:B3:1D:F4:1B
Certificate issuer:       /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial:       018ED6F8B3C1255A095900BC6023BDDDD846
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/Cs7UyycYScBk1pFCzn0s-LMd9Bs.roa
Signing time:             Sat 13 Apr 2024 10:20:06 +0000
ROA not before:           Sat 13 Apr 2024 10:20:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57497
IP address blocks:        45.89.236.0/22 maxlen: 24
                          103.130.144.0/24 maxlen: 24
                          103.130.146.0/24 maxlen: 24
                          212.18.108.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 09 Nov 2024 09:31:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:d6:f8:b3:c1:25:5a:09:59:00:bc:60:23:bd:dd:d8:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
        Validity
            Not Before: Apr 13 10:20:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0aced4cb271849c064d69142ce7d2cf8b31df41b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:18:02:54:41:fb:5b:38:f5:a5:5b:15:b7:37:
                    27:01:f6:e0:03:92:89:d2:a2:2d:47:55:ac:13:df:
                    a4:e0:c5:f6:6d:2a:76:b1:4f:3e:cd:6c:25:ad:7d:
                    d0:bd:27:40:20:dc:18:43:57:b2:5c:ed:a5:bf:fc:
                    e6:c0:8a:47:0e:a2:13:f2:28:2c:73:24:12:fd:24:
                    6f:c2:c9:d2:b2:13:0d:80:7e:fa:5d:b1:72:4f:71:
                    81:a5:1b:6d:ca:59:00:11:10:c7:7b:37:86:f0:3d:
                    cf:9d:02:ed:ee:a6:b1:10:e3:93:3e:24:87:7c:90:
                    17:09:40:a0:16:58:95:a6:f4:5c:0c:84:93:c5:4f:
                    f1:74:72:87:80:66:d8:c6:d8:25:1f:50:00:97:f6:
                    09:7c:95:fb:67:61:09:6e:c1:cd:b8:44:22:15:bb:
                    72:df:2a:7d:ee:05:cc:ef:46:66:6b:d9:7d:dc:86:
                    5f:ee:4e:2b:05:10:c4:9d:1b:5a:ac:fd:90:b8:91:
                    68:25:95:b5:d6:9c:2e:a5:ae:5a:5f:42:8e:17:d3:
                    cb:f3:d5:f4:af:12:72:65:b7:bc:ef:8f:5d:65:c1:
                    8c:e8:d1:ab:7c:dc:af:14:bf:fa:a5:99:8f:df:5b:
                    e6:84:a0:fb:35:27:04:cb:27:cc:a1:e9:fa:ce:24:
                    d1:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:CE:D4:CB:27:18:49:C0:64:D6:91:42:CE:7D:2C:F8:B3:1D:F4:1B
            X509v3 Authority Key Identifier:
                keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/Cs7UyycYScBk1pFCzn0s-LMd9Bs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.236.0/22
                  103.130.144.0/24
                  103.130.146.0/24
                  212.18.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:b8:46:47:c8:76:5a:98:d7:22:cb:c0:4c:3b:e8:24:d3:a8:
         fa:04:65:c0:3c:12:8a:4a:3d:59:81:85:43:95:26:84:7f:59:
         82:13:16:dc:f7:22:0a:49:15:44:4e:2b:c5:40:42:cb:ca:ca:
         4e:24:64:0f:ca:b2:ce:04:84:c5:45:d3:9c:fa:1f:16:6f:68:
         40:0f:60:86:a3:c2:13:46:6d:af:95:6b:20:a9:5a:40:e1:8b:
         4e:be:51:03:52:16:89:ac:a9:c0:73:5d:73:ba:d6:35:ab:88:
         38:88:23:fe:a2:ef:5f:4a:e0:21:a0:17:01:8a:b8:8d:22:bb:
         3e:28:2f:9d:a6:02:59:99:fe:d4:c4:20:d1:56:48:21:f2:d0:
         d7:cb:09:d3:ae:85:01:ee:b3:09:0c:fa:0a:7f:45:ef:77:2f:
         1a:ae:c0:32:21:d8:60:c9:52:d0:99:87:c9:9c:52:29:8f:61:
         36:0e:86:0d:84:f5:51:35:68:89:3d:65:0f:6f:f6:aa:7f:eb:
         7f:0f:4f:ad:9b:22:28:04:c5:eb:ef:5e:ee:c0:60:45:2d:2d:
         58:f7:c5:82:b2:1b:dc:54:12:66:56:45:fe:90:e3:24:0a:55:
         67:48:0a:9f:a7:9d:92:88:dc:76:61:9b:3a:d0:3e:eb:76:18:
         76:31:8e:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY7W+LPBJVoJWQC8YCO93dhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjQwNDEzMTAyMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWNlZDRjYjI3MTg0OWMwNjRkNjkxNDJjZTdkMmNmOGIzMWRmNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRgCVEH7Wzj1pVsVtzcnAfbgA5KJ
0qItR1WsE9+k4MX2bSp2sU8+zWwlrX3QvSdAINwYQ1eyXO2lv/zmwIpHDqIT8igs
cyQS/SRvwsnSshMNgH76XbFyT3GBpRttylkAERDHezeG8D3PnQLt7qaxEOOTPiSH
fJAXCUCgFliVpvRcDISTxU/xdHKHgGbYxtglH1AAl/YJfJX7Z2EJbsHNuEQiFbty
3yp97gXM70Zma9l93IZf7k4rBRDEnRtarP2QuJFoJZW11pwupa5aX0KOF9PL89X0
rxJyZbe8749dZcGM6NGrfNyvFL/6pZmP31vmhKD7NScEyyfMoen6ziTRVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFArO1MsnGEnAZNaRQs59LPizHfQbMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvQ3M3VXl5Y1lTY0JrMXBGQ3puMHMtTE1kOUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVnsAwQA
Z4KQAwQAZ4KSAwQA1BJsMA0GCSqGSIb3DQEBCwUAA4IBAQBjuEZHyHZamNciy8BM
O+gk06j6BGXAPBKKSj1ZgYVDlSaEf1mCExbc9yIKSRVETivFQELLyspOJGQPyrLO
BITFRdOc+h8Wb2hAD2CGo8ITRm2vlWsgqVpA4YtOvlEDUhaJrKnAc11zutY1q4g4
iCP+ou9fSuAhoBcBiriNIrs+KC+dpgJZmf7UxCDRVkgh8tDXywnTroUB7rMJDPoK
f0Xvdy8arsAyIdhgyVLQmYfJnFIpj2E2DoYNhPVRNWiJPWUPb/aqf+t/D0+tmyIo
BMXr717uwGBFLS1Y98WCshvcVBJmVkX+kOMkClVnSAqfp52SiNx2YZs60D7rdhh2
MY7e
-----END CERTIFICATE-----
Generated at Sat Nov 9 10:49:44 2024 by rpki-client on console-fra.rpki-client.org