Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/59IHbP4ogXLQX5REBkK693f0FN4.roa
File:                     59IHbP4ogXLQX5REBkK693f0FN4.roa (raw, json)
Hash identifier:          iDPHmEgGDYNzD4Hy4ylRSMGpEASBiJ4HgopbKkrn5Bw=
Subject key identifier:   E7:D2:07:6C:FE:28:81:72:D0:5F:94:44:06:42:BA:F7:77:F4:14:DE
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       018C434BCE57AD83DFD2F9B5CC3580AD24D5
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/59IHbP4ogXLQX5REBkK693f0FN4.roa
Signing time:             Thu 07 Dec 2023 08:01:30 +0000
ROA not before:           Thu 07 Dec 2023 08:01:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198912
IP address blocks:        57.191.0.0/21 maxlen: 24
                          57.191.224.0/19 maxlen: 24
                          57.191.127.0/24 maxlen: 24
                          57.191.192.0/19 maxlen: 24
                          2a0a:90c2::/36 maxlen: 36
                          2a0a:90c2:1000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:43:4b:ce:57:ad:83:df:d2:f9:b5:cc:35:80:ad:24:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Dec  7 08:01:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e7d2076cfe288172d05f94440642baf777f414de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:77:6f:b7:8e:ff:72:92:5c:f4:c0:87:59:08:
                    3f:a5:41:da:5f:79:d8:fb:a7:6d:53:cb:4d:13:34:
                    c3:b3:fb:48:32:1e:2a:cb:d0:e0:3e:cc:5e:2c:d7:
                    ed:a8:9a:53:bd:1e:0c:78:05:aa:e1:40:52:fd:28:
                    0e:c4:77:08:b3:aa:30:f6:03:8d:ff:bc:bb:a1:fc:
                    8a:79:98:b7:09:97:32:77:f3:65:b2:aa:02:27:66:
                    30:5b:29:99:52:15:86:49:1e:8f:0b:a8:e6:0e:84:
                    7b:94:e2:18:34:13:74:ea:64:66:91:8f:7e:29:fe:
                    aa:f8:9f:32:e9:cc:1f:5e:ca:76:a0:16:35:05:b6:
                    cd:55:17:7b:39:97:31:7a:05:6f:95:06:90:cd:77:
                    c6:e8:cc:2a:cd:52:b3:74:a2:54:bd:15:5f:8c:1b:
                    96:c9:05:b4:4d:8f:cd:bc:ee:66:fc:f9:52:25:d0:
                    18:31:39:3e:43:95:2d:e0:ba:b9:2e:18:09:e3:88:
                    28:a1:b8:84:85:3e:86:97:9f:38:9b:c2:a8:be:57:
                    bb:b1:b3:03:97:d5:d2:07:b1:87:f3:5b:87:28:25:
                    62:6e:de:67:30:03:c8:62:e9:0f:90:5d:07:4d:0b:
                    26:30:5e:8c:f5:2b:75:f7:16:fa:f8:f1:17:f8:e9:
                    7b:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:D2:07:6C:FE:28:81:72:D0:5F:94:44:06:42:BA:F7:77:F4:14:DE
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/59IHbP4ogXLQX5REBkK693f0FN4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.191.0.0/21
                  57.191.127.0/24
                  57.191.192.0/18
                IPv6:
                  2a0a:90c2::/35

    Signature Algorithm: sha256WithRSAEncryption
         2f:1d:af:7b:e2:1b:0b:bc:cd:c8:f1:9f:68:9c:30:4f:c4:73:
         7a:27:09:ac:a8:06:eb:4b:ea:87:55:a8:19:4c:c3:d5:aa:14:
         de:9e:37:52:4b:19:39:87:d4:4a:ac:7f:12:7a:22:46:63:b9:
         8e:12:3a:f7:5d:c5:9e:00:8b:e4:de:95:c4:64:43:b0:2c:fc:
         9b:ff:14:3b:7e:66:82:fa:c9:96:b4:69:f2:84:cc:d5:9e:e3:
         7b:b3:8c:e3:a3:97:a7:8d:ab:61:c4:ec:13:73:73:6c:56:38:
         09:99:ae:8f:14:88:6c:92:1f:fd:65:00:62:4f:52:0a:45:fb:
         53:46:dd:a6:96:2a:17:31:3d:16:6e:9d:ac:a2:cf:38:9a:3d:
         2b:3e:20:00:ef:a7:9a:56:a0:c8:09:c7:e6:31:c2:12:04:3b:
         8a:62:86:1d:3c:80:73:77:ee:e7:c1:bf:bd:03:29:b2:57:1f:
         f1:d2:d3:d7:4e:18:17:26:f4:85:3f:10:fc:59:d9:39:31:f8:
         5a:c1:af:44:c3:d6:73:4d:bb:b5:74:67:2b:50:23:29:89:30:
         49:8a:a5:85:23:06:3b:2a:fd:6f:c4:c1:f5:7a:12:61:72:57:
         e9:84:61:6f:84:c2:57:14:2d:a2:f0:45:7e:16:1e:31:26:55:
         6d:a3:03:d2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYxDS85XrYPf0vm1zDWArSTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMxMjA3MDgwMTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2QyMDc2Y2ZlMjg4MTcyZDA1Zjk0NDQwNjQyYmFmNzc3ZjQxNGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqndvt47/cpJc9MCHWQg/pUHaX3nY
+6dtU8tNEzTDs/tIMh4qy9DgPsxeLNftqJpTvR4MeAWq4UBS/SgOxHcIs6ow9gON
/7y7ofyKeZi3CZcyd/NlsqoCJ2YwWymZUhWGSR6PC6jmDoR7lOIYNBN06mRmkY9+
Kf6q+J8y6cwfXsp2oBY1BbbNVRd7OZcxegVvlQaQzXfG6MwqzVKzdKJUvRVfjBuW
yQW0TY/NvO5m/PlSJdAYMTk+Q5Ut4Lq5LhgJ44goobiEhT6Gl584m8Kovle7sbMD
l9XSB7GH81uHKCVibt5nMAPIYukPkF0HTQsmMF6M9St19xb6+PEX+Ol7CQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOfSB2z+KIFy0F+URAZCuvd39BTeMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvNTlJSGJQNG9nWExRWDVSRUJrSzY5M2YwRk40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQDOb8AAwQA
Ob9/AwQGOb/AMA4EAgACMAgDBgUqCpDCADANBgkqhkiG9w0BAQsFAAOCAQEALx2v
e+IbC7zNyPGfaJwwT8RzeicJrKgG60vqh1WoGUzD1aoU3p43UksZOYfUSqx/Enoi
RmO5jhI6913FngCL5N6VxGRDsCz8m/8UO35mgvrJlrRp8oTM1Z7je7OM46OXp42r
YcTsE3NzbFY4CZmujxSIbJIf/WUAYk9SCkX7U0bdppYqFzE9Fm6drKLPOJo9Kz4g
AO+nmlagyAnH5jHCEgQ7imKGHTyAc3fu58G/vQMpslcf8dLT104YFyb0hT8Q/FnZ
OTH4WsGvRMPWc027tXRnK1AjKYkwSYqlhSMGOyr9b8TB9XoSYXJX6YRhb4TCVxQt
ovBFfhYeMSZVbaMD0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:48 2024 by rpki-client on console-ams.rpki-client.org