Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/68MfbbDgtusdstMqMsy3II8J-ag.roa
File:                     68MfbbDgtusdstMqMsy3II8J-ag.roa (raw, json)
Hash identifier:          zCW3+ywykGNjBJjfFi4MauK9v4jF8cvFuHVBsVhPnXQ=
Subject key identifier:   EB:C3:1F:6D:B0:E0:B6:EB:1D:B2:D3:2A:32:CC:B7:20:8F:09:F9:A8
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       01856F5DA8642355AB4C84FD90EDE55FB7CA
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/68MfbbDgtusdstMqMsy3II8J-ag.roa
Signing time:             Sun 01 Jan 2023 22:04:46 +0000
ROA not before:           Sun 01 Jan 2023 22:04:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206433
IP address blocks:        57.190.0.0/20 maxlen: 20
                          57.190.0.0/19 maxlen: 19
                          57.190.16.0/24 maxlen: 24
                          57.190.17.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:a8:64:23:55:ab:4c:84:fd:90:ed:e5:5f:b7:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Jan  1 22:04:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ebc31f6db0e0b6eb1db2d32a32ccb7208f09f9a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:2a:0c:30:44:f5:be:6e:4e:5e:c4:31:63:48:
                    c6:ab:0d:59:9c:03:30:3a:32:8e:5a:e3:cd:ad:69:
                    7e:0e:40:51:57:d2:5a:24:c1:f6:98:8f:7e:6e:74:
                    e6:84:46:01:e2:8c:df:46:6a:2e:ad:f1:f3:32:ac:
                    1e:fc:1a:64:22:9b:99:21:b7:5d:f2:a6:ec:60:da:
                    7d:57:e5:26:fd:65:e1:e1:54:f7:c6:ce:6c:a3:11:
                    de:45:cb:ab:7f:7a:0e:6f:7f:21:82:5f:23:86:3b:
                    62:4c:89:d7:96:43:f0:9a:5d:a6:19:b5:5d:3a:44:
                    aa:60:6a:07:b9:c4:cc:5b:56:b5:7c:94:9a:58:2c:
                    81:ad:39:df:a4:42:b5:29:34:8f:ba:d1:e2:1c:80:
                    10:74:52:f6:8b:c0:48:25:96:9c:6a:ac:6b:88:a3:
                    18:21:ee:3c:43:4a:01:ef:72:06:cd:1e:05:7d:92:
                    51:c5:75:a6:bd:c5:66:21:b7:41:7b:9f:1d:03:18:
                    03:32:ea:7a:f5:48:b5:bf:b6:df:e8:e6:0b:cf:00:
                    1c:1f:0e:22:1f:ca:ba:0b:40:9a:50:b6:c1:f4:d7:
                    9c:b6:a8:92:4d:e1:3b:05:c7:5a:86:dc:3e:b6:4a:
                    04:97:d3:e9:09:14:de:b0:b3:8e:64:6d:00:33:8a:
                    48:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:C3:1F:6D:B0:E0:B6:EB:1D:B2:D3:2A:32:CC:B7:20:8F:09:F9:A8
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/68MfbbDgtusdstMqMsy3II8J-ag.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.190.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         11:8c:09:44:40:f1:20:c8:a6:91:06:40:f2:30:f8:93:d3:23:
         f2:22:51:c1:26:94:fa:ed:5a:46:51:de:54:f1:12:8e:56:59:
         00:c2:22:76:8a:e7:f1:cb:ce:4f:b6:fd:04:b0:55:2b:9c:b6:
         73:6b:b0:76:2c:17:47:ce:d9:75:5b:51:b9:88:23:57:df:79:
         21:ff:ef:df:ff:af:e3:5d:80:2e:f5:e7:89:03:8b:12:67:87:
         be:1f:bb:52:c0:4d:83:ba:bb:eb:22:d9:3d:0a:e1:13:04:3d:
         76:a3:ab:08:cb:53:14:4b:35:71:f2:f3:47:de:1d:4b:6c:ea:
         9f:3b:2f:80:8e:dc:38:05:ce:84:e1:71:50:cd:61:88:5e:ef:
         1b:64:59:ab:b3:35:90:56:35:d4:f1:d9:c1:06:f0:d6:5f:5d:
         bc:87:6f:74:dd:47:5d:db:d9:66:41:7b:13:e7:e4:16:eb:eb:
         db:96:57:4d:fe:e8:53:ee:9d:c6:9e:f6:42:be:41:a4:91:8c:
         6b:e5:83:af:19:af:a7:65:fc:93:87:cc:29:10:d9:0f:a3:f7:
         41:68:b0:c9:69:70:03:88:1f:66:89:94:54:9f:37:f8:83:a9:
         95:78:93:f3:e9:ff:d6:dc:26:f5:5d:9e:d1:73:ef:13:ab:e4:
         9c:ce:20:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXahkI1WrTIT9kO3lX7fKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMwMTAxMjIwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmMzMWY2ZGIwZTBiNmViMWRiMmQzMmEzMmNjYjcyMDhmMDlmOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSoMMET1vm5OXsQxY0jGqw1ZnAMw
OjKOWuPNrWl+DkBRV9JaJMH2mI9+bnTmhEYB4ozfRmourfHzMqwe/BpkIpuZIbdd
8qbsYNp9V+Um/WXh4VT3xs5soxHeRcurf3oOb38hgl8jhjtiTInXlkPwml2mGbVd
OkSqYGoHucTMW1a1fJSaWCyBrTnfpEK1KTSPutHiHIAQdFL2i8BIJZacaqxriKMY
Ie48Q0oB73IGzR4FfZJRxXWmvcVmIbdBe58dAxgDMup69Ui1v7bf6OYLzwAcHw4i
H8q6C0CaULbB9NectqiSTeE7Bcdahtw+tkoEl9PpCRTesLOOZG0AM4pIWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOvDH22w4LbrHbLTKjLMtyCPCfmoMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvNjhNZmJiRGd0dXNkc3RNcU1zeTNJSThKLWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFOb4AMA0G
CSqGSIb3DQEBCwUAA4IBAQARjAlEQPEgyKaRBkDyMPiT0yPyIlHBJpT67VpGUd5U
8RKOVlkAwiJ2iufxy85Ptv0EsFUrnLZza7B2LBdHztl1W1G5iCNX33kh/+/f/6/j
XYAu9eeJA4sSZ4e+H7tSwE2DurvrItk9CuETBD12o6sIy1MUSzVx8vNH3h1LbOqf
Oy+Ajtw4Bc6E4XFQzWGIXu8bZFmrszWQVjXU8dnBBvDWX128h2903Udd29lmQXsT
5+QW6+vblldN/uhT7p3GnvZCvkGkkYxr5YOvGa+nZfyTh8wpENkPo/dBaLDJaXAD
iB9miZRUnzf4g6mVeJPz6f/W3Cb1XZ7Rc+8Tq+ScziCo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org