Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/8O5m_MTbVEvgPunqnOcpKYHNzGA.roa
File:                     8O5m_MTbVEvgPunqnOcpKYHNzGA.roa (raw, json)
Hash identifier:          QT50MZjbCMqd8ZLCM5yiZ295JTd1pYLiatppAvbIjUk=
Subject key identifier:   F0:EE:66:FC:C4:DB:54:4B:E0:3E:E9:EA:9C:E7:29:29:81:CD:CC:60
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       0187C8A09C45E79187DE0300BF131FAE5D0C
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/8O5m_MTbVEvgPunqnOcpKYHNzGA.roa
Signing time:             Fri 28 Apr 2023 16:09:41 +0000
ROA not before:           Fri 28 Apr 2023 16:09:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     19930
IP address blocks:        57.250.58.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c8:a0:9c:45:e7:91:87:de:03:00:bf:13:1f:ae:5d:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Apr 28 16:09:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f0ee66fcc4db544be03ee9ea9ce7292981cdcc60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:da:75:62:26:4b:9f:72:52:ca:51:69:e8:2e:
                    f6:88:2a:91:3e:06:f4:a4:a7:7a:94:dc:ea:6d:10:
                    d5:42:89:ce:35:ca:ca:70:e9:91:c9:ba:5b:7a:49:
                    7e:c1:c7:b8:7b:4c:74:d0:dc:08:f2:57:4a:c1:42:
                    a8:e8:9a:ac:3b:03:7b:67:02:a7:87:be:d0:64:2a:
                    c9:aa:8a:19:d3:a4:f6:6b:c7:05:06:75:3e:d6:06:
                    4c:24:d2:63:dd:c8:cf:75:81:b5:4c:54:53:ea:f0:
                    44:1e:7b:f1:e4:46:90:26:17:b2:e8:0a:40:f7:a0:
                    bc:8f:13:c1:7b:d6:1e:8f:21:84:62:7d:46:7d:c7:
                    5c:0c:06:71:cf:05:9c:4e:f8:8e:22:6e:37:7a:08:
                    d3:db:d4:eb:1e:5d:91:ae:f1:f6:cc:59:09:f4:de:
                    22:11:4a:a8:99:5f:43:ff:47:1c:8a:1c:08:64:48:
                    d9:6a:d1:ca:3a:88:54:1a:d4:70:2a:ad:55:15:0a:
                    a7:2d:ea:4b:64:2b:aa:9c:5d:19:c4:7a:a7:5e:4f:
                    f8:c1:a8:bf:99:a1:76:8e:4f:cf:33:6c:7a:43:82:
                    75:78:d0:80:a4:f1:5d:df:19:c5:39:0e:0e:ad:94:
                    44:5e:9f:ad:c7:83:a2:04:20:37:7d:b8:28:a6:34:
                    1e:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:EE:66:FC:C4:DB:54:4B:E0:3E:E9:EA:9C:E7:29:29:81:CD:CC:60
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/8O5m_MTbVEvgPunqnOcpKYHNzGA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.250.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:6b:5e:92:a3:1d:55:27:67:cd:85:a0:43:34:d5:19:f9:e1:
         40:43:73:06:d5:00:fc:81:3e:34:1e:e5:e3:e9:84:2b:3a:bc:
         ff:a9:25:09:95:b6:96:50:38:2b:84:1a:95:36:25:1c:58:1f:
         21:61:a3:61:98:68:3c:41:27:be:98:1a:5d:a5:f2:da:26:a6:
         29:b4:e0:48:b7:c7:3e:bb:99:f9:4d:67:a3:6e:ae:64:f8:35:
         26:d5:33:91:89:bd:e6:ea:47:14:c9:5b:88:68:ff:6d:7b:bc:
         d4:4f:5d:8a:f3:a5:00:c7:93:bb:2a:e3:59:34:3a:ef:d9:38:
         c8:2c:f0:dd:cf:01:24:2d:6e:86:c1:9c:27:8b:61:7c:bd:9a:
         3f:1b:38:b2:0b:d8:02:e7:9f:fd:ee:26:6e:34:e4:bf:a6:ed:
         64:40:19:d5:6a:c0:e0:d5:98:ee:97:a0:2f:ae:a9:9d:26:56:
         13:cf:21:c0:a5:db:bf:ee:23:c3:80:d0:ca:a2:c0:f8:6a:56:
         80:56:cd:40:19:53:40:4c:cd:df:b4:c3:95:65:0f:f0:83:38:
         ec:17:32:89:8c:1d:6f:51:58:54:32:87:bf:9e:37:78:75:b7:
         9e:65:67:21:f8:30:be:79:cf:27:60:91:6e:aa:4d:56:7d:7f:
         1b:16:81:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfIoJxF55GH3gMAvxMfrl0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMwNDI4MTYwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGVlNjZmY2M0ZGI1NDRiZTAzZWU5ZWE5Y2U3MjkyOTgxY2RjYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNp1YiZLn3JSylFp6C72iCqRPgb0
pKd6lNzqbRDVQonONcrKcOmRybpbekl+wce4e0x00NwI8ldKwUKo6JqsOwN7ZwKn
h77QZCrJqooZ06T2a8cFBnU+1gZMJNJj3cjPdYG1TFRT6vBEHnvx5EaQJhey6ApA
96C8jxPBe9YejyGEYn1GfcdcDAZxzwWcTviOIm43egjT29TrHl2RrvH2zFkJ9N4i
EUqomV9D/0ccihwIZEjZatHKOohUGtRwKq1VFQqnLepLZCuqnF0ZxHqnXk/4wai/
maF2jk/PM2x6Q4J1eNCApPFd3xnFOQ4OrZREXp+tx4OiBCA3fbgopjQeDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPDuZvzE21RL4D7p6pznKSmBzcxgMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvOE81bV9NVGJWRXZnUHVucW5PY3BLWUhOekdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAOfo6MA0G
CSqGSIb3DQEBCwUAA4IBAQCba16Sox1VJ2fNhaBDNNUZ+eFAQ3MG1QD8gT40HuXj
6YQrOrz/qSUJlbaWUDgrhBqVNiUcWB8hYaNhmGg8QSe+mBpdpfLaJqYptOBIt8c+
u5n5TWejbq5k+DUm1TORib3m6kcUyVuIaP9te7zUT12K86UAx5O7KuNZNDrv2TjI
LPDdzwEkLW6GwZwni2F8vZo/GziyC9gC55/97iZuNOS/pu1kQBnVasDg1Zjul6Av
rqmdJlYTzyHApdu/7iPDgNDKosD4alaAVs1AGVNATM3ftMOVZQ/wgzjsFzKJjB1v
UVhUMoe/njd4dbeeZWch+DC+ec8nYJFuqk1WfX8bFoEp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:48 2024 by rpki-client on console-ams.rpki-client.org