Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/8z_ia2NHom6DqoVvgSsubu1xjPI.roa
File:                     8z_ia2NHom6DqoVvgSsubu1xjPI.roa (raw, json)
Hash identifier:          E9Qmq4pSE9Sa55I21kJHo1YV5KnQM3vOmdh+S4gsNGA=
Subject key identifier:   F3:3F:E2:6B:63:47:A2:6E:83:AA:85:6F:81:2B:2E:6E:ED:71:8C:F2
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       01856F5DA448AE64EB655A74C66E5C6B30D0
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/8z_ia2NHom6DqoVvgSsubu1xjPI.roa
Signing time:             Sun 01 Jan 2023 22:04:45 +0000
ROA not before:           Sun 01 Jan 2023 22:04:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15830
IP address blocks:        57.250.40.0/24 maxlen: 24
                          57.250.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:a4:48:ae:64:eb:65:5a:74:c6:6e:5c:6b:30:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Jan  1 22:04:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f33fe26b6347a26e83aa856f812b2e6eed718cf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:77:ca:a1:c0:88:c6:b1:4b:64:d6:e1:03:54:
                    d4:0c:a7:34:9c:1a:a5:c3:18:d3:86:16:df:12:c8:
                    db:37:37:d5:31:2d:50:78:08:a8:ab:a9:c5:a9:68:
                    97:88:1a:d3:cc:db:8f:15:a6:1d:f3:2e:e0:3b:5c:
                    58:47:6b:d7:7a:5d:2f:e9:55:d7:b1:01:2d:4d:2b:
                    2a:67:40:71:6a:7b:53:40:41:9a:03:e0:f9:58:cb:
                    f3:af:7b:50:41:5e:58:88:a5:2b:4d:2a:95:23:eb:
                    9e:ab:81:e2:88:55:a1:60:c9:61:95:f4:a1:f8:2d:
                    c8:12:e5:07:1a:f7:73:7b:b3:e9:e6:d0:2a:41:da:
                    14:fa:c7:66:0e:6e:5f:f7:c2:dd:1e:29:3b:e2:a5:
                    2a:92:79:42:e5:f7:75:a4:c1:8c:8a:37:4a:5a:99:
                    1b:da:dc:1c:a4:4c:2f:3c:18:b5:33:63:e5:bd:90:
                    b2:d7:ef:7e:30:c0:f6:2b:1a:ec:2c:7a:80:b2:11:
                    19:0f:18:fd:d8:ae:7a:d8:bc:1d:68:b5:ed:0b:52:
                    55:da:86:a6:eb:45:98:8d:25:fd:05:91:f5:f5:68:
                    56:72:0c:8f:32:c9:e9:7f:cd:ee:58:05:5f:2d:52:
                    a0:e1:41:31:c8:16:f5:fd:ec:63:df:a9:11:7b:5a:
                    c8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:3F:E2:6B:63:47:A2:6E:83:AA:85:6F:81:2B:2E:6E:ED:71:8C:F2
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/8z_ia2NHom6DqoVvgSsubu1xjPI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.250.40.0/24
                  57.250.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:4a:a3:5e:ce:0c:98:72:c8:48:5f:77:82:1a:0f:27:aa:28:
         a2:93:d3:40:44:c9:29:c0:24:23:bc:aa:b7:9e:b4:b4:97:dd:
         47:c4:50:bc:3d:1b:1f:14:0b:3a:6a:92:12:f9:86:56:17:03:
         6e:02:54:4c:d5:a2:16:0c:d0:b2:5b:65:5d:83:5b:34:1f:32:
         74:fa:19:da:8c:7e:98:14:ae:da:95:c1:33:27:d0:4c:b8:e0:
         b2:1e:76:ef:fe:64:2b:51:8d:66:4b:f1:57:57:c0:2f:6a:19:
         81:94:72:62:1c:c4:47:90:f9:b8:2f:2e:d7:43:02:80:4e:c5:
         68:b6:9c:fc:b1:58:4a:e7:bd:11:91:38:00:1c:ba:dd:bd:33:
         d4:97:12:78:6b:4f:6a:82:7a:c1:74:0b:10:50:48:d5:10:bf:
         44:60:d3:08:dd:ff:f5:5f:53:b5:28:93:6d:4b:ef:f0:a1:74:
         21:04:c3:9b:9f:32:99:b6:b8:a1:af:f3:73:19:cf:2a:e9:8e:
         88:c7:a8:4c:c0:55:7d:a8:d4:3f:41:63:8d:67:fd:79:be:f7:
         18:74:ef:f5:95:f7:48:a9:7f:fc:ad:05:62:88:2d:22:fd:69:
         0e:3b:ca:0b:cd:a6:22:41:fa:14:4a:a0:59:b5:7d:d8:52:90:
         d4:d2:8d:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvXaRIrmTrZVp0xm5cazDQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMwMTAxMjIwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNmZTI2YjYzNDdhMjZlODNhYTg1NmY4MTJiMmU2ZWVkNzE4Y2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunfKocCIxrFLZNbhA1TUDKc0nBql
wxjThhbfEsjbNzfVMS1QeAioq6nFqWiXiBrTzNuPFaYd8y7gO1xYR2vXel0v6VXX
sQEtTSsqZ0BxantTQEGaA+D5WMvzr3tQQV5YiKUrTSqVI+ueq4HiiFWhYMlhlfSh
+C3IEuUHGvdze7Pp5tAqQdoU+sdmDm5f98LdHik74qUqknlC5fd1pMGMijdKWpkb
2twcpEwvPBi1M2PlvZCy1+9+MMD2KxrsLHqAshEZDxj92K562LwdaLXtC1JV2oam
60WYjSX9BZH19WhWcgyPMsnpf83uWAVfLVKg4UExyBb1/exj36kRe1rI3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPM/4mtjR6Jug6qFb4ErLm7tcYzyMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvOHpfaWEyTkhvbTZEcW9WdmdTc3VidTF4alBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAOfooAwQA
OfoqMA0GCSqGSIb3DQEBCwUAA4IBAQBgSqNezgyYcshIX3eCGg8nqiiik9NARMkp
wCQjvKq3nrS0l91HxFC8PRsfFAs6apIS+YZWFwNuAlRM1aIWDNCyW2Vdg1s0HzJ0
+hnajH6YFK7alcEzJ9BMuOCyHnbv/mQrUY1mS/FXV8AvahmBlHJiHMRHkPm4Ly7X
QwKATsVotpz8sVhK570RkTgAHLrdvTPUlxJ4a09qgnrBdAsQUEjVEL9EYNMI3f/1
X1O1KJNtS+/woXQhBMObnzKZtrihr/NzGc8q6Y6Ix6hMwFV9qNQ/QWONZ/15vvcY
dO/1lfdIqX/8rQViiC0i/WkOO8oLzaYiQfoUSqBZtX3YUpDU0o03
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org