Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Df1ATip28N2bKfFILVH2h1AAaoI.roa
File:                     Df1ATip28N2bKfFILVH2h1AAaoI.roa (raw, json)
Hash identifier:          1MEBOCiqu1Kt7i8BNdRyFeQ6Hzu+XIdOURNXtAaO2hs=
Subject key identifier:   0D:FD:40:4E:2A:76:F0:DD:9B:29:F1:48:2D:51:F6:87:50:00:6A:82
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       018C434BCDF6A137199EA18ADFD695F7B19C
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Df1ATip28N2bKfFILVH2h1AAaoI.roa
Signing time:             Thu 07 Dec 2023 08:01:30 +0000
ROA not before:           Thu 07 Dec 2023 08:01:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     11868
IP address blocks:        57.191.128.0/22 maxlen: 24
                          57.250.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:43:4b:cd:f6:a1:37:19:9e:a1:8a:df:d6:95:f7:b1:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Dec  7 08:01:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0dfd404e2a76f0dd9b29f1482d51f68750006a82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f9:52:57:80:07:b4:e8:ec:7d:dc:4d:d6:4c:
                    c7:de:e9:ef:66:6a:29:50:84:7b:3c:c5:98:f1:c0:
                    77:57:85:53:ae:8f:bd:f1:12:74:d5:41:04:64:f2:
                    d5:ad:78:fe:d3:d2:e7:eb:6d:f5:91:fe:d3:3e:4b:
                    05:b0:45:e2:0a:e2:13:2a:10:11:ce:aa:03:b7:7f:
                    10:1d:9c:cc:4a:08:d6:52:64:83:e6:6c:a9:4e:55:
                    a0:73:11:8e:42:f7:9a:5d:85:0a:ee:02:6d:88:31:
                    41:e5:be:6b:e0:59:70:11:19:99:a4:90:e5:28:2b:
                    3e:34:7d:e9:7c:6f:c4:20:28:d9:0e:00:e3:50:a9:
                    6e:ff:2b:b6:bd:c2:51:e5:00:d0:02:b0:e7:83:3d:
                    44:9a:82:41:0f:c3:b0:20:93:d6:7a:26:2c:d8:8a:
                    eb:22:7c:d6:32:64:86:a7:61:ea:91:a8:cb:81:33:
                    6e:97:12:5d:df:71:5c:43:36:a9:dc:f0:b2:d1:e7:
                    05:ab:e8:ba:06:c4:b9:63:64:2c:0a:e3:ae:07:72:
                    21:3e:8f:09:55:d5:78:76:bb:c0:50:b5:b1:62:55:
                    e8:cd:fc:0f:76:5e:e4:f9:48:f9:94:2c:74:1d:e0:
                    3f:0e:e3:31:d1:68:1a:53:19:69:ba:48:23:ac:d4:
                    2f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:FD:40:4E:2A:76:F0:DD:9B:29:F1:48:2D:51:F6:87:50:00:6A:82
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Df1ATip28N2bKfFILVH2h1AAaoI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.191.128.0/22
                  57.250.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:f1:4d:3e:43:2e:d7:97:1d:28:3b:fe:4b:2c:ae:c4:00:88:
         cf:65:65:4e:20:42:02:ff:31:d4:ee:1b:c2:aa:8a:83:48:8f:
         26:ef:4a:3c:92:b3:31:1f:0b:76:cb:dd:99:2c:ca:cd:6b:b6:
         a1:c2:ca:51:91:51:e7:94:c6:ea:19:8c:69:4d:46:75:19:7f:
         07:66:c6:10:0c:f5:b0:8d:83:eb:d2:96:2f:85:cc:12:e1:df:
         d5:b5:f9:48:f3:a2:ff:9d:cc:68:cc:21:04:22:77:04:eb:51:
         ff:76:57:34:13:5b:75:01:8d:7c:a3:20:06:be:89:80:65:28:
         a1:d4:60:c2:82:69:0b:15:95:11:fe:c6:0b:00:36:13:93:6d:
         19:65:7d:e2:45:b8:e8:bd:19:d4:3c:7f:0f:7c:05:31:43:63:
         19:bf:53:1a:ad:6c:d1:72:5d:97:10:c3:eb:42:8b:70:e9:bb:
         4c:b1:a7:6a:26:8e:ec:90:71:9a:f2:00:e1:b2:4a:33:32:bd:
         8b:00:ba:11:00:95:40:3b:3e:4b:f0:9b:3f:87:ee:1c:8e:4e:
         b4:8d:bb:0c:22:14:01:e3:7e:bd:25:e2:35:4e:af:3b:ed:52:
         67:21:c4:15:ba:6a:90:11:23:5d:9e:26:04:9f:86:1f:f2:ce:
         aa:c3:e0:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxDS832oTcZnqGK39aV97GcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMxMjA3MDgwMTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGZkNDA0ZTJhNzZmMGRkOWIyOWYxNDgyZDUxZjY4NzUwMDA2YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvlSV4AHtOjsfdxN1kzH3unvZmop
UIR7PMWY8cB3V4VTro+98RJ01UEEZPLVrXj+09Ln6231kf7TPksFsEXiCuITKhAR
zqoDt38QHZzMSgjWUmSD5mypTlWgcxGOQveaXYUK7gJtiDFB5b5r4FlwERmZpJDl
KCs+NH3pfG/EICjZDgDjUKlu/yu2vcJR5QDQArDngz1EmoJBD8OwIJPWeiYs2Irr
InzWMmSGp2HqkajLgTNulxJd33FcQzap3PCy0ecFq+i6BsS5Y2QsCuOuB3IhPo8J
VdV4drvAULWxYlXozfwPdl7k+Uj5lCx0HeA/DuMx0WgaUxlpukgjrNQvkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA39QE4qdvDdmynxSC1R9odQAGqCMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvRGYxQVRpcDI4TjJiS2ZGSUxWSDJoMUFBYW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCOb+AAwQA
OfrcMA0GCSqGSIb3DQEBCwUAA4IBAQCv8U0+Qy7Xlx0oO/5LLK7EAIjPZWVOIEIC
/zHU7hvCqoqDSI8m70o8krMxHwt2y92ZLMrNa7ahwspRkVHnlMbqGYxpTUZ1GX8H
ZsYQDPWwjYPr0pYvhcwS4d/VtflI86L/ncxozCEEIncE61H/dlc0E1t1AY18oyAG
vomAZSih1GDCgmkLFZUR/sYLADYTk20ZZX3iRbjovRnUPH8PfAUxQ2MZv1MarWzR
cl2XEMPrQotw6btMsadqJo7skHGa8gDhskozMr2LALoRAJVAOz5L8Js/h+4cjk60
jbsMIhQB4369JeI1Tq877VJnIcQVumqQESNdniYEn4Yf8s6qw+DC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org