Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/WCNqAhv-SIMtJ0APpjOPOKak__k.roa
File:                     WCNqAhv-SIMtJ0APpjOPOKak__k.roa (raw, json)
Hash identifier:          1jImVCkNVWI+l4eLbPSCoiuwL9foXLEMih05cLA7O64=
Subject key identifier:   58:23:6A:02:1B:FE:48:83:2D:27:40:0F:A6:33:8F:38:A6:A4:FF:F9
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       018C3FB23D135A242792C71FB9B71627AD45
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/WCNqAhv-SIMtJ0APpjOPOKak__k.roa
Signing time:             Wed 06 Dec 2023 15:14:54 +0000
ROA not before:           Wed 06 Dec 2023 15:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198912
IP address blocks:        57.191.0.0/21 maxlen: 24
                          57.191.224.0/19 maxlen: 24
                          57.191.127.0/24 maxlen: 24
                          57.250.255.0/24 maxlen: 24
                          57.191.192.0/19 maxlen: 24
                          2a0a:90c2::/36 maxlen: 36
                          2a0a:90c2:1000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Thu 07 Dec 2023 08:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:3f:b2:3d:13:5a:24:27:92:c7:1f:b9:b7:16:27:ad:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Dec  6 15:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=58236a021bfe48832d27400fa6338f38a6a4fff9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:49:a9:6a:40:a8:66:fe:f1:96:f6:8a:62:59:
                    cd:89:cb:5d:e3:eb:ff:4e:a8:ea:91:46:e4:69:0d:
                    86:46:38:bd:8b:b4:1d:8c:ef:38:37:ba:44:6f:3d:
                    ef:bf:3b:1e:b2:23:c7:ce:ba:91:ca:36:e9:07:57:
                    b6:f0:6b:ef:2a:f1:74:37:c7:68:a0:d2:51:42:28:
                    ac:eb:5d:d8:c9:b2:24:b0:c3:68:cf:77:0f:84:40:
                    76:98:cc:62:e4:ef:89:54:e1:ec:63:36:e1:18:63:
                    7b:aa:f8:43:62:9c:ee:e7:5e:41:21:a2:cd:6a:f5:
                    90:db:52:09:7c:f3:47:70:50:7c:59:25:77:16:ba:
                    4c:e5:37:66:a6:76:88:e7:3a:c4:91:cd:d7:1b:5d:
                    eb:34:db:1a:04:d5:6c:cf:58:57:75:c9:52:16:0f:
                    6e:3d:7e:90:3b:5e:23:be:3f:bc:84:fc:7d:72:6f:
                    17:07:cf:69:d5:91:8d:0f:35:5b:bb:b8:47:6a:8d:
                    dc:9f:a7:47:d6:55:9c:3a:eb:11:df:af:cf:c4:ca:
                    55:d3:af:4b:79:b8:87:9c:be:72:fd:1a:75:29:18:
                    0f:05:95:81:45:92:0e:3f:40:f1:26:34:e8:93:c4:
                    a2:f2:f0:60:41:58:3e:c6:79:ee:fb:d9:50:25:2b:
                    d9:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:23:6A:02:1B:FE:48:83:2D:27:40:0F:A6:33:8F:38:A6:A4:FF:F9
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/WCNqAhv-SIMtJ0APpjOPOKak__k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.191.0.0/21
                  57.191.127.0/24
                  57.191.192.0/18
                  57.250.255.0/24
                IPv6:
                  2a0a:90c2::/35

    Signature Algorithm: sha256WithRSAEncryption
         32:55:4d:c4:42:62:af:c8:65:a6:50:dd:92:6c:ac:26:99:31:
         64:cf:3e:3c:86:fa:41:b4:e4:50:04:b4:22:56:16:b7:11:9a:
         f8:76:86:40:dc:55:64:93:56:8c:6e:2f:c2:56:2d:18:f4:fc:
         1f:97:b2:22:7a:03:52:a7:6f:9e:89:b0:f2:4b:f3:97:6b:aa:
         f6:77:57:84:be:2c:0c:69:d8:3c:0e:85:2f:9b:df:ac:03:9b:
         29:1f:9f:d9:6d:5b:a7:44:ee:f4:dd:e3:04:a1:e9:0a:b5:92:
         8f:db:fd:70:e6:e1:cc:7a:12:96:64:30:fc:d5:bb:35:77:6e:
         4e:af:1a:70:ca:94:71:c2:b2:6e:a5:f7:6a:20:fe:19:89:9f:
         3b:46:90:26:62:ba:15:f6:3f:76:57:a7:98:6c:84:46:4a:46:
         6e:2c:80:07:c9:b4:9a:a2:b6:7a:b4:f4:80:a3:6e:41:c3:2f:
         ab:06:92:10:99:2e:18:e7:ec:55:2a:e5:b3:08:6b:e1:7a:54:
         8c:a9:9c:94:00:e9:2b:d6:57:7d:33:6a:7c:65:d4:62:95:85:
         33:df:b7:37:c8:31:1c:0b:44:75:8c:66:cf:2b:7b:fe:8a:08:
         ba:f6:5d:9f:e2:8a:7d:7c:f9:3f:89:39:35:f4:a0:3f:5f:3e:
         3d:1d:11:09
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYw/sj0TWiQnkscfubcWJ61FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMxMjA2MTUxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODIzNmEwMjFiZmU0ODgzMmQyNzQwMGZhNjMzOGYzOGE2YTRmZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkmpakCoZv7xlvaKYlnNictd4+v/
TqjqkUbkaQ2GRji9i7QdjO84N7pEbz3vvzsesiPHzrqRyjbpB1e28GvvKvF0N8do
oNJRQiis613YybIksMNoz3cPhEB2mMxi5O+JVOHsYzbhGGN7qvhDYpzu515BIaLN
avWQ21IJfPNHcFB8WSV3FrpM5TdmpnaI5zrEkc3XG13rNNsaBNVsz1hXdclSFg9u
PX6QO14jvj+8hPx9cm8XB89p1ZGNDzVbu7hHao3cn6dH1lWcOusR36/PxMpV069L
ebiHnL5y/Rp1KRgPBZWBRZIOP0DxJjTok8Si8vBgQVg+xnnu+9lQJSvZ2wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFgjagIb/kiDLSdAD6YzjzimpP/5MB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvV0NOcUFodi1TSU10SjBBUHBqT1BPS2FrX19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQDOb8AAwQA
Ob9/AwQGOb/AAwQAOfr/MA4EAgACMAgDBgUqCpDCADANBgkqhkiG9w0BAQsFAAOC
AQEAMlVNxEJir8hlplDdkmysJpkxZM8+PIb6QbTkUAS0IlYWtxGa+HaGQNxVZJNW
jG4vwlYtGPT8H5eyInoDUqdvnomw8kvzl2uq9ndXhL4sDGnYPA6FL5vfrAObKR+f
2W1bp0Tu9N3jBKHpCrWSj9v9cObhzHoSlmQw/NW7NXduTq8acMqUccKybqX3aiD+
GYmfO0aQJmK6FfY/dlenmGyERkpGbiyAB8m0mqK2erT0gKNuQcMvqwaSEJkuGOfs
VSrlswhr4XpUjKmclADpK9ZXfTNqfGXUYpWFM9+3N8gxHAtEdYxmzyt7/ooIuvZd
n+KKfXz5P4k5NfSgP18+PR0RCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:48 2024 by rpki-client on console-ams.rpki-client.org