Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Y9xnS_8k_gQLmv2s0DKT5I6t57s.roa
File:                     Y9xnS_8k_gQLmv2s0DKT5I6t57s.roa (raw, json)
Hash identifier:          LEjofBjfh382XHf/xqRMxncMO2kpGL/4P/fh3OBeVbM=
Subject key identifier:   63:DC:67:4B:FF:24:FE:04:0B:9A:FD:AC:D0:32:93:E4:8E:AD:E7:BB
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       01856F5DA610E4BEE82EA378B3A8543EBE48
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Y9xnS_8k_gQLmv2s0DKT5I6t57s.roa
Signing time:             Sun 01 Jan 2023 22:04:46 +0000
ROA not before:           Sun 01 Jan 2023 22:04:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     132399
IP address blocks:        57.191.64.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Jun 2023 14:42:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:a6:10:e4:be:e8:2e:a3:78:b3:a8:54:3e:be:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Jan  1 22:04:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=63dc674bff24fe040b9afdacd03293e48eade7bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:21:29:75:88:33:ba:37:46:fd:85:1e:d5:5c:
                    de:ea:fa:e0:fa:1d:1e:b5:e1:75:a7:6d:08:f2:71:
                    35:1d:cf:ed:2b:91:a5:bb:6e:5e:82:cf:e9:04:0b:
                    17:72:90:ed:dc:83:d2:68:aa:aa:c9:10:61:b2:72:
                    54:4f:77:ac:9a:b0:8a:7e:23:0a:ff:da:ae:c1:6a:
                    ef:84:b4:4f:9f:74:7b:cc:9d:93:3a:05:35:18:e9:
                    27:9b:4b:01:78:29:97:43:70:a3:8c:9f:e2:b4:c1:
                    23:2d:05:a3:03:39:62:5f:11:b8:51:0c:5d:cd:a5:
                    f8:e1:40:47:f7:9d:22:bf:a1:bf:dc:a4:0a:45:8f:
                    01:de:0f:70:fc:43:8e:2a:5b:34:46:3c:34:68:d4:
                    47:2f:47:be:cc:28:c4:15:fa:a9:50:79:05:0c:84:
                    e6:7b:b3:0b:ad:c8:67:26:ea:5a:f5:0d:72:99:35:
                    aa:81:1d:7a:f1:dd:e8:dd:99:3e:92:a4:4b:c1:bb:
                    e5:fb:71:82:0d:57:b0:f1:3a:a0:0f:a5:97:4b:f6:
                    a6:09:a5:75:9b:ac:bb:a7:52:50:db:4e:60:9a:9e:
                    fa:15:74:6d:0c:49:18:cf:b2:dd:97:59:b4:65:f8:
                    03:88:6f:21:ae:6f:25:49:d4:c7:13:df:1a:d3:f5:
                    52:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:DC:67:4B:FF:24:FE:04:0B:9A:FD:AC:D0:32:93:E4:8E:AD:E7:BB
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Y9xnS_8k_gQLmv2s0DKT5I6t57s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.191.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:fd:2c:0a:c5:03:90:7c:e2:6d:52:63:43:be:f3:f3:0d:b9:
         21:32:91:f6:fe:d4:7b:1d:33:ef:21:54:d5:f4:95:36:c5:68:
         ec:af:89:a4:9b:74:18:5c:ee:39:79:10:01:93:fe:4c:bb:8f:
         aa:b5:47:65:90:17:b1:53:13:6e:6d:fe:9c:94:dd:9f:a8:f9:
         f8:4f:69:15:63:54:97:2f:e0:72:c6:43:a6:89:a7:2f:89:74:
         4e:bb:81:e7:4e:39:51:18:4a:03:d4:2f:19:4b:cc:55:2f:2e:
         78:e1:36:e0:e7:ae:b1:15:73:98:b6:df:3d:f9:b5:d1:58:21:
         bd:9e:8f:f3:2d:54:5e:d9:f8:74:46:b0:00:71:f9:62:63:35:
         50:20:32:58:fd:a5:b0:ac:57:a4:7d:44:b9:7c:2d:62:b0:9e:
         7b:58:c3:60:41:a5:5b:57:45:30:9b:af:af:20:5e:a6:29:a9:
         3e:39:0e:1b:d9:08:b9:c3:56:53:84:c7:10:55:9a:c8:98:59:
         72:3e:65:f0:d2:d2:3e:63:2a:d9:2c:5d:d7:ca:ba:77:8d:e1:
         46:5c:44:ae:b8:20:b8:5b:06:00:8b:8e:3e:8b:b1:de:17:35:
         0a:b2:d1:07:2a:16:df:4c:74:ee:0a:1d:0e:c0:97:ed:f8:01:
         1c:f4:55:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXaYQ5L7oLqN4s6hUPr5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMwMTAxMjIwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2RjNjc0YmZmMjRmZTA0MGI5YWZkYWNkMDMyOTNlNDhlYWRlN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiEpdYgzujdG/YUe1Vze6vrg+h0e
teF1p20I8nE1Hc/tK5Glu25egs/pBAsXcpDt3IPSaKqqyRBhsnJUT3esmrCKfiMK
/9quwWrvhLRPn3R7zJ2TOgU1GOknm0sBeCmXQ3CjjJ/itMEjLQWjAzliXxG4UQxd
zaX44UBH950iv6G/3KQKRY8B3g9w/EOOKls0Rjw0aNRHL0e+zCjEFfqpUHkFDITm
e7MLrchnJupa9Q1ymTWqgR168d3o3Zk+kqRLwbvl+3GCDVew8TqgD6WXS/amCaV1
m6y7p1JQ205gmp76FXRtDEkYz7Ldl1m0ZfgDiG8hrm8lSdTHE98a0/VSLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGPcZ0v/JP4EC5r9rNAyk+SOree7MB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvWTl4blNfOGtfZ1FMbXYyczBES1Q1STZ0NTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCOb9AMA0G
CSqGSIb3DQEBCwUAA4IBAQAb/SwKxQOQfOJtUmNDvvPzDbkhMpH2/tR7HTPvIVTV
9JU2xWjsr4mkm3QYXO45eRABk/5Mu4+qtUdlkBexUxNubf6clN2fqPn4T2kVY1SX
L+ByxkOmiacviXROu4HnTjlRGEoD1C8ZS8xVLy544Tbg566xFXOYtt89+bXRWCG9
no/zLVRe2fh0RrAAcfliYzVQIDJY/aWwrFekfUS5fC1isJ57WMNgQaVbV0Uwm6+v
IF6mKak+OQ4b2Qi5w1ZThMcQVZrImFlyPmXw0tI+YyrZLF3Xyrp3jeFGXESuuCC4
WwYAi44+i7HeFzUKstEHKhbfTHTuCh0OwJft+AEc9FXD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:48 2024 by rpki-client on console-ams.rpki-client.org