Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/km7-oWl9DsEH8Tsv1MtPpH4m25U.roa
File:                     km7-oWl9DsEH8Tsv1MtPpH4m25U.roa (raw, json)
Hash identifier:          0LDvUH4p+FPms7T/ZRT9TgIKOTZGbOGCBPFJqNe6wr8=
Subject key identifier:   92:6E:FE:A1:69:7D:0E:C1:07:F1:3B:2F:D4:CB:4F:A4:7E:26:DB:95
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       018C444435C055A4797192B2960F7B5EE5FF
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/km7-oWl9DsEH8Tsv1MtPpH4m25U.roa
Signing time:             Thu 07 Dec 2023 12:32:49 +0000
ROA not before:           Thu 07 Dec 2023 12:32:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9583
IP address blocks:        57.250.64.0/24 maxlen: 24
                          57.250.66.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:44:44:35:c0:55:a4:79:71:92:b2:96:0f:7b:5e:e5:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Dec  7 12:32:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=926efea1697d0ec107f13b2fd4cb4fa47e26db95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:70:16:9e:2f:f9:46:88:a5:be:1d:e0:e0:75:
                    2a:0a:22:4f:1c:25:ea:08:3a:46:e7:63:95:1d:3e:
                    01:a4:bf:18:4e:d3:dd:55:8f:d1:fb:4b:7e:0c:53:
                    b3:8f:cf:81:72:b4:c2:6a:a4:a8:32:30:9a:ae:1d:
                    59:29:37:56:2c:d0:89:86:c4:ad:1f:67:0a:87:16:
                    83:71:e2:f3:d7:21:fb:71:bb:d1:c7:73:1f:c5:9c:
                    cf:92:cf:bc:47:c2:7c:45:ee:20:6f:b3:75:5e:07:
                    a4:46:41:17:c1:ee:36:db:38:79:8e:c9:b1:01:fb:
                    ce:3d:4e:24:62:03:92:53:c0:fc:40:1f:fe:92:97:
                    0d:73:df:4a:7b:00:28:e3:ec:b2:8a:df:c5:26:a4:
                    55:5e:98:b0:7e:cc:41:c3:02:1f:05:04:3a:5d:37:
                    9c:2d:63:2f:17:3f:f7:21:15:88:3a:1a:f6:1d:8d:
                    fe:14:bb:4c:fa:68:21:40:69:95:2e:ad:f6:9f:7e:
                    11:a9:5e:ad:98:67:c3:71:8f:ac:7a:8c:bd:a1:a6:
                    a8:d2:5a:52:bf:fd:5f:6e:3d:9a:90:d5:52:41:05:
                    7f:ba:a1:0d:57:44:07:53:b2:f1:4c:48:f8:0e:8d:
                    80:e3:e6:56:03:e3:8e:d0:eb:08:ce:2c:76:20:ae:
                    54:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:6E:FE:A1:69:7D:0E:C1:07:F1:3B:2F:D4:CB:4F:A4:7E:26:DB:95
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/km7-oWl9DsEH8Tsv1MtPpH4m25U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.250.64.0/24
                  57.250.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:e3:79:9a:52:2d:ed:19:26:99:c0:ab:9a:71:07:a9:e7:21:
         ca:1a:0d:d5:98:09:e5:db:a0:37:27:ba:b8:4c:c1:be:2e:14:
         c1:a9:9a:74:1b:5c:32:7a:7e:ac:e4:63:5a:02:3c:46:16:be:
         e6:81:54:68:af:b9:70:9e:3a:74:de:42:08:97:9b:69:f8:a7:
         94:0c:f0:51:19:ca:54:ba:64:e9:2d:70:8d:32:eb:1b:b6:4e:
         5f:02:10:ef:bf:31:5e:0f:ad:6b:51:cd:d1:77:5b:f6:be:3b:
         89:36:67:f4:11:93:c1:f8:a4:84:6c:c6:70:b8:21:a2:50:8c:
         7d:d6:06:51:34:00:99:46:2c:44:e5:21:cc:f1:08:a5:0c:8d:
         04:e6:e3:6f:3e:15:88:f8:c5:9e:6e:84:92:40:99:ba:4f:20:
         9c:dd:a0:4c:cc:e3:df:32:90:0b:f6:af:f3:90:81:77:79:05:
         69:3e:d1:8d:f6:8a:19:f8:a7:52:06:76:7a:2a:65:13:6a:a2:
         37:fd:ce:63:ce:44:f5:ce:c6:ac:f3:4b:0b:63:14:21:7e:b8:
         91:cd:2f:82:91:53:2c:ff:6a:79:74:de:a7:5e:44:7e:95:35:
         7a:05:33:df:c2:64:8e:e2:a1:97:cf:85:82:cf:de:b6:20:67:
         b4:dc:08:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxERDXAVaR5cZKylg97XuX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMxMjA3MTIzMjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjZlZmVhMTY5N2QwZWMxMDdmMTNiMmZkNGNiNGZhNDdlMjZkYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHAWni/5Roilvh3g4HUqCiJPHCXq
CDpG52OVHT4BpL8YTtPdVY/R+0t+DFOzj8+BcrTCaqSoMjCarh1ZKTdWLNCJhsSt
H2cKhxaDceLz1yH7cbvRx3MfxZzPks+8R8J8Re4gb7N1XgekRkEXwe422zh5jsmx
AfvOPU4kYgOSU8D8QB/+kpcNc99KewAo4+yyit/FJqRVXpiwfsxBwwIfBQQ6XTec
LWMvFz/3IRWIOhr2HY3+FLtM+mghQGmVLq32n34RqV6tmGfDcY+seoy9oaao0lpS
v/1fbj2akNVSQQV/uqENV0QHU7LxTEj4Do2A4+ZWA+OO0OsIzix2IK5UowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJJu/qFpfQ7BB/E7L9TLT6R+JtuVMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEva203LW9XbDlEc0VIOFRzdjFNdFBwSDRtMjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAOfpAAwQA
OfpCMA0GCSqGSIb3DQEBCwUAA4IBAQCh43maUi3tGSaZwKuacQep5yHKGg3VmAnl
26A3J7q4TMG+LhTBqZp0G1wyen6s5GNaAjxGFr7mgVRor7lwnjp03kIIl5tp+KeU
DPBRGcpUumTpLXCNMusbtk5fAhDvvzFeD61rUc3Rd1v2vjuJNmf0EZPB+KSEbMZw
uCGiUIx91gZRNACZRixE5SHM8QilDI0E5uNvPhWI+MWeboSSQJm6TyCc3aBMzOPf
MpAL9q/zkIF3eQVpPtGN9ooZ+KdSBnZ6KmUTaqI3/c5jzkT1zsas80sLYxQhfriR
zS+CkVMs/2p5dN6nXkR+lTV6BTPfwmSO4qGXz4WCz962IGe03Agw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org