Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/ndYkmtTRLDjEeE1b7jz_THM_j7A.roa
File:                     ndYkmtTRLDjEeE1b7jz_THM_j7A.roa (raw, json)
Hash identifier:          kIIFJTNG+TIDaIRT5C0skuGEfjLpXL6lg5PAFQsH9s4=
Subject key identifier:   9D:D6:24:9A:D4:D1:2C:38:C4:78:4D:5B:EE:3C:FF:4C:73:3F:8F:B0
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       01856F5DA5AA0F481740516306F69556AC76
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/ndYkmtTRLDjEeE1b7jz_THM_j7A.roa
Signing time:             Sun 01 Jan 2023 22:04:46 +0000
ROA not before:           Sun 01 Jan 2023 22:04:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     19545
IP address blocks:        57.250.192.0/19 maxlen: 24
                          57.250.224.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:a5:aa:0f:48:17:40:51:63:06:f6:95:56:ac:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Jan  1 22:04:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9dd6249ad4d12c38c4784d5bee3cff4c733f8fb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:97:67:6a:9f:b9:a9:3c:87:9a:44:34:40:a3:
                    85:e7:6f:27:98:31:e7:b3:5a:e9:17:80:ff:57:ef:
                    46:ca:ae:cc:b6:54:a8:9a:2e:d2:a6:cb:ec:c7:21:
                    1f:f2:0d:49:2c:2e:3b:fc:0b:9d:41:bf:84:87:f5:
                    6e:cb:e2:85:5a:8b:bc:2e:7d:6d:43:1e:ef:e1:4d:
                    58:68:33:c3:7c:97:77:b0:a7:47:d3:2d:c1:f3:77:
                    04:34:e3:f4:95:c2:40:7b:f6:74:90:36:c2:ce:9a:
                    8d:90:e2:04:d8:2d:d7:b2:ff:4a:65:ea:1a:a1:32:
                    25:f4:ea:86:52:b4:94:53:74:67:c1:38:e4:5c:3e:
                    59:67:84:d9:00:17:b8:6f:de:dc:27:4b:db:15:dd:
                    be:52:81:0a:7d:59:9b:0a:99:bb:18:9a:1e:8e:a7:
                    ab:0c:26:4a:64:b1:ae:e0:66:3f:2c:7d:67:14:55:
                    ae:f0:47:33:99:d3:56:c5:5a:39:b7:77:d8:d1:41:
                    2c:39:b6:3d:1c:51:61:3b:61:2a:4f:8c:4c:f5:8e:
                    6e:da:a4:bd:56:3a:f0:da:d8:3f:04:60:0b:5e:a5:
                    e7:2e:7b:21:e4:b7:0c:ca:ea:a3:f9:d7:6c:79:bb:
                    40:74:af:f4:6c:1f:ca:63:61:71:55:97:7f:b5:78:
                    e7:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:D6:24:9A:D4:D1:2C:38:C4:78:4D:5B:EE:3C:FF:4C:73:3F:8F:B0
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/ndYkmtTRLDjEeE1b7jz_THM_j7A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.250.192.0-57.250.224.255

    Signature Algorithm: sha256WithRSAEncryption
         00:21:40:31:f8:09:ac:e3:54:c1:67:31:b3:f8:83:8b:c2:06:
         03:ec:77:ed:31:c0:76:99:a3:bd:8d:c6:94:66:7a:8e:c5:25:
         bf:e7:8c:3c:e6:23:e7:08:bc:0a:89:e8:25:2e:66:4b:5b:07:
         f9:71:29:a0:1a:33:95:96:4d:ec:7d:e2:77:9f:60:a1:f7:40:
         15:b2:96:4c:92:29:14:75:30:e7:79:ab:ea:a3:94:38:48:af:
         8f:65:a6:20:e3:48:f9:98:42:7a:f0:c1:52:57:2f:9b:49:e2:
         51:38:64:45:82:26:79:fd:27:d1:73:96:94:1b:5d:cd:9c:71:
         36:93:ff:12:83:4e:14:e3:d9:0e:a0:78:c2:bf:b3:40:94:c1:
         bf:ff:0b:8b:62:7a:b9:63:e4:33:81:41:65:df:55:7b:26:d3:
         96:c0:df:02:fa:a3:c0:81:03:f6:27:9e:e6:2f:89:4a:3b:93:
         39:03:11:f6:1d:40:de:4b:2e:19:e3:88:24:35:9b:24:6b:00:
         f2:a7:dd:45:9b:b9:91:99:b4:ba:f3:45:e6:fc:84:84:13:cf:
         31:48:9f:39:44:59:67:24:b1:ac:3b:02:14:f7:05:b7:a1:bf:
         70:b3:95:75:91:a3:d3:89:b0:74:e0:5a:30:5c:4c:7f:f5:5a:
         5b:dc:0b:f0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvXaWqD0gXQFFjBvaVVqx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMwMTAxMjIwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ2MjQ5YWQ0ZDEyYzM4YzQ3ODRkNWJlZTNjZmY0YzczM2Y4ZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJdnap+5qTyHmkQ0QKOF528nmDHn
s1rpF4D/V+9Gyq7MtlSomi7SpsvsxyEf8g1JLC47/AudQb+Eh/Vuy+KFWou8Ln1t
Qx7v4U1YaDPDfJd3sKdH0y3B83cENOP0lcJAe/Z0kDbCzpqNkOIE2C3Xsv9KZeoa
oTIl9OqGUrSUU3RnwTjkXD5ZZ4TZABe4b97cJ0vbFd2+UoEKfVmbCpm7GJoejqer
DCZKZLGu4GY/LH1nFFWu8EczmdNWxVo5t3fY0UEsObY9HFFhO2EqT4xM9Y5u2qS9
Vjrw2tg/BGALXqXnLnsh5LcMyuqj+ddsebtAdK/0bB/KY2FxVZd/tXjntQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ3WJJrU0Sw4xHhNW+48/0xzP4+wMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvbmRZa210VFJMRGpFZUUxYjdqel9USE1fajdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAY5+sAD
BAA5+uAwDQYJKoZIhvcNAQELBQADggEBAAAhQDH4CazjVMFnMbP4g4vCBgPsd+0x
wHaZo72NxpRmeo7FJb/njDzmI+cIvAqJ6CUuZktbB/lxKaAaM5WWTex94nefYKH3
QBWylkySKRR1MOd5q+qjlDhIr49lpiDjSPmYQnrwwVJXL5tJ4lE4ZEWCJnn9J9Fz
lpQbXc2ccTaT/xKDThTj2Q6geMK/s0CUwb//C4tierlj5DOBQWXfVXsm05bA3wL6
o8CBA/YnnuYviUo7kzkDEfYdQN5LLhnjiCQ1myRrAPKn3UWbuZGZtLrzReb8hIQT
zzFInzlEWWcksaw7AhT3Bbehv3CzlXWRo9OJsHTgWjBcTH/1WlvcC/A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:48 2024 by rpki-client on console-ams.rpki-client.org