Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/o41PWAXJeKQIPih_Ste6jFSI49M.roa
File:                     o41PWAXJeKQIPih_Ste6jFSI49M.roa (raw, json)
Hash identifier:          XrkBdV8Lxt76lw9s34F0wNkqTaKQnKoyMFu2hxQ8aos=
Subject key identifier:   A3:8D:4F:58:05:C9:78:A4:08:3E:28:7F:4A:D7:BA:8C:54:88:E3:D3
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       01856F5DA15F34A226E451BE09D795CE439C
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/o41PWAXJeKQIPih_Ste6jFSI49M.roa
Signing time:             Sun 01 Jan 2023 22:04:45 +0000
ROA not before:           Sun 01 Jan 2023 22:04:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9989
IP address blocks:        57.250.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:a1:5f:34:a2:26:e4:51:be:09:d7:95:ce:43:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Jan  1 22:04:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a38d4f5805c978a4083e287f4ad7ba8c5488e3d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:34:d9:68:d3:f2:c5:0c:f1:29:6a:78:b5:d0:
                    aa:e3:86:b9:9f:6b:13:06:14:88:6c:bc:d7:82:61:
                    48:b6:55:ca:98:b8:e5:5b:b1:27:bc:e8:a4:c7:39:
                    c9:a8:02:23:b4:98:51:e8:2f:c1:61:87:46:d7:e6:
                    2d:e4:2f:90:62:b4:c2:5b:cd:51:35:1d:bb:9d:d5:
                    85:2e:0d:92:f6:59:21:0a:cd:25:70:42:69:21:d0:
                    65:f1:5a:4b:09:3a:6f:26:91:e2:5d:8c:66:d5:95:
                    4a:cc:ce:26:c7:08:7b:6d:e7:86:44:9c:a6:66:e0:
                    47:4f:98:0c:b7:2b:1e:4f:18:ca:84:30:89:41:f9:
                    57:61:b1:95:2d:e2:ee:59:2e:a9:44:e3:c9:a9:5c:
                    af:83:d0:a9:2c:5c:e5:a4:d8:5b:ae:c1:9c:3d:48:
                    43:75:01:51:90:6a:a3:90:10:92:74:7d:d3:e4:94:
                    16:6c:34:57:91:92:2e:e9:bf:cb:ad:8a:cc:ae:f7:
                    ef:c5:4e:cd:b3:f9:f6:ae:47:c1:cf:83:6d:51:e7:
                    3e:71:b3:c8:75:e1:6f:11:59:cc:09:71:2f:3f:1c:
                    19:b2:20:c6:58:58:9a:76:c7:89:4f:5a:38:42:9a:
                    62:70:d0:9d:53:75:e6:18:e1:71:65:53:3f:23:24:
                    36:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:8D:4F:58:05:C9:78:A4:08:3E:28:7F:4A:D7:BA:8C:54:88:E3:D3
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/o41PWAXJeKQIPih_Ste6jFSI49M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.250.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:ff:42:1e:e9:7d:0a:fc:bc:6c:82:8c:4e:23:7d:01:a5:e4:
         5d:1e:e1:44:69:38:2d:23:dd:bf:b2:aa:bf:82:60:46:2e:05:
         a3:38:1e:83:be:23:a1:08:ce:9c:33:6e:56:f7:89:89:1c:fa:
         9a:c3:25:d0:e7:d1:37:bf:b2:48:05:4d:27:ba:02:a0:32:5c:
         f9:7e:7c:59:cb:ff:a1:38:d9:06:a8:cf:32:3a:fd:21:3c:69:
         ff:8e:43:69:b4:ad:92:9e:07:e1:50:e6:9c:aa:d3:de:20:3d:
         2d:2f:9c:c2:73:ed:2d:69:46:f5:35:54:59:91:0b:c5:7b:d7:
         67:b2:c3:85:e6:4f:33:84:95:76:80:dc:e6:07:6a:e4:86:81:
         30:7a:d2:4a:58:2e:00:c2:de:80:ff:1b:fd:26:68:db:a7:2a:
         bf:55:53:6b:38:31:ed:0a:44:79:1a:12:68:25:01:c5:fb:0b:
         a7:24:b3:0f:e4:99:8b:cc:08:01:e2:9e:f9:cf:97:24:f4:a3:
         ad:35:21:34:94:31:53:60:d2:45:1d:ac:d6:51:43:4d:68:06:
         ed:ca:ea:69:ca:2d:16:d6:8e:89:17:ec:35:b0:64:68:be:f2:
         02:66:1f:6b:4c:30:60:8a:ea:1b:c4:ed:b4:d2:51:f7:47:2e:
         d8:59:5c:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXaFfNKIm5FG+CdeVzkOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMwMTAxMjIwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhkNGY1ODA1Yzk3OGE0MDgzZTI4N2Y0YWQ3YmE4YzU0ODhlM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjTZaNPyxQzxKWp4tdCq44a5n2sT
BhSIbLzXgmFItlXKmLjlW7EnvOikxznJqAIjtJhR6C/BYYdG1+Yt5C+QYrTCW81R
NR27ndWFLg2S9lkhCs0lcEJpIdBl8VpLCTpvJpHiXYxm1ZVKzM4mxwh7beeGRJym
ZuBHT5gMtyseTxjKhDCJQflXYbGVLeLuWS6pROPJqVyvg9CpLFzlpNhbrsGcPUhD
dQFRkGqjkBCSdH3T5JQWbDRXkZIu6b/LrYrMrvfvxU7Ns/n2rkfBz4NtUec+cbPI
deFvEVnMCXEvPxwZsiDGWFiadseJT1o4QppicNCdU3XmGOFxZVM/IyQ2SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKONT1gFyXikCD4of0rXuoxUiOPTMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvbzQxUFdBWEplS1FJUGloX1N0ZTZqRlNJNDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAOfowMA0G
CSqGSIb3DQEBCwUAA4IBAQCI/0Ie6X0K/LxsgoxOI30BpeRdHuFEaTgtI92/sqq/
gmBGLgWjOB6DviOhCM6cM25W94mJHPqawyXQ59E3v7JIBU0nugKgMlz5fnxZy/+h
ONkGqM8yOv0hPGn/jkNptK2SngfhUOacqtPeID0tL5zCc+0taUb1NVRZkQvFe9dn
ssOF5k8zhJV2gNzmB2rkhoEwetJKWC4Awt6A/xv9Jmjbpyq/VVNrODHtCkR5GhJo
JQHF+wunJLMP5JmLzAgB4p75z5ck9KOtNSE0lDFTYNJFHazWUUNNaAbtyuppyi0W
1o6JF+w1sGRovvICZh9rTDBgiuobxO200lH3Ry7YWVxn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org