Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/tPR8tGQ20KJs9RJXFbGHSyEIUlc.roa
File:                     tPR8tGQ20KJs9RJXFbGHSyEIUlc.roa (raw, json)
Hash identifier:          M+IQ7xrv58V7cDLbc9K/OFnGxy2SizSZDCppn2fdbEU=
Subject key identifier:   B4:F4:7C:B4:64:36:D0:A2:6C:F5:12:57:15:B1:87:4B:21:08:52:57
Certificate issuer:       /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial:       01856F5DA73EECB8B7560F2E8789007249D3
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/tPR8tGQ20KJs9RJXFbGHSyEIUlc.roa
Signing time:             Sun 01 Jan 2023 22:04:46 +0000
ROA not before:           Sun 01 Jan 2023 22:04:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205080
IP address blocks:        57.188.0.0/18 maxlen: 24
                          2a0a:90c0:1000::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:a7:3e:ec:b8:b7:56:0f:2e:87:89:00:72:49:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
        Validity
            Not Before: Jan  1 22:04:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b4f47cb46436d0a26cf5125715b1874b21085257
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:7a:20:44:ad:09:19:72:63:63:d8:0b:bb:0a:
                    96:ae:07:b5:36:ff:ad:c3:9a:8f:c6:d8:ab:45:14:
                    3f:20:b7:aa:d9:e8:7d:9e:36:df:3b:27:0d:69:4d:
                    cc:bd:82:26:36:0c:a3:81:fe:95:7b:c5:be:74:1c:
                    29:a9:67:78:47:c4:3e:a7:f0:8c:4e:11:16:ef:9f:
                    e5:19:a7:b0:69:5b:51:57:bc:7f:33:29:91:84:ed:
                    a1:06:bb:56:ff:2e:00:0f:ae:4a:a8:fc:fd:9b:93:
                    2d:98:64:56:2d:2e:20:77:c9:ec:6b:8f:47:d1:f7:
                    a6:91:0a:98:e5:4f:e2:ca:32:f0:72:57:bf:1f:01:
                    79:bf:4c:4a:fd:05:98:27:f7:da:05:25:17:8f:dd:
                    ff:2c:11:ab:12:ce:b0:cc:67:9d:ed:a3:a9:b6:c2:
                    91:cf:3d:9b:84:93:c0:8b:77:27:43:a4:a0:33:99:
                    38:06:1c:27:4f:a8:74:20:01:57:85:33:3b:92:6e:
                    53:93:10:71:6c:28:2c:c7:b6:7c:a5:6b:10:5f:07:
                    2f:a8:54:03:42:06:1b:01:f6:56:f6:af:e8:d9:a9:
                    24:40:5a:f2:30:a4:1e:82:79:79:7e:4f:13:47:d1:
                    1b:f8:5e:49:7d:c3:49:47:cd:74:ea:15:a6:47:e0:
                    ce:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:F4:7C:B4:64:36:D0:A2:6C:F5:12:57:15:B1:87:4B:21:08:52:57
            X509v3 Authority Key Identifier:
                keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/tPR8tGQ20KJs9RJXFbGHSyEIUlc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  57.188.0.0/18
                IPv6:
                  2a0a:90c0:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         60:bc:4c:c9:28:a5:3c:6f:18:12:98:3e:86:b5:ff:da:38:c2:
         bc:d8:6d:16:a5:9a:2b:ab:b1:98:c1:df:06:a4:88:29:cf:1d:
         1a:fe:1d:66:ef:29:43:50:33:96:a0:ec:c9:74:8b:04:20:e6:
         1e:3d:44:86:97:d3:bc:b7:2e:7e:a4:c9:e9:77:04:09:ac:0e:
         aa:d6:2d:59:1f:59:2d:50:1a:7b:45:d0:83:3f:c0:53:21:52:
         61:f6:ce:2f:62:12:68:5f:93:65:f0:f5:57:38:88:db:df:75:
         68:40:5a:2f:6b:37:b1:df:07:15:9a:16:07:25:b4:8d:a2:20:
         8d:5c:17:45:18:59:a8:fd:d7:00:de:21:b8:2d:3f:4a:92:96:
         6c:52:59:d8:c0:73:59:67:90:eb:ee:cd:57:16:93:04:e8:da:
         b4:72:dd:60:23:45:ab:62:18:86:f3:35:c3:90:cf:4a:ac:d9:
         45:56:10:d7:0e:ce:b8:e7:b0:5b:60:94:4f:c7:76:93:8f:3f:
         9c:0d:a2:67:ee:42:9e:f3:6c:dc:fa:88:ba:51:00:8a:de:3e:
         10:21:10:51:08:4e:f0:98:da:a1:6d:8e:ad:0f:93:f2:95:5b:
         df:89:cd:ed:ea:c0:94:12:0d:73:8e:55:b0:2c:47:3d:c4:b9:
         63:0d:f5:0e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVvXac+7Li3Vg8uh4kAcknTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjMwMTAxMjIwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY0N2NiNDY0MzZkMGEyNmNmNTEyNTcxNWIxODc0YjIxMDg1MjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3ogRK0JGXJjY9gLuwqWrge1Nv+t
w5qPxtirRRQ/ILeq2eh9njbfOycNaU3MvYImNgyjgf6Ve8W+dBwpqWd4R8Q+p/CM
ThEW75/lGaewaVtRV7x/MymRhO2hBrtW/y4AD65KqPz9m5MtmGRWLS4gd8nsa49H
0femkQqY5U/iyjLwcle/HwF5v0xK/QWYJ/faBSUXj93/LBGrEs6wzGed7aOptsKR
zz2bhJPAi3cnQ6SgM5k4BhwnT6h0IAFXhTM7km5TkxBxbCgsx7Z8pWsQXwcvqFQD
QgYbAfZW9q/o2akkQFryMKQegnl5fk8TR9Eb+F5JfcNJR8106hWmR+DOEQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLT0fLRkNtCibPUSVxWxh0shCFJXMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvdFBSOHRHUTIwS0pzOVJKWEZiR0hTeUVJVWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQGObwAMA4E
AgACMAgDBgAqCpDAEDANBgkqhkiG9w0BAQsFAAOCAQEAYLxMySilPG8YEpg+hrX/
2jjCvNhtFqWaK6uxmMHfBqSIKc8dGv4dZu8pQ1AzlqDsyXSLBCDmHj1EhpfTvLcu
fqTJ6XcECawOqtYtWR9ZLVAae0XQgz/AUyFSYfbOL2ISaF+TZfD1VziI2991aEBa
L2s3sd8HFZoWByW0jaIgjVwXRRhZqP3XAN4huC0/SpKWbFJZ2MBzWWeQ6+7NVxaT
BOjatHLdYCNFq2IYhvM1w5DPSqzZRVYQ1w7OuOewW2CUT8d2k48/nA2iZ+5CnvNs
3PqIulEAit4+ECEQUQhO8JjaoW2OrQ+T8pVb34nN7erAlBINc45VsCxHPcS5Yw31
Dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org