Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/r3j43KhN3GfLhBdSGqPJ2DZGrBc.roa
File:                     r3j43KhN3GfLhBdSGqPJ2DZGrBc.roa (raw, json)
Hash identifier:          80Q48lrcYiVxGTuKCRd69W6FDFHDIljiEVDR3clM3V4=
Subject key identifier:   AF:78:F8:DC:A8:4D:DC:67:CB:84:17:52:1A:A3:C9:D8:36:46:AC:17
Certificate issuer:       /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial:       018571155E34519938054B3B248A149E7805
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/r3j43KhN3GfLhBdSGqPJ2DZGrBc.roa
Signing time:             Mon 02 Jan 2023 06:05:03 +0000
ROA not before:           Mon 02 Jan 2023 06:05:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206770
IP address blocks:        157.25.57.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:15:5e:34:51:99:38:05:4b:3b:24:8a:14:9e:78:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
        Validity
            Not Before: Jan  2 06:05:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af78f8dca84ddc67cb8417521aa3c9d83646ac17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:99:ac:d7:59:37:55:3c:b9:28:9d:0a:4b:c6:
                    8f:cd:b7:9f:92:0f:1c:ca:88:dc:79:a0:0d:bf:b7:
                    25:59:55:02:87:9b:28:a7:b3:39:82:23:fc:aa:1b:
                    b0:46:56:43:3a:c6:61:de:5f:9e:c1:4f:f1:3c:38:
                    a8:5b:0c:4c:1e:8b:40:f9:ee:5f:db:8e:00:21:90:
                    3a:6d:9f:11:a0:ce:cc:0f:58:23:fb:99:8d:fa:1d:
                    74:ba:45:89:60:cd:29:58:a5:75:41:1e:ef:11:af:
                    62:0e:68:71:8d:18:64:84:45:f3:6f:08:d2:d2:d8:
                    41:2a:8c:4c:54:c7:60:e5:f5:9b:87:a2:ce:44:39:
                    89:db:07:97:40:e9:a6:60:71:87:e5:9b:6e:53:e4:
                    54:09:bf:9c:2b:f2:1b:6a:05:b0:11:18:3e:d4:34:
                    ea:21:d5:01:bd:c8:bd:74:63:b1:24:a1:3a:37:66:
                    30:46:67:24:6a:28:fa:e3:aa:88:73:ae:34:49:02:
                    7f:99:69:f8:72:a5:23:d8:66:0e:e3:11:34:6c:cc:
                    5b:ea:11:ec:50:0f:d4:73:f6:61:a4:b9:53:dd:e9:
                    28:39:3b:8e:89:09:17:b1:2c:33:1d:ef:a7:85:09:
                    c3:7e:2e:54:9f:75:4d:8b:76:01:64:ad:d7:21:81:
                    39:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:78:F8:DC:A8:4D:DC:67:CB:84:17:52:1A:A3:C9:D8:36:46:AC:17
            X509v3 Authority Key Identifier:
                keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/r3j43KhN3GfLhBdSGqPJ2DZGrBc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.25.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:d0:5a:b6:c9:43:bd:8b:37:f6:0d:a4:59:ae:4e:49:c8:35:
         4f:d1:d6:ad:5a:a9:f9:6b:e7:89:e2:45:74:a4:03:06:87:80:
         d4:96:45:b1:0e:14:dc:e4:f5:14:7b:d1:b0:3c:5c:4c:ff:58:
         73:74:19:07:85:27:47:6b:15:8b:1d:d5:f1:4f:8a:92:a7:7a:
         94:48:c4:a8:39:8b:2e:75:be:06:c8:61:9f:4b:5c:37:9e:e5:
         ff:b1:12:4c:46:a5:03:2e:18:5d:cc:fc:88:2f:6c:91:6b:03:
         44:1f:06:0e:56:d6:c1:a9:d0:82:b1:b3:9d:c0:6a:f7:e3:18:
         a5:3d:45:1f:ea:89:26:21:5c:5d:de:58:e2:1a:47:79:ff:f6:
         e1:10:f0:77:23:28:69:5e:42:12:98:d8:7f:96:b4:23:09:3e:
         a4:a6:d0:cd:14:5a:3f:c6:6c:8e:c0:2f:a3:47:e9:fd:aa:c8:
         7c:0d:a8:49:35:f2:30:92:92:68:51:c5:09:f4:fc:7e:89:82:
         71:09:57:98:eb:0f:70:4c:78:cb:e5:48:fc:4a:84:f5:d0:63:
         59:74:41:4a:b9:90:21:4e:bf:90:38:31:7a:3d:aa:ad:a2:ca:
         20:e3:24:4c:33:3c:84:58:68:d1:5f:a5:5d:eb:7f:38:dc:0b:
         e6:19:95:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFV40UZk4BUs7JIoUnngFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjc4ZjhkY2E4NGRkYzY3Y2I4NDE3NTIxYWEzYzlkODM2NDZhYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopms11k3VTy5KJ0KS8aPzbefkg8c
yojceaANv7clWVUCh5sop7M5giP8qhuwRlZDOsZh3l+ewU/xPDioWwxMHotA+e5f
244AIZA6bZ8RoM7MD1gj+5mN+h10ukWJYM0pWKV1QR7vEa9iDmhxjRhkhEXzbwjS
0thBKoxMVMdg5fWbh6LORDmJ2weXQOmmYHGH5ZtuU+RUCb+cK/IbagWwERg+1DTq
IdUBvci9dGOxJKE6N2YwRmckaij646qIc640SQJ/mWn4cqUj2GYO4xE0bMxb6hHs
UA/Uc/ZhpLlT3ekoOTuOiQkXsSwzHe+nhQnDfi5Un3VNi3YBZK3XIYE5gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK94+NyoTdxny4QXUhqjydg2RqwXMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvcjNqNDNLaE4zR2ZMaEJkU0dxUEoyRFpHckJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRk5MA0G
CSqGSIb3DQEBCwUAA4IBAQAv0Fq2yUO9izf2DaRZrk5JyDVP0datWqn5a+eJ4kV0
pAMGh4DUlkWxDhTc5PUUe9GwPFxM/1hzdBkHhSdHaxWLHdXxT4qSp3qUSMSoOYsu
db4GyGGfS1w3nuX/sRJMRqUDLhhdzPyIL2yRawNEHwYOVtbBqdCCsbOdwGr34xil
PUUf6okmIVxd3ljiGkd5//bhEPB3IyhpXkISmNh/lrQjCT6kptDNFFo/xmyOwC+j
R+n9qsh8DahJNfIwkpJoUcUJ9Px+iYJxCVeY6w9wTHjL5Uj8SoT10GNZdEFKuZAh
Tr+QODF6Paqtosog4yRMMzyEWGjRX6Vd63843AvmGZV0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:32 2024 by rpki-client on console-ams.rpki-client.org