Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/c5f49d-10b0-4818-a0c4-7c0b9b19fcfb/1/ZBKQZNv1fhuSgJfdQjMQ9Hc-Vm4.roa
File:                     ZBKQZNv1fhuSgJfdQjMQ9Hc-Vm4.roa (raw, json)
Hash identifier:          I4vYjup9Uh+UZJ2+gOPyO669I3NfXvbfW+F38yww6dQ=
Subject key identifier:   64:12:90:64:DB:F5:7E:1B:92:80:97:DD:42:33:10:F4:77:3E:56:6E
Certificate issuer:       /CN=2f314bc00a7e5ae23349e05406293a7d6060cda1
Certificate serial:       01893EE398489A968B2E83A53E6B3BADF10E
Authority key identifier: 2F:31:4B:C0:0A:7E:5A:E2:33:49:E0:54:06:29:3A:7D:60:60:CD:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LzFLwAp-WuIzSeBUBik6fWBgzaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/c5f49d-10b0-4818-a0c4-7c0b9b19fcfb/1/ZBKQZNv1fhuSgJfdQjMQ9Hc-Vm4.roa
Signing time:             Mon 10 Jul 2023 08:20:50 +0000
ROA not before:           Mon 10 Jul 2023 08:20:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47268
IP address blocks:        195.216.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:3e:e3:98:48:9a:96:8b:2e:83:a5:3e:6b:3b:ad:f1:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f314bc00a7e5ae23349e05406293a7d6060cda1
        Validity
            Not Before: Jul 10 08:20:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64129064dbf57e1b928097dd423310f4773e566e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:d0:ea:22:25:a0:40:e7:a6:a5:51:32:f5:c3:
                    a7:2d:c2:7c:cf:ba:1b:44:b3:39:65:ac:70:5f:9f:
                    56:ce:36:bc:5c:4c:2d:07:7c:24:f9:60:ff:e9:83:
                    02:65:34:bd:a6:90:64:1a:3a:db:d4:ea:4a:89:f4:
                    f4:db:b4:cc:bc:cf:9d:76:81:bc:74:03:30:14:b1:
                    b0:c4:d1:45:fb:92:be:a4:77:d1:2c:a6:f4:e9:52:
                    e9:af:f0:81:42:67:58:71:27:9c:33:e0:94:3a:1d:
                    75:4f:08:4f:da:f1:bf:13:51:7c:b9:a4:48:19:07:
                    19:4b:e7:b9:4f:60:a1:7a:48:25:af:82:a0:c7:61:
                    d5:ac:94:eb:20:bf:5a:5a:d0:d6:95:cb:95:d0:cf:
                    b2:8d:83:f4:ff:07:79:2d:9f:29:ec:84:32:5f:28:
                    b2:29:2f:8b:ad:54:cb:35:c9:49:61:1c:cd:a1:91:
                    d4:47:6d:de:a8:3f:2d:bf:6a:b2:64:4d:59:1f:91:
                    ba:36:6c:0f:63:24:43:42:16:8c:bf:3c:83:4e:19:
                    1b:10:34:61:9c:c7:6c:3d:cb:c1:34:1c:5c:7f:50:
                    4c:47:7e:d2:c6:83:4a:ef:66:2e:3d:bf:65:f4:f4:
                    d9:33:f2:1a:2f:7b:7d:5d:01:33:5c:f3:9c:07:77:
                    c4:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:12:90:64:DB:F5:7E:1B:92:80:97:DD:42:33:10:F4:77:3E:56:6E
            X509v3 Authority Key Identifier:
                keyid:2F:31:4B:C0:0A:7E:5A:E2:33:49:E0:54:06:29:3A:7D:60:60:CD:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzFLwAp-WuIzSeBUBik6fWBgzaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c5f49d-10b0-4818-a0c4-7c0b9b19fcfb/1/ZBKQZNv1fhuSgJfdQjMQ9Hc-Vm4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c5f49d-10b0-4818-a0c4-7c0b9b19fcfb/1/LzFLwAp-WuIzSeBUBik6fWBgzaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.216.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:2f:44:8d:08:22:47:d7:e4:6d:ed:e1:07:65:21:3a:da:4c:
         00:a8:7e:a8:ee:7e:84:da:10:76:d7:db:20:4b:d5:10:db:eb:
         94:95:c7:ba:fc:e6:1c:29:b7:ab:cc:5a:0f:a5:24:03:29:6a:
         86:3e:10:18:ff:29:4e:e2:0d:7e:0a:65:6a:24:b8:6a:d2:cc:
         f2:36:5e:7b:62:e4:44:22:94:2b:98:39:b7:07:04:6d:f7:f7:
         42:9b:da:5c:3c:59:64:30:b4:8d:e0:e4:47:53:a3:51:87:a2:
         f0:e2:cc:73:e7:1d:8c:eb:d4:c3:6b:51:4f:94:15:12:48:a3:
         a7:9c:98:c6:ab:f9:72:7d:20:32:f6:01:c4:7d:e9:af:cf:ce:
         2f:da:6b:40:f5:da:98:f3:99:e3:70:cf:45:4a:cd:71:a5:48:
         61:ca:bd:c4:70:48:09:56:c6:21:ba:31:4c:c2:61:60:99:c9:
         86:78:ba:90:f4:01:e8:51:a6:6f:ae:3b:14:68:6a:c5:7a:31:
         56:c5:93:9f:a1:43:a1:15:b6:29:ec:ff:b0:e7:f3:f0:41:80:
         b1:c3:bb:72:6f:7b:23:0e:e4:0e:63:fa:41:e2:3a:b1:4c:b8:
         9e:af:03:f8:9e:e2:fa:66:aa:e2:ea:49:a8:ec:21:c2:be:7d:
         34:ff:79:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYk+45hImpaLLoOlPms7rfEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzE0YmMwMGE3ZTVhZTIzMzQ5ZTA1NDA2MjkzYTdkNjA2
MGNkYTEwHhcNMjMwNzEwMDgyMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDEyOTA2NGRiZjU3ZTFiOTI4MDk3ZGQ0MjMzMTBmNDc3M2U1NjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9DqIiWgQOempVEy9cOnLcJ8z7ob
RLM5ZaxwX59Wzja8XEwtB3wk+WD/6YMCZTS9ppBkGjrb1OpKifT027TMvM+ddoG8
dAMwFLGwxNFF+5K+pHfRLKb06VLpr/CBQmdYcSecM+CUOh11TwhP2vG/E1F8uaRI
GQcZS+e5T2Chekglr4Kgx2HVrJTrIL9aWtDWlcuV0M+yjYP0/wd5LZ8p7IQyXyiy
KS+LrVTLNclJYRzNoZHUR23eqD8tv2qyZE1ZH5G6NmwPYyRDQhaMvzyDThkbEDRh
nMdsPcvBNBxcf1BMR37SxoNK72YuPb9l9PTZM/IaL3t9XQEzXPOcB3fEDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQSkGTb9X4bkoCX3UIzEPR3PlZuMB8GA1UdIwQY
MBaAFC8xS8AKflriM0ngVAYpOn1gYM2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpGTHdBcC1XdUl6U2VCVUJpazZmV0JnemFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9jNWY0OWQtMTBiMC00ODE4LWEwYzQt
N2MwYjliMTlmY2ZiLzEvWkJLUVpOdjFmaHVTZ0pmZFFqTVE5SGMtVm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9jNWY0OWQtMTBiMC00ODE4LWEwYzQtN2MwYjliMTlmY2Zi
LzEvTHpGTHdBcC1XdUl6U2VCVUJpazZmV0JnemFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9j5MA0G
CSqGSIb3DQEBCwUAA4IBAQCJL0SNCCJH1+Rt7eEHZSE62kwAqH6o7n6E2hB219sg
S9UQ2+uUlce6/OYcKberzFoPpSQDKWqGPhAY/ylO4g1+CmVqJLhq0szyNl57YuRE
IpQrmDm3BwRt9/dCm9pcPFlkMLSN4ORHU6NRh6Lw4sxz5x2M69TDa1FPlBUSSKOn
nJjGq/lyfSAy9gHEfemvz84v2mtA9dqY85njcM9FSs1xpUhhyr3EcEgJVsYhujFM
wmFgmcmGeLqQ9AHoUaZvrjsUaGrFejFWxZOfoUOhFbYp7P+w5/PwQYCxw7tyb3sj
DuQOY/pB4jqxTLierwP4nuL6Zqri6kmo7CHCvn00/3li
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:03 2024 by rpki-client on console-fra.rpki-client.org