Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ENsp5L8q-yv_6AuMsfFDSZNtkFM.roa
File:                     ENsp5L8q-yv_6AuMsfFDSZNtkFM.roa (raw, json)
Hash identifier:          DqdQFY/9X4xqu7zXOAU07ZpnyjVOQb1DrwasQFbyZYM=
Subject key identifier:   10:DB:29:E4:BF:2A:FB:2B:FF:E8:0B:8C:B1:F1:43:49:93:6D:90:53
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E66A752620B6A5A367B9561FB98295F20
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ENsp5L8q-yv_6AuMsfFDSZNtkFM.roa
Signing time:             Fri 22 Mar 2024 14:53:45 +0000
ROA not before:           Fri 22 Mar 2024 14:53:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215727
IP address blocks:        89.213.107.0/24 maxlen: 24
                          89.213.112.0/24 maxlen: 24
                          89.213.113.0/24 maxlen: 24
                          89.213.114.0/24 maxlen: 24
                          89.213.116.0/24 maxlen: 24
                          89.213.157.0/24 maxlen: 24
                          89.213.223.0/24 maxlen: 24
                          89.213.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Mar 2024 11:16:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:66:a7:52:62:0b:6a:5a:36:7b:95:61:fb:98:29:5f:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 22 14:53:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=10db29e4bf2afb2bffe80b8cb1f14349936d9053
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:d9:34:df:3d:35:55:f8:42:1e:b4:cc:93:2b:
                    5e:55:68:6c:92:7f:1e:76:66:5c:95:4e:f2:d6:94:
                    69:93:0b:8f:70:d2:eb:d1:a7:65:35:6d:9c:28:a2:
                    7a:34:4c:18:12:f8:4a:a9:4d:6d:d4:96:ef:f8:ba:
                    6f:38:de:04:85:69:29:3e:1e:52:fa:8d:52:65:82:
                    40:58:fe:af:2a:cc:22:2a:e9:67:32:3d:6c:f6:b9:
                    53:e6:b9:fb:08:35:1f:d6:77:69:20:09:8b:48:26:
                    2d:70:91:91:cd:ef:bc:7e:74:79:d2:bd:48:3e:c3:
                    6f:e2:ef:96:68:90:68:d4:19:d0:d7:3a:d4:19:50:
                    1c:78:b1:d8:00:d5:7e:04:f4:fc:fe:e3:e6:d2:15:
                    c0:0c:25:13:7b:ad:cd:74:84:33:c0:11:0f:26:e9:
                    81:4b:56:10:28:74:c4:16:65:54:0f:b2:5d:72:d6:
                    5e:1d:58:d2:23:a0:34:9c:0f:07:7a:b9:a4:52:b9:
                    b1:4e:8a:03:cd:67:95:46:47:04:81:de:3d:0a:62:
                    fd:0f:85:d6:7f:70:7a:04:ae:55:ab:59:d0:4b:d8:
                    8a:47:2a:86:d0:63:ac:59:94:7e:bd:9a:c3:2a:5e:
                    5e:be:a1:7a:19:72:b3:ae:58:c8:5b:4b:6f:61:d4:
                    a1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:DB:29:E4:BF:2A:FB:2B:FF:E8:0B:8C:B1:F1:43:49:93:6D:90:53
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ENsp5L8q-yv_6AuMsfFDSZNtkFM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.213.107.0/24
                  89.213.112.0-89.213.114.255
                  89.213.116.0/24
                  89.213.157.0/24
                  89.213.223.0/24
                  89.213.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:8e:43:a3:ef:5e:b5:03:53:2b:07:1b:75:02:d5:80:9b:66:
         5a:e0:24:a3:d8:61:5d:aa:ed:2f:63:69:88:5d:62:23:9a:b6:
         57:38:c4:33:54:5e:09:64:c0:5e:05:a1:4b:44:b3:11:17:ab:
         08:0d:34:f8:87:a4:71:2f:ba:57:d9:6e:67:38:cc:a5:db:46:
         bb:47:52:84:5e:d4:12:f6:7e:8b:ca:a1:67:7d:b2:94:2b:a4:
         b9:8a:19:a4:cc:ed:5e:f9:f9:68:39:34:a6:7d:c1:10:0a:72:
         c5:f2:75:24:de:4b:66:fa:a2:e0:e2:fb:ea:39:63:5d:ca:59:
         db:e1:f8:85:19:4b:d9:b7:74:ce:19:5d:db:87:49:13:15:3e:
         60:0f:d4:db:9e:1e:5b:69:08:34:e1:53:dd:de:1a:b6:05:eb:
         09:9a:cb:b3:d2:de:56:09:3a:8e:0f:c4:6a:0c:eb:0b:f8:d9:
         31:b0:35:ab:76:60:cc:17:6a:87:59:77:07:96:65:9d:bf:e2:
         bb:43:c6:5f:1f:85:eb:0f:d0:86:d8:de:de:7c:31:e2:d0:f2:
         c6:98:e6:f9:ab:dc:54:65:bd:db:e0:ef:ce:c6:e5:20:bf:48:
         a7:9c:86:ec:bd:e8:af:ca:cc:ab:6a:5b:27:fa:22:c5:cb:6f:
         62:f0:56:fe
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY5mp1JiC2paNnuVYfuYKV8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzIyMTQ1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGRiMjllNGJmMmFmYjJiZmZlODBiOGNiMWYxNDM0OTkzNmQ5MDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tk03z01VfhCHrTMkyteVWhskn8e
dmZclU7y1pRpkwuPcNLr0adlNW2cKKJ6NEwYEvhKqU1t1Jbv+LpvON4EhWkpPh5S
+o1SZYJAWP6vKswiKulnMj1s9rlT5rn7CDUf1ndpIAmLSCYtcJGRze+8fnR50r1I
PsNv4u+WaJBo1BnQ1zrUGVAceLHYANV+BPT8/uPm0hXADCUTe63NdIQzwBEPJumB
S1YQKHTEFmVUD7JdctZeHVjSI6A0nA8HermkUrmxTooDzWeVRkcEgd49CmL9D4XW
f3B6BK5Vq1nQS9iKRyqG0GOsWZR+vZrDKl5evqF6GXKzrljIW0tvYdShsQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBDbKeS/Kvsr/+gLjLHxQ0mTbZBTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRU5zcDVMOHEteXZfNkF1TXNmRkRTWk50a0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAWdVrMAwD
BARZ1XADBABZ1XIDBABZ1XQDBABZ1Z0DBABZ1d8DBABZ1eMwDQYJKoZIhvcNAQEL
BQADggEBAGSOQ6PvXrUDUysHG3UC1YCbZlrgJKPYYV2q7S9jaYhdYiOatlc4xDNU
XglkwF4FoUtEsxEXqwgNNPiHpHEvulfZbmc4zKXbRrtHUoRe1BL2fovKoWd9spQr
pLmKGaTM7V75+Wg5NKZ9wRAKcsXydSTeS2b6ouDi++o5Y13KWdvh+IUZS9m3dM4Z
XduHSRMVPmAP1NueHltpCDThU93eGrYF6wmay7PS3lYJOo4PxGoM6wv42TGwNat2
YMwXaodZdweWZZ2/4rtDxl8fhesP0IbY3t58MeLQ8saY5vmr3FRlvdvg787G5SC/
SKechuy96K/KzKtqWyf6IsXLb2LwVv4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:21 2024 by rpki-client on console-ams.rpki-client.org