Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/zOqDV82HSkEdm4OhwiDjuzpFELc.roa
File:                     zOqDV82HSkEdm4OhwiDjuzpFELc.roa (raw, json)
Hash identifier:          eMuMGNz6q9h1gGfKGFxYaqOg1UpgM3HQEIFe3UbZrgw=
Subject key identifier:   CC:EA:83:57:CD:87:4A:41:1D:9B:83:A1:C2:20:E3:BB:3A:45:10:B7
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       018AC8AC1CB68AE15721A0F90CC6F7B97525
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/zOqDV82HSkEdm4OhwiDjuzpFELc.roa
Signing time:             Sun 24 Sep 2023 19:30:37 +0000
ROA not before:           Sun 24 Sep 2023 19:30:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13335
IP address blocks:        89.46.0.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Oct 2023 14:20:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:c8:ac:1c:b6:8a:e1:57:21:a0:f9:0c:c6:f7:b9:75:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Sep 24 19:30:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ccea8357cd874a411d9b83a1c220e3bb3a4510b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:15:8c:f1:3e:e5:b0:6b:e8:a4:39:01:0d:cb:
                    6b:6e:3e:0b:4a:bd:53:54:1f:a1:45:08:78:74:b6:
                    11:68:08:80:ad:a1:f5:17:8c:d6:02:52:b6:bf:45:
                    e8:00:30:41:a1:91:c6:55:fb:02:e6:40:1a:c5:4a:
                    4c:e2:fe:c3:6f:c4:77:f6:18:c8:c3:fb:96:01:7e:
                    4b:f2:38:08:c5:f0:a8:c8:4f:9b:37:83:c6:67:a2:
                    b9:1c:20:6a:b3:85:f0:9d:0a:d5:0b:f5:22:3a:51:
                    ba:5d:b3:44:d7:57:15:42:17:b2:51:ee:53:2d:7e:
                    db:0c:94:fa:38:ea:e7:27:2c:9b:e7:e4:17:70:56:
                    58:b5:83:10:d1:d7:4a:14:38:a4:6a:a1:27:41:0b:
                    10:a2:5b:c5:e3:9a:e1:02:31:5f:eb:75:95:95:3f:
                    40:36:8f:0b:6d:c7:fa:6f:ea:83:d8:0f:ee:ca:fc:
                    ec:9e:b8:45:60:7d:a1:5a:7a:a3:53:ef:bc:55:60:
                    ac:0c:fe:f5:fc:29:c8:55:97:b2:4a:71:41:0a:8e:
                    51:8e:b5:7e:1c:8b:23:34:b8:42:3c:90:76:a7:b5:
                    9b:8b:e0:ec:f5:72:0d:67:f9:c1:cf:33:13:bd:31:
                    bb:d6:86:2a:cf:4b:39:2f:36:a1:c9:76:d3:51:4e:
                    dc:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:EA:83:57:CD:87:4A:41:1D:9B:83:A1:C2:20:E3:BB:3A:45:10:B7
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/zOqDV82HSkEdm4OhwiDjuzpFELc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.46.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:c6:44:7a:8d:f1:ab:9e:45:c8:a4:04:3b:02:06:9a:50:92:
         46:8e:a7:ba:32:aa:51:b3:ad:d0:a7:d3:80:b8:47:2b:7f:1d:
         c5:04:f9:fa:24:c4:09:b0:b3:aa:5e:04:ec:01:f5:8f:70:51:
         3b:92:b4:8e:22:38:b0:e5:aa:15:c7:6c:a4:73:67:b3:17:2b:
         dd:f1:d2:1d:df:21:c5:89:b3:eb:7d:92:32:0f:de:58:c2:59:
         fb:5a:98:4f:63:62:d6:b0:88:e4:43:62:34:5b:fc:54:7e:85:
         49:cc:92:e8:32:48:86:db:ba:1e:d5:df:0b:d8:ed:0f:cc:52:
         75:d3:c8:7c:47:73:5a:33:60:aa:bd:3e:52:51:a2:c6:f5:de:
         0e:ff:d2:96:b7:7e:7f:31:f5:97:29:a5:21:70:15:c7:ee:a3:
         e6:9f:59:7c:72:81:d4:03:df:08:04:15:00:95:26:e3:76:73:
         7c:2f:22:5f:08:0d:85:60:97:93:84:37:a1:59:8d:67:a5:4e:
         7d:48:ff:97:02:69:11:ed:35:44:60:4c:82:25:3d:91:8e:6a:
         7c:5c:77:ff:e0:c4:b3:a4:b6:24:9b:2d:88:7b:c5:11:26:60:
         61:63:68:eb:ab:79:7d:85:73:01:34:e9:f4:e3:fb:33:61:0a:
         5e:86:9a:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrIrBy2iuFXIaD5DMb3uXUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwOTI0MTkzMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2VhODM1N2NkODc0YTQxMWQ5YjgzYTFjMjIwZTNiYjNhNDUxMGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshWM8T7lsGvopDkBDctrbj4LSr1T
VB+hRQh4dLYRaAiAraH1F4zWAlK2v0XoADBBoZHGVfsC5kAaxUpM4v7Db8R39hjI
w/uWAX5L8jgIxfCoyE+bN4PGZ6K5HCBqs4XwnQrVC/UiOlG6XbNE11cVQheyUe5T
LX7bDJT6OOrnJyyb5+QXcFZYtYMQ0ddKFDikaqEnQQsQolvF45rhAjFf63WVlT9A
No8Lbcf6b+qD2A/uyvzsnrhFYH2hWnqjU++8VWCsDP71/CnIVZeySnFBCo5RjrV+
HIsjNLhCPJB2p7Wbi+Ds9XINZ/nBzzMTvTG71oYqz0s5LzahyXbTUU7ciwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMzqg1fNh0pBHZuDocIg47s6RRC3MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvek9xRFY4MkhTa0VkbTRPaHdpRGp1enBGRUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS4AMA0G
CSqGSIb3DQEBCwUAA4IBAQAExkR6jfGrnkXIpAQ7AgaaUJJGjqe6MqpRs63Qp9OA
uEcrfx3FBPn6JMQJsLOqXgTsAfWPcFE7krSOIjiw5aoVx2ykc2ezFyvd8dId3yHF
ibPrfZIyD95Ywln7WphPY2LWsIjkQ2I0W/xUfoVJzJLoMkiG27oe1d8L2O0PzFJ1
08h8R3NaM2CqvT5SUaLG9d4O/9KWt35/MfWXKaUhcBXH7qPmn1l8coHUA98IBBUA
lSbjdnN8LyJfCA2FYJeThDehWY1npU59SP+XAmkR7TVEYEyCJT2Rjmp8XHf/4MSz
pLYkmy2Ie8URJmBhY2jrq3l9hXMBNOn04/szYQpehpqM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org