Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/NmjPqrrksgY2ZffUECdgQDMLNFI.roa
File:                     NmjPqrrksgY2ZffUECdgQDMLNFI.roa (raw, json)
Hash identifier:          BiGaE6BEwMwIpTO9lzLkIymq+CGYIDE2gEMMqo25OM0=
Subject key identifier:   36:68:CF:AA:BA:E4:B2:06:36:65:F7:D4:10:27:60:40:33:0B:34:52
Certificate issuer:       /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial:       018F766E877DE593A449C556BA90FDDC5A58
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/NmjPqrrksgY2ZffUECdgQDMLNFI.roa
Signing time:             Tue 14 May 2024 09:28:26 +0000
ROA not before:           Tue 14 May 2024 09:28:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        89.49.0.0/21 maxlen: 24
                          89.50.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Mon 03 Jun 2024 12:58:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:76:6e:87:7d:e5:93:a4:49:c5:56:ba:90:fd:dc:5a:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
        Validity
            Not Before: May 14 09:28:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3668cfaabae4b2063665f7d410276040330b3452
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:24:bb:cc:26:b8:02:db:fb:b3:41:45:6d:2a:
                    ec:b8:d9:5b:47:32:c6:92:c7:98:aa:74:73:bb:d6:
                    73:91:60:80:ef:00:b3:07:4e:13:cf:7a:c0:b1:bd:
                    3c:61:1d:37:ae:aa:f5:dc:7e:dd:75:40:c3:1e:d2:
                    01:6d:cf:b7:ec:c2:16:92:c1:8b:86:6a:30:ca:b3:
                    f3:f8:39:fd:7e:d3:e1:c7:a4:20:ff:4d:05:d7:0e:
                    9a:79:4f:39:f8:79:df:67:88:46:e7:d6:32:ec:a5:
                    bf:75:6f:e7:41:7c:c2:e8:0a:4c:49:28:dd:3d:f0:
                    3e:25:53:0d:63:47:35:1e:94:4a:9d:2d:ee:27:8a:
                    32:0f:1c:2b:36:03:a7:c2:30:84:58:6d:ec:ee:e6:
                    9c:44:b8:d5:f7:a0:c2:1c:83:26:a8:e2:20:41:30:
                    63:1f:f1:10:ba:7d:a9:a4:77:de:bb:d1:f0:26:23:
                    54:97:e2:6b:a4:71:20:24:e5:b2:47:d0:e1:c8:87:
                    5a:f4:28:4b:f7:4f:2a:61:2a:a6:69:18:40:cf:df:
                    fe:e8:18:8b:c9:ee:a3:f6:07:60:c2:52:84:1b:93:
                    bc:6d:21:19:79:c7:fd:9e:67:39:36:c8:d1:19:68:
                    8c:47:b2:94:3d:89:a7:76:a4:a4:38:97:0b:e0:e8:
                    3f:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:68:CF:AA:BA:E4:B2:06:36:65:F7:D4:10:27:60:40:33:0B:34:52
            X509v3 Authority Key Identifier:
                keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/NmjPqrrksgY2ZffUECdgQDMLNFI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.49.0.0/21
                  89.50.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         39:d6:1a:7a:f0:7f:a3:04:c0:16:76:75:c2:7b:d7:69:f1:58:
         73:57:a3:1a:28:c7:d9:0b:cb:7f:f1:76:a5:e6:40:fa:02:62:
         0f:3b:15:08:2f:7f:3b:5b:c3:22:30:3f:1a:da:82:b4:ae:ea:
         5c:a9:eb:0a:2c:5f:06:a6:4c:d5:72:d3:3d:c6:df:78:d5:d3:
         3f:e4:5c:2a:68:91:7f:d2:8a:23:d3:fb:d9:f6:45:77:c0:19:
         af:90:d1:4d:d4:f9:4d:11:fe:8e:a8:93:bc:4d:6b:a1:d3:3a:
         bd:81:4d:90:34:5a:95:42:0d:2f:15:ed:75:58:90:2a:14:b3:
         9e:ea:8f:aa:51:68:85:4b:ed:60:26:20:0e:5e:78:43:9b:6b:
         38:1d:11:4d:03:9d:84:52:35:9f:43:8c:a2:34:a2:f2:c4:c3:
         e8:be:89:42:9c:27:75:94:7f:d6:98:1b:a0:c6:47:e4:75:a8:
         47:0f:7f:79:2a:e0:23:5e:1f:6a:8d:dc:e7:33:01:c7:89:68:
         24:ae:a2:33:e2:d4:14:0d:4a:9f:2c:12:fc:9c:1e:f5:20:34:
         1b:0e:b2:71:7e:c0:37:9d:c3:38:43:3c:d2:90:21:0a:8a:ca:
         19:70:ac:5e:20:b9:6b:4d:ea:47:34:dc:bc:60:37:0a:77:77:
         6f:00:c0:35
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAY92bod95ZOkScVWupD93FpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwNTE0MDkyODI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjY4Y2ZhYWJhZTRiMjA2MzY2NWY3ZDQxMDI3NjA0MDMzMGIzNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyS7zCa4Atv7s0FFbSrsuNlbRzLG
kseYqnRzu9ZzkWCA7wCzB04Tz3rAsb08YR03rqr13H7ddUDDHtIBbc+37MIWksGL
hmowyrPz+Dn9ftPhx6Qg/00F1w6aeU85+HnfZ4hG59Yy7KW/dW/nQXzC6ApMSSjd
PfA+JVMNY0c1HpRKnS3uJ4oyDxwrNgOnwjCEWG3s7uacRLjV96DCHIMmqOIgQTBj
H/EQun2ppHfeu9HwJiNUl+JrpHEgJOWyR9DhyIda9ChL908qYSqmaRhAz9/+6BiL
ye6j9gdgwlKEG5O8bSEZecf9nmc5NsjRGWiMR7KUPYmndqSkOJcL4Og/RwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFDZoz6q65LIGNmX31BAnYEAzCzRSMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvTm1qUHFycmtzZ1kyWmZmVUVDZGdRRE1MTkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwQDWTEAAwMA
WTIwDQYJKoZIhvcNAQELBQADggEBADnWGnrwf6MEwBZ2dcJ712nxWHNXoxoox9kL
y3/xdqXmQPoCYg87FQgvfztbwyIwPxragrSu6lyp6wosXwamTNVy0z3G33jV0z/k
XCpokX/SiiPT+9n2RXfAGa+Q0U3U+U0R/o6ok7xNa6HTOr2BTZA0WpVCDS8V7XVY
kCoUs57qj6pRaIVL7WAmIA5eeEObazgdEU0DnYRSNZ9DjKI0ovLEw+i+iUKcJ3WU
f9aYG6DGR+R1qEcPf3kq4CNeH2qN3OczAceJaCSuojPi1BQNSp8sEvycHvUgNBsO
snF+wDedwzhDPNKQIQqKyhlwrF4guWtN6kc03LxgNwp3d28AwDU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org