Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/SlgG7OQwG23QCTDJeGJrCjo1bFE.roa
File:                     SlgG7OQwG23QCTDJeGJrCjo1bFE.roa (raw, json)
Hash identifier:          3CSKJJaVtRKW5MNiXACw5wenn3K6SCtQoP1it+RSI44=
Subject key identifier:   4A:58:06:EC:E4:30:1B:6D:D0:09:30:C9:78:62:6B:0A:3A:35:6C:51
Certificate issuer:       /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial:       018C5DAD494FDD261ADC4EFE1923155FD658
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/SlgG7OQwG23QCTDJeGJrCjo1bFE.roa
Signing time:             Tue 12 Dec 2023 10:58:06 +0000
ROA not before:           Tue 12 Dec 2023 10:58:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8648
IP address blocks:        89.49.128.0/20 maxlen: 20
                          89.49.96.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5d:ad:49:4f:dd:26:1a:dc:4e:fe:19:23:15:5f:d6:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
        Validity
            Not Before: Dec 12 10:58:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4a5806ece4301b6dd00930c978626b0a3a356c51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:7f:7b:8b:bb:6b:5d:ab:49:4c:18:ed:c6:32:
                    b1:d5:05:39:39:2d:92:13:34:38:b2:25:b3:48:b5:
                    88:9a:b3:f6:d4:45:a5:1d:cd:41:c2:b7:0a:06:c6:
                    05:4a:ab:cf:fe:77:28:5c:bb:6c:d8:dd:47:ee:12:
                    4d:ba:5e:e4:76:25:7e:f2:41:d3:a7:ba:84:d2:ab:
                    f8:d4:43:70:e8:07:84:ee:dc:f8:30:0f:93:6e:30:
                    5e:6d:b4:46:fb:11:58:a5:20:21:e6:21:e3:fb:93:
                    96:92:78:a1:21:6b:58:8e:3f:b1:8b:8c:d0:5e:6c:
                    ad:5d:4c:b0:11:97:41:a6:40:3d:59:f4:c4:cb:08:
                    2b:5b:bb:9a:d8:f4:87:27:bf:ce:73:07:0c:e6:3b:
                    8d:19:d3:8b:ae:90:67:da:f7:82:f4:f7:ab:ce:16:
                    9d:a9:26:59:bb:79:03:f3:f5:81:ea:a6:a2:42:bb:
                    90:fd:8e:54:21:69:85:2c:72:01:76:47:46:97:3e:
                    1d:5d:10:05:d1:01:19:1b:7b:dc:78:c1:54:d5:49:
                    dc:4b:49:45:30:4a:00:fd:25:dc:85:92:bd:56:4b:
                    12:46:4e:66:1a:5c:6a:8e:b8:9d:70:d8:4f:4b:68:
                    bc:2b:9a:c1:d5:1a:35:09:58:19:ae:17:b9:c1:78:
                    18:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:58:06:EC:E4:30:1B:6D:D0:09:30:C9:78:62:6B:0A:3A:35:6C:51
            X509v3 Authority Key Identifier:
                keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/SlgG7OQwG23QCTDJeGJrCjo1bFE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.49.96.0/20
                  89.49.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         8f:84:1d:d9:d2:51:c0:7a:b4:c6:31:67:35:23:e3:be:96:f6:
         ed:f0:bf:22:20:a5:eb:32:8e:d3:ab:49:64:83:ff:bd:10:fc:
         83:b3:fa:5e:19:8b:4b:68:88:d2:bc:99:b8:b8:b8:04:80:07:
         38:11:8e:6d:d3:d8:2f:09:eb:da:4e:5d:53:5e:c9:54:7c:3e:
         e7:bd:fb:ee:36:64:5a:89:34:0a:81:68:e7:f4:cb:31:df:a3:
         9f:1b:b5:65:c2:33:f0:09:3e:08:3f:13:75:29:2c:26:b4:e2:
         f1:3b:79:74:3a:80:9f:8f:b6:7a:2d:fa:25:18:84:82:37:53:
         c7:8c:dd:5a:bd:25:84:5f:76:2c:c3:35:d2:60:12:0a:20:7e:
         3f:24:d0:e9:0d:54:8e:43:d1:10:a1:63:74:52:aa:ee:d1:44:
         87:2f:65:db:bd:b7:77:c9:92:4c:21:3d:7b:fa:d2:0b:9f:cc:
         f0:fa:8f:47:c7:ef:99:bb:27:1a:f8:62:e9:29:5d:03:59:0a:
         3a:3f:61:da:da:41:ef:56:89:e3:eb:2b:68:4e:8d:f5:51:22:
         a8:15:d9:57:ff:4e:bd:7d:af:6c:f6:ed:89:59:f6:11:24:0c:
         e8:ba:53:99:f0:7f:be:47:f0:54:aa:55:6b:df:52:3f:93:73:
         b5:7d:a0:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxdrUlP3SYa3E7+GSMVX9ZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjMxMjEyMTA1ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTU4MDZlY2U0MzAxYjZkZDAwOTMwYzk3ODYyNmIwYTNhMzU2YzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0397i7trXatJTBjtxjKx1QU5OS2S
EzQ4siWzSLWImrP21EWlHc1BwrcKBsYFSqvP/ncoXLts2N1H7hJNul7kdiV+8kHT
p7qE0qv41ENw6AeE7tz4MA+TbjBebbRG+xFYpSAh5iHj+5OWknihIWtYjj+xi4zQ
XmytXUywEZdBpkA9WfTEywgrW7ua2PSHJ7/OcwcM5juNGdOLrpBn2veC9Perzhad
qSZZu3kD8/WB6qaiQruQ/Y5UIWmFLHIBdkdGlz4dXRAF0QEZG3vceMFU1UncS0lF
MEoA/SXchZK9VksSRk5mGlxqjridcNhPS2i8K5rB1Ro1CVgZrhe5wXgYdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEpYBuzkMBtt0AkwyXhiawo6NWxRMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvU2xnRzdPUXdHMjNRQ1RESmVHSnJDam8xYkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWTFgAwQE
WTGAMA0GCSqGSIb3DQEBCwUAA4IBAQCPhB3Z0lHAerTGMWc1I+O+lvbt8L8iIKXr
Mo7Tq0lkg/+9EPyDs/peGYtLaIjSvJm4uLgEgAc4EY5t09gvCevaTl1TXslUfD7n
vfvuNmRaiTQKgWjn9Msx36OfG7VlwjPwCT4IPxN1KSwmtOLxO3l0OoCfj7Z6Lfol
GISCN1PHjN1avSWEX3YswzXSYBIKIH4/JNDpDVSOQ9EQoWN0Uqru0USHL2Xbvbd3
yZJMIT17+tILn8zw+o9Hx++Zuyca+GLpKV0DWQo6P2Ha2kHvVonj6ytoTo31USKo
FdlX/069fa9s9u2JWfYRJAzoulOZ8H++R/BUqlVr31I/k3O1faDu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org