Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/nE8qsw0FWd29WEpwRiWpHUVLVlc.roa
File:                     nE8qsw0FWd29WEpwRiWpHUVLVlc.roa (raw, json)
Hash identifier:          SAvUdUvK8OIb0NfDDLi+O+Pb9oTR6mFAyr/22V29TiU=
Subject key identifier:   9C:4F:2A:B3:0D:05:59:DD:BD:58:4A:70:46:25:A9:1D:45:4B:56:57
Certificate issuer:       /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial:       01856DD4254E5FE3512011AD075300F77DFF
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/nE8qsw0FWd29WEpwRiWpHUVLVlc.roa
Signing time:             Sun 01 Jan 2023 14:54:57 +0000
ROA not before:           Sun 01 Jan 2023 14:54:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57353
IP address blocks:        89.48.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:d4:25:4e:5f:e3:51:20:11:ad:07:53:00:f7:7d:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
        Validity
            Not Before: Jan  1 14:54:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c4f2ab30d0559ddbd584a704625a91d454b5657
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d0:0a:fa:86:d8:3e:81:3a:8c:1f:32:c7:c4:
                    99:fb:89:b2:39:1f:df:05:ae:41:98:17:02:28:38:
                    18:36:ea:bb:0e:c2:c6:78:bd:75:35:a0:38:5c:0f:
                    5e:63:78:4e:bc:28:56:d8:1e:a0:f3:60:6b:9c:b1:
                    79:d5:d8:a5:2c:f9:01:91:43:fe:60:6a:32:15:41:
                    12:69:28:01:23:0b:d3:9c:ac:90:5a:a3:5f:5d:e0:
                    7c:f7:d5:8c:18:43:35:20:49:5c:d1:60:94:6b:5d:
                    a5:c2:e3:b0:fd:50:26:55:c1:cf:c4:89:4e:e6:31:
                    c2:04:ec:85:ab:e1:fb:97:64:6f:06:de:0f:ae:32:
                    5d:c0:e9:5a:1e:c8:f2:6a:ae:e0:4a:5f:02:bb:d5:
                    77:a1:da:bc:95:0e:9b:32:32:b2:e9:fb:a5:7c:f2:
                    4d:99:ae:9d:7d:67:a2:10:13:12:81:59:2a:0f:f0:
                    e5:b4:67:e2:7f:4b:0c:41:e1:3b:d6:49:76:ec:07:
                    86:a7:74:d7:c6:9e:f4:77:01:32:ae:3a:6f:a6:8b:
                    0d:5d:54:9b:e2:21:55:37:8f:f1:74:2b:51:b2:24:
                    df:a1:fa:8e:5a:b8:b2:0e:22:c6:54:90:e2:82:0a:
                    7e:77:7a:15:30:c3:81:f6:0b:3b:22:b8:0e:2f:22:
                    2e:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:4F:2A:B3:0D:05:59:DD:BD:58:4A:70:46:25:A9:1D:45:4B:56:57
            X509v3 Authority Key Identifier:
                keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/nE8qsw0FWd29WEpwRiWpHUVLVlc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.48.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4e:50:34:81:ec:68:4c:18:be:8e:b7:a8:94:d4:2a:bd:7c:fa:
         c5:98:d6:17:eb:5f:53:47:8c:09:c5:47:d6:22:7b:a9:cd:15:
         42:4f:4d:61:72:38:a3:2b:6b:e0:68:29:a6:79:70:98:f7:44:
         0b:a2:4a:04:32:3e:0b:95:84:66:e1:55:22:aa:5e:8a:cb:67:
         94:c2:c3:df:25:db:22:bf:c8:cc:ea:cb:ac:eb:85:d4:ba:66:
         83:37:94:d0:9a:5d:b5:b2:9b:25:0f:64:dd:58:57:23:55:9a:
         85:9c:21:a2:72:35:40:cb:77:62:0e:1d:46:7f:eb:25:e3:96:
         9b:8b:4c:86:3d:b6:30:82:3d:b5:30:29:de:0f:ab:59:67:61:
         4c:0a:36:dd:23:24:e9:3f:67:61:5c:45:fb:9b:85:80:c4:17:
         df:db:e4:3c:d7:ec:a9:a3:9f:58:16:08:74:2d:36:15:e4:58:
         ab:89:d6:6f:4a:8d:8a:54:a7:d0:f6:27:53:da:fd:49:20:32:
         b6:ad:ab:ce:82:3d:95:c1:f7:1a:e3:e5:1a:7d:3d:af:4d:e1:
         14:18:ce:05:9e:5a:38:cd:a2:b3:d2:75:38:6f:3e:50:61:35:
         46:07:99:af:86:4b:a3:6e:7e:c3:de:d4:d0:94:46:f8:c5:ac:
         4b:12:1d:ad
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVt1CVOX+NRIBGtB1MA933/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjMwMTAxMTQ1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRmMmFiMzBkMDU1OWRkYmQ1ODRhNzA0NjI1YTkxZDQ1NGI1NjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9AK+obYPoE6jB8yx8SZ+4myOR/f
Ba5BmBcCKDgYNuq7DsLGeL11NaA4XA9eY3hOvChW2B6g82BrnLF51dilLPkBkUP+
YGoyFUESaSgBIwvTnKyQWqNfXeB899WMGEM1IElc0WCUa12lwuOw/VAmVcHPxIlO
5jHCBOyFq+H7l2RvBt4PrjJdwOlaHsjyaq7gSl8Cu9V3odq8lQ6bMjKy6fulfPJN
ma6dfWeiEBMSgVkqD/DltGfif0sMQeE71kl27AeGp3TXxp70dwEyrjpvposNXVSb
4iFVN4/xdCtRsiTfofqOWriyDiLGVJDiggp+d3oVMMOB9gs7IrgOLyIu+wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJxPKrMNBVndvVhKcEYlqR1FS1ZXMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvbkU4cXN3MEZXZDI5V0Vwd1JpV3BIVVZMVmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAWTAwDQYJ
KoZIhvcNAQELBQADggEBAE5QNIHsaEwYvo63qJTUKr18+sWY1hfrX1NHjAnFR9Yi
e6nNFUJPTWFyOKMra+BoKaZ5cJj3RAuiSgQyPguVhGbhVSKqXorLZ5TCw98l2yK/
yMzqy6zrhdS6ZoM3lNCaXbWymyUPZN1YVyNVmoWcIaJyNUDLd2IOHUZ/6yXjlpuL
TIY9tjCCPbUwKd4Pq1lnYUwKNt0jJOk/Z2FcRfubhYDEF9/b5DzX7Kmjn1gWCHQt
NhXkWKuJ1m9KjYpUp9D2J1Pa/UkgMratq86CPZXB9xrj5Rp9Pa9N4RQYzgWeWjjN
orPSdThvPlBhNUYHma+GS6NufsPe1NCURvjFrEsSHa0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org