Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/AS7029.roa
File:                     AS7029.roa (raw, json)
Hash identifier:          D+hc055NWk9iY9ThNhxJuZjb3e2wIupghkDUlN+ne+s=
Subject key identifier:   20:9F:A0:9B:A4:FD:6F:CB:98:20:9D:E0:AA:5E:27:B7:50:D3:23:A9
Certificate issuer:       /CN=44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed
Certificate serial:       45055559976E3604938CC813440D9EF48FFF9D48
Authority key identifier: 5B:40:D3:73:D6:71:7C:70:4C:48:3C:A0:65:8C:FB:52:57:C4:E9:3C
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2bd0fac6-1a46-40b5-be66-9e0f7b54df77/44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/AS7029.roa
Signing time:             Tue 13 Aug 2024 19:05:49 +0000
ROA not before:           Tue 13 Aug 2024 19:00:49 +0000
ROA not after:            Tue 12 Aug 2025 19:05:49 +0000
asID:                     7029
IP address blocks:        190.92.160.0/22 maxlen: 24
                          190.92.164.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 18 Sep 2024 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:05:55:59:97:6e:36:04:93:8c:c8:13:44:0d:9e:f4:8f:ff:9d:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed
        Validity
            Not Before: Aug 13 19:00:49 2024 GMT
            Not After : Aug 12 19:05:49 2025 GMT
        Subject: CN=209FA09BA4FD6FCB98209DE0AA5E27B750D323A9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:aa:9c:be:d1:b7:de:c8:d6:70:12:af:7f:6f:
                    73:28:ed:2a:53:01:c0:9f:7d:5c:91:e5:73:21:4b:
                    f6:89:c0:4d:9c:47:9f:ae:01:36:70:bc:cf:96:b9:
                    45:ce:5f:28:16:65:39:de:fe:2b:ba:c3:7d:45:f2:
                    e3:21:70:8b:81:f3:fd:f2:be:87:e1:42:1a:5b:a7:
                    d3:cb:cc:8a:a7:c6:d7:b2:51:35:3f:72:56:ae:3c:
                    a3:e7:bd:b5:0c:49:92:d5:fa:f9:8e:fb:79:1c:13:
                    2c:24:c7:3e:80:58:aa:eb:42:40:06:39:b0:f5:fb:
                    b0:41:99:cb:5f:24:14:2a:58:84:f0:b7:66:6c:f8:
                    5b:6c:7b:7f:06:97:57:ee:fa:b2:ec:83:7e:7a:92:
                    3e:da:f9:9d:c1:24:87:64:52:b8:67:88:dc:fa:aa:
                    47:7a:cf:4e:66:be:47:30:17:56:fc:19:10:65:dc:
                    3c:75:4d:8c:33:af:a1:00:b7:94:23:21:f5:99:bb:
                    c6:a6:4f:2f:31:da:4a:f5:7e:ab:92:92:0b:51:72:
                    aa:1e:a7:6a:02:1e:22:e3:ca:2e:a1:f0:48:93:ea:
                    bd:09:5d:e7:0f:cb:4e:d0:e7:b6:42:47:cd:42:72:
                    a5:42:6b:1f:c7:fe:1f:c5:a2:59:c8:c9:00:7e:fd:
                    5c:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:9F:A0:9B:A4:FD:6F:CB:98:20:9D:E0:AA:5E:27:B7:50:D3:23:A9
            X509v3 Authority Key Identifier:
                keyid:5B:40:D3:73:D6:71:7C:70:4C:48:3C:A0:65:8C:FB:52:57:C4:E9:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/5B40D373D6717C704C483CA0658CFB5257C4E93C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2bd0fac6-1a46-40b5-be66-9e0f7b54df77/44da5d103277c937c53dce305bd9d79c2ba79425357bb56eed.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf8143bf620182113eea490d33/1/AS7029.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.92.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         4e:0c:b2:4d:22:c4:d1:f3:79:35:5d:ee:bf:86:28:0d:b4:a3:
         92:92:7c:23:4a:a2:34:5e:bd:59:9a:ed:30:a9:50:e9:24:6f:
         11:5f:26:f2:8b:36:79:8f:f3:68:09:c6:0c:47:ab:73:d2:40:
         85:3b:3a:1c:4c:41:61:76:6c:d5:00:43:b2:dd:6e:7c:b0:ba:
         06:11:46:eb:16:9c:3c:dc:f9:83:e1:9f:99:e9:3c:f0:c8:fe:
         77:e1:82:31:88:97:3e:66:59:70:df:85:1c:48:a4:84:c3:8e:
         3a:4b:5b:ec:33:09:9b:79:0e:dc:cd:ee:42:81:24:a3:e7:8a:
         f7:a9:53:19:a4:53:d3:61:cb:c7:1f:41:c4:e3:b2:b3:27:95:
         3d:9c:a3:f9:f2:9d:be:20:6c:dd:e4:38:e9:ef:13:69:3d:b3:
         7e:dd:2e:79:d3:ca:3d:5f:7a:e1:f8:aa:b7:f6:06:08:c4:0d:
         03:25:1b:a1:6a:10:0d:c3:33:2e:45:b3:bf:80:ab:83:22:af:
         b6:3c:6f:39:60:ee:32:a6:59:8f:66:36:e5:04:ec:eb:0d:9e:
         b5:5f:27:83:c0:a4:e1:11:a0:eb:7a:5a:8a:76:9b:99:96:96:
         e3:f6:e5:8c:25:24:2b:1a:47:b4:06:41:6c:bb:51:be:5c:a1:
         eb:03:d8:ea
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIURQVVWZduNgSTjMgTRA2e9I//nUgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNDRkYTVkMTAzMjc3YzkzN2M1M2RjZTMwNWJkOWQ3OWMy
YmE3OTQyNTM1N2JiNTZlZWQwHhcNMjQwODEzMTkwMDQ5WhcNMjUwODEyMTkwNTQ5
WjAzMTEwLwYDVQQDEygyMDlGQTA5QkE0RkQ2RkNCOTgyMDlERTBBQTVFMjdCNzUw
RDMyM0E5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6qcvtG33sjW
cBKvf29zKO0qUwHAn31ckeVzIUv2icBNnEefrgE2cLzPlrlFzl8oFmU53v4rusN9
RfLjIXCLgfP98r6H4UIaW6fTy8yKp8bXslE1P3JWrjyj5721DEmS1fr5jvt5HBMs
JMc+gFiq60JABjmw9fuwQZnLXyQUKliE8LdmbPhbbHt/BpdX7vqy7IN+epI+2vmd
wSSHZFK4Z4jc+qpHes9OZr5HMBdW/BkQZdw8dU2MM6+hALeUIyH1mbvGpk8vMdpK
9X6rkpILUXKqHqdqAh4i48ouofBIk+q9CV3nD8tO0Oe2QkfNQnKlQmsfx/4fxaJZ
yMkAfv1cmQIDAQABo4ICfTCCAnkwHQYDVR0OBBYEFCCfoJuk/W/LmCCd4KpeJ7dQ
0yOpMB8GA1UdIwQYMBaAFFtA03PWcXxwTEg8oGWM+1JXxOk8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRmODE0M2JmNjIwMTgyMTEzZWVhNDkwZDMzLzEv
NUI0MEQzNzNENjcxN0M3MDRDNDgzQ0EwNjU4Q0ZCNTI1N0M0RTkzQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvZjYwYzlmMzItYTg3Yy00MzM5LWEyZjMtNjI5OWEz
YjAyZTI5LzJiZDBmYWM2LTFhNDYtNDBiNS1iZTY2LTllMGY3YjU0ZGY3Ny80NGRh
NWQxMDMyNzdjOTM3YzUzZGNlMzA1YmQ5ZDc5YzJiYTc5NDI1MzU3YmI1NmVlZC5j
ZXIwbgYIKwYBBQUHAQsEYjBgMF4GCCsGAQUFBzALhlJyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY4MTQzYmY2MjAxODIxMTNlZWE0
OTBkMzMvMS9BUzcwMjkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAO+XKAwDQYJKoZIhvcNAQELBQADggEB
AE4Msk0ixNHzeTVd7r+GKA20o5KSfCNKojRevVma7TCpUOkkbxFfJvKLNnmP82gJ
xgxHq3PSQIU7OhxMQWF2bNUAQ7LdbnywugYRRusWnDzc+YPhn5npPPDI/nfhgjGI
lz5mWXDfhRxIpITDjjpLW+wzCZt5DtzN7kKBJKPnivepUxmkU9Nhy8cfQcTjsrMn
lT2co/nynb4gbN3kOOnvE2k9s37dLnnTyj1feuH4qrf2BgjEDQMlG6FqEA3DMy5F
s7+Aq4Mir7Y8bzlg7jKmWY9mNuUE7OsNnrVfJ4PApOERoOt6Wop2m5mWluP25Ywl
JCsaR7QGQWy7Ub5coesD2Oo=
-----END CERTIFICATE-----