Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3132382e302f32312d3234203d3e203231383539.roa
File:                     3134302e3135302e3132382e302f32312d3234203d3e203231383539.roa (raw, json)
Hash identifier:          7D+G4UipjANwqS1LgWtSjoTuCOrc1N5B2N1UBjJTLXQ=
Subject key identifier:   08:D2:C0:D8:ED:B1:E5:0D:2C:E9:DD:C8:3B:2A:BF:0F:28:C2:D7:A9
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       46F0C718EC996E6A38D20B04FC0FC08B58E6846E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3132382e302f32312d3234203d3e203231383539.roa
Signing time:             Sat 16 Dec 2023 10:51:10 +0000
ROA not before:           Sat 16 Dec 2023 10:46:10 +0000
ROA not after:            Sat 14 Dec 2024 10:51:10 +0000
asID:                     21859
IP address blocks:        140.150.128.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 Jan 2024 00:00:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:f0:c7:18:ec:99:6e:6a:38:d2:0b:04:fc:0f:c0:8b:58:e6:84:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Dec 16 10:46:10 2023 GMT
            Not After : Dec 14 10:51:10 2024 GMT
        Subject: CN=08D2C0D8EDB1E50D2CE9DDC83B2ABF0F28C2D7A9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:2a:fc:7e:56:91:b1:a5:8d:08:9f:68:c5:1d:
                    21:09:d1:5c:28:3c:de:f9:a4:d4:20:38:80:34:9d:
                    21:d4:cf:2d:e4:fa:96:06:f7:57:1d:d9:f6:e9:d5:
                    06:9b:9b:67:6c:83:61:63:b0:5a:b2:52:1d:8b:6c:
                    68:ae:2b:93:11:a7:f8:60:55:65:1a:6b:c5:f1:e6:
                    36:7c:8b:12:87:5f:03:46:26:02:51:ff:f6:73:53:
                    2d:98:3f:f6:6f:1b:f0:65:b1:4a:86:11:56:a1:9f:
                    d1:68:0e:61:e6:0f:f9:6b:f9:de:79:f9:6a:5f:39:
                    41:21:a2:65:ab:f2:10:c3:6a:aa:f4:9a:74:d1:a0:
                    e4:02:a8:73:8c:fd:5d:af:7b:73:e7:64:9b:66:8f:
                    54:31:8c:d1:f3:c5:da:1f:2a:fb:31:6e:19:73:1c:
                    60:11:cf:92:0e:89:45:aa:06:cd:85:58:67:f0:3a:
                    3e:eb:db:e0:da:a6:30:61:1d:47:ea:8e:cf:e2:6b:
                    da:4f:40:e4:c9:4f:f7:b8:97:ee:b7:b6:ea:35:22:
                    cf:ea:8c:b4:ae:b0:79:23:57:ae:f9:a3:a0:6a:3c:
                    76:ce:94:de:1d:d0:b9:8f:31:73:1a:02:d0:2f:6d:
                    c8:aa:a8:f1:7e:9d:84:cd:f3:1c:4c:b3:29:8e:a4:
                    af:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:D2:C0:D8:ED:B1:E5:0D:2C:E9:DD:C8:3B:2A:BF:0F:28:C2:D7:A9
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3132382e302f32312d3234203d3e203231383539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.150.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9b:c3:46:3b:e5:f6:58:cb:d2:fc:0f:35:0c:80:34:40:4a:8c:
         24:ee:d2:d5:fd:d6:8e:fd:91:d4:28:9b:d4:c8:ed:e4:ff:7d:
         97:90:ce:da:64:cf:a0:3b:e9:89:47:77:2e:8a:84:75:2c:c4:
         28:32:16:c9:48:33:0c:71:a5:b6:2f:44:13:81:08:6d:5c:d0:
         53:37:4e:62:d3:83:a2:17:a1:f3:19:a1:a3:6b:e2:45:0c:a4:
         69:1f:70:a8:1f:92:20:ad:2d:33:a3:53:b4:3d:66:a2:bf:80:
         dc:f2:5d:c8:09:a9:63:38:e8:15:90:ad:cd:d0:e1:8c:c7:06:
         8f:f3:53:ce:0e:7b:a1:13:f7:79:8e:c8:f7:4c:b1:23:53:9b:
         08:d9:73:2c:61:59:c0:b2:15:7a:83:2f:39:71:72:d0:9a:b4:
         46:0f:d0:86:55:b1:bd:7c:01:87:56:f7:d4:23:ea:69:2a:c9:
         fc:76:a5:31:8e:de:45:d9:76:06:77:49:d7:67:bf:a4:63:41:
         23:12:b5:57:07:f9:1a:5c:c7:1a:b7:3f:07:eb:cb:37:70:e4:
         96:a5:28:02:ae:ce:3d:cc:62:7b:ba:fd:5a:b8:1b:64:b9:01:
         07:ee:34:d2:a4:e8:c8:01:d5:aa:48:4a:b5:2e:c1:4c:18:9e:
         c1:e1:d2:ae
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURvDHGOyZbmo40gsE/A/Ai1jmhG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzEyMTYxMDQ2MTBaFw0yNDEyMTQxMDUxMTBaMDMxMTAvBgNV
BAMTKDA4RDJDMEQ4RURCMUU1MEQyQ0U5RERDODNCMkFCRjBGMjhDMkQ3QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQKvx+VpGxpY0In2jFHSEJ0Vwo
PN75pNQgOIA0nSHUzy3k+pYG91cd2fbp1Qabm2dsg2FjsFqyUh2LbGiuK5MRp/hg
VWUaa8Xx5jZ8ixKHXwNGJgJR//ZzUy2YP/ZvG/BlsUqGEVahn9FoDmHmD/lr+d55
+WpfOUEhomWr8hDDaqr0mnTRoOQCqHOM/V2ve3PnZJtmj1QxjNHzxdofKvsxbhlz
HGARz5IOiUWqBs2FWGfwOj7r2+DapjBhHUfqjs/ia9pPQOTJT/e4l+63tuo1Is/q
jLSusHkjV675o6BqPHbOlN4d0LmPMXMaAtAvbciqqPF+nYTN8xxMsymOpK8PAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCNLA2O2x5Q0s6d3IOyq/DyjC16kwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMx
MzIzODJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDMyMzEzODM1Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAOMloAwDQYJKoZIhvcNAQELBQADggEBAJvDRjvl9ljL0vwPNQyANEBKjCTu0tX9
1o79kdQom9TI7eT/fZeQztpkz6A76YlHdy6KhHUsxCgyFslIMwxxpbYvRBOBCG1c
0FM3TmLTg6IXofMZoaNr4kUMpGkfcKgfkiCtLTOjU7Q9ZqK/gNzyXcgJqWM46BWQ
rc3Q4YzHBo/zU84Oe6ET93mOyPdMsSNTmwjZcyxhWcCyFXqDLzlxctCatEYP0IZV
sb18AYdW99Qj6mkqyfx2pTGO3kXZdgZ3Sddnv6RjQSMStVcH+Rpcxxq3Pwfryzdw
5JalKAKuzj3MYnu6/Vq4G2S5AQfuNNKk6MgB1apISrUuwUwYnsHh0q4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org