Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3133362e302f32312d3231203d3e203236353438.roa
File:                     3134302e3135302e3133362e302f32312d3231203d3e203236353438.roa (raw, json)
Hash identifier:          rb2qXE4WxGhsLo0nP9NQrLaA/lPx/yAeVIzpopMW99Q=
Subject key identifier:   F3:47:72:7D:71:1D:18:C8:6C:16:B3:17:F3:45:39:E6:E2:48:D5:F9
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       750C2005FC64A46309916223A3445C2AEF5D816D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3133362e302f32312d3231203d3e203236353438.roa
Signing time:             Wed 06 Mar 2024 17:13:21 +0000
ROA not before:           Wed 06 Mar 2024 17:08:21 +0000
ROA not after:            Wed 05 Mar 2025 17:13:21 +0000
asID:                     26548
IP address blocks:        140.150.136.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:0c:20:05:fc:64:a4:63:09:91:62:23:a3:44:5c:2a:ef:5d:81:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Mar  6 17:08:21 2024 GMT
            Not After : Mar  5 17:13:21 2025 GMT
        Subject: CN=F347727D711D18C86C16B317F34539E6E248D5F9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:83:80:02:cf:0a:36:f9:1f:2f:cb:e0:fa:be:
                    8e:c6:65:2e:77:72:61:c4:83:ed:da:9f:da:06:f9:
                    dd:43:0b:e0:d8:96:23:75:a2:91:c4:1a:a6:10:80:
                    fa:14:bc:24:37:bc:f0:0a:7c:c7:be:dd:3d:a5:a8:
                    d2:60:1d:70:64:a4:26:50:70:04:be:39:4e:b2:89:
                    d8:c5:f4:14:bc:aa:81:80:79:4a:a4:bb:10:7d:d7:
                    b8:24:e2:ed:a1:ae:d5:b3:1b:7c:c0:42:bc:1b:fa:
                    dc:e8:64:94:d9:63:57:c6:5a:74:cf:17:cc:65:f2:
                    60:50:ef:2d:7a:e7:95:6c:61:eb:90:d5:bc:54:3b:
                    ae:96:c4:c4:98:fd:26:5a:f0:ae:2e:cd:06:63:66:
                    05:a6:d3:4e:dc:41:7c:3f:e7:ab:16:c1:91:0e:e6:
                    1e:f6:45:e2:da:9f:3f:8d:95:e3:34:9e:e3:76:60:
                    58:f1:41:2d:51:f2:c6:c4:bc:80:7e:b4:e0:5b:f6:
                    3b:7a:54:0d:12:1a:5f:c3:6f:11:a6:9d:77:b2:ed:
                    39:00:6e:17:20:da:cf:9c:c8:98:da:0f:2d:b0:0c:
                    60:96:90:a4:a7:76:a6:6a:b5:b2:6c:fb:30:53:16:
                    af:b6:89:c9:0b:f0:51:ba:81:af:66:4c:2e:1a:da:
                    4f:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:47:72:7D:71:1D:18:C8:6C:16:B3:17:F3:45:39:E6:E2:48:D5:F9
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3133362e302f32312d3231203d3e203236353438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.150.136.0/21

    Signature Algorithm: sha256WithRSAEncryption
         42:93:b5:57:c5:60:68:d8:c5:f4:4e:f0:cf:02:dc:03:17:f6:
         3e:77:7d:6a:f5:d4:06:78:f1:06:d0:03:d2:de:83:8b:58:7b:
         ba:cc:47:13:87:cf:d7:37:6b:c0:a9:fe:24:c4:5b:70:1e:9d:
         fa:1a:22:bb:ba:55:43:23:e4:a0:84:58:f7:8a:c1:8e:56:2d:
         eb:0e:24:22:c5:6d:6d:96:f7:1b:27:de:fb:77:5f:db:be:fa:
         82:d1:2f:90:80:82:64:a2:19:bd:0c:17:4b:b0:e6:d8:a8:a8:
         e0:63:6f:fe:a1:52:6b:cd:be:49:f5:22:39:e6:4d:4f:db:7f:
         8b:c6:50:b7:78:c9:bc:3c:72:9d:a4:59:d7:f0:b1:f6:e0:c7:
         b5:c3:19:38:62:bb:4e:c1:10:c6:08:51:61:45:53:82:e9:d6:
         0a:2a:ce:0a:ab:0b:44:74:81:6c:a4:a0:21:45:2e:0d:95:ee:
         da:a6:6a:89:4f:ce:d6:29:9b:63:96:88:70:6c:a0:d0:ac:79:
         a5:35:40:86:50:63:4e:25:43:38:0f:9c:2d:98:df:81:9e:33:
         74:de:92:22:03:bb:36:27:a1:c2:91:f2:91:ef:bb:1a:e6:e0:
         76:7b:60:0a:c4:01:c8:dc:de:91:3a:4a:b2:de:84:16:0c:4b:
         f2:a8:a1:f8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdQwgBfxkpGMJkWIjo0RcKu9dgW0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAzMDYxNzA4MjFaFw0yNTAzMDUxNzEzMjFaMDMxMTAvBgNV
BAMTKEYzNDc3MjdENzExRDE4Qzg2QzE2QjMxN0YzNDUzOUU2RTI0OEQ1RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6g4ACzwo2+R8vy+D6vo7GZS53
cmHEg+3an9oG+d1DC+DYliN1opHEGqYQgPoUvCQ3vPAKfMe+3T2lqNJgHXBkpCZQ
cAS+OU6yidjF9BS8qoGAeUqkuxB917gk4u2hrtWzG3zAQrwb+tzoZJTZY1fGWnTP
F8xl8mBQ7y1655VsYeuQ1bxUO66WxMSY/SZa8K4uzQZjZgWm007cQXw/56sWwZEO
5h72ReLanz+NleM0nuN2YFjxQS1R8sbEvIB+tOBb9jt6VA0SGl/DbxGmnXey7TkA
bhcg2s+cyJjaDy2wDGCWkKSndqZqtbJs+zBTFq+2ickL8FG6ga9mTC4a2k9fAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU80dyfXEdGMhsFrMX80U55uJI1fkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMx
MzMzNjJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDMyMzYzNTM0Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAOMlogwDQYJKoZIhvcNAQELBQADggEBAEKTtVfFYGjYxfRO8M8C3AMX9j53fWr1
1AZ48QbQA9Leg4tYe7rMRxOHz9c3a8Cp/iTEW3AenfoaIru6VUMj5KCEWPeKwY5W
LesOJCLFbW2W9xsn3vt3X9u++oLRL5CAgmSiGb0MF0uw5tioqOBjb/6hUmvNvkn1
IjnmTU/bf4vGULd4ybw8cp2kWdfwsfbgx7XDGThiu07BEMYIUWFFU4Lp1goqzgqr
C0R0gWykoCFFLg2V7tqmaolPztYpm2OWiHBsoNCseaU1QIZQY04lQzgPnC2Y34Ge
M3TekiIDuzYnocKR8pHvuxrm4HZ7YArEAcjc3pE6SrLehBYMS/Koofg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org