Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3136382e302f32312d3234203d3e2036303739.roa
File:                     3134302e3135302e3136382e302f32312d3234203d3e2036303739.roa (raw, json)
Hash identifier:          YHahXI7JSCaai0WKuPkzrqb8N9hJIy4kdYV6XnlWRQc=
Subject key identifier:   F9:54:D9:55:F5:BD:61:53:84:82:E0:B6:67:E1:1C:EB:40:6A:FB:C0
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       7F5A01F5B92212A7046BDE17603009058A58F339
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3136382e302f32312d3234203d3e2036303739.roa
Signing time:             Mon 13 Nov 2023 14:06:01 +0000
ROA not before:           Mon 13 Nov 2023 14:01:01 +0000
ROA not after:            Mon 11 Nov 2024 14:06:01 +0000
asID:                     6079
IP address blocks:        140.150.168.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:5a:01:f5:b9:22:12:a7:04:6b:de:17:60:30:09:05:8a:58:f3:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Nov 13 14:01:01 2023 GMT
            Not After : Nov 11 14:06:01 2024 GMT
        Subject: CN=F954D955F5BD61538482E0B667E11CEB406AFBC0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:e5:66:f3:77:54:86:04:5b:84:0a:a3:b3:d3:
                    2e:6a:83:25:5f:6d:21:c3:1e:f9:52:6a:53:56:c5:
                    b8:ad:8a:cd:bb:80:2a:3d:38:16:76:f5:a5:2f:64:
                    3f:ed:57:f4:75:01:06:7c:05:cd:d2:08:22:e9:a1:
                    ac:f7:58:8b:84:0b:8f:62:a8:86:1e:27:31:2c:15:
                    ac:72:92:2c:24:d5:d1:0a:e1:86:91:54:de:f4:35:
                    27:73:c8:a2:0f:50:4b:8a:14:8e:9c:8d:9e:3d:a4:
                    46:a5:42:0e:57:17:75:06:a0:e2:36:0f:ca:a1:11:
                    5b:e8:09:9b:0a:8c:07:36:d0:3a:7f:80:73:04:58:
                    e6:0c:88:46:3e:08:79:f5:42:34:2e:79:1a:11:11:
                    24:66:81:1e:77:fe:85:95:52:9a:14:10:a7:d0:9b:
                    2a:b2:88:27:45:00:e3:e4:51:73:5f:0c:91:42:f0:
                    2c:c7:95:91:52:95:d0:28:fe:22:65:9d:0e:54:ff:
                    6a:3f:7c:8b:6d:97:fc:99:7f:96:34:fb:da:86:63:
                    12:8f:4c:c3:b8:72:02:f1:cd:b3:82:31:3c:05:59:
                    e5:73:b0:8a:a2:5c:15:55:fc:dc:d9:54:51:a9:2f:
                    f9:6e:6d:4d:2d:af:fd:1f:2c:9b:61:eb:64:eb:b9:
                    7b:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:54:D9:55:F5:BD:61:53:84:82:E0:B6:67:E1:1C:EB:40:6A:FB:C0
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3136382e302f32312d3234203d3e2036303739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.150.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3a:98:36:78:45:92:7b:ac:a5:0a:75:8d:20:99:c4:78:41:97:
         e6:8a:03:37:4a:27:8d:2f:cc:92:2f:85:e3:12:db:a6:b7:31:
         55:02:9d:57:a9:bc:36:b3:d2:4b:d8:c4:bc:2d:52:a7:fb:cf:
         77:da:10:0e:9f:57:3b:a5:c0:9b:22:45:33:33:25:d8:ea:ed:
         fb:dc:bb:be:c4:7b:dd:4e:6d:e8:c4:d6:66:56:9e:39:04:41:
         ae:9b:50:7e:3e:32:35:c9:a5:1d:19:68:ce:ea:b6:0b:8c:06:
         08:16:f8:ee:15:14:35:87:22:23:4e:47:c6:d6:2b:9e:c4:93:
         0e:0f:a3:b8:f7:7a:db:ff:6b:cb:ed:56:32:08:7c:ab:0d:f6:
         80:64:f5:1b:e0:8c:f1:55:6a:b2:e0:58:1f:07:52:46:28:e6:
         27:ee:4f:3a:a7:af:ea:02:43:84:7d:b9:62:39:1f:d9:35:83:
         2a:01:fe:f2:d3:d1:e7:5e:04:85:bf:3e:8a:c9:4b:d0:fe:fd:
         1a:02:2a:f4:f6:cd:05:f3:5b:a1:dc:40:4d:e6:18:00:8b:1b:
         99:02:e4:94:fd:29:56:0b:4b:e4:88:2c:9f:b6:bd:10:da:e3:
         b1:02:fa:24:0c:4d:19:40:64:b4:20:6c:81:9d:0b:a5:f1:76:
         8c:2d:b1:65
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUf1oB9bkiEqcEa94XYDAJBYpY8zkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzExMTMxNDAxMDFaFw0yNDExMTExNDA2MDFaMDMxMTAvBgNV
BAMTKEY5NTREOTU1RjVCRDYxNTM4NDgyRTBCNjY3RTExQ0VCNDA2QUZCQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf5Wbzd1SGBFuECqOz0y5qgyVf
bSHDHvlSalNWxbitis27gCo9OBZ29aUvZD/tV/R1AQZ8Bc3SCCLpoaz3WIuEC49i
qIYeJzEsFaxykiwk1dEK4YaRVN70NSdzyKIPUEuKFI6cjZ49pEalQg5XF3UGoOI2
D8qhEVvoCZsKjAc20Dp/gHMEWOYMiEY+CHn1QjQueRoRESRmgR53/oWVUpoUEKfQ
myqyiCdFAOPkUXNfDJFC8CzHlZFSldAo/iJlnQ5U/2o/fIttl/yZf5Y0+9qGYxKP
TMO4cgLxzbOCMTwFWeVzsIqiXBVV/NzZVFGpL/lubU0tr/0fLJth62TruXsnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+VTZVfW9YVOEguC2Z+Ec60Bq+8AwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMx
MzYzODJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDM2MzAzNzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
jJaoMA0GCSqGSIb3DQEBCwUAA4IBAQA6mDZ4RZJ7rKUKdY0gmcR4QZfmigM3SieN
L8ySL4XjEtumtzFVAp1Xqbw2s9JL2MS8LVKn+8932hAOn1c7pcCbIkUzMyXY6u37
3Lu+xHvdTm3oxNZmVp45BEGum1B+PjI1yaUdGWjO6rYLjAYIFvjuFRQ1hyIjTkfG
1iuexJMOD6O493rb/2vL7VYyCHyrDfaAZPUb4IzxVWqy4FgfB1JGKOYn7k86p6/q
AkOEfbliOR/ZNYMqAf7y09HnXgSFvz6KyUvQ/v0aAir09s0F81uh3EBN5hgAixuZ
AuSU/SlWC0vkiCyftr0Q2uOxAvokDE0ZQGS0IGyBnQul8XaMLbFl
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org