Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3137362e302f32312d3234203d3e203231383539.roa
File:                     3134302e3135302e3137362e302f32312d3234203d3e203231383539.roa (raw, json)
Hash identifier:          X0n1I9bxFeqDz+9ZZqCxn1l8htXRsrPNScxl5psl7B8=
Subject key identifier:   7A:EB:5D:A1:AC:50:3D:3A:E9:66:EB:EF:EB:BB:0B:49:9B:61:B1:5C
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       09867C3AF9588A7AB5A08787F9487C0E385E0EE5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3137362e302f32312d3234203d3e203231383539.roa
Signing time:             Tue 19 Dec 2023 11:36:53 +0000
ROA not before:           Tue 19 Dec 2023 11:31:53 +0000
ROA not after:            Tue 17 Dec 2024 11:36:53 +0000
asID:                     21859
IP address blocks:        140.150.176.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 Jan 2024 00:00:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:86:7c:3a:f9:58:8a:7a:b5:a0:87:87:f9:48:7c:0e:38:5e:0e:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Dec 19 11:31:53 2023 GMT
            Not After : Dec 17 11:36:53 2024 GMT
        Subject: CN=7AEB5DA1AC503D3AE966EBEFEBBB0B499B61B15C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:97:bf:49:bf:1f:33:ed:df:21:d6:c6:91:c3:
                    3d:92:b1:b5:ee:02:0c:46:d4:f1:cf:1b:d3:10:1c:
                    ec:4b:48:15:48:97:09:ad:c1:e2:14:7e:af:91:5b:
                    b3:d3:25:88:7a:26:85:e8:a6:03:2a:fd:7b:9f:9e:
                    0f:4f:e0:c2:f1:f5:0b:43:fc:84:fd:96:77:c9:88:
                    31:e2:36:74:ae:6e:27:07:3b:55:67:30:3d:eb:32:
                    8f:d7:b9:a7:e6:33:3f:fc:fe:bf:35:b0:e1:89:94:
                    ad:23:b4:a5:ba:15:01:2b:e2:9d:a2:92:55:cc:ce:
                    cb:d3:8a:63:d7:9b:c2:4b:e4:f6:28:e1:31:b7:9c:
                    31:9c:01:e2:a8:a7:5f:23:e5:9a:59:16:8a:56:7f:
                    30:1a:bd:39:e3:42:09:97:c2:f7:59:45:35:44:3f:
                    d0:dd:68:d7:c2:5f:15:9a:70:b6:5a:02:b4:6c:2d:
                    7c:74:de:6e:8d:d6:83:1b:d3:1d:af:98:c5:9c:67:
                    45:4f:02:37:2c:0a:42:27:ec:98:da:7a:09:99:c1:
                    e1:24:78:fc:4e:2e:00:4c:8c:07:64:96:7e:79:62:
                    66:93:4f:04:0f:09:7f:aa:7d:da:89:4b:f3:52:a9:
                    9c:3e:bc:97:3e:59:22:ae:d9:18:d1:7e:fe:f5:9d:
                    25:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:EB:5D:A1:AC:50:3D:3A:E9:66:EB:EF:EB:BB:0B:49:9B:61:B1:5C
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3137362e302f32312d3234203d3e203231383539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.150.176.0/21

    Signature Algorithm: sha256WithRSAEncryption
         25:da:ef:41:65:3d:08:0f:ea:9a:b1:2c:fa:7b:c2:2a:95:d5:
         cc:80:07:d5:db:4d:00:b5:b1:77:6c:a3:16:d1:66:ce:65:27:
         a8:2b:95:d5:4f:12:44:d9:52:c2:59:54:1c:3c:f4:55:f1:c3:
         c0:15:21:f3:5a:ec:a7:fd:6c:2f:35:ef:7b:78:72:d6:99:c7:
         ab:c4:51:fb:8b:30:4b:98:2e:42:71:cb:af:7c:99:12:73:6e:
         f9:58:da:6a:6f:3c:44:d8:16:12:d0:b4:eb:c8:bf:fb:1a:5f:
         33:de:36:3c:1e:c8:9c:72:b3:60:88:58:6b:33:f3:78:6c:6a:
         fe:b2:5e:35:23:ba:0a:f7:d4:74:7c:71:0f:24:1f:a9:e6:2e:
         8d:30:21:d3:b1:99:5d:8f:3a:66:44:64:59:db:6f:7f:0e:37:
         bc:e7:c5:84:73:78:74:0f:7e:64:e5:13:aa:84:93:4b:29:fd:
         43:01:f3:d4:01:1b:98:00:9a:1e:1f:dd:9d:bd:50:a0:4e:77:
         e4:92:3a:2d:60:69:59:ae:c0:a6:9a:a7:88:90:9f:dc:23:f4:
         04:3b:1e:d0:eb:da:80:07:47:b2:2a:47:e6:d7:56:c8:9e:87:
         03:5f:54:0a:7b:12:7f:ff:23:2f:6c:01:81:5e:6d:2d:a8:8a:
         19:03:ce:45
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCYZ8OvlYinq1oIeH+Uh8DjheDuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzEyMTkxMTMxNTNaFw0yNDEyMTcxMTM2NTNaMDMxMTAvBgNV
BAMTKDdBRUI1REExQUM1MDNEM0FFOTY2RUJFRkVCQkIwQjQ5OUI2MUIxNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwl79Jvx8z7d8h1saRwz2SsbXu
AgxG1PHPG9MQHOxLSBVIlwmtweIUfq+RW7PTJYh6JoXopgMq/Xufng9P4MLx9QtD
/IT9lnfJiDHiNnSubicHO1VnMD3rMo/XuafmMz/8/r81sOGJlK0jtKW6FQEr4p2i
klXMzsvTimPXm8JL5PYo4TG3nDGcAeKop18j5ZpZFopWfzAavTnjQgmXwvdZRTVE
P9DdaNfCXxWacLZaArRsLXx03m6N1oMb0x2vmMWcZ0VPAjcsCkIn7JjaegmZweEk
ePxOLgBMjAdkln55YmaTTwQPCX+qfdqJS/NSqZw+vJc+WSKu2RjRfv71nSWVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUeutdoaxQPTrpZuvv67sLSZthsVwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMx
MzczNjJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDMyMzEzODM1Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAOMlrAwDQYJKoZIhvcNAQELBQADggEBACXa70FlPQgP6pqxLPp7wiqV1cyAB9Xb
TQC1sXdsoxbRZs5lJ6grldVPEkTZUsJZVBw89FXxw8AVIfNa7Kf9bC8173t4ctaZ
x6vEUfuLMEuYLkJxy698mRJzbvlY2mpvPETYFhLQtOvIv/saXzPeNjweyJxys2CI
WGsz83hsav6yXjUjugr31HR8cQ8kH6nmLo0wIdOxmV2POmZEZFnbb38ON7znxYRz
eHQPfmTlE6qEk0sp/UMB89QBG5gAmh4f3Z29UKBOd+SSOi1gaVmuwKaap4iQn9wj
9AQ7HtDr2oAHR7IqR+bXVsiehwNfVAp7En//Iy9sAYFebS2oihkDzkU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org