Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3232342e302f32322d3232203d3e20323132323338.roa
File:                     3134302e3135302e3232342e302f32322d3232203d3e20323132323338.roa (raw, json)
Hash identifier:          UyhLfcrGKFyaOBqtYfHoOGFB4FPETPf7oRBo/XM3efM=
Subject key identifier:   34:89:0A:A6:7D:AC:3E:FD:46:91:C7:8C:B8:1C:AA:1B:A6:98:BB:86
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       538A95EF92AC716312E8F5DB6940E33E47D311CE
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3232342e302f32322d3232203d3e20323132323338.roa
Signing time:             Sun 04 Feb 2024 15:15:02 +0000
ROA not before:           Sun 04 Feb 2024 15:10:02 +0000
ROA not after:            Sun 02 Feb 2025 15:15:02 +0000
asID:                     212238
IP address blocks:        140.150.224.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 04 Apr 2024 00:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:8a:95:ef:92:ac:71:63:12:e8:f5:db:69:40:e3:3e:47:d3:11:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Feb  4 15:10:02 2024 GMT
            Not After : Feb  2 15:15:02 2025 GMT
        Subject: CN=34890AA67DAC3EFD4691C78CB81CAA1BA698BB86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5f:7d:43:b7:55:f7:9f:72:ed:a8:c3:4a:03:
                    01:4a:a2:fd:30:a1:1b:76:17:f5:ac:31:1a:ce:62:
                    47:fb:d2:8e:be:2d:d9:1b:c2:36:56:4f:7f:3c:df:
                    07:ef:c8:59:64:61:71:1c:52:30:0a:50:47:33:95:
                    c3:96:ef:e7:ad:ba:5f:7c:a6:2e:79:91:bd:aa:02:
                    fe:bb:d3:1f:a5:d0:13:fa:2b:e4:bd:3d:a3:02:f4:
                    c7:1c:71:b5:61:28:b4:cf:14:c6:37:68:f1:50:99:
                    67:7d:d5:2f:12:52:d2:16:df:37:48:5d:b5:6c:3c:
                    ad:cd:fe:7b:74:ce:ad:65:f5:16:23:f1:d0:eb:90:
                    ed:af:23:b9:0e:89:c1:2c:0a:a1:7c:97:6c:17:0e:
                    97:bf:14:f8:62:51:37:87:c6:e3:d4:3e:cf:e2:e0:
                    10:24:38:78:4a:b8:f3:f9:e9:cb:b2:ff:03:d3:cc:
                    30:83:5f:be:5a:ba:7e:92:3a:68:f4:28:d9:b3:4e:
                    b3:1c:cd:3b:51:76:6f:bf:7d:72:12:20:0e:65:c2:
                    00:f3:07:25:41:7d:ac:55:de:f6:3b:53:bc:d8:4d:
                    aa:df:c1:83:23:84:ea:92:09:79:28:2e:21:cd:1c:
                    ab:d6:c5:b5:60:33:41:6d:6a:26:b2:90:da:d0:3c:
                    65:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:89:0A:A6:7D:AC:3E:FD:46:91:C7:8C:B8:1C:AA:1B:A6:98:BB:86
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3232342e302f32322d3232203d3e20323132323338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.150.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4c:5e:59:b6:20:45:b6:8a:d5:66:65:ca:86:3f:e5:dd:9b:a6:
         a0:d5:b0:8f:53:b3:c3:21:a4:67:77:69:08:e4:0d:ff:78:ee:
         9f:95:8f:57:1d:cf:45:79:26:3b:45:f2:38:1b:c5:d9:a4:68:
         1a:d6:68:c2:b6:f4:5a:40:e6:69:d3:09:e6:eb:29:b0:e6:76:
         be:b1:8d:4f:95:1d:54:7f:2f:b2:19:98:ca:00:76:58:53:d1:
         1c:2c:45:a5:3d:39:d6:a0:2f:e3:8c:2f:04:60:49:f2:e5:88:
         90:34:e6:c1:1f:2d:6d:e4:8b:d1:09:bc:eb:a5:cc:10:95:f2:
         ac:77:de:5b:3a:95:1c:6d:89:2b:f1:86:4d:bc:20:42:e3:50:
         f2:3b:b1:0f:02:76:77:cf:4d:da:1b:91:25:ed:b9:af:5c:cd:
         bb:4d:cf:10:6e:5b:56:f6:ad:5c:d8:22:ae:3b:b9:65:5f:66:
         09:00:67:87:b3:92:60:36:4d:f2:86:e6:a0:29:e9:54:51:23:
         4e:21:9e:7f:9f:09:9c:fa:77:0b:59:52:92:6b:f7:11:29:c8:
         98:5c:06:9b:77:04:a3:08:a2:6c:12:33:f4:79:cf:44:52:60:
         04:7f:ff:39:27:3f:71:c8:b9:63:94:45:26:10:eb:33:12:b6:
         55:43:49:8e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUU4qV75KscWMS6PXbaUDjPkfTEc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMDQxNTEwMDJaFw0yNTAyMDIxNTE1MDJaMDMxMTAvBgNV
BAMTKDM0ODkwQUE2N0RBQzNFRkQ0NjkxQzc4Q0I4MUNBQTFCQTY5OEJCODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzX31Dt1X3n3LtqMNKAwFKov0w
oRt2F/WsMRrOYkf70o6+LdkbwjZWT3883wfvyFlkYXEcUjAKUEczlcOW7+etul98
pi55kb2qAv670x+l0BP6K+S9PaMC9McccbVhKLTPFMY3aPFQmWd91S8SUtIW3zdI
XbVsPK3N/nt0zq1l9RYj8dDrkO2vI7kOicEsCqF8l2wXDpe/FPhiUTeHxuPUPs/i
4BAkOHhKuPP56cuy/wPTzDCDX75aun6SOmj0KNmzTrMczTtRdm+/fXISIA5lwgDz
ByVBfaxV3vY7U7zYTarfwYMjhOqSCXkoLiHNHKvWxbVgM0FtaiaykNrQPGXVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUNIkKpn2sPv1GkceMuByqG6aYu4YwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMy
MzIzNDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAoyW4DANBgkqhkiG9w0BAQsFAAOCAQEATF5ZtiBFtorVZmXKhj/l3ZumoNWw
j1OzwyGkZ3dpCOQN/3jun5WPVx3PRXkmO0XyOBvF2aRoGtZowrb0WkDmadMJ5usp
sOZ2vrGNT5UdVH8vshmYygB2WFPRHCxFpT051qAv44wvBGBJ8uWIkDTmwR8tbeSL
0Qm866XMEJXyrHfeWzqVHG2JK/GGTbwgQuNQ8juxDwJ2d89N2huRJe25r1zNu03P
EG5bVvatXNgirju5ZV9mCQBnh7OSYDZN8obmoCnpVFEjTiGef58JnPp3C1lSkmv3
ESnImFwGm3cEowiibBIz9HnPRFJgBH//OSc/cci5Y5RFJhDrMxK2VUNJjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org