Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3132382e302f31392d3234203d3e203134363138.roa
File:                     3134302e3233332e3132382e302f31392d3234203d3e203134363138.roa (raw, json)
Hash identifier:          p4s6Ogn2EK67h24wGK6wipGulo5SR61SRDdfS8zchOA=
Subject key identifier:   39:99:C9:01:C4:B0:A7:B4:3F:60:97:85:1C:EF:5F:DA:EF:2A:72:58
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       325B70A423D2161B0CBDB5CC4F826D2DF947EF37
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3132382e302f31392d3234203d3e203134363138.roa
Signing time:             Wed 14 Feb 2024 11:23:22 +0000
ROA not before:           Wed 14 Feb 2024 11:18:22 +0000
ROA not after:            Wed 12 Feb 2025 11:23:22 +0000
asID:                     14618
IP address blocks:        140.233.128.0/19 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:5b:70:a4:23:d2:16:1b:0c:bd:b5:cc:4f:82:6d:2d:f9:47:ef:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Feb 14 11:18:22 2024 GMT
            Not After : Feb 12 11:23:22 2025 GMT
        Subject: CN=3999C901C4B0A7B43F6097851CEF5FDAEF2A7258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ec:1d:24:42:06:4a:9b:a7:03:19:05:d4:a5:
                    d5:ac:09:13:25:2e:75:03:fc:d5:ad:12:36:28:ec:
                    c1:6f:22:cf:d7:79:10:d6:24:06:a1:8a:17:61:38:
                    a9:59:7a:83:52:e4:8c:06:1f:e9:94:93:21:44:9c:
                    42:a1:05:79:59:cd:0b:62:9e:97:5d:5a:b9:af:4e:
                    b1:aa:ec:f8:42:31:ea:25:57:b6:88:c8:0c:f3:19:
                    03:06:65:e0:e9:ec:08:45:5f:94:87:38:d9:6d:23:
                    82:e9:b6:f4:a3:5f:8d:a2:6a:d6:aa:23:3e:5c:50:
                    ef:a3:30:02:0f:ac:e3:97:b8:5a:0d:85:3f:98:0f:
                    fa:e3:5a:e0:82:83:ca:09:22:40:58:f8:ef:78:85:
                    05:ab:a4:44:ac:f6:85:6f:fc:a4:9f:9c:5e:2c:de:
                    46:6e:0d:9f:9b:81:bc:34:e9:0e:18:97:05:bb:84:
                    1b:7c:8f:a4:37:fc:9a:07:0a:16:28:84:02:e6:de:
                    1b:a0:48:2f:fa:90:98:8b:1e:7b:65:04:05:e4:75:
                    87:5c:b1:2f:fb:ba:ef:05:61:06:77:8e:17:5d:fe:
                    05:b4:d5:2d:40:b7:52:37:a5:5a:1d:6c:fc:7e:6c:
                    dd:33:4a:a6:b5:20:87:e3:11:ab:c3:8c:2b:bf:db:
                    9c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:99:C9:01:C4:B0:A7:B4:3F:60:97:85:1C:EF:5F:DA:EF:2A:72:58
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3132382e302f31392d3234203d3e203134363138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.233.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         06:27:1b:86:f6:9e:30:e8:14:68:46:46:04:fb:45:2b:82:8f:
         dd:19:fd:52:29:63:3d:59:1a:d8:b0:0f:88:a4:fe:be:4f:6e:
         d0:36:48:17:90:ba:86:f5:13:c3:26:ab:dd:e6:e4:a6:c0:b7:
         3b:79:58:bc:0a:89:cb:65:f5:d1:a3:7f:3c:61:a1:34:5b:9e:
         49:54:23:f2:48:13:22:c5:49:41:a3:da:d3:d2:73:b4:a9:32:
         16:97:98:ba:f8:79:85:1e:06:88:04:fe:65:11:73:1d:6c:4f:
         73:89:a0:9f:ba:e4:93:85:85:2f:93:63:f3:00:cf:48:46:6e:
         22:c6:ca:b9:ea:38:73:4b:22:f2:e1:b1:ef:6b:41:a4:24:85:
         a9:2e:1f:5f:d3:13:0d:74:e9:54:9d:55:4a:8d:ba:4e:0e:36:
         b6:f7:aa:13:03:3f:6f:b1:0b:85:8e:cc:65:78:97:b5:a4:ee:
         90:1e:9b:2a:38:30:d1:38:e7:a5:0f:44:b2:9d:dc:82:b8:f3:
         23:1b:bf:3e:fe:38:12:13:67:4a:e1:ab:cf:1e:87:89:55:7b:
         06:b6:a1:3e:63:11:52:d4:ab:a4:ca:93:25:35:d8:26:84:47:
         4f:88:e4:f7:64:33:b0:6d:33:f4:7b:99:a2:75:ab:5d:aa:da:
         ca:f4:ab:25
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMltwpCPSFhsMvbXMT4JtLflH7zcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMTQxMTE4MjJaFw0yNTAyMTIxMTIzMjJaMDMxMTAvBgNV
BAMTKDM5OTlDOTAxQzRCMEE3QjQzRjYwOTc4NTFDRUY1RkRBRUYyQTcyNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp7B0kQgZKm6cDGQXUpdWsCRMl
LnUD/NWtEjYo7MFvIs/XeRDWJAahihdhOKlZeoNS5IwGH+mUkyFEnEKhBXlZzQti
npddWrmvTrGq7PhCMeolV7aIyAzzGQMGZeDp7AhFX5SHONltI4LptvSjX42iataq
Iz5cUO+jMAIPrOOXuFoNhT+YD/rjWuCCg8oJIkBY+O94hQWrpESs9oVv/KSfnF4s
3kZuDZ+bgbw06Q4YlwW7hBt8j6Q3/JoHChYohALm3hugSC/6kJiLHntlBAXkdYdc
sS/7uu8FYQZ3jhdd/gW01S1At1I3pVodbPx+bN0zSqa1IIfjEavDjCu/25yPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOZnJAcSwp7Q/YJeFHO9f2u8qclgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMjMzMzMyZTMx
MzIzODJlMzAyZjMxMzkyZDMyMzQyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAWM6YAwDQYJKoZIhvcNAQELBQADggEBAAYnG4b2njDoFGhGRgT7RSuCj90Z/VIp
Yz1ZGtiwD4ik/r5PbtA2SBeQuob1E8Mmq93m5KbAtzt5WLwKictl9dGjfzxhoTRb
nklUI/JIEyLFSUGj2tPSc7SpMhaXmLr4eYUeBogE/mURcx1sT3OJoJ+65JOFhS+T
Y/MAz0hGbiLGyrnqOHNLIvLhse9rQaQkhakuH1/TEw106VSdVUqNuk4ONrb3qhMD
P2+xC4WOzGV4l7Wk7pAemyo4MNE456UPRLKd3IK48yMbvz7+OBITZ0rhq88eh4lV
ewa2oT5jEVLUq6TKkyU12CaER0+I5PdkM7BtM/R7maJ1q12q2sr0qyU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org