Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3138342e302f32312d3234203d3e20383334.roa
File:                     3134302e3233332e3138342e302f32312d3234203d3e20383334.roa (raw, json)
Hash identifier:          ph6Xc5Lsgajx6lkoaKtI/2rx+ZbrrlQiKJasaL654zk=
Subject key identifier:   AE:F0:FA:40:F6:61:CB:F3:AB:52:1D:70:78:19:34:E5:6A:6B:2B:42
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       4733BB3149C48CF50035390698085F44FBAAFA8A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3138342e302f32312d3234203d3e20383334.roa
Signing time:             Tue 20 Feb 2024 10:20:43 +0000
ROA not before:           Tue 20 Feb 2024 10:15:43 +0000
ROA not after:            Tue 18 Feb 2025 10:20:43 +0000
asID:                     834
IP address blocks:        140.233.184.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Feb 2024 20:29:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:33:bb:31:49:c4:8c:f5:00:35:39:06:98:08:5f:44:fb:aa:fa:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Feb 20 10:15:43 2024 GMT
            Not After : Feb 18 10:20:43 2025 GMT
        Subject: CN=AEF0FA40F661CBF3AB521D70781934E56A6B2B42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:43:c6:5b:2b:51:4f:d5:ee:ff:5e:2f:7e:69:
                    d2:84:f9:22:99:fa:fc:d2:6b:2c:48:db:ff:3a:5c:
                    a1:25:d8:c7:f1:8a:0a:d0:ca:59:c7:4a:4e:6a:d8:
                    e3:7a:d8:06:2f:6a:c2:d6:59:c0:4c:41:06:8b:5f:
                    f8:05:c3:35:20:19:e3:c3:ab:9a:b5:49:2e:6e:a8:
                    3b:65:be:3e:9e:61:73:88:12:c0:55:a8:4d:ac:3c:
                    f0:8d:e3:14:65:1a:f4:14:45:77:78:56:e1:2d:04:
                    e3:4c:52:ec:90:c5:cc:ea:2b:17:c8:a3:02:8b:a8:
                    b3:93:b1:cc:bd:9b:b3:a8:84:1b:8c:8e:7f:b5:07:
                    50:04:37:77:6c:af:86:63:1a:10:37:86:bd:62:04:
                    12:63:3b:2b:24:c2:bd:c5:07:c9:18:39:67:c5:79:
                    eb:7d:a9:80:00:79:0b:5d:34:3b:fb:e5:14:2a:c7:
                    ea:c8:24:5d:68:84:22:65:e6:22:dd:ac:f6:d3:82:
                    2f:c7:ac:77:6e:6b:6d:26:37:71:5d:f5:ca:27:9a:
                    5a:a9:74:1b:1f:ea:6d:f3:fd:2d:42:7d:d0:fc:07:
                    84:b8:12:16:9d:58:3e:33:fe:8d:0b:36:e0:1a:0f:
                    1f:85:b1:c7:2c:35:94:e3:86:22:f0:d1:a9:87:2c:
                    42:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:F0:FA:40:F6:61:CB:F3:AB:52:1D:70:78:19:34:E5:6A:6B:2B:42
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3138342e302f32312d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.233.184.0/21

    Signature Algorithm: sha256WithRSAEncryption
         4a:d4:dd:3b:44:8f:75:85:ac:83:ff:4d:b6:80:ff:03:2a:e6:
         0e:96:5b:7b:c0:9d:a8:c5:0c:4c:37:f0:aa:10:c6:7a:71:18:
         bb:4d:ad:1e:36:04:78:d9:ec:dc:1a:51:27:fc:50:b7:31:2b:
         51:62:b8:8b:01:54:53:1b:e0:27:61:dd:6d:1a:ec:1f:fc:78:
         8c:a0:c2:0d:90:13:fc:30:f2:49:de:5d:b8:1a:49:63:65:c6:
         d8:08:c3:c3:d9:2d:56:62:f0:50:b2:46:77:17:17:d1:76:f9:
         b6:91:c2:e8:dc:8f:52:c4:4b:aa:4e:be:03:6b:49:5f:7d:37:
         34:5d:37:78:2c:c3:16:81:b6:27:1f:67:81:4c:72:2a:a6:54:
         1f:3e:90:d3:75:90:8e:fb:47:9a:3a:96:53:e9:67:2b:cf:9c:
         e6:e1:5b:74:5b:c7:d3:70:8f:83:75:3f:c4:c1:6a:08:5d:c2:
         7f:be:44:c0:bc:3f:13:6f:50:fd:b9:a0:85:ac:bc:03:07:fd:
         ce:90:8f:a0:12:dc:81:b3:d1:67:36:8a:e1:2b:33:21:25:44:
         06:48:13:93:2c:37:0f:cd:87:ad:27:14:bd:0a:61:d8:e8:e8:
         c6:f4:58:64:16:1c:8c:b3:09:5c:4f:ac:8f:ec:9b:24:5a:85:
         37:38:e6:4c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIURzO7MUnEjPUANTkGmAhfRPuq+oowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMjAxMDE1NDNaFw0yNTAyMTgxMDIwNDNaMDMxMTAvBgNV
BAMTKEFFRjBGQTQwRjY2MUNCRjNBQjUyMUQ3MDc4MTkzNEU1NkE2QjJCNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIQ8ZbK1FP1e7/Xi9+adKE+SKZ
+vzSayxI2/86XKEl2MfxigrQylnHSk5q2ON62AYvasLWWcBMQQaLX/gFwzUgGePD
q5q1SS5uqDtlvj6eYXOIEsBVqE2sPPCN4xRlGvQURXd4VuEtBONMUuyQxczqKxfI
owKLqLOTscy9m7OohBuMjn+1B1AEN3dsr4ZjGhA3hr1iBBJjOyskwr3FB8kYOWfF
eet9qYAAeQtdNDv75RQqx+rIJF1ohCJl5iLdrPbTgi/HrHdua20mN3Fd9conmlqp
dBsf6m3z/S1CfdD8B4S4EhadWD4z/o0LNuAaDx+FsccsNZTjhiLw0amHLEKtAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUrvD6QPZhy/OrUh1weBk05WprK0IwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMjMzMzMyZTMx
MzgzNDJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA4zp
uDANBgkqhkiG9w0BAQsFAAOCAQEAStTdO0SPdYWsg/9NtoD/AyrmDpZbe8CdqMUM
TDfwqhDGenEYu02tHjYEeNns3BpRJ/xQtzErUWK4iwFUUxvgJ2HdbRrsH/x4jKDC
DZAT/DDySd5duBpJY2XG2AjDw9ktVmLwULJGdxcX0Xb5tpHC6NyPUsRLqk6+A2tJ
X303NF03eCzDFoG2Jx9ngUxyKqZUHz6Q03WQjvtHmjqWU+lnK8+c5uFbdFvH03CP
g3U/xMFqCF3Cf75EwLw/E29Q/bmghay8Awf9zpCPoBLcgbPRZzaK4SszISVEBkgT
kyw3D82HrScUvQph2OjoxvRYZBYcjLMJXE+sj+ybJFqFNzjmTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org