Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3138342e302f32322d3234203d3e20383334.roa
File:                     3134302e3233332e3138342e302f32322d3234203d3e20383334.roa (raw, json)
Hash identifier:          d6gNS38CLDA+qugxd7drC9Qu7A8k+PzgmBLH8Wvsibg=
Subject key identifier:   79:2A:05:3B:95:54:3E:C1:DF:D3:F7:F8:1E:3D:7F:D0:AB:F6:69:A9
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       25548EE775409FC64E2EF6416526B8C5E587AE3E
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3138342e302f32322d3234203d3e20383334.roa
Signing time:             Tue 20 Feb 2024 20:30:18 +0000
ROA not before:           Tue 20 Feb 2024 20:25:18 +0000
ROA not after:            Tue 18 Feb 2025 20:30:18 +0000
asID:                     834
IP address blocks:        140.233.184.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:54:8e:e7:75:40:9f:c6:4e:2e:f6:41:65:26:b8:c5:e5:87:ae:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Feb 20 20:25:18 2024 GMT
            Not After : Feb 18 20:30:18 2025 GMT
        Subject: CN=792A053B95543EC1DFD3F7F81E3D7FD0ABF669A9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:3a:92:3c:cb:55:36:ad:8e:3f:1e:66:48:5d:
                    9e:73:51:27:7a:2b:eb:a3:57:90:2e:8d:18:55:9e:
                    da:1e:d3:5e:68:f4:72:8a:e7:97:64:f5:05:7e:be:
                    93:18:fa:aa:ef:83:da:e6:89:d1:d4:3b:94:cb:7d:
                    cb:eb:ae:10:aa:c7:35:6e:a3:5d:b3:b4:d9:62:d8:
                    3f:6e:e6:46:da:ed:08:89:34:a4:72:9f:1e:34:2f:
                    c6:a3:43:3b:ed:db:ab:4f:6c:00:c4:30:00:70:d4:
                    6c:c3:60:be:0f:d1:0c:f2:01:60:3e:98:b0:1e:c1:
                    23:d7:33:4a:12:29:5a:c1:7a:22:7f:7b:bd:18:88:
                    ea:89:a6:90:cb:f7:e6:47:11:49:8a:28:f0:4b:a2:
                    5d:59:17:f7:34:a6:98:9d:c2:4d:92:27:ba:ed:ee:
                    e0:2f:58:42:b9:c3:df:e0:5e:48:ef:34:ee:96:d8:
                    67:26:69:5d:5d:ca:27:bc:2e:b0:68:1c:d7:72:53:
                    fb:a4:1c:1c:12:34:b4:34:b7:5d:66:29:6c:06:9f:
                    8f:f2:67:de:59:10:60:48:e8:dd:94:3c:db:d2:76:
                    36:dd:b6:dc:f5:1f:6c:a3:ca:cb:b8:53:4e:40:06:
                    02:8f:14:46:5d:23:72:e6:38:6a:27:f6:a7:0b:4f:
                    83:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:2A:05:3B:95:54:3E:C1:DF:D3:F7:F8:1E:3D:7F:D0:AB:F6:69:A9
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3138342e302f32322d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.233.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         53:55:32:e9:d5:5a:c1:3d:e2:8c:39:e2:a6:2a:aa:df:d0:55:
         3e:88:9d:57:c0:60:83:26:d3:1c:cf:8a:0c:10:28:de:00:c3:
         cd:b7:6e:17:e4:3d:96:2a:ac:9e:d7:d1:5e:03:10:6d:dc:fb:
         1e:28:2d:16:d6:26:ee:14:d2:af:ee:ed:d7:f6:71:5b:49:07:
         5e:6b:87:e4:69:05:ff:bd:90:26:fa:b7:92:32:51:bf:e8:a9:
         f9:2b:d8:a6:53:77:c0:28:b7:2a:4e:83:51:c6:96:64:81:44:
         86:ed:da:d2:4e:eb:a3:19:14:96:26:0b:11:df:33:32:5f:93:
         52:d5:1e:1b:e2:c0:86:67:91:b2:9b:2b:ab:87:c5:eb:f2:8d:
         38:23:a9:2a:5f:dc:0c:26:29:fc:d5:2b:19:d4:aa:b0:79:7f:
         46:0e:55:f7:3d:63:a1:9d:a0:d7:24:4d:2b:ef:bd:e8:97:f7:
         32:ab:6e:35:16:ca:2d:52:9c:5c:63:83:ad:b4:25:33:d4:36:
         75:c7:6f:03:e6:97:1f:41:a9:98:f0:f3:a1:3c:44:5e:0e:a6:
         68:c4:be:06:5e:be:2d:34:9e:44:5a:bb:9d:36:24:98:6d:a8:
         92:eb:d1:76:52:f1:1e:1b:ce:b2:bd:d2:6f:8b:63:fc:aa:c2:
         05:a6:1f:6a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUJVSO53VAn8ZOLvZBZSa4xeWHrj4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMjAyMDI1MThaFw0yNTAyMTgyMDMwMThaMDMxMTAvBgNV
BAMTKDc5MkEwNTNCOTU1NDNFQzFERkQzRjdGODFFM0Q3RkQwQUJGNjY5QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbOpI8y1U2rY4/HmZIXZ5zUSd6
K+ujV5AujRhVntoe015o9HKK55dk9QV+vpMY+qrvg9rmidHUO5TLfcvrrhCqxzVu
o12ztNli2D9u5kba7QiJNKRynx40L8ajQzvt26tPbADEMABw1GzDYL4P0QzyAWA+
mLAewSPXM0oSKVrBeiJ/e70YiOqJppDL9+ZHEUmKKPBLol1ZF/c0ppidwk2SJ7rt
7uAvWEK5w9/gXkjvNO6W2GcmaV1dyie8LrBoHNdyU/ukHBwSNLQ0t11mKWwGn4/y
Z95ZEGBI6N2UPNvSdjbdttz1H2yjysu4U05ABgKPFEZdI3LmOGon9qcLT4NNAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUeSoFO5VUPsHf0/f4Hj1/0Kv2aakwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMjMzMzMyZTMx
MzgzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAozp
uDANBgkqhkiG9w0BAQsFAAOCAQEAU1Uy6dVawT3ijDnipiqq39BVPoidV8BggybT
HM+KDBAo3gDDzbduF+Q9liqsntfRXgMQbdz7HigtFtYm7hTSr+7t1/ZxW0kHXmuH
5GkF/72QJvq3kjJRv+ip+SvYplN3wCi3Kk6DUcaWZIFEhu3a0k7roxkUliYLEd8z
Ml+TUtUeG+LAhmeRspsrq4fF6/KNOCOpKl/cDCYp/NUrGdSqsHl/Rg5V9z1joZ2g
1yRNK++96Jf3MqtuNRbKLVKcXGODrbQlM9Q2dcdvA+aXH0GpmPDzoTxEXg6maMS+
Bl6+LTSeRFq7nTYkmG2okuvRdlLxHhvOsr3Sb4tj/KrCBaYfag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org