Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3139322e302f31382d3234203d3e2037303138.roa
File:                     3134302e3233332e3139322e302f31382d3234203d3e2037303138.roa (raw, json)
Hash identifier:          q/BxwAzW/01Ktrp8g50vplxeb6+aP8LdFelp/ZKBkHI=
Subject key identifier:   98:53:59:D1:36:07:4B:CC:53:17:D2:45:21:EA:58:5F:01:6A:FB:2B
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       5CAB6EE18A7F259C68B7C3B4C6D48742B16B90A5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3139322e302f31382d3234203d3e2037303138.roa
Signing time:             Thu 08 Feb 2024 14:01:03 +0000
ROA not before:           Thu 08 Feb 2024 13:56:03 +0000
ROA not after:            Thu 06 Feb 2025 14:01:03 +0000
asID:                     7018
IP address blocks:        140.233.192.0/18 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:ab:6e:e1:8a:7f:25:9c:68:b7:c3:b4:c6:d4:87:42:b1:6b:90:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Feb  8 13:56:03 2024 GMT
            Not After : Feb  6 14:01:03 2025 GMT
        Subject: CN=985359D136074BCC5317D24521EA585F016AFB2B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:48:b5:e8:b9:99:3c:23:62:d4:41:52:a0:47:
                    b1:0d:42:07:d2:79:51:d3:b4:69:86:6d:d3:84:0a:
                    a4:b0:4a:d6:88:14:98:e6:9d:5e:7f:a8:28:73:c7:
                    ff:f6:80:6f:e6:79:90:d3:e3:5b:3b:ef:f2:92:bf:
                    33:14:68:81:63:54:e8:06:34:23:e0:5e:61:b9:22:
                    d3:76:a9:b1:f7:a5:c5:0f:8e:ca:80:71:72:35:d2:
                    e3:5a:e3:f5:3e:38:7f:ed:da:1a:26:9f:7b:cd:33:
                    d8:91:c1:cf:89:eb:26:8e:f0:4c:19:6d:fe:d9:e1:
                    d4:40:84:19:f4:79:21:00:c0:01:bf:2b:51:e7:77:
                    f9:66:a9:06:ad:7c:ae:4f:76:82:16:5f:0f:f5:c3:
                    1b:da:f5:31:0f:17:6e:6b:ad:3f:9e:d2:40:58:2f:
                    4c:87:c4:a4:13:6c:df:bb:17:48:10:cb:c9:0d:17:
                    2a:37:ac:f3:e9:23:3b:d3:53:fc:f9:e0:66:5c:b3:
                    ed:00:07:fa:a3:66:f1:fb:c4:ab:c1:02:1a:30:f1:
                    fd:51:3a:71:c3:8d:4a:92:9f:38:e1:42:81:90:a2:
                    a5:71:49:ba:19:d6:07:3d:ff:35:94:15:02:c6:34:
                    e4:50:bc:18:c0:d7:1e:78:3f:e2:a3:d4:74:06:90:
                    51:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:53:59:D1:36:07:4B:CC:53:17:D2:45:21:EA:58:5F:01:6A:FB:2B
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3139322e302f31382d3234203d3e2037303138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  140.233.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         ae:82:60:09:65:63:be:b5:73:b7:78:1c:1a:a9:25:ee:4c:b2:
         d3:2f:c7:b7:77:26:87:fe:43:60:35:67:0e:8d:61:32:4c:b7:
         11:7b:46:e5:d7:90:05:10:8b:fc:f8:95:24:a9:d5:19:40:e8:
         12:59:30:7c:c6:52:14:d2:85:1f:07:cc:76:5e:8e:ef:ad:1c:
         20:96:75:61:cf:08:b7:78:0e:40:47:96:8d:fd:db:71:7d:e1:
         76:e0:6b:d3:f3:51:09:37:0a:8e:8f:1b:9d:73:43:5d:24:2a:
         32:0c:8e:03:62:22:ec:28:31:7b:4a:a7:e1:ab:db:55:87:a0:
         b4:f8:b2:fe:c4:39:50:0d:5b:09:2f:45:f7:84:11:87:a8:37:
         ae:17:4f:83:17:d7:f0:8d:6c:a5:65:7d:c8:38:30:98:dc:db:
         7b:e3:7e:e9:43:7c:19:2a:3a:a3:ab:2c:5f:0c:cf:8a:d5:ae:
         ed:8a:ca:50:c0:8b:b1:cc:98:7a:5b:0c:cb:77:5c:77:b0:36:
         54:ea:1c:ca:3a:a3:a2:f4:3b:9e:eb:c6:fe:06:16:91:d2:42:
         a6:f7:27:19:f4:02:75:d9:24:3c:e1:25:ac:45:2b:cf:5f:8b:
         b6:d5:5b:c8:f1:26:e2:26:48:5a:fb:78:83:09:84:ea:8d:09:
         d9:d1:59:c1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXKtu4Yp/JZxot8O0xtSHQrFrkKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMDgxMzU2MDNaFw0yNTAyMDYxNDAxMDNaMDMxMTAvBgNV
BAMTKDk4NTM1OUQxMzYwNzRCQ0M1MzE3RDI0NTIxRUE1ODVGMDE2QUZCMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXSLXouZk8I2LUQVKgR7ENQgfS
eVHTtGmGbdOECqSwStaIFJjmnV5/qChzx//2gG/meZDT41s77/KSvzMUaIFjVOgG
NCPgXmG5ItN2qbH3pcUPjsqAcXI10uNa4/U+OH/t2homn3vNM9iRwc+J6yaO8EwZ
bf7Z4dRAhBn0eSEAwAG/K1Hnd/lmqQatfK5PdoIWXw/1wxva9TEPF25rrT+e0kBY
L0yHxKQTbN+7F0gQy8kNFyo3rPPpIzvTU/z54GZcs+0AB/qjZvH7xKvBAhow8f1R
OnHDjUqSnzjhQoGQoqVxSboZ1gc9/zWUFQLGNORQvBjA1x54P+Kj1HQGkFFnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmFNZ0TYHS8xTF9JFIepYXwFq+yswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMjMzMzMyZTMx
MzkzMjJlMzAyZjMxMzgyZDMyMzQyMDNkM2UyMDM3MzAzMTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG
jOnAMA0GCSqGSIb3DQEBCwUAA4IBAQCugmAJZWO+tXO3eBwaqSXuTLLTL8e3dyaH
/kNgNWcOjWEyTLcRe0bl15AFEIv8+JUkqdUZQOgSWTB8xlIU0oUfB8x2Xo7vrRwg
lnVhzwi3eA5AR5aN/dtxfeF24GvT81EJNwqOjxudc0NdJCoyDI4DYiLsKDF7Sqfh
q9tVh6C0+LL+xDlQDVsJL0X3hBGHqDeuF0+DF9fwjWylZX3IODCY3Nt7437pQ3wZ
KjqjqyxfDM+K1a7tispQwIuxzJh6WwzLd1x3sDZU6hzKOqOi9Due68b+BhaR0kKm
9ycZ9AJ12SQ84SWsRSvPX4u21VvI8SbiJkha+3iDCYTqjQnZ0VnB
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org