Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e31362e302f32302d3234203d3e20383334.roa
File:                     3134362e3130332e31362e302f32302d3234203d3e20383334.roa (raw, json)
Hash identifier:          oe17frzWyS9GNQYqiJAEGkG4pfV0KitfnGZHtRC9wmM=
Subject key identifier:   69:7F:87:3C:0C:11:AA:AA:A7:78:C2:BC:C4:F1:07:ED:52:01:8E:FD
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       289C769B2FE511B765EE13539B60B61EA5A23962
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e31362e302f32302d3234203d3e20383334.roa
Signing time:             Thu 14 Mar 2024 07:37:03 +0000
ROA not before:           Thu 14 Mar 2024 07:32:03 +0000
ROA not after:            Thu 13 Mar 2025 07:37:03 +0000
asID:                     834
IP address blocks:        146.103.16.0/20 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Mar 2024 09:38:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:9c:76:9b:2f:e5:11:b7:65:ee:13:53:9b:60:b6:1e:a5:a2:39:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Mar 14 07:32:03 2024 GMT
            Not After : Mar 13 07:37:03 2025 GMT
        Subject: CN=697F873C0C11AAAAA778C2BCC4F107ED52018EFD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d1:85:de:d3:a5:29:95:4f:19:b2:8e:4f:88:
                    fb:03:7c:81:5c:1b:c6:18:2f:8a:c1:aa:00:9d:de:
                    58:b2:85:ea:f2:bf:38:35:08:ef:e3:9e:24:58:a1:
                    c7:76:78:39:1c:64:bd:7a:dc:83:2a:01:51:08:be:
                    8a:00:46:3e:63:57:28:a7:a0:75:e4:32:88:a1:8a:
                    c3:3d:a2:6a:0c:0e:a6:02:b1:9f:61:77:55:8f:10:
                    3a:8b:9e:34:d9:5a:89:46:28:05:e3:e8:e2:28:21:
                    3d:15:8d:5a:c4:bb:61:87:27:06:5f:ab:9c:c4:d9:
                    01:a2:c3:23:93:b7:5b:35:69:04:15:20:ed:67:dc:
                    68:93:0a:b0:4f:3e:c3:0c:50:55:70:ad:49:ea:41:
                    91:51:a7:62:23:20:44:31:4d:9d:b8:63:71:d2:1d:
                    71:7f:89:09:ca:69:ae:d8:c8:f4:cc:7a:68:65:98:
                    f2:ce:ec:8e:92:bb:da:d8:f0:52:51:c7:05:d5:4c:
                    9b:75:64:ca:b0:57:b9:f2:16:ba:a3:60:f0:2a:1f:
                    ae:45:e7:df:63:09:ce:78:9f:98:3e:08:ee:90:ea:
                    6c:5e:22:b6:ca:1a:91:6c:ef:d1:3d:3a:b7:59:9f:
                    0b:e3:77:6e:a8:1a:a2:c6:6c:96:66:94:e5:6c:5e:
                    09:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:7F:87:3C:0C:11:AA:AA:A7:78:C2:BC:C4:F1:07:ED:52:01:8E:FD
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e31362e302f32302d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.103.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         b4:04:2c:31:7a:8e:17:69:bb:92:40:57:44:e2:45:fb:5a:bb:
         41:16:dc:9c:72:f8:09:8a:da:f4:16:51:04:e5:5c:e7:6c:08:
         4a:11:a2:2f:92:9e:bf:7c:e6:8c:a2:b1:01:bc:56:67:54:0f:
         06:08:30:f4:f4:54:e2:d5:e9:83:14:1a:1f:5c:5f:58:ec:58:
         07:3e:8d:37:3a:61:39:c0:48:c2:d0:2f:a1:c9:a6:91:b6:37:
         db:9a:e0:6a:30:20:76:33:4c:19:72:17:23:cf:0a:1d:3c:d2:
         95:12:6c:88:f4:7e:72:fc:4c:11:c9:75:7d:13:cf:f5:ac:27:
         9d:43:fa:0d:5b:54:87:45:3b:58:28:72:21:b7:55:7a:b8:d7:
         ca:bb:d2:df:bd:71:6a:c2:8d:c8:16:c2:e7:0b:21:bb:c0:57:
         2f:9d:00:21:67:9d:31:70:a9:af:d5:bf:dd:54:8b:7c:45:25:
         6a:b5:a2:75:98:ac:d7:ae:d3:b8:25:1b:0c:15:49:3b:40:b4:
         47:72:0c:3f:90:a2:70:b8:7e:55:96:55:9a:dc:48:92:47:07:
         aa:7f:23:cc:b6:e0:3f:44:8e:43:65:e4:f1:a5:7e:f9:7b:f0:
         3e:5d:c9:5e:d0:82:9f:4e:fc:29:18:55:d3:a4:31:bd:dc:72:
         e2:54:c6:54
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUKJx2my/lEbdl7hNTm2C2HqWiOWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAzMTQwNzMyMDNaFw0yNTAzMTMwNzM3MDNaMDMxMTAvBgNV
BAMTKDY5N0Y4NzNDMEMxMUFBQUFBNzc4QzJCQ0M0RjEwN0VENTIwMThFRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC00YXe06UplU8Zso5PiPsDfIFc
G8YYL4rBqgCd3liyheryvzg1CO/jniRYocd2eDkcZL163IMqAVEIvooARj5jVyin
oHXkMoihisM9omoMDqYCsZ9hd1WPEDqLnjTZWolGKAXj6OIoIT0VjVrEu2GHJwZf
q5zE2QGiwyOTt1s1aQQVIO1n3GiTCrBPPsMMUFVwrUnqQZFRp2IjIEQxTZ24Y3HS
HXF/iQnKaa7YyPTMemhlmPLO7I6Su9rY8FJRxwXVTJt1ZMqwV7nyFrqjYPAqH65F
599jCc54n5g+CO6Q6mxeIrbKGpFs79E9OrdZnwvjd26oGqLGbJZmlOVsXglFAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUaX+HPAwRqqqneMK8xPEH7VIBjv0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM2MmUzMTMwMzMyZTMx
MzYyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASSZxAw
DQYJKoZIhvcNAQELBQADggEBALQELDF6jhdpu5JAV0TiRftau0EW3Jxy+AmK2vQW
UQTlXOdsCEoRoi+Snr985oyisQG8VmdUDwYIMPT0VOLV6YMUGh9cX1jsWAc+jTc6
YTnASMLQL6HJppG2N9ua4GowIHYzTBlyFyPPCh080pUSbIj0fnL8TBHJdX0Tz/Ws
J51D+g1bVIdFO1gociG3VXq418q70t+9cWrCjcgWwucLIbvAVy+dACFnnTFwqa/V
v91Ui3xFJWq1onWYrNeu07glGwwVSTtAtEdyDD+QonC4flWWVZrcSJJHB6p/I8y2
4D9EjkNl5PGlfvl78D5dyV7Qgp9O/CkYVdOkMb3ccuJUxlQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org