Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e33322e302f32312d3234203d3e20383334.roa
File:                     3134362e3130332e33322e302f32312d3234203d3e20383334.roa (raw, json)
Hash identifier:          4csQqS3iQS5Fx3TXQhiL3i5sYJ8FrQ4uvuiXqnBOsEw=
Subject key identifier:   13:F1:51:79:9D:DA:2C:8B:C9:E9:9A:4A:E0:9F:D9:4D:F1:5E:9A:7E
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       3B029666C44DEFA3B72347499A80718BE65DB7AC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e33322e302f32312d3234203d3e20383334.roa
Signing time:             Wed 27 Mar 2024 17:41:11 +0000
ROA not before:           Wed 27 Mar 2024 17:36:11 +0000
ROA not after:            Wed 26 Mar 2025 17:41:11 +0000
asID:                     834
IP address blocks:        146.103.32.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 21:21:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:02:96:66:c4:4d:ef:a3:b7:23:47:49:9a:80:71:8b:e6:5d:b7:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Mar 27 17:36:11 2024 GMT
            Not After : Mar 26 17:41:11 2025 GMT
        Subject: CN=13F151799DDA2C8BC9E99A4AE09FD94DF15E9A7E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:1c:1d:d4:73:1d:54:df:73:68:78:d7:f5:ae:
                    9d:c8:34:92:f6:ad:6e:80:a0:5d:9d:15:d7:0b:ac:
                    77:cb:57:df:f0:70:a4:6f:ca:41:a4:83:5a:d2:2a:
                    a0:3f:22:e3:a0:19:26:f7:a2:c9:72:b9:ca:67:83:
                    5c:87:b3:33:5c:a9:e8:c1:ac:fa:cd:cf:ad:24:04:
                    4f:89:07:d6:a1:a6:56:30:d2:f5:24:ef:90:30:c1:
                    c3:16:6d:25:09:55:81:cd:02:79:7b:f1:f1:e3:cf:
                    ec:a5:eb:73:dc:f7:69:6b:b7:ed:3c:c9:1e:e2:04:
                    5b:fd:f4:80:87:c8:8a:4a:3c:91:98:38:8d:3d:36:
                    3e:ad:9f:71:48:69:ee:06:0d:d8:e6:52:2d:2c:46:
                    62:4a:85:83:e2:1b:b9:86:b3:b1:06:f0:83:4c:a8:
                    fc:c2:33:e3:c5:fe:c2:63:3b:e3:de:83:d1:67:06:
                    3f:33:fb:c9:bb:14:50:cc:d1:d5:b0:55:cd:4c:01:
                    c3:f2:8a:74:7e:95:31:fc:df:6d:98:8a:45:48:11:
                    d1:f5:dc:c4:05:58:84:3a:de:3f:1a:d0:aa:69:6b:
                    4a:0f:38:e8:f2:23:c1:0e:e3:ab:b0:ef:3b:ce:58:
                    ea:3f:d9:f4:0e:a4:88:38:a8:3a:ef:33:53:07:b0:
                    00:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:F1:51:79:9D:DA:2C:8B:C9:E9:9A:4A:E0:9F:D9:4D:F1:5E:9A:7E
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e33322e302f32312d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.103.32.0/21

    Signature Algorithm: sha256WithRSAEncryption
         97:a8:7c:40:34:fa:e9:69:43:6f:56:ef:6a:19:55:54:b8:08:
         dd:da:0e:21:5b:be:d2:82:f1:27:36:b6:c7:22:21:9f:8e:e5:
         a6:8f:f8:6d:98:74:e6:80:be:3c:e8:66:a4:f3:b4:db:7e:2b:
         8a:f4:2b:d9:2f:00:53:3f:84:2b:13:3a:4f:02:a1:a5:87:a4:
         8a:30:b5:5c:81:56:3f:61:b0:39:01:10:6f:6d:bd:b1:1a:b0:
         89:68:a0:45:66:84:52:41:b1:a1:c9:69:7b:99:cd:ae:6d:02:
         4b:5a:12:f4:8d:11:92:f7:46:ad:12:eb:15:40:75:93:91:5f:
         f4:79:4c:da:5a:f5:4f:ee:4a:96:8a:77:48:08:79:2e:98:ce:
         4d:fe:9b:29:c8:b3:b5:24:61:05:56:7c:59:77:2f:e6:ed:52:
         5b:27:bc:02:71:80:fc:fe:5e:b9:a0:23:2e:21:2a:a9:a3:9c:
         5b:86:bb:9c:ae:bf:30:77:38:26:d7:3b:a4:8c:16:f3:87:64:
         f0:b6:77:d9:33:60:3f:d0:49:09:e0:0d:e4:aa:89:66:3c:7f:
         6c:63:4c:87:4b:49:20:0e:d8:2f:6a:32:a7:37:d3:4f:a1:34:
         dc:6a:79:86:cb:9b:7a:f9:9d:df:1a:39:ea:da:eb:37:17:14:
         df:49:85:81
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUOwKWZsRN76O3I0dJmoBxi+Zdt6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAzMjcxNzM2MTFaFw0yNTAzMjYxNzQxMTFaMDMxMTAvBgNV
BAMTKDEzRjE1MTc5OUREQTJDOEJDOUU5OUE0QUUwOUZEOTRERjE1RTlBN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3HB3Ucx1U33NoeNf1rp3INJL2
rW6AoF2dFdcLrHfLV9/wcKRvykGkg1rSKqA/IuOgGSb3oslyucpng1yHszNcqejB
rPrNz60kBE+JB9ahplYw0vUk75AwwcMWbSUJVYHNAnl78fHjz+yl63Pc92lrt+08
yR7iBFv99ICHyIpKPJGYOI09Nj6tn3FIae4GDdjmUi0sRmJKhYPiG7mGs7EG8INM
qPzCM+PF/sJjO+Peg9FnBj8z+8m7FFDM0dWwVc1MAcPyinR+lTH8322YikVIEdH1
3MQFWIQ63j8a0Kppa0oPOOjyI8EO46uw7zvOWOo/2fQOpIg4qDrvM1MHsAARAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUE/FReZ3aLIvJ6ZpK4J/ZTfFemn4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM2MmUzMTMwMzMyZTMz
MzIyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOSZyAw
DQYJKoZIhvcNAQELBQADggEBAJeofEA0+ulpQ29W72oZVVS4CN3aDiFbvtKC8Sc2
tsciIZ+O5aaP+G2YdOaAvjzoZqTztNt+K4r0K9kvAFM/hCsTOk8CoaWHpIowtVyB
Vj9hsDkBEG9tvbEasIlooEVmhFJBsaHJaXuZza5tAktaEvSNEZL3Rq0S6xVAdZOR
X/R5TNpa9U/uSpaKd0gIeS6Yzk3+mynIs7UkYQVWfFl3L+btUlsnvAJxgPz+Xrmg
Iy4hKqmjnFuGu5yuvzB3OCbXO6SMFvOHZPC2d9kzYD/QSQngDeSqiWY8f2xjTIdL
SSAO2C9qMqc300+hNNxqeYbLm3r5nd8aOera6zcXFN9JhYE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org