Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e322e302f32332d3234203d3e20383334.roa
File:                     3134372e37392e322e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier:          hMLJ+a0asAak0WZA0/EduGL/k1Ruwo4asuvng7vEvGQ=
Subject key identifier:   1C:4D:B1:ED:8B:F2:F8:E3:0D:0F:B9:D2:43:89:AA:F2:52:52:79:9D
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       0C4B4D31929E7C811F4DF7B7C1151847E501F271
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e322e302f32332d3234203d3e20383334.roa
Signing time:             Fri 05 Apr 2024 11:02:38 +0000
ROA not before:           Fri 05 Apr 2024 10:57:38 +0000
ROA not after:            Fri 04 Apr 2025 11:02:38 +0000
asID:                     834
IP address blocks:        147.79.2.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:4b:4d:31:92:9e:7c:81:1f:4d:f7:b7:c1:15:18:47:e5:01:f2:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Apr  5 10:57:38 2024 GMT
            Not After : Apr  4 11:02:38 2025 GMT
        Subject: CN=1C4DB1ED8BF2F8E30D0FB9D24389AAF25252799D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:9c:5a:95:db:a7:ed:d1:e8:3c:f1:41:a2:37:
                    9c:4a:80:10:a2:fd:f8:a7:f8:d0:7c:7f:6b:99:32:
                    95:93:08:25:7e:e4:a0:ca:10:f1:2c:9c:87:39:41:
                    0c:16:44:11:4f:3d:60:7f:cc:f7:8f:e7:bd:24:6b:
                    ec:e8:49:00:dd:93:36:6c:6f:c4:e3:35:6e:d9:74:
                    0f:12:94:e6:20:32:92:6f:90:c3:9e:7b:39:b0:84:
                    6b:d0:b7:3a:f9:f7:7a:3f:32:81:62:27:c2:2f:4e:
                    2e:48:32:d9:38:d9:bc:cc:94:3d:cc:38:ca:65:3b:
                    7a:aa:51:a3:0d:12:8d:0a:47:6c:52:b4:01:1a:05:
                    80:e0:02:9d:74:db:27:08:90:89:c1:f0:1d:67:4b:
                    d8:42:37:d9:f1:67:8a:97:65:f5:3c:92:af:20:d0:
                    25:e4:15:9d:59:f2:4c:c8:db:9e:8a:41:5b:aa:48:
                    78:45:df:23:ce:03:8a:28:c8:e3:96:a6:a7:e1:4e:
                    78:d6:ba:08:a1:de:f5:71:11:8f:c4:54:bd:84:5e:
                    fd:61:c6:4c:a8:7f:fc:ce:0a:c1:30:c4:58:66:be:
                    96:da:12:e2:33:4a:ec:39:8f:38:4c:25:c7:a2:45:
                    2f:bb:ac:b4:b4:ba:fa:9f:2b:a1:ff:d0:18:9e:62:
                    2e:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:4D:B1:ED:8B:F2:F8:E3:0D:0F:B9:D2:43:89:AA:F2:52:52:79:9D
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e322e302f32332d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.79.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         83:f2:40:52:52:cc:ea:3d:96:d7:21:95:34:85:a4:b5:28:04:
         9f:df:f8:1b:7d:7a:69:e4:06:0e:68:58:40:27:84:96:f2:b2:
         f0:1a:b1:69:b4:5c:36:0a:e7:4c:0d:d9:1b:36:78:aa:c1:a7:
         68:62:b0:86:7b:4d:62:05:e9:af:ba:93:75:7a:11:37:41:a5:
         58:47:31:3a:29:d4:72:a3:2d:0d:29:3f:25:1b:91:85:67:b8:
         60:62:b6:98:87:e4:5d:a8:60:a2:91:a6:83:b6:01:21:07:e1:
         9a:8f:17:f7:fd:1d:b8:6b:8d:b8:5c:28:4b:86:96:14:1c:d2:
         d0:51:df:f0:88:f9:ac:ef:05:86:0f:40:41:65:84:63:f1:34:
         78:31:24:45:c3:51:fd:c4:ac:6e:5e:01:a4:a1:41:85:7e:4f:
         12:71:42:24:b7:f4:f2:45:cf:39:c1:8c:36:bb:e1:a8:31:40:
         47:f2:92:3f:c0:48:ce:8d:0b:88:b2:fd:67:40:5f:30:2a:68:
         53:db:34:b1:43:c0:93:9d:11:f3:c1:60:e4:be:69:74:73:69:
         d9:a4:85:92:56:28:40:e1:d2:4c:0c:a7:a2:ad:56:05:10:db:
         b6:b7:38:42:a7:51:16:f6:ba:13:7e:bc:62:2d:1b:3e:10:21:
         c6:31:3a:77
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUDEtNMZKefIEfTfe3wRUYR+UB8nEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MDUxMDU3MzhaFw0yNTA0MDQxMTAyMzhaMDMxMTAvBgNV
BAMTKDFDNERCMUVEOEJGMkY4RTMwRDBGQjlEMjQzODlBQUYyNTI1Mjc5OUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAnFqV26ft0eg88UGiN5xKgBCi
/fin+NB8f2uZMpWTCCV+5KDKEPEsnIc5QQwWRBFPPWB/zPeP570ka+zoSQDdkzZs
b8TjNW7ZdA8SlOYgMpJvkMOeezmwhGvQtzr593o/MoFiJ8IvTi5IMtk42bzMlD3M
OMplO3qqUaMNEo0KR2xStAEaBYDgAp102ycIkInB8B1nS9hCN9nxZ4qXZfU8kq8g
0CXkFZ1Z8kzI256KQVuqSHhF3yPOA4ooyOOWpqfhTnjWugih3vVxEY/EVL2EXv1h
xkyof/zOCsEwxFhmvpbaEuIzSuw5jzhMJceiRS+7rLS0uvqfK6H/0BieYi6TAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUHE2x7Yvy+OMND7nSQ4mq8lJSeZ0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM3MmUzNzM5MmUzMjJl
MzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZNPAjANBgkq
hkiG9w0BAQsFAAOCAQEAg/JAUlLM6j2W1yGVNIWktSgEn9/4G316aeQGDmhYQCeE
lvKy8BqxabRcNgrnTA3ZGzZ4qsGnaGKwhntNYgXpr7qTdXoRN0GlWEcxOinUcqMt
DSk/JRuRhWe4YGK2mIfkXahgopGmg7YBIQfhmo8X9/0duGuNuFwoS4aWFBzS0FHf
8Ij5rO8Fhg9AQWWEY/E0eDEkRcNR/cSsbl4BpKFBhX5PEnFCJLf08kXPOcGMNrvh
qDFAR/KSP8BIzo0LiLL9Z0BfMCpoU9s0sUPAk50R88Fg5L5pdHNp2aSFklYoQOHS
TAynoq1WBRDbtrc4QqdRFva6E368Yi0bPhAhxjE6dw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org