Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32302e302f32342d3234203d3e20323031363730.roa
File:                     3134372e37392e32302e302f32342d3234203d3e20323031363730.roa (raw, json)
Hash identifier:          EQRZ5PdR/+Th2u0vECGjp5RAld9iNwZfKbPgcH/KG08=
Subject key identifier:   9C:74:C6:3E:DC:7B:50:27:E7:11:08:EC:F0:3D:8E:50:D9:96:B9:36
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       043411883C4BCD3987D6713E7FB834302AD0A00C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32302e302f32342d3234203d3e20323031363730.roa
Signing time:             Thu 04 Apr 2024 15:01:41 +0000
ROA not before:           Thu 04 Apr 2024 14:56:41 +0000
ROA not after:            Thu 03 Apr 2025 15:01:41 +0000
asID:                     201670
IP address blocks:        147.79.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:34:11:88:3c:4b:cd:39:87:d6:71:3e:7f:b8:34:30:2a:d0:a0:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Apr  4 14:56:41 2024 GMT
            Not After : Apr  3 15:01:41 2025 GMT
        Subject: CN=9C74C63EDC7B5027E71108ECF03D8E50D996B936
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:31:51:90:a8:88:fa:72:ca:b6:76:63:84:1b:
                    be:52:64:66:e2:0c:83:2a:51:1b:21:4e:21:de:68:
                    29:bf:1d:cc:72:14:da:d0:f2:0b:7c:46:03:a3:1a:
                    67:ac:40:a9:cc:f8:00:c8:af:e2:be:4f:72:af:8d:
                    33:4a:e5:08:31:58:71:c5:23:22:88:2c:d3:a1:23:
                    f3:77:d1:4f:06:f4:d9:25:09:39:cc:78:6e:22:42:
                    68:75:26:6e:bb:2b:e7:34:3d:43:cf:41:5e:96:b2:
                    08:c8:92:64:02:09:0b:94:ef:a3:1a:42:31:39:ce:
                    f9:9e:a7:73:e6:d5:4f:89:b4:fd:13:1b:30:40:82:
                    99:92:c8:ac:a9:af:f3:e6:36:79:78:72:b7:a7:2f:
                    90:ae:67:0f:ac:db:01:2f:dd:eb:c7:95:37:54:47:
                    c4:5d:0f:dc:5d:bc:6f:27:ce:ef:88:d2:c1:81:b3:
                    a6:f7:97:8a:c4:9d:83:33:78:a1:37:ce:1b:66:4e:
                    f1:a0:b9:99:f9:8e:46:bb:5c:87:8c:22:dd:e6:54:
                    28:78:4e:1f:df:36:c3:48:52:c4:64:95:87:d8:3d:
                    a5:a4:fb:0f:2b:8a:86:8f:46:1d:94:ae:47:1b:ce:
                    94:44:c9:1e:aa:f5:7e:9a:e2:e6:42:93:07:6c:e8:
                    07:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:74:C6:3E:DC:7B:50:27:E7:11:08:EC:F0:3D:8E:50:D9:96:B9:36
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32302e302f32342d3234203d3e20323031363730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.79.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:b4:bf:2a:14:94:29:aa:c3:53:bd:7f:ca:6a:07:8f:24:b9:
         b1:79:72:aa:2b:38:bb:ab:41:06:2d:bc:4a:85:7c:a7:ba:40:
         3b:2d:3c:65:81:e7:41:1b:53:b1:5b:01:36:ef:59:d5:11:a9:
         f6:ac:5d:b4:6c:4f:cf:3d:7c:7b:66:58:0d:1e:31:a0:fa:e7:
         ab:30:14:a5:79:ce:02:ec:f6:8c:46:bf:cc:e9:99:9e:58:b5:
         56:82:bf:3f:49:31:78:b0:4f:0e:17:20:7b:29:e7:42:9e:5a:
         42:a1:0d:40:84:5d:a2:9b:d4:1f:bb:47:58:e8:c6:54:c7:0d:
         b3:80:e5:37:68:58:d6:b1:ec:9a:6b:10:73:c2:6f:92:70:d4:
         ff:2a:c2:c0:39:62:45:df:54:09:3e:46:03:f8:19:10:7c:90:
         0c:3d:6f:21:b7:e9:d3:fc:06:95:07:af:ad:91:92:5a:fb:f2:
         49:45:28:fa:ca:2a:04:2d:3f:1e:1f:06:18:94:42:f0:1d:44:
         90:52:1d:23:33:e3:ac:a5:47:91:17:55:19:6b:99:f3:7b:3d:
         30:e3:fa:74:89:12:51:ec:78:2f:82:19:9f:01:d2:17:ba:4c:
         51:a8:ee:4f:5c:20:86:4f:63:72:a8:46:31:2b:2d:fb:4d:10:
         6f:32:b1:f7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBDQRiDxLzTmH1nE+f7g0MCrQoAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MDQxNDU2NDFaFw0yNTA0MDMxNTAxNDFaMDMxMTAvBgNV
BAMTKDlDNzRDNjNFREM3QjUwMjdFNzExMDhFQ0YwM0Q4RTUwRDk5NkI5MzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMMVGQqIj6csq2dmOEG75SZGbi
DIMqURshTiHeaCm/HcxyFNrQ8gt8RgOjGmesQKnM+ADIr+K+T3KvjTNK5QgxWHHF
IyKILNOhI/N30U8G9NklCTnMeG4iQmh1Jm67K+c0PUPPQV6WsgjIkmQCCQuU76Ma
QjE5zvmep3Pm1U+JtP0TGzBAgpmSyKypr/PmNnl4crenL5CuZw+s2wEv3evHlTdU
R8RdD9xdvG8nzu+I0sGBs6b3l4rEnYMzeKE3zhtmTvGguZn5jka7XIeMIt3mVCh4
Th/fNsNIUsRklYfYPaWk+w8rioaPRh2UrkcbzpREyR6q9X6a4uZCkwds6AdpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUnHTGPtx7UCfnEQjs8D2OUNmWuTYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM3MmUzNzM5MmUzMjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMxMzYzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
k08UMA0GCSqGSIb3DQEBCwUAA4IBAQCFtL8qFJQpqsNTvX/KagePJLmxeXKqKzi7
q0EGLbxKhXynukA7LTxlgedBG1OxWwE271nVEan2rF20bE/PPXx7ZlgNHjGg+uer
MBSlec4C7PaMRr/M6ZmeWLVWgr8/STF4sE8OFyB7KedCnlpCoQ1AhF2im9Qfu0dY
6MZUxw2zgOU3aFjWseyaaxBzwm+ScNT/KsLAOWJF31QJPkYD+BkQfJAMPW8ht+nT
/AaVB6+tkZJa+/JJRSj6yioELT8eHwYYlELwHUSQUh0jM+OspUeRF1UZa5nzez0w
4/p0iRJR7HgvghmfAdIXukxRqO5PXCCGT2NyqEYxKy37TRBvMrH3
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org