Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32382e302f32322d3232203d3e20313734.roa
File:                     3134372e37392e32382e302f32322d3232203d3e20313734.roa (raw, json)
Hash identifier:          BaQdtx9CBZp1zooRFEmG0Flg1M00m8TFzWDeFrCbpbE=
Subject key identifier:   0A:6D:44:EA:B7:26:43:BA:C3:FB:4A:86:90:CA:B8:F1:02:57:5C:C6
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       2A09E04741CAE60F200E02B757D2A4FD36B456DC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32382e302f32322d3232203d3e20313734.roa
Signing time:             Tue 05 Mar 2024 10:20:03 +0000
ROA not before:           Tue 05 Mar 2024 10:15:03 +0000
ROA not after:            Tue 04 Mar 2025 10:20:03 +0000
asID:                     174
IP address blocks:        147.79.28.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 18 Mar 2024 14:46:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:09:e0:47:41:ca:e6:0f:20:0e:02:b7:57:d2:a4:fd:36:b4:56:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Mar  5 10:15:03 2024 GMT
            Not After : Mar  4 10:20:03 2025 GMT
        Subject: CN=0A6D44EAB72643BAC3FB4A8690CAB8F102575CC6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b3:2a:e7:37:42:7d:14:6b:1b:59:50:c2:d1:
                    cc:c5:0e:9e:21:dd:44:c3:86:88:8f:0a:de:a3:7b:
                    60:7a:fe:d5:b6:be:82:dc:c1:ab:f4:0d:48:80:f8:
                    da:23:4a:9e:9c:c0:52:ab:6c:f1:95:f1:d6:0a:38:
                    00:83:1f:8a:1e:11:f0:70:9c:fd:33:69:b9:a3:d0:
                    ff:d6:b8:4a:f3:54:e1:ea:66:a6:34:9b:97:f8:36:
                    78:a7:15:4e:44:46:47:17:44:b5:b2:53:b4:d2:52:
                    95:76:9a:fe:5b:fd:6d:63:86:bc:fb:ac:20:af:53:
                    da:13:62:92:37:67:89:29:c0:ad:63:4c:af:ed:57:
                    6a:ef:98:90:ed:d6:cb:30:f1:c9:99:95:21:3e:85:
                    af:25:06:05:4d:e8:8c:f3:01:cf:4d:38:22:0e:69:
                    db:37:d8:d7:5b:d0:f6:08:4b:66:51:38:75:24:e6:
                    ff:62:6b:50:16:66:fd:3f:9e:35:ca:ba:c3:60:09:
                    30:df:0b:27:09:cd:f2:44:a4:31:22:a1:63:f0:6d:
                    f1:4d:da:87:00:13:4b:db:7e:74:d6:7f:ed:14:02:
                    b4:1a:95:da:29:9b:b1:95:9a:df:97:1d:e6:05:24:
                    dc:7a:21:66:3c:a8:08:ad:05:9b:dc:2d:a6:70:74:
                    23:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:6D:44:EA:B7:26:43:BA:C3:FB:4A:86:90:CA:B8:F1:02:57:5C:C6
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32382e302f32322d3232203d3e20313734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.79.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b9:b8:8a:07:54:a9:60:d0:d5:be:01:bf:f4:8c:0e:d9:1f:2b:
         5e:52:3f:82:d5:71:53:1a:43:75:ae:81:52:de:ad:89:72:1d:
         7a:63:73:ad:fb:13:93:0b:d0:cc:9e:28:7a:93:be:ba:7d:6c:
         37:3a:32:db:3d:44:e9:54:76:09:c4:0c:92:be:c8:0a:5c:f8:
         89:c3:4c:18:e5:92:87:ee:21:1a:6e:e0:9b:cc:46:98:34:f6:
         34:a2:58:0a:20:00:db:3a:5e:7d:75:2b:f3:16:22:fc:13:2a:
         66:ec:60:98:5c:59:71:94:40:c2:48:04:d7:4a:e6:62:ea:7c:
         48:e4:dc:33:ac:52:43:a8:ad:a0:c4:97:85:a2:c6:ae:d0:28:
         1f:eb:73:e0:0c:03:09:24:b2:25:dd:ad:2f:24:9e:02:ca:92:
         ff:f2:38:77:cb:00:74:7a:02:c9:64:05:0a:b5:ea:48:a3:91:
         7f:ee:a9:9d:f5:aa:6b:c5:51:62:24:f0:0f:6c:96:cd:86:b8:
         91:5e:51:06:9e:49:de:4b:6d:17:75:2f:73:00:a4:24:f1:a5:
         3e:b0:4b:8e:56:34:d4:b7:ef:de:91:05:39:9a:93:dd:87:25:
         1a:7c:d1:02:16:9d:46:0b:f1:a9:2a:5c:22:46:ae:60:42:b3:
         a2:7e:66:74
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUKgngR0HK5g8gDgK3V9Kk/Ta0VtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAzMDUxMDE1MDNaFw0yNTAzMDQxMDIwMDNaMDMxMTAvBgNV
BAMTKDBBNkQ0NEVBQjcyNjQzQkFDM0ZCNEE4NjkwQ0FCOEYxMDI1NzVDQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCisyrnN0J9FGsbWVDC0czFDp4h
3UTDhoiPCt6je2B6/tW2voLcwav0DUiA+NojSp6cwFKrbPGV8dYKOACDH4oeEfBw
nP0zabmj0P/WuErzVOHqZqY0m5f4NninFU5ERkcXRLWyU7TSUpV2mv5b/W1jhrz7
rCCvU9oTYpI3Z4kpwK1jTK/tV2rvmJDt1ssw8cmZlSE+ha8lBgVN6IzzAc9NOCIO
ads32Ndb0PYIS2ZROHUk5v9ia1AWZv0/njXKusNgCTDfCycJzfJEpDEioWPwbfFN
2ocAE0vbfnTWf+0UArQaldopm7GVmt+XHeYFJNx6IWY8qAitBZvcLaZwdCMLAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUCm1E6rcmQ7rD+0qGkMq48QJXXMYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM3MmUzNzM5MmUzMjM4
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzEzNzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk08cMA0G
CSqGSIb3DQEBCwUAA4IBAQC5uIoHVKlg0NW+Ab/0jA7ZHyteUj+C1XFTGkN1roFS
3q2Jch16Y3Ot+xOTC9DMnih6k766fWw3OjLbPUTpVHYJxAySvsgKXPiJw0wY5ZKH
7iEabuCbzEaYNPY0olgKIADbOl59dSvzFiL8Eypm7GCYXFlxlEDCSATXSuZi6nxI
5NwzrFJDqK2gxJeFosau0Cgf63PgDAMJJLIl3a0vJJ4CypL/8jh3ywB0egLJZAUK
tepIo5F/7qmd9aprxVFiJPAPbJbNhriRXlEGnkneS20XdS9zAKQk8aU+sEuOVjTU
t+/ekQU5mpPdhyUafNECFp1GC/GpKlwiRq5gQrOifmZ0
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org