Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32392e302f32342d3234203d3e203239383032.roa
File:                     3134372e37392e32392e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier:          EE10DEE5TzVW8wENysZTyiu0V9liZ2gt7vEJFkmkjWs=
Subject key identifier:   48:B0:0F:5F:A2:58:4A:92:DC:FC:F2:3A:D6:A6:10:39:9D:59:44:40
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       09F900A68A85D5E3AF2A2D96763959E15CDFB6D0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32392e302f32342d3234203d3e203239383032.roa
Signing time:             Wed 03 Apr 2024 17:16:15 +0000
ROA not before:           Wed 03 Apr 2024 17:11:15 +0000
ROA not after:            Wed 02 Apr 2025 17:16:15 +0000
asID:                     29802
IP address blocks:        147.79.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:f9:00:a6:8a:85:d5:e3:af:2a:2d:96:76:39:59:e1:5c:df:b6:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Apr  3 17:11:15 2024 GMT
            Not After : Apr  2 17:16:15 2025 GMT
        Subject: CN=48B00F5FA2584A92DCFCF23AD6A610399D594440
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:75:17:70:fb:b5:29:77:d9:8a:fc:a9:85:d2:
                    be:81:01:56:7f:5f:f8:33:93:e9:b4:7a:50:8d:07:
                    61:59:9c:e8:a5:d9:b3:75:f3:18:28:08:11:82:2e:
                    4f:1d:7f:9a:e2:d1:ad:71:38:5c:84:f3:77:9f:d5:
                    ec:83:1c:6c:e9:cd:90:fb:97:89:33:a2:b0:1f:16:
                    eb:21:51:af:eb:df:18:04:2c:69:72:3b:70:9a:19:
                    f4:33:96:35:c3:91:15:1d:21:88:dc:e2:81:d5:5a:
                    99:b7:4a:76:30:08:3e:30:ff:a0:ab:f4:a6:bd:0f:
                    01:0b:eb:e6:d5:75:3d:da:63:e7:96:83:36:e2:69:
                    89:ba:6b:5a:dc:86:b8:06:62:ba:d9:c4:aa:a3:f0:
                    31:f5:89:c8:a7:1b:89:21:2c:e8:cc:fb:49:07:6a:
                    7c:f5:ee:47:66:4a:98:f9:15:64:c8:d4:b5:c3:71:
                    59:f2:a8:f7:3b:05:8f:d6:32:a2:4e:f8:bd:b0:3e:
                    0b:76:d1:e0:0d:51:09:83:9e:8a:2e:23:95:e1:b9:
                    90:f4:54:9e:79:b7:e0:ca:cc:16:44:25:70:76:44:
                    b9:7e:a8:1c:e4:e8:8f:3a:3f:44:12:dd:36:7b:9d:
                    b9:b5:df:2b:cc:56:85:59:0c:d2:77:86:16:53:cd:
                    31:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:B0:0F:5F:A2:58:4A:92:DC:FC:F2:3A:D6:A6:10:39:9D:59:44:40
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32392e302f32342d3234203d3e203239383032.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.79.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:c9:06:87:4f:5d:78:7b:a0:96:88:d7:40:9b:6e:55:e4:0e:
         dd:be:2d:5f:ac:c5:46:52:20:60:8b:27:53:4b:0d:a1:08:9f:
         72:84:7a:ab:54:46:35:f1:ad:fd:a8:83:29:25:bc:48:0e:ca:
         05:5b:a1:0c:3d:f3:b8:9a:f1:62:67:57:26:14:8e:ef:a0:05:
         a5:13:c9:4b:f3:7a:77:3a:44:bb:87:b5:a3:88:78:eb:08:e6:
         65:aa:1e:a9:0a:6c:8b:21:43:27:e1:f4:6e:8a:29:c4:cd:3e:
         1f:05:f1:e2:aa:85:b2:17:9c:51:b8:4c:97:27:1e:9a:9c:80:
         f2:30:2b:a4:91:31:ac:01:9a:46:92:7b:fe:1b:ed:d7:e9:21:
         5d:ec:83:44:cb:24:be:0b:b7:36:e3:ac:22:b2:ae:4b:a9:3f:
         65:76:c7:11:ba:a2:af:c3:c4:e2:04:d1:ce:4f:5f:d5:23:ad:
         05:b6:29:20:40:43:34:3f:46:b6:9a:91:f8:dd:53:94:42:2e:
         54:39:c8:3d:5e:7e:f1:09:cd:e2:aa:d8:d5:f8:ca:d2:c1:57:
         ec:3c:a2:1c:3b:66:a4:c9:97:e9:e7:80:fa:f3:04:f8:9c:5f:
         2b:c4:32:33:06:7f:56:8d:a8:6e:65:a1:68:1f:b1:62:52:73:
         39:76:41:d4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUCfkApoqF1eOvKi2WdjlZ4VzfttAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MDMxNzExMTVaFw0yNTA0MDIxNzE2MTVaMDMxMTAvBgNV
BAMTKDQ4QjAwRjVGQTI1ODRBOTJEQ0ZDRjIzQUQ2QTYxMDM5OUQ1OTQ0NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrdRdw+7Upd9mK/KmF0r6BAVZ/
X/gzk+m0elCNB2FZnOil2bN18xgoCBGCLk8df5ri0a1xOFyE83ef1eyDHGzpzZD7
l4kzorAfFushUa/r3xgELGlyO3CaGfQzljXDkRUdIYjc4oHVWpm3SnYwCD4w/6Cr
9Ka9DwEL6+bVdT3aY+eWgzbiaYm6a1rchrgGYrrZxKqj8DH1icinG4khLOjM+0kH
anz17kdmSpj5FWTI1LXDcVnyqPc7BY/WMqJO+L2wPgt20eANUQmDnoouI5XhuZD0
VJ55t+DKzBZEJXB2RLl+qBzk6I86P0QS3TZ7nbm13yvMVoVZDNJ3hhZTzTGnAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUSLAPX6JYSpLc/PI61qYQOZ1ZREAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM3MmUzNzM5MmUzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJNP
HTANBgkqhkiG9w0BAQsFAAOCAQEAuMkGh09deHuglojXQJtuVeQO3b4tX6zFRlIg
YIsnU0sNoQifcoR6q1RGNfGt/aiDKSW8SA7KBVuhDD3zuJrxYmdXJhSO76AFpRPJ
S/N6dzpEu4e1o4h46wjmZaoeqQpsiyFDJ+H0boopxM0+HwXx4qqFshecUbhMlyce
mpyA8jArpJExrAGaRpJ7/hvt1+khXeyDRMskvgu3NuOsIrKuS6k/ZXbHEbqir8PE
4gTRzk9f1SOtBbYpIEBDND9GtpqR+N1TlEIuVDnIPV5+8QnN4qrY1fjK0sFX7Dyi
HDtmpMmX6eeA+vME+JxfK8QyMwZ/Vo2obmWhaB+xYlJzOXZB1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org