Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e33322e302f32322d3232203d3e20313734.roa
File:                     3134372e37392e33322e302f32322d3232203d3e20313734.roa (raw, json)
Hash identifier:          BQO5Nmg+OPk9AaCVDyqglzXHnK6HL9VtGeswe/MzLI4=
Subject key identifier:   7E:EA:73:E4:60:8F:55:67:2D:A7:64:8B:4D:59:A8:F3:9D:40:3E:D8
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       1E28DFC60FBB24D9813EA2DD242F187D8249DBE7
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e33322e302f32322d3232203d3e20313734.roa
Signing time:             Tue 05 Mar 2024 10:20:01 +0000
ROA not before:           Tue 05 Mar 2024 10:15:01 +0000
ROA not after:            Tue 04 Mar 2025 10:20:01 +0000
asID:                     174
IP address blocks:        147.79.32.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 18 Mar 2024 14:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:28:df:c6:0f:bb:24:d9:81:3e:a2:dd:24:2f:18:7d:82:49:db:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Mar  5 10:15:01 2024 GMT
            Not After : Mar  4 10:20:01 2025 GMT
        Subject: CN=7EEA73E4608F55672DA7648B4D59A8F39D403ED8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:02:67:d3:6c:70:02:62:83:b7:aa:8e:0e:d8:
                    43:bd:34:78:18:ae:1b:27:1b:af:7e:54:c9:51:8c:
                    47:d6:c5:a4:2e:7a:8d:b1:4a:2f:3a:9a:d3:b4:70:
                    5b:19:58:ca:2e:af:18:f7:88:42:da:78:1d:5f:4c:
                    c1:1c:0b:2b:b1:b6:6a:12:30:22:1a:38:bc:08:99:
                    6d:c8:42:55:3b:b7:d6:68:69:ff:bb:76:05:2a:31:
                    5f:76:d1:df:fe:60:09:6d:db:e1:cb:5c:bf:04:15:
                    bf:c8:04:be:f3:ce:9f:b0:f2:98:cf:bb:b1:16:86:
                    8b:99:cb:43:ee:2f:89:bb:31:03:e9:61:b8:f5:35:
                    53:a7:fd:50:e5:a2:89:77:7f:6e:2d:83:4b:53:bf:
                    f8:aa:13:ba:64:bf:9f:4d:da:85:fd:25:95:41:5c:
                    00:0f:e5:59:3a:45:78:2d:4e:a1:44:1e:8b:24:ef:
                    db:57:9d:6d:83:a5:fd:2f:67:0d:72:d3:85:6d:1d:
                    db:f2:ca:15:bf:49:94:a7:c9:16:30:b7:51:ef:26:
                    54:32:29:44:d7:76:a8:8b:33:7a:a3:e6:3d:99:33:
                    2c:74:29:57:d8:55:54:b5:64:0d:26:a4:d7:9e:8c:
                    8a:58:d0:a2:d4:9a:a5:74:25:ca:9c:c8:95:2c:e6:
                    93:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:EA:73:E4:60:8F:55:67:2D:A7:64:8B:4D:59:A8:F3:9D:40:3E:D8
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e33322e302f32322d3232203d3e20313734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.79.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:07:e2:cd:d9:ba:63:c2:2e:5d:32:73:a7:ef:b9:4f:c4:9a:
         38:c6:02:a9:98:70:76:d1:cd:b7:7b:25:f1:02:2b:4b:e9:a1:
         42:db:96:b1:7a:aa:f8:09:c8:04:c0:74:48:97:92:b9:5c:5b:
         62:9c:4e:ce:ac:05:46:7f:e8:58:0f:20:0a:b8:58:f7:19:5b:
         38:7f:c0:83:5b:52:b5:c2:87:bd:8b:45:69:32:fb:29:cc:22:
         74:7c:7a:06:9f:03:9d:86:3b:aa:d9:67:73:b7:f6:20:b6:0d:
         0b:ea:19:29:fe:ac:cf:32:db:06:b7:7d:72:60:57:13:80:34:
         15:02:7d:df:1f:74:60:3e:76:10:41:3a:d0:0c:33:94:00:53:
         aa:1d:e4:36:b1:1b:8f:38:32:86:35:4c:f0:fd:aa:c4:0d:ab:
         2a:d2:27:01:53:11:6f:52:2f:f6:3d:96:26:b1:04:b4:aa:67:
         84:19:ae:db:45:6d:08:15:59:88:5e:a7:f4:ab:3a:b6:2c:a1:
         f5:88:7a:ee:ec:4c:66:e9:04:48:68:8a:84:72:80:22:4f:39:
         2a:2e:19:ff:dd:32:cb:f3:2b:a4:16:05:25:86:8f:18:48:f5:
         f5:9e:a2:28:a2:55:2a:aa:b6:95:db:15:51:ff:2c:33:58:e9:
         c8:11:30:61
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUHijfxg+7JNmBPqLdJC8YfYJJ2+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAzMDUxMDE1MDFaFw0yNTAzMDQxMDIwMDFaMDMxMTAvBgNV
BAMTKDdFRUE3M0U0NjA4RjU1NjcyREE3NjQ4QjRENTlBOEYzOUQ0MDNFRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSAmfTbHACYoO3qo4O2EO9NHgY
rhsnG69+VMlRjEfWxaQueo2xSi86mtO0cFsZWMourxj3iELaeB1fTMEcCyuxtmoS
MCIaOLwImW3IQlU7t9Zoaf+7dgUqMV920d/+YAlt2+HLXL8EFb/IBL7zzp+w8pjP
u7EWhouZy0PuL4m7MQPpYbj1NVOn/VDlool3f24tg0tTv/iqE7pkv59N2oX9JZVB
XAAP5Vk6RXgtTqFEHosk79tXnW2Dpf0vZw1y04VtHdvyyhW/SZSnyRYwt1HvJlQy
KUTXdqiLM3qj5j2ZMyx0KVfYVVS1ZA0mpNeejIpY0KLUmqV0JcqcyJUs5pNlAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUfupz5GCPVWctp2SLTVmo851APtgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM3MmUzNzM5MmUzMzMy
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzEzNzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk08gMA0G
CSqGSIb3DQEBCwUAA4IBAQA4B+LN2bpjwi5dMnOn77lPxJo4xgKpmHB20c23eyXx
AitL6aFC25axeqr4CcgEwHRIl5K5XFtinE7OrAVGf+hYDyAKuFj3GVs4f8CDW1K1
woe9i0VpMvspzCJ0fHoGnwOdhjuq2Wdzt/Ygtg0L6hkp/qzPMtsGt31yYFcTgDQV
An3fH3RgPnYQQTrQDDOUAFOqHeQ2sRuPODKGNUzw/arEDasq0icBUxFvUi/2PZYm
sQS0qmeEGa7bRW0IFVmIXqf0qzq2LKH1iHru7Exm6QRIaIqEcoAiTzkqLhn/3TLL
8yukFgUlho8YSPX1nqIoolUqqraV2xVR/ywzWOnIETBh
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org