Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e35322e302f32322d3234203d3e20383334.roa
File:                     3134372e37392e35322e302f32322d3234203d3e20383334.roa (raw, json)
Hash identifier:          SRuvCIvyJLSedqrL+xudhTdS7ovtFZaN6qevV2zw5i0=
Subject key identifier:   00:46:BC:4C:56:CB:B6:66:7C:04:F9:84:7E:F8:0B:C6:8B:2B:88:AE
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       44E4EF66FB5DBDE99239E422CF3980F878CF3816
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e35322e302f32322d3234203d3e20383334.roa
Signing time:             Tue 05 Mar 2024 10:22:13 +0000
ROA not before:           Tue 05 Mar 2024 10:17:13 +0000
ROA not after:            Tue 04 Mar 2025 10:22:13 +0000
asID:                     834
IP address blocks:        147.79.52.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:e4:ef:66:fb:5d:bd:e9:92:39:e4:22:cf:39:80:f8:78:cf:38:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Mar  5 10:17:13 2024 GMT
            Not After : Mar  4 10:22:13 2025 GMT
        Subject: CN=0046BC4C56CBB6667C04F9847EF80BC68B2B88AE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:b3:04:7f:cb:99:ef:61:8a:33:68:e0:8e:cc:
                    2e:7d:bf:6b:30:57:94:37:0b:c0:0f:17:50:a5:e1:
                    59:4d:dc:f5:fc:f8:d2:0c:53:4e:d4:c5:27:0b:b9:
                    fa:9a:e0:ba:b7:20:73:f5:31:d9:ef:03:46:20:13:
                    b1:2f:f3:ed:15:71:12:7e:a8:35:e7:79:f9:39:c7:
                    f4:bd:91:38:7c:89:58:47:52:71:09:78:1c:3c:4f:
                    05:b0:5b:74:91:ae:41:49:7f:c4:ec:4b:20:97:82:
                    72:22:ec:df:29:b2:d0:79:c9:28:2d:b0:76:65:47:
                    55:9b:04:9c:96:a1:1c:be:8e:40:e2:1d:84:5a:34:
                    0e:e2:a1:13:a3:c3:3a:a5:9f:65:92:0e:2c:07:ed:
                    b3:75:55:71:ca:d7:74:49:dd:66:35:1d:9b:d8:c5:
                    4f:2d:6e:d0:d1:53:1e:e2:d5:98:e3:d9:9c:ae:fa:
                    6c:97:ef:04:17:71:b1:f4:6b:d4:13:71:fd:f2:65:
                    cb:50:b7:e8:7c:8b:4c:79:8a:69:01:60:1c:a0:83:
                    c6:d8:fe:9f:d8:04:83:2a:32:eb:16:d8:ae:75:8d:
                    ea:d6:97:51:aa:0c:f6:1a:5c:63:a0:30:b4:13:13:
                    65:2e:10:01:53:25:6a:bd:cd:18:25:cf:16:ae:69:
                    f6:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:46:BC:4C:56:CB:B6:66:7C:04:F9:84:7E:F8:0B:C6:8B:2B:88:AE
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e35322e302f32322d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.79.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         80:2b:ef:d3:b8:95:fd:72:ea:0b:6e:e2:71:f8:e2:b8:ad:f0:
         f5:9c:5a:3c:04:23:cd:48:c9:28:b7:67:fb:0c:7f:2d:02:55:
         bc:22:66:de:67:b9:ff:86:d2:30:56:74:00:56:71:0b:0f:cf:
         85:39:1d:04:66:29:5c:2d:ac:96:9e:c4:64:24:5a:77:a5:7a:
         2d:15:9f:23:31:3b:b2:be:b3:3e:2d:8a:52:14:6e:1e:d9:fb:
         8b:6c:3e:9b:c4:d8:58:ac:1b:80:ad:b4:9f:43:a4:60:91:e1:
         9d:94:ef:79:f2:54:39:e3:e2:ad:f3:a8:62:97:5f:72:56:99:
         00:79:bc:ae:cf:0d:9f:21:fa:5a:d0:35:88:ab:d3:c1:7d:9b:
         f5:26:55:7d:9c:84:6b:07:2e:66:e0:5b:1b:da:d8:ef:ef:34:
         d6:6a:dc:a8:2f:a1:74:b2:3c:e0:68:d9:21:1d:54:2a:c6:e7:
         57:e5:90:9c:3e:62:f8:47:1d:40:2f:a6:61:60:fb:ea:4c:1e:
         77:fd:4c:c7:e6:6e:99:95:c5:0c:ba:ae:c0:fb:99:fe:c6:af:
         6f:12:c3:55:57:d0:4d:3d:5e:04:9e:eb:48:92:10:b0:17:60:
         be:0c:a4:35:a8:d1:cb:06:d0:95:13:19:ce:14:3b:32:52:61:
         51:4c:3b:a0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUROTvZvtdvemSOeQizzmA+HjPOBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAzMDUxMDE3MTNaFw0yNTAzMDQxMDIyMTNaMDMxMTAvBgNV
BAMTKDAwNDZCQzRDNTZDQkI2NjY3QzA0Rjk4NDdFRjgwQkM2OEIyQjg4QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnswR/y5nvYYozaOCOzC59v2sw
V5Q3C8APF1Cl4VlN3PX8+NIMU07UxScLufqa4Lq3IHP1MdnvA0YgE7Ev8+0VcRJ+
qDXnefk5x/S9kTh8iVhHUnEJeBw8TwWwW3SRrkFJf8TsSyCXgnIi7N8pstB5ySgt
sHZlR1WbBJyWoRy+jkDiHYRaNA7ioROjwzqln2WSDiwH7bN1VXHK13RJ3WY1HZvY
xU8tbtDRUx7i1Zjj2Zyu+myX7wQXcbH0a9QTcf3yZctQt+h8i0x5imkBYBygg8bY
/p/YBIMqMusW2K51jerWl1GqDPYaXGOgMLQTE2UuEAFTJWq9zRglzxauafbjAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUAEa8TFbLtmZ8BPmEfvgLxosriK4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM3MmUzNzM5MmUzNTMy
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk080MA0G
CSqGSIb3DQEBCwUAA4IBAQCAK+/TuJX9cuoLbuJx+OK4rfD1nFo8BCPNSMkot2f7
DH8tAlW8ImbeZ7n/htIwVnQAVnELD8+FOR0EZilcLayWnsRkJFp3pXotFZ8jMTuy
vrM+LYpSFG4e2fuLbD6bxNhYrBuArbSfQ6RgkeGdlO958lQ54+Kt86hil19yVpkA
ebyuzw2fIfpa0DWIq9PBfZv1JlV9nIRrBy5m4Fsb2tjv7zTWatyoL6F0sjzgaNkh
HVQqxudX5ZCcPmL4Rx1AL6ZhYPvqTB53/UzH5m6ZlcUMuq7A+5n+xq9vEsNVV9BN
PV4EnutIkhCwF2C+DKQ1qNHLBtCVExnOFDsyUmFRTDug
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org