Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e38302e302f32302d3230203d3e203136353039.roa
File:                     3134372e37392e38302e302f32302d3230203d3e203136353039.roa (raw, json)
Hash identifier:          TZRqRCUIbAcjXfuS4Mk3ajLcOcQcvghhBWY6i1NjdJ8=
Subject key identifier:   07:23:41:5C:F0:EB:E7:49:D8:4C:AA:5A:83:78:5C:D5:A7:5B:5B:09
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       3D4CDA7951963D8AD08D3E0DF91791615AF94CE8
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e38302e302f32302d3230203d3e203136353039.roa
Signing time:             Sat 30 Mar 2024 23:49:30 +0000
ROA not before:           Sat 30 Mar 2024 23:44:30 +0000
ROA not after:            Sat 29 Mar 2025 23:49:30 +0000
asID:                     16509
IP address blocks:        147.79.80.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:4c:da:79:51:96:3d:8a:d0:8d:3e:0d:f9:17:91:61:5a:f9:4c:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Mar 30 23:44:30 2024 GMT
            Not After : Mar 29 23:49:30 2025 GMT
        Subject: CN=0723415CF0EBE749D84CAA5A83785CD5A75B5B09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:93:d0:21:51:88:86:e8:f7:a5:e6:9d:4e:ac:
                    0c:fe:45:96:0c:af:78:8a:e4:a8:89:f9:8d:f1:6a:
                    4d:17:4f:a6:24:4d:77:8c:60:f6:b5:13:bc:03:f9:
                    92:ea:d1:51:83:ea:25:45:5f:d2:b5:a3:00:5e:26:
                    2e:71:fc:f8:28:97:ea:3e:3f:3d:ba:5c:66:50:34:
                    49:4e:e6:2b:1a:60:27:ed:41:d7:53:36:32:90:1c:
                    3c:c4:ed:83:0e:03:9c:40:6c:c0:53:59:d7:57:29:
                    a5:34:2f:c9:fa:24:ae:0d:8f:49:08:af:c1:2c:f7:
                    f6:cf:38:a0:bb:ea:a9:1c:02:83:af:7a:38:7b:ae:
                    e6:38:90:c3:60:69:5a:c2:ad:2e:67:54:eb:84:37:
                    8e:3e:ed:ff:45:9b:c2:12:05:12:67:9a:3b:e8:b1:
                    21:94:c5:47:40:ca:da:0d:2f:ca:64:af:9f:ed:9f:
                    33:5a:9f:79:9b:ef:2d:b4:20:e5:4a:85:73:09:d1:
                    4e:9a:f4:7d:b9:1d:4c:1c:f1:a9:4d:88:a7:83:2e:
                    f2:89:ef:80:8c:af:a9:0c:23:bb:23:c3:cc:8d:b1:
                    bb:f7:47:c5:39:98:10:8b:5f:fa:b6:c7:67:22:b1:
                    08:ec:8a:e4:4c:b6:aa:80:57:e8:c8:fd:ca:b4:75:
                    3e:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:23:41:5C:F0:EB:E7:49:D8:4C:AA:5A:83:78:5C:D5:A7:5B:5B:09
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e38302e302f32302d3230203d3e203136353039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.79.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         ba:65:98:d9:77:79:00:92:4a:0c:0a:14:c3:a7:11:8b:35:12:
         9f:cf:ed:3a:ca:13:92:2a:66:a2:9e:d4:af:b7:3d:e5:b2:29:
         39:f6:76:97:00:b6:9d:f0:d2:43:08:bc:33:ef:88:bd:48:86:
         82:6f:98:6d:6a:a4:c7:4f:7b:b2:38:11:3b:bc:4d:89:7a:6d:
         17:67:08:a8:73:29:fb:df:c6:4e:b0:a2:a9:77:0e:a0:47:28:
         12:8a:9a:a8:c3:9d:1d:a1:97:d1:91:3a:c7:09:58:1f:d3:39:
         e4:4f:2d:ff:0d:1e:96:50:f7:a3:e4:65:c4:bc:c3:45:91:59:
         0f:9d:aa:b6:2c:07:f3:d9:70:f8:77:96:9a:d4:82:e4:1b:0b:
         b8:a2:84:33:a8:54:ad:b1:6e:b9:d4:08:fd:e0:60:18:89:bd:
         90:67:14:d2:4b:99:79:4e:cf:7b:92:93:d5:8f:3d:f5:10:87:
         4d:ab:9f:63:22:28:95:92:a5:b6:70:c6:65:a9:57:b3:0e:3d:
         fb:51:f0:5a:47:f9:98:f6:a8:f1:57:eb:dc:5f:d4:e0:d1:1b:
         9b:6e:bb:0b:6c:74:ae:4e:8d:ad:f7:42:1c:cf:2b:07:d3:05:
         47:a1:2b:26:1a:d5:22:7a:f0:30:ea:cd:5f:33:83:3c:40:41:
         32:13:bb:95
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUPUzaeVGWPYrQjT4N+ReRYVr5TOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAzMzAyMzQ0MzBaFw0yNTAzMjkyMzQ5MzBaMDMxMTAvBgNV
BAMTKDA3MjM0MTVDRjBFQkU3NDlEODRDQUE1QTgzNzg1Q0Q1QTc1QjVCMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVk9AhUYiG6Pel5p1OrAz+RZYM
r3iK5KiJ+Y3xak0XT6YkTXeMYPa1E7wD+ZLq0VGD6iVFX9K1owBeJi5x/Pgol+o+
Pz26XGZQNElO5isaYCftQddTNjKQHDzE7YMOA5xAbMBTWddXKaU0L8n6JK4Nj0kI
r8Es9/bPOKC76qkcAoOvejh7ruY4kMNgaVrCrS5nVOuEN44+7f9Fm8ISBRJnmjvo
sSGUxUdAytoNL8pkr5/tnzNan3mb7y20IOVKhXMJ0U6a9H25HUwc8alNiKeDLvKJ
74CMr6kMI7sjw8yNsbv3R8U5mBCLX/q2x2cisQjsiuRMtqqAV+jI/cq0dT5XAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUByNBXPDr50nYTKpag3hc1adbWwkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM3MmUzNzM5MmUzODMw
MmUzMDJmMzIzMDJkMzIzMDIwM2QzZTIwMzEzNjM1MzAzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJNP
UDANBgkqhkiG9w0BAQsFAAOCAQEAumWY2Xd5AJJKDAoUw6cRizUSn8/tOsoTkipm
op7Ur7c95bIpOfZ2lwC2nfDSQwi8M++IvUiGgm+YbWqkx097sjgRO7xNiXptF2cI
qHMp+9/GTrCiqXcOoEcoEoqaqMOdHaGX0ZE6xwlYH9M55E8t/w0ellD3o+RlxLzD
RZFZD52qtiwH89lw+HeWmtSC5BsLuKKEM6hUrbFuudQI/eBgGIm9kGcU0kuZeU7P
e5KT1Y899RCHTaufYyIolZKltnDGZalXsw49+1HwWkf5mPao8Vfr3F/U4NEbm267
C2x0rk6NrfdCHM8rB9MFR6ErJhrVInrwMOrNXzODPEBBMhO7lQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org