Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3132382e302f31372d3234203d3e203136353039.roa
File:                     3134382e3133352e3132382e302f31372d3234203d3e203136353039.roa (raw, json)
Hash identifier:          rjuwgOQ2CKaSApglp6eGLmdseHAVWA//4bYSxLxhc9c=
Subject key identifier:   BC:25:EA:14:2C:94:A6:6A:BB:85:18:F8:09:1E:3A:0C:24:90:AE:F0
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       39F860BD15E2A482E540445866529FA9940162E1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3132382e302f31372d3234203d3e203136353039.roa
Signing time:             Thu 04 Jan 2024 17:05:08 +0000
ROA not before:           Thu 04 Jan 2024 17:00:08 +0000
ROA not after:            Thu 02 Jan 2025 17:05:08 +0000
asID:                     16509
IP address blocks:        148.135.128.0/17 maxlen: 24

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:f8:60:bd:15:e2:a4:82:e5:40:44:58:66:52:9f:a9:94:01:62:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Jan  4 17:00:08 2024 GMT
            Not After : Jan  2 17:05:08 2025 GMT
        Subject: CN=BC25EA142C94A66ABB8518F8091E3A0C2490AEF0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:d0:d9:b1:42:bd:e6:57:50:ee:32:fd:13:75:
                    40:d4:ca:69:83:63:86:01:2e:f1:4c:08:d2:56:40:
                    04:29:55:34:1a:51:9a:dc:e7:01:da:45:90:81:9a:
                    e8:1d:cb:50:a2:ed:2f:5f:61:24:5d:47:75:c6:d0:
                    f9:a4:34:6c:e2:f6:2a:31:5b:1a:a2:b4:e6:9e:94:
                    01:a5:37:2c:ce:4f:15:4b:57:1f:54:56:a0:2b:d7:
                    aa:d7:ab:ab:6b:c0:3b:84:1a:51:c2:b4:ac:af:fe:
                    e0:5d:22:90:c6:71:b6:3c:14:96:ed:b2:83:4c:28:
                    af:f5:72:6a:4c:f8:75:9b:16:79:ea:13:9f:1c:11:
                    7c:69:a1:85:2e:f3:0a:17:2f:a2:2f:b5:dc:e9:59:
                    76:ab:0b:8e:43:cd:74:b2:68:b8:37:e7:c1:9c:19:
                    00:13:d7:32:22:0b:3d:0f:2d:06:81:ce:d9:e4:f0:
                    d2:4a:fe:0a:8e:ea:5e:7c:91:4d:12:10:ca:a3:9d:
                    51:08:4c:dd:1f:20:2c:55:4c:71:db:c6:04:f3:a6:
                    41:a0:69:ed:2e:ee:49:9f:59:aa:ba:a7:29:08:39:
                    4e:3f:86:f5:a4:9f:eb:90:9b:e8:59:18:b1:2f:5b:
                    8d:c7:00:9a:d3:1c:93:06:c6:18:4c:5d:35:19:34:
                    98:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:25:EA:14:2C:94:A6:6A:BB:85:18:F8:09:1E:3A:0C:24:90:AE:F0
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3132382e302f31372d3234203d3e203136353039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.135.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         54:6b:71:2e:fc:a1:16:64:de:69:ea:5a:60:8c:af:68:c3:06:
         21:b0:ce:db:67:d5:17:5b:df:69:64:a4:72:e9:16:7f:22:67:
         70:da:74:a6:4a:68:dc:bb:69:a8:44:63:99:55:22:1f:67:86:
         0e:44:79:e5:cc:64:98:57:e5:cf:80:dd:5f:4f:62:4c:4c:fa:
         00:50:97:5e:24:3d:9b:fd:ea:5b:c2:86:9b:7e:8a:ad:83:3b:
         d8:74:9a:8a:68:15:1c:23:0c:6d:9d:59:2d:a6:9d:60:8c:06:
         b0:c4:25:75:8b:05:29:e9:f1:b7:8c:42:70:0b:06:1e:5b:9b:
         12:15:4f:0d:7f:1b:ba:48:c7:37:07:ce:4e:d6:47:91:7a:34:
         0d:ae:24:6a:10:9a:47:37:3b:f8:ad:cc:09:10:a4:f0:cb:d2:
         e7:b0:d3:d8:85:4e:51:0a:1c:fa:dc:05:29:37:87:ec:b2:c5:
         f4:9b:74:69:2d:84:91:9d:92:ac:e9:5c:da:40:19:73:17:e5:
         00:1f:6e:25:1d:5a:e8:b7:26:2e:d4:43:88:ad:b0:9d:4b:a4:
         59:49:5c:22:fa:1d:f3:a7:28:38:41:05:86:0a:ca:77:1c:96:
         c5:2e:3b:3e:ea:86:b9:b3:f3:ad:ae:bf:29:47:23:33:b6:19:
         cb:8b:ff:fe
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOfhgvRXipILlQERYZlKfqZQBYuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAxMDQxNzAwMDhaFw0yNTAxMDIxNzA1MDhaMDMxMTAvBgNV
BAMTKEJDMjVFQTE0MkM5NEE2NkFCQjg1MThGODA5MUUzQTBDMjQ5MEFFRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP0NmxQr3mV1DuMv0TdUDUymmD
Y4YBLvFMCNJWQAQpVTQaUZrc5wHaRZCBmugdy1Ci7S9fYSRdR3XG0PmkNGzi9iox
WxqitOaelAGlNyzOTxVLVx9UVqAr16rXq6trwDuEGlHCtKyv/uBdIpDGcbY8FJbt
soNMKK/1cmpM+HWbFnnqE58cEXxpoYUu8woXL6IvtdzpWXarC45DzXSyaLg358Gc
GQAT1zIiCz0PLQaBztnk8NJK/gqO6l58kU0SEMqjnVEITN0fICxVTHHbxgTzpkGg
ae0u7kmfWaq6pykIOU4/hvWkn+uQm+hZGLEvW43HAJrTHJMGxhhMXTUZNJiVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvCXqFCyUpmq7hRj4CR46DCSQrvAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTMx
MzIzODJlMzAyZjMxMzcyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAeUh4AwDQYJKoZIhvcNAQELBQADggEBAFRrcS78oRZk3mnqWmCMr2jDBiGwzttn
1Rdb32lkpHLpFn8iZ3DadKZKaNy7aahEY5lVIh9nhg5EeeXMZJhX5c+A3V9PYkxM
+gBQl14kPZv96lvChpt+iq2DO9h0mopoFRwjDG2dWS2mnWCMBrDEJXWLBSnp8beM
QnALBh5bmxIVTw1/G7pIxzcHzk7WR5F6NA2uJGoQmkc3O/itzAkQpPDL0uew09iF
TlEKHPrcBSk3h+yyxfSbdGkthJGdkqzpXNpAGXMX5QAfbiUdWui3Ji7UQ4itsJ1L
pFlJXCL6HfOnKDhBBYYKyncclsUuOz7qhrmz862uvylHIzO2GcuL//4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org