Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3234302e302f32302d3230203d3e2030.roa
File:                     3134382e3133352e3234302e302f32302d3230203d3e2030.roa (raw, json)
Hash identifier:          b9ngbzjATszTPoWOOHZrrJdmKXkZMfxbFO3smAL/Z2g=
Subject key identifier:   ED:FF:23:92:3A:05:23:6C:02:E3:AD:96:4B:9B:2C:DD:12:FE:BE:E1
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       77BEA854901C572DD941EC06C33B14241A015557
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3234302e302f32302d3230203d3e2030.roa
Signing time:             Fri 05 Jan 2024 10:05:08 +0000
ROA not before:           Fri 05 Jan 2024 10:00:08 +0000
ROA not after:            Fri 03 Jan 2025 10:05:08 +0000
asID:                     0
IP address blocks:        148.135.240.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:be:a8:54:90:1c:57:2d:d9:41:ec:06:c3:3b:14:24:1a:01:55:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Jan  5 10:00:08 2024 GMT
            Not After : Jan  3 10:05:08 2025 GMT
        Subject: CN=EDFF23923A05236C02E3AD964B9B2CDD12FEBEE1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:d3:6d:6f:dd:f4:c6:76:35:f8:d2:db:c1:f6:
                    05:8c:5b:b6:a1:9e:c9:3b:47:c2:df:c3:7a:c3:08:
                    28:8d:28:24:82:ec:3d:7f:5a:89:22:86:c8:43:be:
                    22:a4:28:d3:62:33:d2:42:bf:3b:49:e4:6a:64:59:
                    56:2a:32:61:bc:97:4b:8c:d1:45:c2:3f:98:3a:60:
                    9b:42:79:e9:e2:1d:36:1e:2b:80:f8:80:d7:a5:52:
                    fb:06:9a:b9:c8:03:6e:47:22:5a:30:0b:ab:d0:c2:
                    a9:a9:dc:ab:59:41:db:cd:90:b8:71:14:60:73:59:
                    fa:ad:e2:0c:b0:cf:f6:ad:5c:0c:ee:c0:6b:bd:92:
                    f2:af:f7:fd:f7:d7:fa:32:67:1b:a6:72:98:4b:1d:
                    60:e2:ca:c4:e6:28:1a:15:f3:0d:34:64:b8:22:54:
                    05:20:b7:21:d8:c9:c1:48:44:4d:b5:4b:2e:f0:a0:
                    d9:be:c6:fb:62:27:42:21:0a:62:c6:ba:9e:72:9e:
                    ea:eb:79:cc:71:19:a9:73:68:74:2f:b1:58:50:9f:
                    ec:8e:80:66:01:38:fe:35:f6:32:50:e8:62:ff:e5:
                    38:07:13:76:13:27:51:84:88:19:2a:cd:3d:f3:3a:
                    a8:91:47:6a:be:8d:65:31:f6:cc:f1:2e:f6:27:73:
                    eb:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:FF:23:92:3A:05:23:6C:02:E3:AD:96:4B:9B:2C:DD:12:FE:BE:E1
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3234302e302f32302d3230203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.135.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         51:34:cb:2a:9b:b9:51:cd:51:49:c6:23:cd:62:a4:f7:42:aa:
         fe:0b:dd:8b:b4:03:f7:9d:3c:89:ef:ff:07:e0:22:f6:af:d4:
         5b:cc:87:87:86:62:8d:d6:7c:11:92:44:6b:42:0d:51:e6:e8:
         11:51:82:7a:62:d4:36:83:c8:70:58:05:f1:14:cc:85:52:37:
         21:3d:a8:6d:a2:3c:f2:1b:73:a2:e3:43:a9:14:c4:8a:a2:59:
         8a:79:6f:f5:26:f6:b7:25:a6:7b:25:8f:cd:67:d7:25:16:57:
         f9:ef:70:0c:6c:16:16:3f:7f:a6:50:b3:1f:6a:25:b3:1a:bb:
         a3:42:f2:c1:57:02:db:9d:d8:3b:23:71:32:d3:e0:3f:c5:42:
         2d:44:e3:e5:d7:f9:f8:cb:99:78:98:9f:7c:61:00:23:3d:a0:
         5f:e8:a4:6f:cc:66:62:d7:75:27:07:a3:7d:ab:b2:41:fe:a1:
         89:43:7c:29:57:16:4c:38:b6:70:d8:a3:dd:1a:eb:20:98:4b:
         fb:ae:d0:c0:ac:5d:b8:40:ce:5a:27:ff:db:d0:15:e6:00:36:
         4f:51:fd:8b:9a:4f:b6:eb:3a:1e:4c:b9:1c:c0:85:72:2d:73:
         6d:49:e6:05:68:46:94:3f:00:32:39:3c:bc:7b:8e:f8:3f:6a:
         7e:c7:15:1c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUd76oVJAcVy3ZQewGwzsUJBoBVVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAxMDUxMDAwMDhaFw0yNTAxMDMxMDA1MDhaMDMxMTAvBgNV
BAMTKEVERkYyMzkyM0EwNTIzNkMwMkUzQUQ5NjRCOUIyQ0REMTJGRUJFRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp021v3fTGdjX40tvB9gWMW7ah
nsk7R8Lfw3rDCCiNKCSC7D1/WokihshDviKkKNNiM9JCvztJ5GpkWVYqMmG8l0uM
0UXCP5g6YJtCeeniHTYeK4D4gNelUvsGmrnIA25HIlowC6vQwqmp3KtZQdvNkLhx
FGBzWfqt4gywz/atXAzuwGu9kvKv9/331/oyZxumcphLHWDiysTmKBoV8w00ZLgi
VAUgtyHYycFIRE21Sy7woNm+xvtiJ0IhCmLGup5ynurrecxxGalzaHQvsVhQn+yO
gGYBOP419jJQ6GL/5TgHE3YTJ1GEiBkqzT3zOqiRR2q+jWUx9szxLvYnc+sjAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU7f8jkjoFI2wC462WS5ss3RL+vuEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTMy
MzQzMDJlMzAyZjMyMzAyZDMyMzAyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQElIfwMA0G
CSqGSIb3DQEBCwUAA4IBAQBRNMsqm7lRzVFJxiPNYqT3Qqr+C92LtAP3nTyJ7/8H
4CL2r9RbzIeHhmKN1nwRkkRrQg1R5ugRUYJ6YtQ2g8hwWAXxFMyFUjchPahtojzy
G3Oi40OpFMSKolmKeW/1Jva3JaZ7JY/NZ9clFlf573AMbBYWP3+mULMfaiWzGruj
QvLBVwLbndg7I3Ey0+A/xUItROPl1/n4y5l4mJ98YQAjPaBf6KRvzGZi13UnB6N9
q7JB/qGJQ3wpVxZMOLZw2KPdGusgmEv7rtDArF24QM5aJ//b0BXmADZPUf2Lmk+2
6zoeTLkcwIVyLXNtSeYFaEaUPwAyOTy8e474P2p+xxUc
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org