Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS201668.roa
File:                     AS201668.roa (raw, json)
Hash identifier:          073SRupDdXl6Nt5KsH4oxuMjHIZQxwCap/v4Z1zlr7g=
Subject key identifier:   85:C5:C9:BC:EE:13:1E:47:8C:0B:DD:55:36:15:DB:E4:30:7D:53:88
Certificate issuer:       /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial:       3F6CBC87775EFBEB1A65A83B937B827CB82B80AE
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS201668.roa
Signing time:             Fri 12 Apr 2024 13:08:12 +0000
ROA not before:           Fri 12 Apr 2024 13:03:12 +0000
ROA not after:            Fri 11 Apr 2025 13:08:12 +0000
asID:                     201668
IP address blocks:        147.79.57.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 Apr 2024 13:55:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:6c:bc:87:77:5e:fb:eb:1a:65:a8:3b:93:7b:82:7c:b8:2b:80:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
        Validity
            Not Before: Apr 12 13:03:12 2024 GMT
            Not After : Apr 11 13:08:12 2025 GMT
        Subject: CN=85C5C9BCEE131E478C0BDD553615DBE4307D5388
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d8:01:45:77:a6:27:91:b5:80:81:8f:6a:aa:
                    2a:8f:95:d7:f3:3a:02:ee:dd:32:0f:9e:bd:5b:28:
                    91:28:09:9a:9c:3d:be:cc:75:6c:7f:0e:be:16:67:
                    37:5d:e1:4e:5b:c7:3f:5e:d5:d0:92:60:21:d5:ab:
                    6f:57:48:df:3f:cd:06:a3:b2:4b:68:4b:f3:b0:db:
                    a3:ac:18:07:f3:10:04:be:94:7c:3a:e1:72:89:58:
                    2e:94:1c:28:ad:f4:00:0d:9c:9b:da:e1:ba:a6:05:
                    ed:15:cf:5d:8e:97:16:ab:e0:16:52:7c:0b:e8:a9:
                    83:45:7f:bb:c0:17:d4:d8:2e:f1:e7:8c:4d:32:8b:
                    2e:7a:9a:0f:49:8f:04:36:0e:71:67:18:11:49:af:
                    27:54:16:44:41:eb:89:4a:dc:92:7e:9e:8b:1c:9c:
                    b3:2a:e1:73:9f:9d:9e:93:a8:95:33:db:5a:20:a0:
                    a1:b9:2b:5a:62:a4:a6:0b:c7:0b:5d:4e:3a:88:86:
                    5b:51:fb:96:c7:73:5b:e2:bf:78:80:e7:80:dd:b8:
                    e0:54:c6:66:b8:c2:58:82:16:9f:83:9c:fd:32:1f:
                    fb:76:8d:ed:52:4d:5e:02:a2:c0:3d:0f:0f:be:fb:
                    ec:00:32:7a:f5:63:8f:fc:03:bc:11:40:ba:6e:89:
                    b6:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:C5:C9:BC:EE:13:1E:47:8C:0B:DD:55:36:15:DB:E4:30:7D:53:88
            X509v3 Authority Key Identifier:
                keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS201668.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.79.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:e4:1b:66:ca:35:62:bd:66:1c:7c:47:10:bb:d3:db:7f:cc:
         99:24:ac:b5:b4:6c:6f:b8:79:e4:2c:59:00:e1:2a:2f:9c:f1:
         c9:53:63:73:90:40:90:95:01:19:63:92:1f:4c:5c:f7:c9:00:
         af:81:9b:2a:74:84:6d:68:cf:23:b9:b7:1b:86:92:61:38:41:
         07:35:49:17:b9:8e:eb:14:5d:71:ef:5e:dc:30:eb:6d:cf:0f:
         aa:1f:04:f9:cb:60:8b:2a:1a:d9:0e:81:a0:82:69:74:b4:ce:
         2d:24:cb:69:72:a9:75:d4:da:1d:9f:6c:27:58:50:86:ca:d8:
         ed:ca:94:8b:b5:e8:25:6f:45:44:3b:20:29:fc:60:55:15:2c:
         63:63:fc:41:0a:1d:3d:10:b0:b7:46:8d:3b:13:1c:85:71:62:
         ec:1e:19:8a:55:ef:43:17:ec:38:f8:84:e7:b5:66:8f:00:3e:
         22:59:d8:b8:c6:7b:29:a5:b9:9a:7b:41:ae:0a:9a:b6:76:12:
         ff:cd:96:6a:12:b5:3c:cb:91:0c:94:df:ee:20:7c:3c:11:c1:
         a1:e1:93:13:c7:97:f0:77:a7:8c:b4:6a:f8:86:9b:3f:8a:11:
         5b:72:a0:63:e7:96:c6:5f:39:dc:72:02:71:a5:84:04:c3:b0:
         69:27:9c:d6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUP2y8h3de++saZag7k3uCfLgrgK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MTIxMzAzMTJaFw0yNTA0MTExMzA4MTJaMDMxMTAvBgNV
BAMTKDg1QzVDOUJDRUUxMzFFNDc4QzBCREQ1NTM2MTVEQkU0MzA3RDUzODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm2AFFd6YnkbWAgY9qqiqPldfz
OgLu3TIPnr1bKJEoCZqcPb7MdWx/Dr4WZzdd4U5bxz9e1dCSYCHVq29XSN8/zQaj
sktoS/Ow26OsGAfzEAS+lHw64XKJWC6UHCit9AANnJva4bqmBe0Vz12Olxar4BZS
fAvoqYNFf7vAF9TYLvHnjE0yiy56mg9JjwQ2DnFnGBFJrydUFkRB64lK3JJ+nosc
nLMq4XOfnZ6TqJUz21ogoKG5K1pipKYLxwtdTjqIhltR+5bHc1viv3iA54DduOBU
xma4wliCFp+DnP0yH/t2je1STV4CosA9Dw++++wAMnr1Y4/8A7wRQLpuibYbAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUhcXJvO4THkeMC91VNhXb5DB9U4gwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAxNjY4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk085
MA0GCSqGSIb3DQEBCwUAA4IBAQCi5BtmyjVivWYcfEcQu9Pbf8yZJKy1tGxvuHnk
LFkA4SovnPHJU2NzkECQlQEZY5IfTFz3yQCvgZsqdIRtaM8jubcbhpJhOEEHNUkX
uY7rFF1x717cMOttzw+qHwT5y2CLKhrZDoGggml0tM4tJMtpcql11Nodn2wnWFCG
ytjtypSLteglb0VEOyAp/GBVFSxjY/xBCh09ELC3Ro07ExyFcWLsHhmKVe9DF+w4
+ITntWaPAD4iWdi4xnsppbmae0GuCpq2dhL/zZZqErU8y5EMlN/uIHw8EcGh4ZMT
x5fwd6eMtGr4hps/ihFbcqBj55bGXznccgJxpYQEw7BpJ5zW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org