Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1309bdce-70e3-46ae-8f05-0c3ada8f8a42/0/3139352e3139312e34392e302f32342d3234203d3e203230343733.roa
File:                     3139352e3139312e34392e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier:          peyn+wTUUKEimcMfMBOUr3xb9IQa34VLWUHsNKU2Jpk=
Subject key identifier:   0F:91:2C:9D:CA:87:8D:1C:AC:69:0B:DE:8C:71:84:02:0E:12:56:20
Certificate issuer:       /CN=ac428c8eed241857f73d0f3d483abecb240519d0
Certificate serial:       309E64329F6ACFF9B8345AE90E66785BF6C76996
Authority key identifier: AC:42:8C:8E:ED:24:18:57:F7:3D:0F:3D:48:3A:BE:CB:24:05:19:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rEKMju0kGFf3PQ89SDq-yyQFGdA.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1309bdce-70e3-46ae-8f05-0c3ada8f8a42/0/3139352e3139312e34392e302f32342d3234203d3e203230343733.roa
Signing time:             Mon 19 Feb 2024 09:43:24 +0000
ROA not before:           Mon 19 Feb 2024 09:38:24 +0000
ROA not after:            Mon 17 Feb 2025 09:43:24 +0000
asID:                     20473
IP address blocks:        195.191.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 Apr 2024 00:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:9e:64:32:9f:6a:cf:f9:b8:34:5a:e9:0e:66:78:5b:f6:c7:69:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac428c8eed241857f73d0f3d483abecb240519d0
        Validity
            Not Before: Feb 19 09:38:24 2024 GMT
            Not After : Feb 17 09:43:24 2025 GMT
        Subject: CN=0F912C9DCA878D1CAC690BDE8C7184020E125620
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:72:f0:13:c9:30:a8:75:3a:bd:41:08:a3:86:
                    17:21:f3:1d:87:ec:3f:a4:bf:5b:a9:21:e6:2b:6c:
                    4b:93:a4:d4:8e:65:91:ed:05:ff:98:4d:f0:3c:be:
                    59:35:40:25:7e:9a:ad:7c:15:74:0b:10:85:78:3f:
                    0d:90:12:92:e3:6b:f5:1d:33:3c:8d:ae:bd:3d:6a:
                    7f:51:24:e2:4f:f0:82:88:66:cf:37:ef:7b:10:e8:
                    b7:f2:64:34:3b:45:51:54:2e:06:7f:14:cd:d5:4c:
                    94:60:1d:91:2b:2c:aa:0d:5a:d4:a8:2e:ab:d7:e5:
                    c6:e5:4c:f2:61:c9:af:71:05:52:17:7c:c6:4a:e4:
                    3b:d3:6d:47:2e:5a:d4:8a:36:25:3b:80:8e:55:6a:
                    94:4e:37:72:e2:a5:95:03:84:74:3f:55:ff:87:3e:
                    5a:99:d9:2b:58:c2:6d:c8:cc:06:59:57:33:aa:19:
                    0a:39:a8:d5:ad:5a:de:55:40:4d:49:28:41:0d:b6:
                    be:34:d2:99:d6:f7:33:31:d9:5a:1b:60:ee:20:1e:
                    73:a5:4b:ce:d0:e5:62:59:6d:78:6d:f2:a5:39:28:
                    ff:cd:6e:93:a9:ce:5b:45:2b:bb:7f:05:8a:1b:84:
                    32:42:cd:54:5e:ec:fd:08:da:9a:9b:2d:a5:bc:79:
                    18:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:91:2C:9D:CA:87:8D:1C:AC:69:0B:DE:8C:71:84:02:0E:12:56:20
            X509v3 Authority Key Identifier:
                keyid:AC:42:8C:8E:ED:24:18:57:F7:3D:0F:3D:48:3A:BE:CB:24:05:19:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1309bdce-70e3-46ae-8f05-0c3ada8f8a42/0/AC428C8EED241857F73D0F3D483ABECB240519D0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rEKMju0kGFf3PQ89SDq-yyQFGdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1309bdce-70e3-46ae-8f05-0c3ada8f8a42/0/3139352e3139312e34392e302f32342d3234203d3e203230343733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.191.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:c7:01:1e:b1:75:7c:9b:7c:ac:e4:e6:92:30:48:dc:62:89:
         f0:20:0c:ac:4a:e9:a8:2d:e8:a3:ee:35:2e:58:68:2f:41:dd:
         94:07:1d:25:9d:2c:25:2f:60:05:1b:fc:63:0f:31:02:58:55:
         2f:e9:80:c4:b4:66:b3:13:75:11:7b:2b:a6:14:21:77:6f:fa:
         8d:f6:e9:c4:11:99:b5:cf:80:23:90:1a:67:bd:28:b7:9b:92:
         22:26:2f:d4:0b:69:85:db:89:91:85:8a:e0:60:dd:10:e6:e9:
         e5:f1:78:16:b6:ed:62:b9:65:67:d7:dc:1b:1a:3d:60:f1:1f:
         5b:88:68:28:cd:12:1a:28:8a:ea:16:ce:50:1f:f7:a7:7c:62:
         42:f6:08:62:76:06:70:fd:c3:1f:f2:d5:7f:fd:80:e7:72:1f:
         b6:76:02:a7:cb:18:88:3c:db:ca:87:ff:c7:66:0b:a0:85:23:
         0e:7e:29:cc:e3:e4:9c:40:fc:8a:86:5e:3a:9c:7f:08:26:40:
         7b:96:da:0f:2b:92:46:ea:b2:57:84:9f:7a:dc:85:5e:c5:ea:
         45:24:0f:dc:fa:1b:5b:61:cc:f2:ef:a3:81:b6:90:13:7d:8f:
         a6:4d:a6:24:75:c8:40:5f:d3:55:be:04:f3:5d:81:62:7c:b2:
         7d:73:15:bd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMJ5kMp9qz/m4NFrpDmZ4W/bHaZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWM0MjhjOGVlZDI0MTg1N2Y3M2QwZjNkNDgzYWJlY2Iy
NDA1MTlkMDAeFw0yNDAyMTkwOTM4MjRaFw0yNTAyMTcwOTQzMjRaMDMxMTAvBgNV
BAMTKDBGOTEyQzlEQ0E4NzhEMUNBQzY5MEJERThDNzE4NDAyMEUxMjU2MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEcvATyTCodTq9QQijhhch8x2H
7D+kv1upIeYrbEuTpNSOZZHtBf+YTfA8vlk1QCV+mq18FXQLEIV4Pw2QEpLja/Ud
MzyNrr09an9RJOJP8IKIZs8373sQ6LfyZDQ7RVFULgZ/FM3VTJRgHZErLKoNWtSo
LqvX5cblTPJhya9xBVIXfMZK5DvTbUcuWtSKNiU7gI5VapRON3LipZUDhHQ/Vf+H
PlqZ2StYwm3IzAZZVzOqGQo5qNWtWt5VQE1JKEENtr400pnW9zMx2VobYO4gHnOl
S87Q5WJZbXht8qU5KP/NbpOpzltFK7t/BYobhDJCzVRe7P0I2pqbLaW8eRiRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUD5EsncqHjRysaQvejHGEAg4SViAwHwYDVR0j
BBgwFoAUrEKMju0kGFf3PQ89SDq+yyQFGdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTMwOWJkY2UtNzBlMy00NmFlLThmMDUtMGMzYWRhOGY4
YTQyLzAvQUM0MjhDOEVFRDI0MTg1N0Y3M0QwRjNENDgzQUJFQ0IyNDA1MTlEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JFS01qdTBrR0ZmM1BRODlTRHEteXlR
RkdkQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTMwOWJkY2Ut
NzBlMy00NmFlLThmMDUtMGMzYWRhOGY4YTQyLzAvMzEzOTM1MmUzMTM5MzEyZTM0
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
w78xMA0GCSqGSIb3DQEBCwUAA4IBAQBqxwEesXV8m3ys5OaSMEjcYonwIAysSumo
Leij7jUuWGgvQd2UBx0lnSwlL2AFG/xjDzECWFUv6YDEtGazE3UReyumFCF3b/qN
9unEEZm1z4AjkBpnvSi3m5IiJi/UC2mF24mRhYrgYN0Q5unl8XgWtu1iuWVn19wb
Gj1g8R9biGgozRIaKIrqFs5QH/enfGJC9ghidgZw/cMf8tV//YDnch+2dgKnyxiI
PNvKh//HZgughSMOfinM4+ScQPyKhl46nH8IJkB7ltoPK5JG6rJXhJ963IVexepF
JA/c+htbYczy76OBtpATfY+mTaYkdchAX9NVvgTzXYFifLJ9cxW9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org