Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32332d3234203d3e203236353631.roa
File:                     32332e3136342e3135322e302f32332d3234203d3e203236353631.roa (raw, json)
Hash identifier:          mgsWua6hsy72WPq0Cfhct3Se3gVzeZ2U47GKn4H/q+A=
Subject key identifier:   08:D8:D0:B9:EF:DA:E8:4D:10:D7:17:39:B0:1D:4B:7B:6B:30:ED:BF
Certificate issuer:       /CN=d90d8aba2a75232dac0a4973b29677a14573561ef341199600
Certificate serial:       7F5988B0D4D393D09E73A42D64BA71809D544A02
Authority key identifier: 44:17:C6:2B:C8:BB:64:8A:4A:97:DD:F6:50:5C:2E:44:3E:4B:35:FF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a75232dac0a4973b29677a14573561ef341199600.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32332d3234203d3e203236353631.roa
Signing time:             Sun 16 Jun 2024 16:37:38 +0000
ROA not before:           Sun 16 Jun 2024 16:32:38 +0000
ROA not after:            Sun 15 Jun 2025 16:37:38 +0000
asID:                     26561
IP address blocks:        23.164.152.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Jun 2024 09:51:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:59:88:b0:d4:d3:93:d0:9e:73:a4:2d:64:ba:71:80:9d:54:4a:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90d8aba2a75232dac0a4973b29677a14573561ef341199600
        Validity
            Not Before: Jun 16 16:32:38 2024 GMT
            Not After : Jun 15 16:37:38 2025 GMT
        Subject: CN=08D8D0B9EFDAE84D10D71739B01D4B7B6B30EDBF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:57:e4:78:53:64:de:ca:bd:e8:8c:4f:6a:1a:
                    5e:bd:a9:56:3b:ad:b7:f7:b3:74:56:4b:1a:a1:9a:
                    45:28:94:2e:94:b6:83:c6:5e:7b:d1:0f:33:59:ad:
                    b5:76:b6:09:14:b4:d0:87:5a:fb:43:fa:70:6a:73:
                    04:93:0b:92:44:46:8b:79:f8:71:d5:18:28:3d:25:
                    c9:b4:10:17:71:f7:18:48:78:a4:05:af:0d:c2:10:
                    ed:2f:fa:93:97:b7:46:c3:aa:3b:51:f9:ad:4d:5b:
                    46:1d:d0:dc:18:95:f6:21:62:83:2f:fd:92:86:0b:
                    79:95:c9:db:9e:d3:49:ca:e4:4e:bb:79:b0:f4:9a:
                    49:be:d6:48:99:d5:69:b6:99:53:80:1d:f3:47:e4:
                    47:03:af:72:26:98:26:4b:11:8e:4a:ec:b4:78:9b:
                    fc:6f:ca:a9:04:91:5a:5b:b8:7f:33:8e:4f:55:ba:
                    bf:c2:ee:c8:2d:46:d9:2f:e8:6b:bf:67:8d:71:72:
                    ee:46:fc:e9:46:9c:91:5b:a3:36:7a:5e:e5:dd:4f:
                    fd:78:f3:bd:2c:5b:6a:1d:21:f4:72:62:25:4c:a9:
                    86:db:25:2c:b5:7c:82:a5:c0:7d:5e:94:db:95:51:
                    c7:5f:2c:5d:aa:e4:77:ab:ba:2b:7d:1e:cb:70:4c:
                    d3:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:D8:D0:B9:EF:DA:E8:4D:10:D7:17:39:B0:1D:4B:7B:6B:30:ED:BF
            X509v3 Authority Key Identifier:
                keyid:44:17:C6:2B:C8:BB:64:8A:4A:97:DD:F6:50:5C:2E:44:3E:4B:35:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/4417C62BC8BB648A4A97DDF6505C2E443E4B35FF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a75232dac0a4973b29677a14573561ef341199600.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32332d3234203d3e203236353631.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.164.152.0/23

    Signature Algorithm: sha256WithRSAEncryption
         68:24:cd:11:c9:0f:05:04:03:a1:64:4c:3f:c6:33:84:8f:7a:
         1c:a7:0b:ee:c2:24:3a:d8:0d:0d:91:45:1d:b3:33:96:8a:24:
         e8:83:79:51:da:58:51:b7:5e:95:0b:7e:cf:76:46:0b:51:e5:
         00:01:ac:d3:10:ea:25:48:3a:f1:25:e0:d1:5d:90:fc:de:57:
         a7:b5:ab:40:e5:f9:c0:7a:3b:e4:0c:35:f3:75:96:f2:97:72:
         4e:fd:9e:bb:c5:f2:9c:5f:2f:75:5f:1d:34:f6:83:90:26:1c:
         1e:ed:c2:d9:d5:cf:f8:af:e8:6a:d3:56:40:a2:9f:89:82:0c:
         30:ac:6e:40:dc:4f:b0:72:a4:cd:d0:1b:00:73:7f:e1:48:85:
         4a:ac:a5:7d:55:88:91:63:a1:fe:c9:b7:7b:20:ac:f7:1b:82:
         ed:45:fc:d4:f7:76:2e:99:ac:83:b7:5a:e3:ce:5f:ee:62:4e:
         c1:42:25:14:c7:93:72:97:3e:9f:7d:28:52:62:4f:0a:00:a5:
         33:ad:b1:dd:15:70:10:09:a8:80:e8:09:9b:77:40:70:88:a9:
         34:bd:14:a4:bf:ad:5a:f1:5f:69:25:5c:c1:35:e3:4e:fb:6f:
         40:50:5e:32:4c:7a:f4:2a:21:b9:80:14:13:9f:76:02:00:9f:
         59:a0:b9:7f
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUf1mIsNTTk9Cec6QtZLpxgJ1USgIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDkwZDhhYmEyYTc1MjMyZGFjMGE0OTczYjI5Njc3YTE0
NTczNTYxZWYzNDExOTk2MDAwHhcNMjQwNjE2MTYzMjM4WhcNMjUwNjE1MTYzNzM4
WjAzMTEwLwYDVQQDEygwOEQ4RDBCOUVGREFFODREMTBENzE3MzlCMDFENEI3QjZC
MzBFREJGMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1fkeFNk3sq9
6IxPahpevalWO62397N0VksaoZpFKJQulLaDxl570Q8zWa21drYJFLTQh1r7Q/pw
anMEkwuSREaLefhx1RgoPSXJtBAXcfcYSHikBa8NwhDtL/qTl7dGw6o7UfmtTVtG
HdDcGJX2IWKDL/2Shgt5lcnbntNJyuROu3mw9JpJvtZImdVptplTgB3zR+RHA69y
JpgmSxGOSuy0eJv8b8qpBJFaW7h/M45PVbq/wu7ILUbZL+hrv2eNcXLuRvzpRpyR
W6M2el7l3U/9ePO9LFtqHSH0cmIlTKmG2yUstXyCpcB9XpTblVHHXyxdquR3q7or
fR7LcEzTlwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFAjY0Lnv2uhNENcXObAdS3tr
MO2/MB8GA1UdIwQYMBaAFEQXxivIu2SKSpfd9lBcLkQ+SzX/MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZi
LTY4NmQ4OGU3MWFlOS8yLzQ0MTdDNjJCQzhCQjY0OEE0QTk3RERGNjUwNUMyRTQ0
M0U0QjM1RkYuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2Et
NGE0NS1hMGE5LTk3ODE0ODMyMWEwNy8wZWMxNzE1Ny02NmRlLTRhYWItODVlNy0y
OGFmNGRlNDMwZTIvZDkwZDhhYmEyYTc1MjMyZGFjMGE0OTczYjI5Njc3YTE0NTcz
NTYxZWYzNDExOTk2MDAuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZiLTY4NmQ4OGU3MWFlOS8yLzMyMzMyZTMx
MzYzNDJlMzEzNTMyMmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNjM1MzYzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEARekmDANBgkqhkiG9w0BAQsFAAOCAQEAaCTNEckPBQQDoWRMP8Yz
hI96HKcL7sIkOtgNDZFFHbMzlook6IN5UdpYUbdelQt+z3ZGC1HlAAGs0xDqJUg6
8SXg0V2Q/N5Xp7WrQOX5wHo75Aw183WW8pdyTv2eu8XynF8vdV8dNPaDkCYcHu3C
2dXP+K/oatNWQKKfiYIMMKxuQNxPsHKkzdAbAHN/4UiFSqylfVWIkWOh/sm3eyCs
9xuC7UX81Pd2Lpmsg7da485f7mJOwUIlFMeTcpc+n30oUmJPCgClM62x3RVwEAmo
gOgJm3dAcIipNL0UpL+tWvFfaSVcwTXjTvtvQFBeMkx69CohuYAUE592AgCfWaC5
fw==
-----END CERTIFICATE-----
Generated at Mon Jun 24 13:02:54 2024 by rpki-client on console-fra.rpki-client.org