Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32342d3234203d3e203630383538.roa
File:                     32332e3136342e3135322e302f32342d3234203d3e203630383538.roa (raw, json)
Hash identifier:          6Mh/nXqKJwAYnT+R6dowS9B0zWh7o5tG/AVRYSG8LjY=
Subject key identifier:   14:0F:C5:1D:C4:CC:E5:7E:D5:E1:05:C6:0F:28:F5:A9:15:EC:A7:2D
Certificate issuer:       /CN=d90d8aba2a75232dac0a4973b29677a14573561ef341199600
Certificate serial:       4B09288CB71A82176CBE621AF5C87BF5D7C07EFD
Authority key identifier: 44:17:C6:2B:C8:BB:64:8A:4A:97:DD:F6:50:5C:2E:44:3E:4B:35:FF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a75232dac0a4973b29677a14573561ef341199600.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32342d3234203d3e203630383538.roa
Signing time:             Sun 16 Jun 2024 21:59:38 +0000
ROA not before:           Sun 16 Jun 2024 21:54:38 +0000
ROA not after:            Sun 15 Jun 2025 21:59:38 +0000
asID:                     60858
IP address blocks:        23.164.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Jun 2024 09:26:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:09:28:8c:b7:1a:82:17:6c:be:62:1a:f5:c8:7b:f5:d7:c0:7e:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90d8aba2a75232dac0a4973b29677a14573561ef341199600
        Validity
            Not Before: Jun 16 21:54:38 2024 GMT
            Not After : Jun 15 21:59:38 2025 GMT
        Subject: CN=140FC51DC4CCE57ED5E105C60F28F5A915ECA72D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:9c:93:ca:90:9b:94:e5:3e:02:20:bd:01:ef:
                    c8:7a:82:04:90:b9:49:71:d8:21:cb:d3:7f:a0:1a:
                    77:57:92:b0:15:5b:d9:8e:63:4f:7a:1c:b5:d7:41:
                    26:90:ef:e5:dc:e2:d6:7b:38:f2:6b:dd:68:d7:02:
                    fb:be:36:14:0f:c0:2f:d5:cd:93:c9:5d:21:5b:49:
                    4e:dc:fe:85:f2:4d:88:69:4d:41:39:cd:4b:38:14:
                    5e:97:90:89:42:b2:02:1b:b8:3d:eb:53:4d:c6:5e:
                    97:1a:df:7d:d4:9e:b2:d5:91:a2:0c:d2:9e:44:2c:
                    ed:bf:db:54:60:a0:29:f5:4c:d8:ca:d4:0f:a9:ed:
                    c3:84:33:da:e1:ed:5f:e8:72:d3:76:60:e1:a2:a2:
                    8f:0b:a9:b7:74:bc:59:49:f6:46:9f:cc:27:cd:b5:
                    44:81:bc:88:d1:3b:08:e9:cb:65:3f:63:7b:39:b5:
                    91:f4:c3:d8:0a:7a:60:f8:30:a0:58:4d:47:c9:a1:
                    f4:db:d0:90:92:80:02:0f:c7:4c:12:36:46:f8:f3:
                    73:b9:61:31:ab:44:4f:81:ff:c3:ae:80:8b:86:80:
                    72:20:63:ee:1a:55:ea:d1:ee:ee:c6:b8:2a:98:d1:
                    c3:ff:9e:8d:de:16:60:e8:e3:cb:08:38:62:fd:dd:
                    16:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:0F:C5:1D:C4:CC:E5:7E:D5:E1:05:C6:0F:28:F5:A9:15:EC:A7:2D
            X509v3 Authority Key Identifier:
                keyid:44:17:C6:2B:C8:BB:64:8A:4A:97:DD:F6:50:5C:2E:44:3E:4B:35:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/4417C62BC8BB648A4A97DDF6505C2E443E4B35FF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a75232dac0a4973b29677a14573561ef341199600.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32342d3234203d3e203630383538.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.164.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:7c:d0:d4:91:3a:bc:66:72:62:22:bc:76:88:d9:e7:05:7e:
         ed:ca:0d:b4:17:51:d4:69:ea:e8:d7:a1:91:82:ea:ae:2d:a3:
         ac:59:a1:53:86:87:57:77:4c:be:fc:b4:cd:77:83:b7:2f:33:
         d5:6c:d3:73:28:3a:95:8e:2b:dc:6a:78:2d:2e:3c:a8:ce:8f:
         fe:fe:38:9d:a5:db:e8:db:b9:38:bb:1d:09:05:1f:cd:95:40:
         8a:a3:9c:90:50:3a:08:80:b5:1d:08:2c:0c:a1:56:58:1a:f7:
         c4:06:6c:8e:c6:b7:13:ac:90:7d:35:ac:b8:2d:34:37:78:27:
         f6:da:2b:35:c0:8e:ce:cc:0a:66:88:dc:7d:10:03:55:52:6b:
         0b:59:30:ba:c0:19:c8:df:20:e1:6f:35:1f:1f:41:56:bb:5d:
         f0:6f:27:9f:36:6c:ee:44:64:86:7a:42:f8:8b:5c:ea:74:07:
         5b:fb:71:b1:1a:e4:7f:07:f2:f6:01:c2:4b:6d:26:1f:3f:b7:
         32:2a:9b:0f:ec:f8:cc:38:eb:76:ee:50:ab:ec:37:22:cb:e2:
         c8:34:38:0f:d0:65:24:b2:d2:38:21:d3:3d:b8:1a:49:e6:ae:
         c1:80:5c:21:70:94:9d:fe:d3:22:f5:15:57:55:04:69:b3:6d:
         ed:8b:a1:8e
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUSwkojLcaghdsvmIa9ch79dfAfv0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDkwZDhhYmEyYTc1MjMyZGFjMGE0OTczYjI5Njc3YTE0
NTczNTYxZWYzNDExOTk2MDAwHhcNMjQwNjE2MjE1NDM4WhcNMjUwNjE1MjE1OTM4
WjAzMTEwLwYDVQQDEygxNDBGQzUxREM0Q0NFNTdFRDVFMTA1QzYwRjI4RjVBOTE1
RUNBNzJEMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypyTypCblOU+
AiC9Ae/IeoIEkLlJcdghy9N/oBp3V5KwFVvZjmNPehy110EmkO/l3OLWezjya91o
1wL7vjYUD8Av1c2TyV0hW0lO3P6F8k2IaU1BOc1LOBRel5CJQrICG7g961NNxl6X
Gt991J6y1ZGiDNKeRCztv9tUYKAp9UzYytQPqe3DhDPa4e1f6HLTdmDhoqKPC6m3
dLxZSfZGn8wnzbVEgbyI0TsI6ctlP2N7ObWR9MPYCnpg+DCgWE1HyaH029CQkoAC
D8dMEjZG+PNzuWExq0RPgf/DroCLhoByIGPuGlXq0e7uxrgqmNHD/56N3hZg6OPL
CDhi/d0WSwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFBQPxR3EzOV+1eEFxg8o9akV
7KctMB8GA1UdIwQYMBaAFEQXxivIu2SKSpfd9lBcLkQ+SzX/MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZi
LTY4NmQ4OGU3MWFlOS8yLzQ0MTdDNjJCQzhCQjY0OEE0QTk3RERGNjUwNUMyRTQ0
M0U0QjM1RkYuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2Et
NGE0NS1hMGE5LTk3ODE0ODMyMWEwNy8wZWMxNzE1Ny02NmRlLTRhYWItODVlNy0y
OGFmNGRlNDMwZTIvZDkwZDhhYmEyYTc1MjMyZGFjMGE0OTczYjI5Njc3YTE0NTcz
NTYxZWYzNDExOTk2MDAuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZiLTY4NmQ4OGU3MWFlOS8yLzMyMzMyZTMx
MzYzNDJlMzEzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMDM4MzUzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABekmDANBgkqhkiG9w0BAQsFAAOCAQEAonzQ1JE6vGZyYiK8dojZ
5wV+7coNtBdR1Gnq6NehkYLqri2jrFmhU4aHV3dMvvy0zXeDty8z1WzTcyg6lY4r
3Gp4LS48qM6P/v44naXb6Nu5OLsdCQUfzZVAiqOckFA6CIC1HQgsDKFWWBr3xAZs
jsa3E6yQfTWsuC00N3gn9torNcCOzswKZojcfRADVVJrC1kwusAZyN8g4W81Hx9B
Vrtd8G8nnzZs7kRkhnpC+Itc6nQHW/txsRrkfwfy9gHCS20mHz+3MiqbD+z4zDjr
du5Qq+w3IsviyDQ4D9BlJLLSOCHTPbgaSeauwYBcIXCUnf7TIvUVV1UEabNt7Yuh
jg==
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:53:27 2024 by rpki-client on console-ams.rpki-client.org