Route Origin Authorization 

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32342d3234203d3e203632383830.roa
File:                     32332e3136342e3135322e302f32342d3234203d3e203632383830.roa (raw, json)
Hash identifier:          juaApbI02F+71Mwm3ky02MwVvhBhUNohnySs9/79ZnE=
Subject key identifier:   6F:41:10:E2:71:B2:06:1D:07:16:69:54:B8:E7:5F:D0:A0:C9:AB:49
Certificate issuer:       /CN=d90d8aba2a75232dac0a4973b29677a14573561ef341199600
Certificate serial:       200EB76F4388A8B35D47F8188715A503483C7C4D
Authority key identifier: 44:17:C6:2B:C8:BB:64:8A:4A:97:DD:F6:50:5C:2E:44:3E:4B:35:FF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a75232dac0a4973b29677a14573561ef341199600.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32342d3234203d3e203632383830.roa
Signing time:             Wed 14 Aug 2024 17:56:46 +0000
ROA not before:           Wed 14 Aug 2024 17:51:46 +0000
ROA not after:            Wed 13 Aug 2025 17:56:46 +0000
asID:                     62880
IP address blocks:        23.164.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Aug 2024 17:06:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:0e:b7:6f:43:88:a8:b3:5d:47:f8:18:87:15:a5:03:48:3c:7c:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90d8aba2a75232dac0a4973b29677a14573561ef341199600
        Validity
            Not Before: Aug 14 17:51:46 2024 GMT
            Not After : Aug 13 17:56:46 2025 GMT
        Subject: CN=6F4110E271B2061D07166954B8E75FD0A0C9AB49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:97:be:42:a4:d9:d7:1e:6d:2a:67:b8:5a:14:
                    6f:1c:d5:92:3e:0c:7a:2e:48:ba:86:b8:c4:66:f5:
                    f5:68:26:04:ea:0a:62:c9:44:5c:16:06:55:d2:b7:
                    3f:70:a5:21:a1:bf:9e:1b:f0:1e:e1:b5:18:3d:9c:
                    07:90:15:03:de:a8:c9:99:b8:c4:d6:b7:85:15:04:
                    2f:62:13:8d:47:10:34:fd:ae:56:70:3d:da:a5:71:
                    af:a1:60:17:ba:c8:5d:e3:18:8f:e7:14:fd:7d:dd:
                    01:86:00:d5:48:57:2a:55:bd:29:7a:96:06:ca:82:
                    1e:96:75:ce:f8:e0:ab:f6:8a:1c:5c:3e:74:33:b8:
                    c1:46:7e:f5:b0:43:f2:c3:21:80:16:98:40:95:a7:
                    96:77:77:62:f4:2f:8b:fb:69:b7:4b:b5:a4:2b:87:
                    28:5c:ae:11:4a:84:d6:47:51:84:d4:b7:3e:eb:b9:
                    79:e9:dd:58:ed:2b:ca:ac:70:a0:4b:93:26:ce:75:
                    be:df:bd:ca:b9:6f:f6:c8:0e:6c:6d:36:2e:bb:93:
                    e4:03:51:d9:5b:6c:4c:c2:43:2b:16:9e:6c:77:87:
                    4f:19:3d:11:97:d0:48:2f:2b:89:e4:61:ac:60:9a:
                    32:39:ba:3e:5c:8a:14:db:b2:05:87:30:1c:51:5c:
                    6f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:41:10:E2:71:B2:06:1D:07:16:69:54:B8:E7:5F:D0:A0:C9:AB:49
            X509v3 Authority Key Identifier:
                keyid:44:17:C6:2B:C8:BB:64:8A:4A:97:DD:F6:50:5C:2E:44:3E:4B:35:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/4417C62BC8BB648A4A97DDF6505C2E443E4B35FF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a75232dac0a4973b29677a14573561ef341199600.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/2/32332e3136342e3135322e302f32342d3234203d3e203632383830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.164.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:e0:6c:46:af:0f:1b:0f:35:2d:81:f0:e4:c5:61:1d:13:05:
         86:1b:57:00:7e:3c:04:67:fe:4d:fa:13:b5:59:31:f2:81:4f:
         eb:2c:b4:65:d7:7d:80:d1:e4:6a:d4:37:11:01:0a:df:1e:eb:
         70:58:d5:74:c3:c9:16:47:5f:98:7b:d7:73:81:d1:ba:3a:7b:
         b3:f5:61:97:9a:5d:dc:0d:f9:77:a9:8a:b9:4d:b1:ee:a0:81:
         26:65:11:f3:5f:2c:b6:76:23:5f:81:37:b6:b2:99:f2:75:c3:
         43:6c:3a:ae:1d:33:af:9e:51:01:6a:19:0a:da:c4:f4:a3:53:
         14:a3:3d:f4:6b:6f:45:fd:32:bd:2c:84:38:bd:4c:4f:da:6b:
         e4:10:96:f2:7b:45:e5:56:01:56:b4:3c:16:e2:0a:c3:aa:66:
         d4:71:a2:f4:39:7d:22:8e:25:2c:fd:51:2b:64:43:fb:45:ae:
         41:21:ab:a0:ca:e7:13:a4:f0:2c:36:a9:16:eb:f2:ea:1e:28:
         23:95:8d:de:c2:46:d7:62:09:93:9d:01:8b:4e:8b:b6:1b:6e:
         cc:79:fd:fd:d9:ef:c3:a2:4c:9b:90:11:1b:e2:69:bf:6c:b0:
         07:49:be:d5:6f:fe:3c:e8:52:4e:23:5b:c0:87:9a:f3:44:50:
         21:20:83:0d
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUIA63b0OIqLNdR/gYhxWlA0g8fE0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDkwZDhhYmEyYTc1MjMyZGFjMGE0OTczYjI5Njc3YTE0
NTczNTYxZWYzNDExOTk2MDAwHhcNMjQwODE0MTc1MTQ2WhcNMjUwODEzMTc1NjQ2
WjAzMTEwLwYDVQQDEyg2RjQxMTBFMjcxQjIwNjFEMDcxNjY5NTRCOEU3NUZEMEEw
QzlBQjQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJe+QqTZ1x5t
Kme4WhRvHNWSPgx6Lki6hrjEZvX1aCYE6gpiyURcFgZV0rc/cKUhob+eG/Ae4bUY
PZwHkBUD3qjJmbjE1reFFQQvYhONRxA0/a5WcD3apXGvoWAXushd4xiP5xT9fd0B
hgDVSFcqVb0pepYGyoIelnXO+OCr9oocXD50M7jBRn71sEPywyGAFphAlaeWd3di
9C+L+2m3S7WkK4coXK4RSoTWR1GE1Lc+67l56d1Y7SvKrHCgS5MmznW+373KuW/2
yA5sbTYuu5PkA1HZW2xMwkMrFp5sd4dPGT0Rl9BILyuJ5GGsYJoyObo+XIoU27IF
hzAcUVxvawIDAQABo4ICzTCCAskwHQYDVR0OBBYEFG9BEOJxsgYdBxZpVLjnX9Cg
yatJMB8GA1UdIwQYMBaAFEQXxivIu2SKSpfd9lBcLkQ+SzX/MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZi
LTY4NmQ4OGU3MWFlOS8yLzQ0MTdDNjJCQzhCQjY0OEE0QTk3RERGNjUwNUMyRTQ0
M0U0QjM1RkYuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2Et
NGE0NS1hMGE5LTk3ODE0ODMyMWEwNy8wZWMxNzE1Ny02NmRlLTRhYWItODVlNy0y
OGFmNGRlNDMwZTIvZDkwZDhhYmEyYTc1MjMyZGFjMGE0OTczYjI5Njc3YTE0NTcz
NTYxZWYzNDExOTk2MDAuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZiLTY4NmQ4OGU3MWFlOS8yLzMyMzMyZTMx
MzYzNDJlMzEzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMjM4MzgzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABekmDANBgkqhkiG9w0BAQsFAAOCAQEAauBsRq8PGw81LYHw5MVh
HRMFhhtXAH48BGf+TfoTtVkx8oFP6yy0Zdd9gNHkatQ3EQEK3x7rcFjVdMPJFkdf
mHvXc4HRujp7s/Vhl5pd3A35d6mKuU2x7qCBJmUR818stnYjX4E3trKZ8nXDQ2w6
rh0zr55RAWoZCtrE9KNTFKM99GtvRf0yvSyEOL1MT9pr5BCW8ntF5VYBVrQ8FuIK
w6pm1HGi9Dl9Io4lLP1RK2RD+0WuQSGroMrnE6TwLDapFuvy6h4oI5WN3sJG12IJ
k50Bi06LthtuzHn9/dnvw6JMm5ARG+Jpv2ywB0m+1W/+POhSTiNbwIea80RQISCD
DQ==
-----END CERTIFICATE-----
Generated at Tue Aug 20 19:03:39 2024 by rpki-client on console-ams.rpki-client.org