Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/4/32332e3137372e382e302f32342d3234203d3e2030.roa
File:                     32332e3137372e382e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier:          UBiVCO43q8YhKhVTPVRP5Yiv1q7b4teFevzMZ4IUOy8=
Subject key identifier:   9D:5E:80:42:48:17:41:55:0C:9F:8F:F8:A3:65:C7:52:13:68:B9:AD
Certificate issuer:       /CN=200ae5435f38d42d4a11763fe2104e07777a6258a5e0b4c9db
Certificate serial:       3E1212CD1E70173775633AB99D6BEE944772F290
Authority key identifier: 63:55:2D:73:63:6A:C0:8B:8F:CA:F6:E9:C2:46:3D:64:72:CA:3B:F3
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/8e6147b8-d55d-4ed8-8973-d5cf2a27e161/200ae5435f38d42d4a11763fe2104e07777a6258a5e0b4c9db.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/4/32332e3137372e382e302f32342d3234203d3e2030.roa
Signing time:             Tue 20 Aug 2024 17:26:59 +0000
ROA not before:           Tue 20 Aug 2024 17:21:59 +0000
ROA not after:            Tue 19 Aug 2025 17:26:59 +0000
asID:                     0
IP address blocks:        23.177.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 01 Sep 2024 17:05:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:12:12:cd:1e:70:17:37:75:63:3a:b9:9d:6b:ee:94:47:72:f2:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=200ae5435f38d42d4a11763fe2104e07777a6258a5e0b4c9db
        Validity
            Not Before: Aug 20 17:21:59 2024 GMT
            Not After : Aug 19 17:26:59 2025 GMT
        Subject: CN=9D5E8042481741550C9F8FF8A365C7521368B9AD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:92:2b:14:43:62:f6:6f:39:ea:1d:9b:a1:8a:
                    69:a4:a5:29:99:36:06:18:7d:15:57:9b:a2:76:ce:
                    c7:c0:62:fb:47:b8:3a:1a:43:7c:ae:d1:d4:31:2d:
                    a2:e0:3c:c3:15:c3:7f:53:19:b0:db:1c:6f:09:5c:
                    14:c4:57:50:cc:5d:58:5b:76:6d:01:46:2e:02:42:
                    6a:73:33:54:02:dd:98:0b:e6:4f:bc:7c:73:52:e8:
                    68:87:67:2a:81:be:9f:2f:9b:73:5c:cc:b8:b7:d1:
                    fc:40:93:a4:be:ea:be:1d:ca:5d:df:41:bd:42:11:
                    a7:33:a3:c7:9e:b2:d5:92:17:8d:2a:7e:bb:ca:a5:
                    ff:31:9f:fb:06:e2:c7:02:70:4e:ad:20:49:59:3d:
                    ab:a5:2f:dd:62:e0:38:37:24:90:9c:1b:32:a6:f9:
                    87:6e:12:37:71:ac:55:32:d5:43:9c:c0:95:37:e8:
                    5d:52:39:d3:89:e5:8f:b1:8d:2f:be:f3:8f:14:8b:
                    93:6b:c0:53:50:a9:de:3c:7a:78:b7:c5:e1:9e:1d:
                    b4:f6:a7:44:bb:b5:03:36:ee:c7:d6:71:91:b7:cb:
                    a3:80:5d:58:21:ce:ed:ae:63:ff:3a:0c:7e:c9:87:
                    18:3c:7b:f7:3a:44:2d:09:23:09:eb:e1:dc:03:39:
                    15:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:5E:80:42:48:17:41:55:0C:9F:8F:F8:A3:65:C7:52:13:68:B9:AD
            X509v3 Authority Key Identifier:
                keyid:63:55:2D:73:63:6A:C0:8B:8F:CA:F6:E9:C2:46:3D:64:72:CA:3B:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/4/63552D73636AC08B8FCAF6E9C2463D6472CA3BF3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/8e6147b8-d55d-4ed8-8973-d5cf2a27e161/200ae5435f38d42d4a11763fe2104e07777a6258a5e0b4c9db.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/4/32332e3137372e382e302f32342d3234203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.177.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:17:60:6e:18:20:fb:10:a8:c5:7c:af:47:d1:90:34:81:0f:
         b7:47:7f:a4:1b:55:12:a4:47:47:82:c1:d7:c7:59:88:5d:12:
         85:c6:1d:93:51:5b:76:9d:8c:33:ea:15:88:19:3c:90:a0:3b:
         2a:18:1e:86:8a:a0:f5:87:06:04:23:07:d4:a7:7c:94:45:35:
         42:bb:48:12:84:b8:71:3c:3f:aa:6c:b0:5e:1c:9b:9e:86:7a:
         db:50:d0:13:0c:8c:eb:8c:33:af:43:2d:a2:74:29:1b:02:c4:
         72:b2:63:0c:6c:a4:63:40:07:ac:c6:59:34:0f:6a:78:23:44:
         33:48:f0:d5:b4:8f:39:d3:c3:cb:0d:1c:4d:26:8e:d8:26:26:
         1a:b0:71:19:b4:2a:ab:6e:b8:f3:82:9a:03:68:3d:57:9f:0e:
         ae:37:ab:ef:e4:a9:fc:16:da:80:7f:71:ee:9c:ff:aa:6d:1a:
         2b:4c:b4:46:b6:03:b3:b0:8e:bb:c1:ce:d3:d8:5b:af:60:a8:
         41:cc:21:46:8e:03:6e:8a:5e:aa:ca:28:5b:6d:60:e3:47:c6:
         8a:91:d2:ac:0c:6c:d6:03:05:8c:0a:7e:f4:72:2b:44:a0:5a:
         6f:8d:a0:f2:ba:7a:38:d4:37:c5:de:bc:cd:29:29:68:c3:55:
         b0:eb:55:75
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgIUPhISzR5wFzd1Yzq5nWvulEdy8pAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjAwYWU1NDM1ZjM4ZDQyZDRhMTE3NjNmZTIxMDRlMDc3
NzdhNjI1OGE1ZTBiNGM5ZGIwHhcNMjQwODIwMTcyMTU5WhcNMjUwODE5MTcyNjU5
WjAzMTEwLwYDVQQDEyg5RDVFODA0MjQ4MTc0MTU1MEM5RjhGRjhBMzY1Qzc1MjEz
NjhCOUFEMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35IrFENi9m85
6h2boYpppKUpmTYGGH0VV5uids7HwGL7R7g6GkN8rtHUMS2i4DzDFcN/Uxmw2xxv
CVwUxFdQzF1YW3ZtAUYuAkJqczNUAt2YC+ZPvHxzUuhoh2cqgb6fL5tzXMy4t9H8
QJOkvuq+Hcpd30G9QhGnM6PHnrLVkheNKn67yqX/MZ/7BuLHAnBOrSBJWT2rpS/d
YuA4NySQnBsypvmHbhI3caxVMtVDnMCVN+hdUjnTieWPsY0vvvOPFIuTa8BTUKne
PHp4t8Xhnh209qdEu7UDNu7H1nGRt8ujgF1YIc7trmP/Ogx+yYcYPHv3OkQtCSMJ
6+HcAzkVXwIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFJ1egEJIF0FVDJ+P+KNlx1IT
aLmtMB8GA1UdIwQYMBaAFGNVLXNjasCLj8r26cJGPWRyyjvzMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZi
LTY4NmQ4OGU3MWFlOS80LzYzNTUyRDczNjM2QUMwOEI4RkNBRjZFOUMyNDYzRDY0
NzJDQTNCRjMuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzZlYWQwNzNjLWI5ZjAt
NDUyMy1iMzllLWEzYzdkYWI5N2MyNS84ZTYxNDdiOC1kNTVkLTRlZDgtODk3My1k
NWNmMmEyN2UxNjEvMjAwYWU1NDM1ZjM4ZDQyZDRhMTE3NjNmZTIxMDRlMDc3Nzdh
NjI1OGE1ZTBiNGM5ZGIuY2VyMIGhBggrBgEFBQcBCwSBlDCBkTCBjgYIKwYBBQUH
MAuGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZiLTY4NmQ4OGU3MWFlOS80LzMyMzMyZTMx
MzczNzJlMzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEABex
CDANBgkqhkiG9w0BAQsFAAOCAQEAABdgbhgg+xCoxXyvR9GQNIEPt0d/pBtVEqRH
R4LB18dZiF0ShcYdk1Fbdp2MM+oViBk8kKA7Khgehoqg9YcGBCMH1Kd8lEU1QrtI
EoS4cTw/qmywXhybnoZ621DQEwyM64wzr0MtonQpGwLEcrJjDGykY0AHrMZZNA9q
eCNEM0jw1bSPOdPDyw0cTSaO2CYmGrBxGbQqq26484KaA2g9V58Orjer7+Sp/Bba
gH9x7pz/qm0aK0y0RrYDs7COu8HO09hbr2CoQcwhRo4DbopeqsooW21g40fGipHS
rAxs1gMFjAp+9HIrRKBab42g8rp6ONQ3xd68zSkpaMNVsOtVdQ==
-----END CERTIFICATE-----