Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/5/32332e3137372e38382e302f32342d3234203d3e2030.roa
File:                     32332e3137372e38382e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier:          0jep9hb/g6gJi4e2mFntFfT9X9ZWj5s9gcY2WzsHlMw=
Subject key identifier:   0D:59:C4:1B:3C:04:27:57:D2:AA:0F:68:B9:2C:50:66:79:A9:D3:91
Certificate issuer:       /CN=96a2b0e2d1ed38ae6fa24f6e3eae4950e503abf9957077da6e
Certificate serial:       2A0324176A43872F0BAD68D016B438DE5BCEC273
Authority key identifier: 80:2F:06:87:6C:FA:0F:E0:30:90:97:CF:7C:0C:EE:45:53:D2:D2:15
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/3c85ceae-9f38-49c6-ad1e-39e9bfeab158/96a2b0e2d1ed38ae6fa24f6e3eae4950e503abf9957077da6e.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/5/32332e3137372e38382e302f32342d3234203d3e2030.roa
Signing time:             Tue 20 Aug 2024 17:27:05 +0000
ROA not before:           Tue 20 Aug 2024 17:22:05 +0000
ROA not after:            Tue 19 Aug 2025 17:27:05 +0000
asID:                     0
IP address blocks:        23.177.88.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 01 Sep 2024 17:05:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:03:24:17:6a:43:87:2f:0b:ad:68:d0:16:b4:38:de:5b:ce:c2:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96a2b0e2d1ed38ae6fa24f6e3eae4950e503abf9957077da6e
        Validity
            Not Before: Aug 20 17:22:05 2024 GMT
            Not After : Aug 19 17:27:05 2025 GMT
        Subject: CN=0D59C41B3C042757D2AA0F68B92C506679A9D391
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:7f:41:3d:7c:3d:69:30:9e:2c:3a:a4:71:1f:
                    13:82:5c:c8:77:46:33:e1:1c:62:7d:5f:f9:ef:79:
                    cc:21:ce:00:ae:c6:5e:57:38:06:9e:b9:45:39:b8:
                    a3:91:20:e9:9c:43:51:ac:89:33:3e:15:1c:71:fa:
                    88:2c:20:d0:d1:0d:8d:c7:a7:c4:fa:af:93:f8:3c:
                    e2:4c:a4:10:27:9e:5b:17:23:59:98:1d:9e:77:06:
                    58:be:10:2c:ac:49:f1:1a:7a:c6:97:ef:f9:69:d5:
                    5a:27:bb:7d:b0:68:51:68:37:77:1d:f4:c3:8a:e7:
                    b4:c1:b1:31:0d:5d:43:b9:c0:9e:08:70:6f:f0:f1:
                    92:42:f7:8e:8d:af:41:ed:d4:de:99:98:b9:2a:3e:
                    58:2e:13:26:a6:78:0d:a9:2b:ae:26:06:aa:9b:01:
                    7c:c5:d8:41:0c:a0:af:86:96:f3:2b:1d:52:61:31:
                    1a:a7:1a:fd:b1:2b:12:a0:e1:64:31:98:0e:66:ff:
                    26:ad:62:d2:0d:66:04:d4:96:4e:ef:c8:14:90:63:
                    c0:d2:67:e9:92:f4:cb:70:25:0c:f2:57:d3:30:3d:
                    25:8e:c1:05:c0:87:74:d9:3d:ec:f8:d5:71:ed:f4:
                    64:24:bd:a6:a7:0e:8a:cf:6d:b0:ed:39:3a:92:f8:
                    58:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:59:C4:1B:3C:04:27:57:D2:AA:0F:68:B9:2C:50:66:79:A9:D3:91
            X509v3 Authority Key Identifier:
                keyid:80:2F:06:87:6C:FA:0F:E0:30:90:97:CF:7C:0C:EE:45:53:D2:D2:15

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/5/802F06876CFA0FE0309097CF7C0CEE4553D2D215.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/6ead073c-b9f0-4523-b39e-a3c7dab97c25/3c85ceae-9f38-49c6-ad1e-39e9bfeab158/96a2b0e2d1ed38ae6fa24f6e3eae4950e503abf9957077da6e.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2de2f64d-f6e5-47e3-a6fb-686d88e71ae9/5/32332e3137372e38382e302f32342d3234203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.177.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:2b:7d:2c:91:71:e3:ca:9d:e1:11:39:9b:c3:08:11:ab:79:
         7c:eb:24:d5:76:ac:d7:0d:e4:2f:c0:99:42:55:8d:ac:15:47:
         0d:62:89:1c:ed:e8:0d:9f:a1:ba:76:08:0a:36:b6:53:4b:80:
         43:a2:64:95:6e:57:55:b7:88:26:3a:1d:22:fd:d9:df:d4:3a:
         b6:b3:b4:38:ad:11:6f:3e:38:dd:27:aa:3d:e0:18:97:a4:c8:
         03:87:27:f7:0e:d2:43:d7:b5:2f:ba:d7:fe:7a:c5:21:92:4a:
         8d:8d:23:38:be:71:71:d2:62:0a:a4:ff:be:97:6c:ed:28:4c:
         c7:45:5f:e8:d1:e7:37:85:d0:10:8e:4b:b1:d4:f7:9b:f8:78:
         8f:96:a0:20:da:62:e0:68:4b:07:56:76:22:b5:8f:cb:47:e7:
         60:f3:18:af:68:9e:64:9d:30:92:82:c3:3a:56:86:86:ae:d2:
         0c:01:e7:b2:6f:72:2f:6b:60:58:8c:07:9f:80:a3:bd:ba:4e:
         85:ac:14:9f:90:ef:7c:04:8e:01:40:57:06:0c:d6:79:27:b5:
         87:6e:1a:5b:6f:b1:c2:32:ea:ec:80:47:7c:da:a9:ac:29:db:
         91:b2:03:1f:d9:5d:20:10:1c:47:91:e3:11:f7:19:87:14:85:
         89:1e:1a:e5
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgIUKgMkF2pDhy8LrWjQFrQ43lvOwnMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTZhMmIwZTJkMWVkMzhhZTZmYTI0ZjZlM2VhZTQ5NTBl
NTAzYWJmOTk1NzA3N2RhNmUwHhcNMjQwODIwMTcyMjA1WhcNMjUwODE5MTcyNzA1
WjAzMTEwLwYDVQQDEygwRDU5QzQxQjNDMDQyNzU3RDJBQTBGNjhCOTJDNTA2Njc5
QTlEMzkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1H9BPXw9aTCe
LDqkcR8TglzId0Yz4RxifV/573nMIc4ArsZeVzgGnrlFObijkSDpnENRrIkzPhUc
cfqILCDQ0Q2Nx6fE+q+T+DziTKQQJ55bFyNZmB2edwZYvhAsrEnxGnrGl+/5adVa
J7t9sGhRaDd3HfTDiue0wbExDV1DucCeCHBv8PGSQveOja9B7dTemZi5Kj5YLhMm
pngNqSuuJgaqmwF8xdhBDKCvhpbzKx1SYTEapxr9sSsSoOFkMZgOZv8mrWLSDWYE
1JZO78gUkGPA0mfpkvTLcCUM8lfTMD0ljsEFwId02T3s+NVx7fRkJL2mpw6Kz22w
7Tk6kvhYqwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFA1ZxBs8BCdX0qoPaLksUGZ5
qdORMB8GA1UdIwQYMBaAFIAvBods+g/gMJCXz3wM7kVT0tIVMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZi
LTY4NmQ4OGU3MWFlOS81LzgwMkYwNjg3NkNGQTBGRTAzMDkwOTdDRjdDMENFRTQ1
NTNEMkQyMTUuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzZlYWQwNzNjLWI5ZjAt
NDUyMy1iMzllLWEzYzdkYWI5N2MyNS8zYzg1Y2VhZS05ZjM4LTQ5YzYtYWQxZS0z
OWU5YmZlYWIxNTgvOTZhMmIwZTJkMWVkMzhhZTZmYTI0ZjZlM2VhZTQ5NTBlNTAz
YWJmOTk1NzA3N2RhNmUuY2VyMIGjBggrBgEFBQcBCwSBljCBkzCBkAYIKwYBBQUH
MAuGgYNyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzJkZTJmNjRkLWY2ZTUtNDdlMy1hNmZiLTY4NmQ4OGU3MWFlOS81LzMyMzMyZTMx
MzczNzJlMzgzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
F7FYMA0GCSqGSIb3DQEBCwUAA4IBAQAAK30skXHjyp3hETmbwwgRq3l86yTVdqzX
DeQvwJlCVY2sFUcNYokc7egNn6G6dggKNrZTS4BDomSVbldVt4gmOh0i/dnf1Dq2
s7Q4rRFvPjjdJ6o94BiXpMgDhyf3DtJD17Uvutf+esUhkkqNjSM4vnFx0mIKpP++
l2ztKEzHRV/o0ec3hdAQjkux1Peb+HiPlqAg2mLgaEsHVnYitY/LR+dg8xivaJ5k
nTCSgsM6VoaGrtIMAeeyb3Iva2BYjAefgKO9uk6FrBSfkO98BI4BQFcGDNZ5J7WH
bhpbb7HCMursgEd82qmsKduRsgMf2V0gEBxHkeMR9xmHFIWJHhrl
Generated at Sun Sep 1 19:20:02 2024 by rpki-client on console-ams.rpki-client.org