Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3b86cb77-69ac-43d9-9f6c-fc53066beb88/2/32332e3136342e3135322e302f32342d3234203d3e2036313836.roa
File:                     32332e3136342e3135322e302f32342d3234203d3e2036313836.roa (raw, json)
Hash identifier:          pQOooJr9+w04Zvxoj0p6p65FXx50wthaS8EZxRGtTaQ=
Subject key identifier:   20:36:31:79:7B:E7:05:07:AB:44:02:1A:BD:F4:22:2A:BA:3D:10:39
Certificate issuer:       /CN=d90d8aba2a0138213973cac0c2b7200290d46207f47451cf72
Certificate serial:       6C6C98850C27E9A87B7197C77A0A3EBA0BBB7A17
Authority key identifier: 77:02:2B:F1:87:A9:2A:6A:E4:18:38:10:8B:8A:F7:B3:BA:F1:B2:B2
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a0138213973cac0c2b7200290d46207f47451cf72.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3b86cb77-69ac-43d9-9f6c-fc53066beb88/2/32332e3136342e3135322e302f32342d3234203d3e2036313836.roa
Signing time:             Mon 11 Nov 2024 15:08:46 +0000
ROA not before:           Mon 11 Nov 2024 15:03:46 +0000
ROA not after:            Mon 10 Nov 2025 15:08:46 +0000
asID:                     6186
IP address blocks:        23.164.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Nov 2024 13:32:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:6c:98:85:0c:27:e9:a8:7b:71:97:c7:7a:0a:3e:ba:0b:bb:7a:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90d8aba2a0138213973cac0c2b7200290d46207f47451cf72
        Validity
            Not Before: Nov 11 15:03:46 2024 GMT
            Not After : Nov 10 15:08:46 2025 GMT
        Subject: CN=203631797BE70507AB44021ABDF4222ABA3D1039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:b4:2c:26:86:7b:90:91:12:69:10:12:1e:5e:
                    aa:37:1f:5e:ab:04:7b:89:cd:75:6d:ef:58:31:c4:
                    74:28:d4:03:c3:5b:41:6a:5b:c1:b5:16:0f:1e:7a:
                    9c:12:7e:a6:8b:a9:85:33:50:9b:62:0c:21:46:dd:
                    d5:d5:65:05:66:b1:4a:44:0b:55:86:27:7c:6d:e4:
                    20:c8:e5:38:50:a3:6e:7e:92:83:44:76:01:74:62:
                    e8:73:c5:3a:6f:1f:cc:4c:bf:9d:2d:c6:66:aa:56:
                    e1:61:89:7f:26:d4:66:ae:07:36:b6:5a:cd:ef:92:
                    36:97:fe:01:48:77:af:15:07:29:c2:50:69:a6:72:
                    d4:6e:7b:a9:ff:ec:c7:a3:b4:95:f5:fd:63:0a:e3:
                    ac:d0:34:e4:f5:f8:82:fb:34:2a:8e:83:3a:43:ad:
                    5c:a1:48:4d:a3:4d:c5:85:95:70:ee:86:f9:3c:a0:
                    07:93:85:4e:01:79:07:23:62:71:2d:d9:48:74:fa:
                    91:54:5f:d9:a4:b0:aa:b7:84:b4:5e:3a:0c:1d:fd:
                    1b:c0:05:bf:d1:b1:93:52:cd:13:14:72:a1:6a:6d:
                    c6:70:79:e6:33:ef:a7:d4:0d:44:9e:2f:25:f4:c0:
                    c0:f0:76:ce:05:1f:95:fc:38:b4:ed:12:04:5c:48:
                    b0:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:36:31:79:7B:E7:05:07:AB:44:02:1A:BD:F4:22:2A:BA:3D:10:39
            X509v3 Authority Key Identifier:
                keyid:77:02:2B:F1:87:A9:2A:6A:E4:18:38:10:8B:8A:F7:B3:BA:F1:B2:B2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3b86cb77-69ac-43d9-9f6c-fc53066beb88/2/77022BF187A92A6AE41838108B8AF7B3BAF1B2B2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a0138213973cac0c2b7200290d46207f47451cf72.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3b86cb77-69ac-43d9-9f6c-fc53066beb88/2/32332e3136342e3135322e302f32342d3234203d3e2036313836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.164.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:b7:ac:f9:c2:44:80:97:0b:3b:c3:d6:bd:38:d3:32:05:ff:
         2b:be:76:99:98:37:75:be:f4:cb:41:3b:eb:52:29:26:72:fd:
         fe:e1:d9:f5:dd:c7:48:9f:76:0d:7a:8d:73:e6:5e:de:ca:90:
         25:a4:77:27:be:7c:e7:b4:d0:ca:35:ea:03:0c:2d:96:b4:a0:
         62:ed:1e:ff:1f:07:f1:dc:95:83:a5:ec:95:00:87:e6:37:a0:
         8c:3a:da:32:99:9f:a6:42:1c:59:fd:3e:8d:0e:12:9a:d0:c3:
         54:a2:fe:84:c5:40:18:99:2d:2c:7c:d3:26:86:56:50:7c:cf:
         2f:06:9a:0d:cb:79:d3:08:8c:40:ee:49:e1:d4:36:b9:4c:cf:
         1c:e5:52:42:b3:8a:03:dd:90:41:f6:da:18:44:8a:f0:25:4a:
         f4:51:9d:06:33:78:cd:6d:0f:11:ec:4a:6f:da:c1:88:76:a2:
         6a:e6:22:8d:f5:5d:cf:ef:92:88:c1:74:83:7b:98:88:d9:b0:
         d3:f8:f4:01:dc:46:97:ab:74:53:1f:4c:74:a1:89:97:a7:12:
         7c:f9:3a:87:65:47:be:31:54:31:b4:c3:9a:ca:94:14:49:d5:
         7a:6e:d5:c1:4c:20:e4:fe:db:0f:f6:ea:b5:2f:12:f6:ac:09:
         2e:4c:4b:d0
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgIUbGyYhQwn6ah7cZfHego+ugu7ehcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDkwZDhhYmEyYTAxMzgyMTM5NzNjYWMwYzJiNzIwMDI5
MGQ0NjIwN2Y0NzQ1MWNmNzIwHhcNMjQxMTExMTUwMzQ2WhcNMjUxMTEwMTUwODQ2
WjAzMTEwLwYDVQQDEygyMDM2MzE3OTdCRTcwNTA3QUI0NDAyMUFCREY0MjIyQUJB
M0QxMDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bQsJoZ7kJES
aRASHl6qNx9eqwR7ic11be9YMcR0KNQDw1tBalvBtRYPHnqcEn6mi6mFM1CbYgwh
Rt3V1WUFZrFKRAtVhid8beQgyOU4UKNufpKDRHYBdGLoc8U6bx/MTL+dLcZmqlbh
YYl/JtRmrgc2tlrN75I2l/4BSHevFQcpwlBppnLUbnup/+zHo7SV9f1jCuOs0DTk
9fiC+zQqjoM6Q61coUhNo03FhZVw7ob5PKAHk4VOAXkHI2JxLdlIdPqRVF/ZpLCq
t4S0XjoMHf0bwAW/0bGTUs0TFHKham3GcHnmM++n1A1Eni8l9MDA8HbOBR+V/Di0
7RIEXEiwLQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFCA2MXl75wUHq0QCGr30Iiq6
PRA5MB8GA1UdIwQYMBaAFHcCK/GHqSpq5Bg4EIuK97O68bKyMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzNiODZjYjc3LTY5YWMtNDNkOS05ZjZj
LWZjNTMwNjZiZWI4OC8yLzc3MDIyQkYxODdBOTJBNkFFNDE4MzgxMDhCOEFGN0Iz
QkFGMUIyQjIuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2Et
NGE0NS1hMGE5LTk3ODE0ODMyMWEwNy8wZWMxNzE1Ny02NmRlLTRhYWItODVlNy0y
OGFmNGRlNDMwZTIvZDkwZDhhYmEyYTAxMzgyMTM5NzNjYWMwYzJiNzIwMDI5MGQ0
NjIwN2Y0NzQ1MWNmNzIuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUH
MAuGgYtyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzNiODZjYjc3LTY5YWMtNDNkOS05ZjZjLWZjNTMwNjZiZWI4OC8yLzMyMzMyZTMx
MzYzNDJlMzEzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTM4MzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBAAXpJgwDQYJKoZIhvcNAQELBQADggEBAMO3rPnCRICXCzvD1r040zIF
/yu+dpmYN3W+9MtBO+tSKSZy/f7h2fXdx0ifdg16jXPmXt7KkCWkdye+fOe00Mo1
6gMMLZa0oGLtHv8fB/HclYOl7JUAh+Y3oIw62jKZn6ZCHFn9Po0OEprQw1Si/oTF
QBiZLSx80yaGVlB8zy8Gmg3LedMIjEDuSeHUNrlMzxzlUkKzigPdkEH22hhEivAl
SvRRnQYzeM1tDxHsSm/awYh2omrmIo31Xc/vkojBdIN7mIjZsNP49AHcRperdFMf
THShiZenEnz5OodlR74xVDG0w5rKlBRJ1Xpu1cFMIOT+2w/26rUvEvasCS5MS9A=
-----END CERTIFICATE-----