Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS33696.roa
File:                     AS33696.roa (raw, json)
Hash identifier:          SyeVoraM4fsL01ZzhYvxij2QnyYVbNonUXfALHVcY08=
Subject key identifier:   77:E9:4E:C7:B5:E3:3D:DA:69:13:C4:78:EC:41:3F:5A:25:87:61:99
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       46EA30187E53BF77FAAE054F81C990707BD47A31
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS33696.roa
Signing time:             Sun 15 Oct 2023 00:00:06 +0000
ROA not before:           Sat 14 Oct 2023 23:55:06 +0000
ROA not after:            Sun 13 Oct 2024 00:00:06 +0000
asID:                     33696
IP address blocks:        191.96.197.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 12:28:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:ea:30:18:7e:53:bf:77:fa:ae:05:4f:81:c9:90:70:7b:d4:7a:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Oct 14 23:55:06 2023 GMT
            Not After : Oct 13 00:00:06 2024 GMT
        Subject: CN=77E94EC7B5E33DDA6913C478EC413F5A25876199
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:53:ee:f0:9d:e7:f1:d1:e2:71:21:aa:e2:71:
                    e4:c6:56:b0:30:6f:cc:5c:ee:01:1c:37:ea:94:88:
                    1f:6e:54:0e:0d:ad:54:31:17:23:fb:61:9f:0f:43:
                    50:d4:64:ef:e8:44:95:eb:79:8d:9d:62:39:39:2f:
                    ac:c9:01:7a:4c:d9:f0:4f:36:0f:e9:33:8e:9f:1b:
                    ef:19:de:50:a6:54:4c:56:0c:2f:49:94:e4:8b:d1:
                    8f:92:71:d6:87:5a:2d:89:50:49:e5:bd:e1:2e:a8:
                    1a:99:f8:e6:de:3e:60:2f:f5:1c:84:f8:23:29:d9:
                    95:56:88:4b:eb:eb:02:d3:a6:e9:cc:43:3e:d9:0b:
                    e3:38:15:81:01:1b:0c:bc:6f:a7:b9:09:7f:94:e2:
                    80:9e:cd:3a:70:3b:90:6f:eb:23:12:c0:44:c5:b7:
                    4a:f5:22:f8:76:dc:82:88:03:71:63:8a:00:7a:75:
                    a5:6d:ab:74:cd:52:d5:6e:00:fa:48:39:0b:53:92:
                    16:40:05:cb:4d:84:c4:08:b7:f7:fd:68:eb:f7:ae:
                    fb:bc:e3:d8:6c:8e:04:9d:7d:f6:77:55:e5:78:2a:
                    f5:c1:9d:ef:e9:09:16:88:0b:bd:54:19:bc:bb:7d:
                    8f:21:2a:09:b9:1d:98:54:97:2a:d9:3c:11:b0:a1:
                    f1:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:E9:4E:C7:B5:E3:3D:DA:69:13:C4:78:EC:41:3F:5A:25:87:61:99
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS33696.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.96.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:c8:ac:70:bc:a2:ac:55:16:af:f3:d3:e2:51:52:c7:84:b5:
         68:02:72:88:d6:0a:f3:02:0d:3b:4f:1d:4a:53:19:94:5b:42:
         a8:70:35:43:24:fa:9a:86:97:95:01:b4:89:f7:83:dc:4d:0c:
         40:fa:b1:c5:6a:b3:76:71:d4:d1:bb:f4:7a:e2:bb:82:65:63:
         ca:d3:0b:54:7c:5f:24:3d:ac:bb:16:71:26:e8:46:0b:44:ec:
         63:90:56:58:86:9d:31:dc:0a:7a:b7:c7:69:a4:f0:97:6d:41:
         ec:28:33:9f:52:59:a2:3c:0a:86:d9:38:d3:c8:e7:4c:76:86:
         ab:55:57:da:8b:85:19:b3:80:96:c0:1c:e7:c3:1e:2a:ab:46:
         a4:05:fc:28:1b:62:06:c1:6b:58:90:73:41:c0:cf:1e:af:45:
         a1:cf:90:85:a0:7f:dc:5e:08:7d:1b:c7:31:1a:77:be:36:1d:
         57:76:82:b7:c7:df:05:1a:3d:9d:7b:46:38:c8:31:fa:c4:8c:
         a9:a0:75:a2:6a:98:5f:62:a2:95:0f:64:0b:8f:e3:43:a0:37:
         ad:6b:b2:8a:6c:46:70:7d:1d:40:8b:33:44:22:f3:01:35:71:
         89:84:82:b5:d3:50:80:e2:b8:c5:7a:3b:ab:ca:f0:9b:49:34:
         e5:69:89:b9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIURuowGH5Tv3f6rgVPgcmQcHvUejEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEwMTQyMzU1MDZaFw0yNDEwMTMwMDAwMDZaMDMxMTAvBgNV
BAMTKDc3RTk0RUM3QjVFMzNEREE2OTEzQzQ3OEVDNDEzRjVBMjU4NzYxOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQU+7wnefx0eJxIariceTGVrAw
b8xc7gEcN+qUiB9uVA4NrVQxFyP7YZ8PQ1DUZO/oRJXreY2dYjk5L6zJAXpM2fBP
Ng/pM46fG+8Z3lCmVExWDC9JlOSL0Y+ScdaHWi2JUEnlveEuqBqZ+ObePmAv9RyE
+CMp2ZVWiEvr6wLTpunMQz7ZC+M4FYEBGwy8b6e5CX+U4oCezTpwO5Bv6yMSwETF
t0r1Ivh23IKIA3FjigB6daVtq3TNUtVuAPpIOQtTkhZABctNhMQIt/f9aOv3rvu8
49hsjgSdffZ3VeV4KvXBne/pCRaIC71UGby7fY8hKgm5HZhUlyrZPBGwofEzAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUd+lOx7XjPdppE8R47EE/WiWHYZkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzM2OTYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/YMUw
DQYJKoZIhvcNAQELBQADggEBADjIrHC8oqxVFq/z0+JRUseEtWgCcojWCvMCDTtP
HUpTGZRbQqhwNUMk+pqGl5UBtIn3g9xNDED6scVqs3Zx1NG79Hriu4JlY8rTC1R8
XyQ9rLsWcSboRgtE7GOQVliGnTHcCnq3x2mk8JdtQewoM59SWaI8CobZONPI50x2
hqtVV9qLhRmzgJbAHOfDHiqrRqQF/CgbYgbBa1iQc0HAzx6vRaHPkIWgf9xeCH0b
xzEad742HVd2grfH3wUaPZ17RjjIMfrEjKmgdaJqmF9iopUPZAuP40OgN61rsops
RnB9HUCLM0Qi8wE1cYmEgrXTUIDiuMV6O6vK8JtJNOVpibk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:04 2024 by rpki-client on console-ams.rpki-client.org