Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS39798.roa
File:                     AS39798.roa (raw, json)
Hash identifier:          Bl6dxxIx/urMsLCCtwfO0NWu8iEwuCnalHbDkl7FriQ=
Subject key identifier:   29:9B:A6:06:77:56:67:6F:E1:BC:0E:B7:0D:47:8F:7D:8D:4D:91:F2
Certificate issuer:       /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial:       1597AA1C4BC1445832E0BE6178871262C85979B4
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS39798.roa
Signing time:             Thu 29 Jun 2023 13:44:26 +0000
ROA not before:           Thu 29 Jun 2023 13:39:26 +0000
ROA not after:            Thu 27 Jun 2024 13:44:26 +0000
asID:                     39798
IP address blocks:        191.96.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 29 Jul 2023 00:00:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:97:aa:1c:4b:c1:44:58:32:e0:be:61:78:87:12:62:c8:59:79:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
        Validity
            Not Before: Jun 29 13:39:26 2023 GMT
            Not After : Jun 27 13:44:26 2024 GMT
        Subject: CN=299BA6067756676FE1BC0EB70D478F7D8D4D91F2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:54:f6:20:1e:00:cd:0a:c9:35:73:34:29:ae:
                    bd:9b:91:de:22:7b:46:d5:be:50:8f:ed:ec:4d:8f:
                    1b:b6:72:52:b2:f0:cf:3b:c8:be:b9:92:50:a1:fd:
                    71:4b:5f:48:f4:4f:58:9e:b1:83:0d:c1:1f:e5:33:
                    0d:ab:c5:96:87:96:70:38:cb:37:ed:93:f0:2c:d7:
                    4e:6b:6b:c1:7f:f3:26:0f:3f:ae:87:07:3a:03:54:
                    3e:92:52:77:0d:69:61:66:c6:13:39:3c:e0:46:35:
                    92:20:dd:80:b3:46:8a:30:7e:c4:e9:f2:68:97:34:
                    7e:58:27:55:c1:e8:2d:fb:b5:81:37:18:72:50:54:
                    72:1f:d8:40:95:99:ba:ed:81:e6:68:ba:08:cc:38:
                    19:fa:25:a0:a3:b1:70:12:32:b0:37:1e:03:ed:34:
                    ab:e0:23:59:86:0b:c7:f4:27:f8:fc:fd:8c:16:65:
                    0b:c9:78:ab:dc:6d:ac:5f:4f:ea:22:ea:03:cd:4d:
                    2b:48:a0:44:4c:6b:82:15:0c:36:4e:b9:49:01:ad:
                    a6:9e:14:94:31:64:7a:e5:57:3f:f7:06:a6:27:51:
                    1d:d4:5e:d0:83:a4:16:30:96:7e:7c:0f:ee:eb:c9:
                    e2:82:bf:db:71:62:6a:2a:07:b5:7f:a2:10:72:de:
                    7e:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:9B:A6:06:77:56:67:6F:E1:BC:0E:B7:0D:47:8F:7D:8D:4D:91:F2
            X509v3 Authority Key Identifier:
                keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS39798.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.96.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:f0:6c:8d:b9:7d:71:11:88:1d:9e:9f:97:3a:52:2d:99:37:
         99:d7:3a:85:a6:19:38:82:d9:14:c1:f7:98:5b:56:4f:1e:bf:
         b8:c9:01:b2:a6:08:94:35:86:27:87:16:be:69:6a:b5:7f:c0:
         dd:ff:15:a0:94:c7:25:ca:a5:be:85:13:9a:f3:f9:8a:b0:bc:
         85:dd:ec:e1:c3:ae:36:9e:ce:17:4d:32:80:71:aa:ef:46:67:
         13:8b:9f:49:8f:4c:8c:9b:20:97:db:89:73:b6:a6:5a:dc:a6:
         0b:e0:5c:2b:f9:9f:9e:3b:f9:d3:6b:77:1a:66:39:00:8a:5d:
         1f:6d:a6:48:20:d5:9c:1d:a2:8c:ad:e3:7d:4d:1a:15:23:43:
         d5:d2:2c:50:85:e6:16:21:f0:00:eb:6a:70:c9:25:28:a2:b4:
         2e:39:dc:52:af:2a:c3:2e:55:3c:9a:b7:f0:4b:d7:74:69:b5:
         aa:54:6f:4d:67:3a:56:0d:2a:f1:73:16:e9:dc:05:48:4a:de:
         7d:3d:8e:c9:0c:d0:6a:16:fc:e3:10:84:b1:fd:32:31:04:b0:
         6a:6c:ab:ae:02:35:b7:8f:2f:f5:1c:fd:c3:66:38:8a:0e:0c:
         03:9f:91:80:b5:d5:1b:01:03:2d:66:e4:78:0c:4d:08:e4:e6:
         50:0b:e5:73
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUFZeqHEvBRFgy4L5heIcSYshZebQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA2MjkxMzM5MjZaFw0yNDA2MjcxMzQ0MjZaMDMxMTAvBgNV
BAMTKDI5OUJBNjA2Nzc1NjY3NkZFMUJDMEVCNzBENDc4RjdEOEQ0RDkxRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyVPYgHgDNCsk1czQprr2bkd4i
e0bVvlCP7exNjxu2clKy8M87yL65klCh/XFLX0j0T1iesYMNwR/lMw2rxZaHlnA4
yzftk/As105ra8F/8yYPP66HBzoDVD6SUncNaWFmxhM5POBGNZIg3YCzRoowfsTp
8miXNH5YJ1XB6C37tYE3GHJQVHIf2ECVmbrtgeZougjMOBn6JaCjsXASMrA3HgPt
NKvgI1mGC8f0J/j8/YwWZQvJeKvcbaxfT+oi6gPNTStIoERMa4IVDDZOuUkBraae
FJQxZHrlVz/3BqYnUR3UXtCDpBYwln58D+7ryeKCv9txYmoqB7V/ohBy3n4ZAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUKZumBndWZ2/hvA63DUePfY1NkfIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3OTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/YDww
DQYJKoZIhvcNAQELBQADggEBAI/wbI25fXERiB2en5c6Ui2ZN5nXOoWmGTiC2RTB
95hbVk8ev7jJAbKmCJQ1hieHFr5parV/wN3/FaCUxyXKpb6FE5rz+YqwvIXd7OHD
rjaezhdNMoBxqu9GZxOLn0mPTIybIJfbiXO2plrcpgvgXCv5n547+dNrdxpmOQCK
XR9tpkgg1Zwdooyt431NGhUjQ9XSLFCF5hYh8ADranDJJSiitC453FKvKsMuVTya
t/BL13RptapUb01nOlYNKvFzFuncBUhK3n09jskM0GoW/OMQhLH9MjEEsGpsq64C
NbePL/Uc/cNmOIoODAOfkYC11RsBAy1m5HgMTQjk5lAL5XM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:15 2024 by rpki-client on console-fra.rpki-client.org