Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139362e302f32342d3234203d3e2039303837.roa
File:                     3139332e3130392e3139362e302f32342d3234203d3e2039303837.roa (raw, json)
Hash identifier:          BJ5MbgHEwHQyvxUy+5Jo9TaKi3isuhdX6e9gUlhlRtg=
Subject key identifier:   B8:99:82:8B:F3:01:97:89:34:6D:B1:34:BB:01:86:AC:C9:9D:4F:2B
Certificate issuer:       /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial:       48AC5230104B5BEC506178BA226BB8CAB74BFDCB
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139362e302f32342d3234203d3e2039303837.roa
Signing time:             Wed 08 Nov 2023 09:21:00 +0000
ROA not before:           Wed 08 Nov 2023 09:16:00 +0000
ROA not after:            Wed 06 Nov 2024 09:21:00 +0000
asID:                     9087
IP address blocks:        193.109.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Sep 2024 00:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:ac:52:30:10:4b:5b:ec:50:61:78:ba:22:6b:b8:ca:b7:4b:fd:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
        Validity
            Not Before: Nov  8 09:16:00 2023 GMT
            Not After : Nov  6 09:21:00 2024 GMT
        Subject: CN=B899828BF3019789346DB134BB0186ACC99D4F2B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:c8:d0:37:4a:12:8c:71:8b:4f:cf:6c:98:af:
                    76:0f:b3:6a:c0:a6:b7:dc:f4:22:33:77:e1:08:3f:
                    5d:da:9a:a8:24:b5:0b:87:60:ea:11:6c:12:e2:7c:
                    50:ec:34:1d:72:b9:26:5c:f1:2a:de:b2:1c:7a:8d:
                    02:e9:23:ab:d2:5e:19:91:1f:84:08:72:6f:ac:aa:
                    59:ec:4b:73:0d:9c:14:ca:2c:79:65:7a:82:f7:5c:
                    68:be:11:62:3b:5d:ae:91:41:1e:49:f7:89:2d:53:
                    73:a4:2f:c0:5b:94:5a:bb:59:35:df:45:e8:2a:0c:
                    c6:20:41:70:ae:43:c3:31:09:eb:0e:9f:88:e9:8c:
                    3a:ca:25:1d:28:f0:95:07:e5:37:ed:96:b8:75:22:
                    96:10:41:e6:75:8b:e3:0e:17:75:1b:36:c1:cd:95:
                    88:bc:88:c9:60:ef:7e:32:bc:87:52:a9:22:ec:2a:
                    96:1d:3a:9f:6f:89:71:5e:e9:1e:7e:1c:d1:c7:64:
                    35:6d:b9:49:cb:c0:84:7d:ee:95:8d:c3:e2:c2:b0:
                    d4:03:78:6b:76:7e:5e:73:1a:e3:a5:05:6f:8c:6d:
                    3d:ff:35:66:e9:e7:ec:16:8f:71:2c:f1:db:fe:31:
                    76:9d:02:f1:78:ae:d6:38:2a:b8:16:f8:01:ce:ad:
                    17:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:99:82:8B:F3:01:97:89:34:6D:B1:34:BB:01:86:AC:C9:9D:4F:2B
            X509v3 Authority Key Identifier:
                keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139362e302f32342d3234203d3e2039303837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.109.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:05:96:f0:03:41:34:1c:7c:8e:d7:1d:cd:1b:ad:97:0e:67:
         33:1c:18:91:b4:86:da:80:2f:34:5a:60:97:6a:3b:4b:d0:ae:
         f6:e9:4f:b7:6c:38:a3:b8:1c:15:2e:1e:54:f2:ab:2c:e2:9b:
         92:70:3a:27:25:2e:c5:18:b6:75:c4:70:c5:07:29:23:12:e5:
         2d:11:50:c9:52:36:33:ee:5a:6a:45:8e:e8:b9:fe:14:ca:6c:
         54:45:11:cb:3f:a6:69:b2:8b:70:b5:e7:98:ae:0c:75:23:d1:
         23:eb:e3:6c:87:0a:6f:ad:3f:02:1c:c1:df:e0:28:65:b2:92:
         8a:4f:f8:0d:e1:24:ac:a7:e6:e8:b5:c4:1c:10:b7:77:09:d6:
         3f:3b:39:e9:44:0c:26:2f:2d:d5:23:f5:85:23:2f:cb:4a:3f:
         02:61:48:35:40:6c:54:84:b1:a5:8a:a3:84:0a:f9:65:47:99:
         c1:6d:36:a1:b5:6c:0d:1c:66:a2:d8:b9:bb:6a:bd:08:e2:45:
         61:6d:97:b7:47:81:01:6a:01:89:e5:45:92:e2:8c:5e:a0:55:
         92:a0:d1:24:d4:15:06:7b:94:fa:e2:fc:f8:d9:73:8c:83:4a:
         0e:db:12:15:bb:69:dd:d4:be:55:9f:a9:7f:e9:b1:e7:88:98:
         ee:da:5c:64
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSKxSMBBLW+xQYXi6Imu4yrdL/cswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE2MDBaFw0yNDExMDYwOTIxMDBaMDMxMTAvBgNV
BAMTKEI4OTk4MjhCRjMwMTk3ODkzNDZEQjEzNEJCMDE4NkFDQzk5RDRGMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1yNA3ShKMcYtPz2yYr3YPs2rA
prfc9CIzd+EIP13amqgktQuHYOoRbBLifFDsNB1yuSZc8Sreshx6jQLpI6vSXhmR
H4QIcm+sqlnsS3MNnBTKLHlleoL3XGi+EWI7Xa6RQR5J94ktU3OkL8BblFq7WTXf
RegqDMYgQXCuQ8MxCesOn4jpjDrKJR0o8JUH5Tftlrh1IpYQQeZ1i+MOF3UbNsHN
lYi8iMlg734yvIdSqSLsKpYdOp9viXFe6R5+HNHHZDVtuUnLwIR97pWNw+LCsNQD
eGt2fl5zGuOlBW+MbT3/NWbp5+wWj3Es8dv+MXadAvF4rtY4KrgW+AHOrRe/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUuJmCi/MBl4k0bbE0uwGGrMmdTyswHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzAzODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wW3EMA0GCSqGSIb3DQEBCwUAA4IBAQBYBZbwA0E0HHyO1x3NG62XDmczHBiRtIba
gC80WmCXajtL0K726U+3bDijuBwVLh5U8qss4puScDonJS7FGLZ1xHDFBykjEuUt
EVDJUjYz7lpqRY7ouf4UymxURRHLP6ZpsotwteeYrgx1I9Ej6+NshwpvrT8CHMHf
4ChlspKKT/gN4SSsp+botcQcELd3CdY/OznpRAwmLy3VI/WFIy/LSj8CYUg1QGxU
hLGliqOECvllR5nBbTahtWwNHGai2Lm7ar0I4kVhbZe3R4EBagGJ5UWS4oxeoFWS
oNEk1BUGe5T64vz42XOMg0oO2xIVu2nd1L5Vn6l/6bHniJju2lxk
Generated at Fri Sep 6 01:30:16 2024 by rpki-client on console-fra.rpki-client.org