Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e20383334.roa
File:                     3139342e3136392e3231372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          45s6hLqUL/Iqd9Wtl16gvXYOj4v3WtCpGx2N7nlOAXw=
Subject key identifier:   BD:94:28:8B:0D:95:C0:49:E8:CB:D4:B2:11:59:17:C8:31:5C:28:B4
Certificate issuer:       /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial:       66A04A9FEB34568C67FFFD468A7F128BD366DCE5
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e20383334.roa
Signing time:             Mon 20 Nov 2023 00:00:06 +0000
ROA not before:           Sun 19 Nov 2023 23:55:06 +0000
ROA not after:            Mon 18 Nov 2024 00:00:06 +0000
asID:                     834
IP address blocks:        194.169.217.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 Jan 2024 22:27:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:a0:4a:9f:eb:34:56:8c:67:ff:fd:46:8a:7f:12:8b:d3:66:dc:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
        Validity
            Not Before: Nov 19 23:55:06 2023 GMT
            Not After : Nov 18 00:00:06 2024 GMT
        Subject: CN=BD94288B0D95C049E8CBD4B2115917C8315C28B4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f9:d5:46:4d:c5:c9:b7:28:47:ee:b5:05:bf:
                    ba:4b:e2:e3:7a:de:75:90:d5:61:b7:b5:ef:4e:4e:
                    6b:ae:da:4a:14:a1:7e:c4:36:89:e9:c5:9e:f8:fd:
                    5f:f7:64:72:46:b8:7d:28:9b:49:4d:5e:f1:50:c1:
                    11:d1:e0:d3:70:b6:3c:7c:33:4b:51:bf:d3:59:77:
                    c1:99:65:56:c1:fb:8c:20:4e:ce:83:7d:e3:ee:3d:
                    4f:b9:f9:9f:e2:fc:a8:67:54:0e:e4:6c:9f:fd:3e:
                    2d:70:50:8b:b9:b5:fb:ba:5b:17:40:c1:b5:6b:28:
                    47:4d:8c:44:e4:7c:f5:70:8e:8c:a9:0e:47:33:4a:
                    84:b6:0b:19:e6:9f:4a:72:5c:d6:22:c7:09:15:d1:
                    64:bf:15:b4:3d:fe:ff:22:67:e7:4c:53:2f:d3:03:
                    d0:1f:24:8b:c5:77:f0:f0:66:8b:72:98:e4:0e:c1:
                    cc:c2:c4:08:bb:ea:12:b9:09:8d:4c:2c:f9:b2:27:
                    62:1d:d4:99:c2:52:7d:e2:45:f6:fc:b7:1f:45:e2:
                    47:85:24:f3:24:27:32:63:00:a7:64:be:7e:83:0d:
                    e8:9d:cd:2a:f5:5d:6a:3a:ab:a6:e5:07:60:78:87:
                    0c:fb:1d:81:b1:5c:db:4b:a9:93:c0:65:82:ca:03:
                    3a:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:94:28:8B:0D:95:C0:49:E8:CB:D4:B2:11:59:17:C8:31:5C:28:B4
            X509v3 Authority Key Identifier:
                keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.169.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:77:08:a3:5b:6f:3d:a1:c8:89:10:63:9e:67:2f:12:77:b2:
         5e:d7:74:64:f8:64:25:76:8a:f7:b1:e4:82:36:b6:1e:ee:6a:
         87:46:2c:88:e2:77:8d:e2:b5:cb:19:50:4b:ed:6a:89:57:20:
         ee:39:6f:f8:37:4f:2c:c6:08:c7:5a:12:46:38:f0:ce:91:f5:
         d8:cf:2c:8e:24:3a:9f:c3:ba:05:74:13:79:fc:d6:63:3f:e3:
         bb:6d:d2:9d:a1:48:61:ab:1f:6e:e1:b8:59:99:ba:95:44:8e:
         44:55:3b:79:d1:35:8d:f6:ba:17:98:ad:36:69:25:cc:d1:11:
         29:69:5d:c6:94:08:58:c6:0b:7c:09:90:78:4c:65:97:30:a8:
         c7:75:02:d7:d9:83:2e:19:da:cd:4d:61:48:2c:0e:b8:c3:8e:
         94:58:2a:a3:eb:26:1e:50:0e:59:25:ca:8a:08:b9:da:06:e9:
         6b:62:c2:a8:59:c5:91:29:4c:75:70:8b:4d:f3:a2:a0:bc:bc:
         46:de:6f:14:17:92:50:2c:05:da:7a:b7:a8:41:25:bd:84:a1:
         5c:27:e4:50:7c:d5:b8:aa:76:ac:b5:77:fa:dc:4d:bb:41:ec:
         e6:eb:6b:e5:8c:7b:11:23:d8:ab:62:99:28:7a:aa:b7:00:48:
         8f:ac:64:7f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZqBKn+s0Voxn//1Gin8Si9Nm3OUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMTkyMzU1MDZaFw0yNDExMTgwMDAwMDZaMDMxMTAvBgNV
BAMTKEJEOTQyODhCMEQ5NUMwNDlFOENCRDRCMjExNTkxN0M4MzE1QzI4QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC++dVGTcXJtyhH7rUFv7pL4uN6
3nWQ1WG3te9OTmuu2koUoX7ENonpxZ74/V/3ZHJGuH0om0lNXvFQwRHR4NNwtjx8
M0tRv9NZd8GZZVbB+4wgTs6DfePuPU+5+Z/i/KhnVA7kbJ/9Pi1wUIu5tfu6WxdA
wbVrKEdNjETkfPVwjoypDkczSoS2Cxnmn0pyXNYixwkV0WS/FbQ9/v8iZ+dMUy/T
A9AfJIvFd/DwZotymOQOwczCxAi76hK5CY1MLPmyJ2Id1JnCUn3iRfb8tx9F4keF
JPMkJzJjAKdkvn6DDeidzSr1XWo6q6blB2B4hwz7HYGxXNtLqZPAZYLKAzrXAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUvZQoiw2VwEnoy9SyEVkXyDFcKLQwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTM0MmUzMTM2MzkyZTMy
MzEzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKp
2TANBgkqhkiG9w0BAQsFAAOCAQEAF3cIo1tvPaHIiRBjnmcvEneyXtd0ZPhkJXaK
97Hkgja2Hu5qh0YsiOJ3jeK1yxlQS+1qiVcg7jlv+DdPLMYIx1oSRjjwzpH12M8s
jiQ6n8O6BXQTefzWYz/ju23SnaFIYasfbuG4WZm6lUSORFU7edE1jfa6F5itNmkl
zNERKWldxpQIWMYLfAmQeExllzCox3UC19mDLhnazU1hSCwOuMOOlFgqo+smHlAO
WSXKigi52gbpa2LCqFnFkSlMdXCLTfOioLy8Rt5vFBeSUCwF2nq3qEElvYShXCfk
UHzVuKp2rLV3+txNu0Hs5utr5Yx7ESPYq2KZKHqqtwBIj6xkfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:06 2024 by rpki-client on console-ams.rpki-client.org