Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e31322e302f32342d3234203d3e20383334.roa
File:                     33312e362e31322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          NF5A6QUtekgg0mQP8ydXNAGALqukCuyXoPm0u37aJ7M=
Subject key identifier:   1E:3B:FB:37:31:07:CF:D9:82:B6:6E:F2:58:24:86:28:90:CA:63:B2
Certificate issuer:       /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial:       4F01CFD6F1F33D9ACC7340CBD485BEF9F53E97BC
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e31322e302f32342d3234203d3e20383334.roa
Signing time:             Tue 19 Mar 2024 10:06:56 +0000
ROA not before:           Tue 19 Mar 2024 10:01:56 +0000
ROA not after:            Tue 18 Mar 2025 10:06:56 +0000
asID:                     834
IP address blocks:        31.6.12.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Mar 2024 07:53:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:01:cf:d6:f1:f3:3d:9a:cc:73:40:cb:d4:85:be:f9:f5:3e:97:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
        Validity
            Not Before: Mar 19 10:01:56 2024 GMT
            Not After : Mar 18 10:06:56 2025 GMT
        Subject: CN=1E3BFB373107CFD982B66EF25824862890CA63B2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:15:70:8b:43:41:fb:bd:c9:3b:2d:fc:a0:48:
                    dc:7d:4f:aa:09:74:cc:17:05:9e:28:c0:8f:6d:19:
                    e9:36:d4:2d:47:26:16:fa:ca:09:e8:13:56:2f:ed:
                    01:09:7d:63:0c:f3:dc:4c:84:29:94:ed:f5:bd:24:
                    52:0d:b8:0d:e9:e4:31:f0:5c:d5:4b:a6:e2:d7:fe:
                    e5:9f:d1:1e:65:d9:c7:ba:fc:47:b4:3e:58:d3:2f:
                    73:0e:52:bb:9a:a9:af:ea:45:16:f0:ca:bc:62:78:
                    11:ed:02:a2:ee:ad:10:50:b7:0f:06:df:3b:83:bc:
                    69:8c:b4:36:4c:79:a6:6c:5d:1a:81:e7:40:6a:59:
                    bf:7d:60:9b:a0:50:7e:0c:40:0d:50:01:41:ee:df:
                    13:72:b1:61:5f:7d:5d:7b:c6:5a:d3:f0:41:97:75:
                    ce:cc:9e:4b:97:23:76:b5:22:19:01:98:4b:29:7c:
                    a0:a9:41:dc:68:2a:8d:3b:5b:4e:a6:01:99:02:60:
                    8a:c4:ca:70:af:15:23:86:bf:75:89:b9:65:62:f5:
                    fa:53:39:e6:a5:e7:88:6c:57:50:02:cc:db:ae:4b:
                    b4:87:ea:97:d3:ea:14:3b:2f:f5:c2:be:a9:86:be:
                    68:40:25:58:ba:9f:98:db:85:ce:06:dd:6c:ad:52:
                    48:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:3B:FB:37:31:07:CF:D9:82:B6:6E:F2:58:24:86:28:90:CA:63:B2
            X509v3 Authority Key Identifier:
                keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e31322e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.6.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:d3:2c:09:ce:a4:9e:80:83:0c:80:df:63:6f:f2:f7:4d:eb:
         3b:0d:4b:56:b4:e2:7e:74:cf:b3:51:5e:23:7f:92:87:1f:2e:
         2f:f5:30:bc:83:9e:2c:ee:e5:fb:a9:d3:1f:b4:2d:15:64:11:
         7d:ec:67:69:9b:d9:90:bb:ec:bd:44:ed:64:c6:be:bf:2a:40:
         03:14:89:d1:92:41:39:fa:6e:11:66:3f:6b:9f:35:88:d5:41:
         34:93:16:6b:95:86:f9:78:1f:bd:72:82:7e:d8:2d:28:0a:b6:
         16:33:fa:01:13:90:f2:20:21:74:73:60:78:30:8b:53:9a:9f:
         c6:7c:80:cb:5f:61:12:70:f0:56:1b:3f:46:0b:98:34:a2:ac:
         50:1d:57:b5:4f:06:dd:7d:8a:a1:b7:25:a2:ec:7e:e5:fa:5f:
         86:89:b4:61:34:00:30:b3:42:30:57:c7:65:d0:3a:cd:80:23:
         fd:9e:6d:53:23:52:61:ae:32:83:21:93:99:0f:7b:cd:cf:e6:
         35:fb:c3:a1:4f:4c:28:5f:43:64:a4:ec:d6:68:7e:06:34:08:
         76:8c:5e:d0:09:b8:f4:32:a9:1a:7b:8f:d9:e9:45:b2:f8:ec:
         a5:8c:5b:d4:95:c9:51:53:70:0a:e3:1d:4a:c8:c5:00:87:75:
         87:e0:6a:2b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUTwHP1vHzPZrMc0DL1IW++fU+l7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNDAzMTkxMDAxNTZaFw0yNTAzMTgxMDA2NTZaMDMxMTAvBgNV
BAMTKDFFM0JGQjM3MzEwN0NGRDk4MkI2NkVGMjU4MjQ4NjI4OTBDQTYzQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtFXCLQ0H7vck7LfygSNx9T6oJ
dMwXBZ4owI9tGek21C1HJhb6ygnoE1Yv7QEJfWMM89xMhCmU7fW9JFINuA3p5DHw
XNVLpuLX/uWf0R5l2ce6/Ee0PljTL3MOUruaqa/qRRbwyrxieBHtAqLurRBQtw8G
3zuDvGmMtDZMeaZsXRqB50BqWb99YJugUH4MQA1QAUHu3xNysWFffV17xlrT8EGX
dc7MnkuXI3a1IhkBmEspfKCpQdxoKo07W06mAZkCYIrEynCvFSOGv3WJuWVi9fpT
Oeal54hsV1ACzNuuS7SH6pfT6hQ7L/XCvqmGvmhAJVi6n5jbhc4G3WytUkjJAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUHjv7NzEHz9mCtm7yWCSGKJDKY7IwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTMxMzIyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBgwwDQYJKoZI
hvcNAQELBQADggEBAELTLAnOpJ6AgwyA32Nv8vdN6zsNS1a04n50z7NRXiN/kocf
Li/1MLyDnizu5fup0x+0LRVkEX3sZ2mb2ZC77L1E7WTGvr8qQAMUidGSQTn6bhFm
P2ufNYjVQTSTFmuVhvl4H71ygn7YLSgKthYz+gETkPIgIXRzYHgwi1Oan8Z8gMtf
YRJw8FYbP0YLmDSirFAdV7VPBt19iqG3JaLsfuX6X4aJtGE0ADCzQjBXx2XQOs2A
I/2ebVMjUmGuMoMhk5kPe83P5jX7w6FPTChfQ2Sk7NZofgY0CHaMXtAJuPQyqRp7
j9npRbL47KWMW9SVyVFTcArjHUrIxQCHdYfgais=
Generated at Thu Mar 21 10:30:38 2024 by rpki-client on console-ams.rpki-client.org