Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e36332e302f32342d3234203d3e203433323839.roa
File:                     33312e362e36332e302f32342d3234203d3e203433323839.roa (raw, json)
Hash identifier:          enYDy5XlxjqatHoCy7GtP1zUpgc7cHBL+nWMdrgGv20=
Subject key identifier:   46:4F:B3:CA:72:C7:36:B7:0C:22:46:30:7F:13:8D:2E:8B:1E:E0:85
Certificate issuer:       /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial:       0A7872DFE5F2036A2EBB03DF9EB3E2E9BFD9E568
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e36332e302f32342d3234203d3e203433323839.roa
Signing time:             Thu 01 Feb 2024 07:42:25 +0000
ROA not before:           Thu 01 Feb 2024 07:37:25 +0000
ROA not after:            Thu 30 Jan 2025 07:42:25 +0000
asID:                     43289
IP address blocks:        31.6.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 May 2024 00:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:78:72:df:e5:f2:03:6a:2e:bb:03:df:9e:b3:e2:e9:bf:d9:e5:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
        Validity
            Not Before: Feb  1 07:37:25 2024 GMT
            Not After : Jan 30 07:42:25 2025 GMT
        Subject: CN=464FB3CA72C736B70C2246307F138D2E8B1EE085
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:1e:0d:fd:bf:67:6e:37:98:a0:74:e8:88:88:
                    20:cc:b0:26:44:85:d8:0c:5a:34:e0:af:bd:53:6c:
                    e5:24:ad:21:57:31:37:60:23:09:1d:0c:20:47:4c:
                    4a:4a:62:ac:ab:d0:e9:7c:d6:27:c1:db:85:60:1c:
                    2f:c1:a6:05:3a:50:a9:bf:27:f4:66:c7:c2:a7:59:
                    2e:68:57:61:5e:6c:1c:5c:19:e9:79:9f:93:ec:fb:
                    d2:6e:27:30:00:b2:3c:fd:91:63:36:62:33:91:da:
                    18:f6:49:ee:49:a0:50:ce:e6:45:55:35:e5:df:d8:
                    ad:6e:01:ad:f0:ff:ac:a0:bd:3f:44:64:d4:0b:17:
                    e3:d8:e6:d6:a1:3e:cb:de:6e:43:c5:8a:18:d9:b9:
                    4a:5a:b0:b8:d7:e8:94:43:dc:35:83:8c:ae:ca:6f:
                    dc:6b:17:31:a9:e5:66:5f:19:4a:e3:f1:d2:b0:ef:
                    a6:cd:06:c2:7d:5c:74:6e:54:f0:d8:f0:37:7f:f0:
                    9a:aa:e1:a2:60:d0:ae:02:d5:41:b1:d8:fc:15:5c:
                    8d:3a:14:16:bd:94:e6:b9:a9:4d:e1:ee:1c:38:df:
                    8c:b6:30:a0:77:db:b2:3d:c6:94:37:52:cb:fe:ee:
                    d2:6a:d6:e7:bb:db:fe:52:4c:b0:1d:45:0c:21:07:
                    6c:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:4F:B3:CA:72:C7:36:B7:0C:22:46:30:7F:13:8D:2E:8B:1E:E0:85
            X509v3 Authority Key Identifier:
                keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/33312e362e36332e302f32342d3234203d3e203433323839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.6.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:3e:b7:a4:d3:07:43:c6:5c:68:3f:e6:ba:98:de:28:a6:66:
         aa:29:65:03:6f:3c:16:fb:e3:60:62:67:8e:19:19:79:89:0d:
         e3:f0:15:b9:0c:3c:14:93:08:38:7f:f1:bd:a4:7a:fb:90:14:
         6b:66:59:28:c5:d9:3c:e6:9b:73:c0:4c:28:35:9d:7b:c8:64:
         91:30:71:a4:29:0b:da:fb:84:5d:bf:8e:b6:7c:75:85:f5:c9:
         7a:5c:5f:2d:70:2d:72:36:d1:8c:70:2b:2b:3f:a4:34:f4:56:
         d6:fb:c2:39:cf:39:01:93:19:65:5f:9b:80:77:7d:e5:e7:f9:
         02:33:c1:1a:99:5e:07:84:b9:de:f9:9f:f3:f9:f0:e6:2f:75:
         84:80:02:10:5a:40:69:d3:09:5b:3e:1d:d1:49:85:54:92:7d:
         dd:69:c8:7a:f6:ca:c9:f5:f7:9b:48:c4:de:df:87:4e:7c:a5:
         ed:1a:2f:5a:de:fb:4e:cb:45:07:31:ea:4d:e2:c0:af:bd:ad:
         92:ca:d4:b1:d0:f0:da:e3:27:67:d8:e0:77:76:59:fc:84:28:
         72:a3:8b:f9:6d:e0:46:49:8a:da:fc:af:0b:1f:31:96:6e:c5:
         be:38:71:c6:70:cb:af:ce:a1:25:47:7d:26:c9:19:c2:78:7b:
         c5:60:1f:9f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUCnhy3+XyA2ouuwPfnrPi6b/Z5WgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNDAyMDEwNzM3MjVaFw0yNTAxMzAwNzQyMjVaMDMxMTAvBgNV
BAMTKDQ2NEZCM0NBNzJDNzM2QjcwQzIyNDYzMDdGMTM4RDJFOEIxRUUwODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2Hg39v2duN5igdOiIiCDMsCZE
hdgMWjTgr71TbOUkrSFXMTdgIwkdDCBHTEpKYqyr0Ol81ifB24VgHC/BpgU6UKm/
J/Rmx8KnWS5oV2FebBxcGel5n5Ps+9JuJzAAsjz9kWM2YjOR2hj2Se5JoFDO5kVV
NeXf2K1uAa3w/6ygvT9EZNQLF+PY5tahPsvebkPFihjZuUpasLjX6JRD3DWDjK7K
b9xrFzGp5WZfGUrj8dKw76bNBsJ9XHRuVPDY8Dd/8Jqq4aJg0K4C1UGx2PwVXI06
FBa9lOa5qU3h7hw434y2MKB327I9xpQ3Usv+7tJq1ue72/5STLAdRQwhB2wzAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQURk+zynLHNrcMIkYwfxONLose4IUwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzMzMTJlMzYyZTM2MzMyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMzMzIzODM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwY/MA0G
CSqGSIb3DQEBCwUAA4IBAQClPrek0wdDxlxoP+a6mN4opmaqKWUDbzwW++NgYmeO
GRl5iQ3j8BW5DDwUkwg4f/G9pHr7kBRrZlkoxdk85ptzwEwoNZ17yGSRMHGkKQva
+4Rdv462fHWF9cl6XF8tcC1yNtGMcCsrP6Q09FbW+8I5zzkBkxllX5uAd33l5/kC
M8EamV4HhLne+Z/z+fDmL3WEgAIQWkBp0wlbPh3RSYVUkn3dach69srJ9febSMTe
34dOfKXtGi9a3vtOy0UHMepN4sCvva2SytSx0PDa4ydn2OB3dln8hChyo4v5beBG
SYra/K8LHzGWbsW+OHHGcMuvzqElR30myRnCeHvFYB+f
Generated at Wed May 1 01:27:21 2024 by rpki-client on console-fra.rpki-client.org