Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/1/32332e3137302e3231362e302f32342d3234203d3e203633333930.roa
File:                     32332e3137302e3231362e302f32342d3234203d3e203633333930.roa (raw, json)
Hash identifier:          oQtEfxOi1e6/kWDmqbZ8a0h4wI9SrMVS4wZEVdodX+g=
Subject key identifier:   95:CC:9E:F1:F4:D5:CA:5E:C6:C7:58:24:8A:23:54:86:1A:92:81:29
Certificate issuer:       /CN=a1ba1093bbf34991bf59a35b2bcaf49ab828176fa4310b6355
Certificate serial:       71783862D37A87DB12D7B8A90FB3553700F4D5FD
Authority key identifier: 2F:0F:1B:C6:7D:D2:B9:A7:E2:54:56:38:C1:73:D5:EC:06:0C:27:D0
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/b915810d-b97a-4696-955d-495d5d12c3b5/a1ba1093bbf34991bf59a35b2bcaf49ab828176fa4310b6355.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/1/32332e3137302e3231362e302f32342d3234203d3e203633333930.roa
Signing time:             Tue 06 Feb 2024 01:54:52 +0000
ROA not before:           Tue 06 Feb 2024 01:49:52 +0000
ROA not after:            Tue 04 Feb 2025 01:54:52 +0000
asID:                     63390
IP address blocks:        23.170.216.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 10 Sep 2024 04:57:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:78:38:62:d3:7a:87:db:12:d7:b8:a9:0f:b3:55:37:00:f4:d5:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1ba1093bbf34991bf59a35b2bcaf49ab828176fa4310b6355
        Validity
            Not Before: Feb  6 01:49:52 2024 GMT
            Not After : Feb  4 01:54:52 2025 GMT
        Subject: CN=95CC9EF1F4D5CA5EC6C758248A2354861A928129
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:6e:f4:f4:14:59:ad:72:71:c8:e1:cd:47:1e:
                    60:86:15:9e:f2:b4:0f:61:91:cb:51:71:e1:23:1f:
                    92:f7:06:14:b2:05:06:3f:8c:1e:9c:bc:ce:56:a8:
                    4f:8c:92:f5:d1:c0:64:61:c6:77:17:f9:dc:f3:f7:
                    44:98:8b:95:7d:11:2f:53:1a:86:31:88:07:55:1a:
                    bf:89:13:24:7c:f9:3d:97:3a:c5:2d:3d:2c:8f:ea:
                    db:1b:d8:8f:6d:14:52:0c:4a:ac:8f:7f:08:b6:e8:
                    aa:c7:85:d3:8d:bf:18:b9:ee:19:c4:37:72:0d:92:
                    72:30:cf:10:ee:27:8d:9b:c7:f4:bb:41:50:f3:21:
                    e5:84:0c:b1:75:c9:c9:c9:5f:08:40:61:8f:12:61:
                    95:c2:5b:8b:c3:c1:00:fd:70:6f:74:34:69:d0:6e:
                    b3:3f:f6:13:09:9b:26:5b:96:6d:0d:39:cf:74:a9:
                    04:f6:5a:35:e8:8a:09:d4:f8:11:d0:8e:1f:9b:07:
                    94:0a:be:99:7f:b8:0a:cc:2a:8a:b5:ea:51:39:02:
                    23:c2:c2:31:aa:0a:8b:d7:ef:f3:eb:cb:6d:ce:58:
                    35:5b:3b:d3:df:b3:1e:be:ba:76:d0:57:9a:4c:ed:
                    a3:a4:3b:79:c1:ae:86:bc:84:5b:b0:da:2e:4e:cf:
                    ef:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:CC:9E:F1:F4:D5:CA:5E:C6:C7:58:24:8A:23:54:86:1A:92:81:29
            X509v3 Authority Key Identifier:
                keyid:2F:0F:1B:C6:7D:D2:B9:A7:E2:54:56:38:C1:73:D5:EC:06:0C:27:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/1/2F0F1BC67DD2B9A7E2545638C173D5EC060C27D0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/b915810d-b97a-4696-955d-495d5d12c3b5/a1ba1093bbf34991bf59a35b2bcaf49ab828176fa4310b6355.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/1/32332e3137302e3231362e302f32342d3234203d3e203633333930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.170.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:90:17:8f:e2:b4:9d:9e:2b:74:c9:d8:78:8a:72:2e:a0:22:
         0a:61:d8:3b:f8:53:28:90:f5:4d:5b:01:f1:b1:a7:9c:ae:d3:
         08:67:34:09:1b:de:a3:d9:24:71:be:4e:5c:64:42:57:dd:2f:
         0c:9e:6b:51:eb:c3:96:61:52:ee:d1:a8:01:70:24:bb:3d:da:
         79:6a:45:33:7f:cd:e2:f1:4d:5d:7f:11:c4:8d:bd:98:79:68:
         c2:d7:5b:78:c7:59:14:16:7d:31:02:c8:b9:48:29:23:76:28:
         c6:31:88:8d:27:90:43:d3:53:e3:fe:7c:49:c4:02:4e:8f:3a:
         72:47:79:3c:11:3f:03:56:39:5a:43:59:85:cc:e1:00:77:ce:
         e3:c9:88:2d:aa:13:e4:c5:08:97:4e:8f:b3:51:21:68:0e:d4:
         77:99:a0:52:1b:e0:33:44:ea:28:ec:af:07:c1:a2:d7:41:99:
         6e:95:bd:9f:fb:06:ef:a0:19:de:68:3f:90:c2:e6:1f:f8:42:
         e6:b0:43:39:52:a2:95:87:e4:b1:d8:f5:db:86:1b:19:8e:84:
         5f:2f:d7:62:ff:97:91:c1:0f:7c:b8:22:29:79:26:cf:8d:d1:
         78:ee:60:64:4d:5a:f5:f2:14:05:7c:de:db:11:52:f5:fb:fe:
         33:7a:e2:d9
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUcXg4YtN6h9sS17ipD7NVNwD01f0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYTFiYTEwOTNiYmYzNDk5MWJmNTlhMzViMmJjYWY0OWFi
ODI4MTc2ZmE0MzEwYjYzNTUwHhcNMjQwMjA2MDE0OTUyWhcNMjUwMjA0MDE1NDUy
WjAzMTEwLwYDVQQDEyg5NUNDOUVGMUY0RDVDQTVFQzZDNzU4MjQ4QTIzNTQ4NjFB
OTI4MTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W709BRZrXJx
yOHNRx5ghhWe8rQPYZHLUXHhIx+S9wYUsgUGP4wenLzOVqhPjJL10cBkYcZ3F/nc
8/dEmIuVfREvUxqGMYgHVRq/iRMkfPk9lzrFLT0sj+rbG9iPbRRSDEqsj38Ituiq
x4XTjb8Yue4ZxDdyDZJyMM8Q7ieNm8f0u0FQ8yHlhAyxdcnJyV8IQGGPEmGVwluL
w8EA/XBvdDRp0G6zP/YTCZsmW5ZtDTnPdKkE9lo16IoJ1PgR0I4fmweUCr6Zf7gK
zCqKtepROQIjwsIxqgqL1+/z68ttzlg1WzvT37Mevrp20FeaTO2jpDt5wa6GvIRb
sNouTs/vIQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFJXMnvH01cpexsdYJIojVIYa
koEpMB8GA1UdIwQYMBaAFC8PG8Z90rmn4lRWOMFz1ewGDCfQMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUtNDI5OS1iMDc5
LTMwOWVkOTdmMzgyNC8xLzJGMEYxQkM2N0REMkI5QTdFMjU0NTYzOEMxNzNENUVD
MDYwQzI3RDAuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzRhYjdhZTRkLWJkN2It
NGIzMy05YTg4LTViMjJkMmE4MzM3ZC9iOTE1ODEwZC1iOTdhLTQ2OTYtOTU1ZC00
OTVkNWQxMmMzYjUvYTFiYTEwOTNiYmYzNDk5MWJmNTlhMzViMmJjYWY0OWFiODI4
MTc2ZmE0MzEwYjYzNTUuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
Lzg5MjcwZjZjLWEzZmUtNDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8xLzMyMzMyZTMx
MzczMDJlMzIzMTM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMzMzMzkzMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABeq2DANBgkqhkiG9w0BAQsFAAOCAQEAapAXj+K0nZ4rdMnYeIpy
LqAiCmHYO/hTKJD1TVsB8bGnnK7TCGc0CRveo9kkcb5OXGRCV90vDJ5rUevDlmFS
7tGoAXAkuz3aeWpFM3/N4vFNXX8RxI29mHlowtdbeMdZFBZ9MQLIuUgpI3YoxjGI
jSeQQ9NT4/58ScQCTo86ckd5PBE/A1Y5WkNZhczhAHfO48mILaoT5MUIl06Ps1Eh
aA7Ud5mgUhvgM0TqKOyvB8Gi10GZbpW9n/sG76AZ3mg/kMLmH/hC5rBDOVKilYfk
sdj124YbGY6EXy/XYv+XkcEPfLgiKXkmz43ReO5gZE1a9fIUBXze2xFS9fv+M3ri
2Q==
Generated at Tue Sep 10 07:06:41 2024 by rpki-client on console-ams.rpki-client.org