Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233342e302f32332d3234203d3e20383334.roa
File:                     3139332e32342e3233342e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier:          pRP4ClC9NxpQYNuTFM6tPE4o622lLzMQErb3hOEeteM=
Subject key identifier:   43:52:FE:47:94:2C:7C:2A:F7:48:EE:2B:71:9D:D6:51:84:84:6C:91
Certificate issuer:       /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial:       7A2BC4992A025A4CCE1156103D15AD9F95B0351C
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233342e302f32332d3234203d3e20383334.roa
Signing time:             Mon 28 Oct 2024 10:42:53 +0000
ROA not before:           Mon 28 Oct 2024 10:37:53 +0000
ROA not after:            Mon 27 Oct 2025 10:42:53 +0000
asID:                     834
IP address blocks:        193.24.234.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 29 Oct 2024 08:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:2b:c4:99:2a:02:5a:4c:ce:11:56:10:3d:15:ad:9f:95:b0:35:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
        Validity
            Not Before: Oct 28 10:37:53 2024 GMT
            Not After : Oct 27 10:42:53 2025 GMT
        Subject: CN=4352FE47942C7C2AF748EE2B719DD65184846C91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e3:a4:eb:b4:14:cc:bb:f5:41:b5:2e:48:f8:
                    bb:52:6c:62:42:1a:c8:09:6d:bb:b0:71:d3:69:25:
                    38:3e:a0:26:4b:42:9c:5c:83:82:c2:23:9e:e3:91:
                    52:35:92:23:a0:d3:46:21:78:b2:f9:ba:e2:ad:8c:
                    55:39:d6:01:d5:72:87:7e:99:97:fc:09:62:f7:9b:
                    7e:7e:4c:5b:50:a9:97:6a:38:93:75:13:e6:5f:41:
                    28:ea:f1:01:2e:cb:94:17:85:59:6c:e0:0a:3e:89:
                    cd:f0:b2:72:2e:95:0d:6d:ce:a7:03:35:e6:a4:c1:
                    bf:b0:e1:96:aa:90:b3:b2:7e:41:c2:5f:20:fe:e9:
                    35:eb:4c:f6:8e:23:6a:02:db:aa:51:85:83:1b:fc:
                    c2:5b:db:17:1e:e2:74:76:c6:22:a5:a3:3e:2c:b1:
                    7b:23:c5:f4:0c:9d:ba:44:9b:e7:3b:f8:1b:75:89:
                    08:04:37:ef:dc:45:a5:2b:65:6b:f7:e0:29:54:5f:
                    de:5d:d0:e1:57:cb:1a:8d:14:83:c6:b0:dc:b8:36:
                    a7:25:e7:6a:22:01:b7:97:c3:82:28:b6:71:a0:28:
                    41:7f:06:c3:4c:61:5d:5f:05:c6:b7:86:3e:ef:4d:
                    0f:20:e3:95:af:b0:16:6b:2b:ee:63:7b:60:82:ad:
                    bc:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:52:FE:47:94:2C:7C:2A:F7:48:EE:2B:71:9D:D6:51:84:84:6C:91
            X509v3 Authority Key Identifier:
                keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233342e302f32332d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.24.234.0/23

    Signature Algorithm: sha256WithRSAEncryption
         63:12:01:38:c1:29:51:ac:25:49:13:de:57:ae:ca:20:56:b7:
         c1:1c:24:75:a8:f7:f3:a2:a8:9f:99:79:dc:c9:d4:ef:71:b1:
         17:84:a3:f7:d1:6f:12:2e:68:97:da:d2:eb:0f:ad:b9:f3:00:
         22:98:fb:3a:0e:3b:70:2d:0c:77:a0:35:b9:75:34:8d:aa:69:
         e9:72:3a:83:08:af:d2:09:12:3e:3c:9b:5f:e2:b7:46:20:3d:
         66:7d:36:a3:5d:7c:0f:25:b2:09:35:7d:78:c5:84:7c:9f:7b:
         71:f4:49:1a:e8:2f:99:69:a4:3e:6a:9d:03:af:4e:e6:3e:9c:
         c9:56:bc:99:3f:14:3f:96:c9:8c:71:db:57:1b:2f:c1:fb:60:
         fc:e8:1e:34:f8:0c:30:15:86:07:e5:78:61:48:4e:94:45:55:
         3c:ce:2d:ec:c3:79:61:e2:4c:45:7d:ca:f0:82:e3:e9:43:30:
         3a:30:d4:c0:6b:16:7e:f5:47:ba:b5:d7:f8:14:42:4d:58:f4:
         8e:86:f6:0d:c0:1a:09:15:7d:d4:da:a5:94:f1:44:17:92:0f:
         fb:ec:39:5c:72:5c:63:6c:64:17:19:66:d6:e0:67:8a:a1:f5:
         78:2a:89:58:19:8e:55:22:1f:66:67:1a:fc:4b:04:5b:aa:7f:
         76:9f:9d:9e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUeivEmSoCWkzOEVYQPRWtn5WwNRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDEwMjgxMDM3NTNaFw0yNTEwMjcxMDQyNTNaMDMxMTAvBgNV
BAMTKDQzNTJGRTQ3OTQyQzdDMkFGNzQ4RUUyQjcxOURENjUxODQ4NDZDOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC346TrtBTMu/VBtS5I+LtSbGJC
GsgJbbuwcdNpJTg+oCZLQpxcg4LCI57jkVI1kiOg00YheLL5uuKtjFU51gHVcod+
mZf8CWL3m35+TFtQqZdqOJN1E+ZfQSjq8QEuy5QXhVls4Ao+ic3wsnIulQ1tzqcD
Neakwb+w4ZaqkLOyfkHCXyD+6TXrTPaOI2oC26pRhYMb/MJb2xce4nR2xiKloz4s
sXsjxfQMnbpEm+c7+Bt1iQgEN+/cRaUrZWv34ClUX95d0OFXyxqNFIPGsNy4Nqcl
52oiAbeXw4IotnGgKEF/BsNMYV1fBca3hj7vTQ8g45WvsBZrK+5je2CCrbxNAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUQ1L+R5QsfCr3SO4rcZ3WUYSEbJEwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzOTMzMmUzMjM0MmUzMjMz
MzQyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHBGOow
DQYJKoZIhvcNAQELBQADggEBAGMSATjBKVGsJUkT3leuyiBWt8EcJHWo9/OiqJ+Z
edzJ1O9xsReEo/fRbxIuaJfa0usPrbnzACKY+zoOO3AtDHegNbl1NI2qaelyOoMI
r9IJEj48m1/it0YgPWZ9NqNdfA8lsgk1fXjFhHyfe3H0SRroL5lppD5qnQOvTuY+
nMlWvJk/FD+WyYxx21cbL8H7YPzoHjT4DDAVhgfleGFITpRFVTzOLezDeWHiTEV9
yvCC4+lDMDow1MBrFn71R7q11/gUQk1Y9I6G9g3AGgkVfdTapZTxRBeSD/vsOVxy
XGNsZBcZZtbgZ4qh9XgqiVgZjlUiH2ZnGvxLBFuqf3afnZ4=
Generated at Tue Oct 29 10:56:54 2024 by rpki-client on console-fra.rpki-client.org