Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233352e302f32342d3234203d3e20383334.roa
File:                     3139332e32342e3233352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          /HJ4uaLMZPTTNl6ldsVJqPg8V0JfXd7rko382WO6xGg=
Subject key identifier:   45:1C:C5:DF:83:DB:7A:87:F3:FE:BA:41:38:94:B0:DF:43:3D:66:6F
Certificate issuer:       /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial:       12EFE3452E0B6351BF6C393F833406176B2C0FE0
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233352e302f32342d3234203d3e20383334.roa
Signing time:             Fri 15 Nov 2024 07:21:48 +0000
ROA not before:           Fri 15 Nov 2024 07:16:48 +0000
ROA not after:            Fri 14 Nov 2025 07:21:48 +0000
asID:                     834
IP address blocks:        193.24.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Nov 2024 12:38:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:ef:e3:45:2e:0b:63:51:bf:6c:39:3f:83:34:06:17:6b:2c:0f:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
        Validity
            Not Before: Nov 15 07:16:48 2024 GMT
            Not After : Nov 14 07:21:48 2025 GMT
        Subject: CN=451CC5DF83DB7A87F3FEBA413894B0DF433D666F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b6:42:08:4f:d7:f8:60:b9:1a:e0:30:90:e6:
                    25:88:75:a9:68:6d:ff:84:69:4c:19:45:e9:b8:34:
                    d8:2a:fb:f4:18:7e:3f:11:ff:9e:d8:fc:66:d3:26:
                    27:f4:17:8a:4d:c1:bb:7f:04:58:e9:28:75:e0:21:
                    c4:44:1e:a2:38:af:e6:4e:1b:ca:9e:1c:85:42:8a:
                    68:4b:91:ce:71:e1:f8:0c:c2:ef:b7:9e:87:7f:c7:
                    5e:05:83:fc:ce:c2:f5:3b:52:46:c5:ed:e9:81:ba:
                    65:e3:fa:c7:be:d8:ee:47:54:77:3d:28:2c:84:f4:
                    d1:3d:56:84:21:45:27:0a:6b:ea:04:01:cf:21:99:
                    66:97:9b:90:9b:dc:13:15:f5:21:97:4e:8e:22:b7:
                    b9:c9:99:66:3f:e2:ee:9e:62:1e:56:ce:6a:6c:d1:
                    b4:dc:32:0f:21:b2:9b:b0:2e:43:27:22:e3:93:6b:
                    4c:c9:17:ad:0d:54:f1:bb:ea:47:23:55:9f:59:ca:
                    90:2f:ab:fa:fc:f2:2e:04:2d:2d:9c:b4:67:69:9c:
                    90:0f:75:57:bb:fd:0e:e2:e5:a4:26:38:ff:ee:76:
                    5f:8d:f3:18:f6:f5:db:6f:f4:d4:3a:55:ec:84:8c:
                    6b:35:56:e1:77:c3:04:db:2c:5c:ff:50:f6:16:32:
                    39:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:1C:C5:DF:83:DB:7A:87:F3:FE:BA:41:38:94:B0:DF:43:3D:66:6F
            X509v3 Authority Key Identifier:
                keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233352e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.24.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:21:38:7f:1b:c2:39:a2:9d:56:31:d2:65:70:5b:ec:74:5a:
         d2:b1:44:66:72:e3:1d:13:e9:93:04:ea:c0:f2:f0:1c:cd:2f:
         23:af:7d:09:3a:f2:47:6c:24:dd:df:1a:d6:6b:bc:8b:aa:4d:
         35:0a:1f:fe:9b:5d:4d:82:86:eb:c1:f7:c1:21:b1:8a:58:4e:
         d9:54:72:05:67:b7:a9:49:b2:9b:02:2b:ec:85:5f:a6:47:70:
         36:e4:61:38:1c:1b:3a:ce:41:ff:73:ab:6d:e6:b1:1f:62:60:
         de:d5:05:4a:5c:41:ef:e7:f0:e4:70:ee:1b:8a:37:67:eb:75:
         95:f6:0d:44:81:00:22:5b:2c:f3:bf:0e:bd:22:5b:38:71:0e:
         2d:05:83:13:b7:52:c2:c6:9d:d4:77:d9:14:31:50:48:2c:1f:
         4d:d8:a0:06:9d:bc:63:30:03:d8:d1:7b:2d:54:2c:10:59:6d:
         63:d3:12:31:cb:89:f9:71:df:96:e8:63:0a:26:31:95:f0:e4:
         4b:43:3f:40:ef:32:c9:55:26:64:30:18:0d:23:a2:83:e4:89:
         6b:7d:14:d4:e7:e3:b1:62:e8:1a:77:00:b5:73:2f:5c:9c:90:
         ec:de:24:e2:30:56:19:1a:92:65:49:1a:2a:2d:5b:ef:2e:d7:
         81:6d:a7:4a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUEu/jRS4LY1G/bDk/gzQGF2ssD+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDExMTUwNzE2NDhaFw0yNTExMTQwNzIxNDhaMDMxMTAvBgNV
BAMTKDQ1MUNDNURGODNEQjdBODdGM0ZFQkE0MTM4OTRCMERGNDMzRDY2NkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqtkIIT9f4YLka4DCQ5iWIdalo
bf+EaUwZRem4NNgq+/QYfj8R/57Y/GbTJif0F4pNwbt/BFjpKHXgIcREHqI4r+ZO
G8qeHIVCimhLkc5x4fgMwu+3nod/x14Fg/zOwvU7UkbF7emBumXj+se+2O5HVHc9
KCyE9NE9VoQhRScKa+oEAc8hmWaXm5Cb3BMV9SGXTo4it7nJmWY/4u6eYh5Wzmps
0bTcMg8hspuwLkMnIuOTa0zJF60NVPG76kcjVZ9ZypAvq/r88i4ELS2ctGdpnJAP
dVe7/Q7i5aQmOP/udl+N8xj29dtv9NQ6VeyEjGs1VuF3wwTbLFz/UPYWMjn7AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQURRzF34Pbeofz/rpBOJSw30M9Zm8wHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzOTMzMmUzMjM0MmUzMjMz
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBGOsw
DQYJKoZIhvcNAQELBQADggEBADMhOH8bwjminVYx0mVwW+x0WtKxRGZy4x0T6ZME
6sDy8BzNLyOvfQk68kdsJN3fGtZrvIuqTTUKH/6bXU2ChuvB98EhsYpYTtlUcgVn
t6lJspsCK+yFX6ZHcDbkYTgcGzrOQf9zq23msR9iYN7VBUpcQe/n8ORw7huKN2fr
dZX2DUSBACJbLPO/Dr0iWzhxDi0FgxO3UsLGndR32RQxUEgsH03YoAadvGMwA9jR
ey1ULBBZbWPTEjHLiflx35boYwomMZXw5EtDP0DvMslVJmQwGA0jooPkiWt9FNTn
47Fi6Bp3ALVzL1yckOzeJOIwVhkakmVJGiotW+8u14Ftp0o=
-----END CERTIFICATE-----
Generated at Fri Nov 15 14:43:26 2024 by rpki-client on console-ams.rpki-client.org