Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38312e302f32342d3234203d3e20383334.roa
File:                     34352e39352e38312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          VqKcLz8NzB6nrlQU6twIjgncv7sAIWwOqjMLfCAltpk=
Subject key identifier:   73:71:3F:07:BA:EE:94:FB:C0:02:3C:C7:DD:7A:33:BF:9F:4B:74:79
Certificate issuer:       /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial:       5FC43610A613278809566B6A66363614B66CA78D
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38312e302f32342d3234203d3e20383334.roa
Signing time:             Thu 25 Jul 2024 12:12:36 +0000
ROA not before:           Thu 25 Jul 2024 12:07:36 +0000
ROA not after:            Thu 24 Jul 2025 12:12:36 +0000
asID:                     834
IP address blocks:        45.95.81.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 Jul 2024 23:56:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:c4:36:10:a6:13:27:88:09:56:6b:6a:66:36:36:14:b6:6c:a7:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
        Validity
            Not Before: Jul 25 12:07:36 2024 GMT
            Not After : Jul 24 12:12:36 2025 GMT
        Subject: CN=73713F07BAEE94FBC0023CC7DD7A33BF9F4B7479
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:7b:69:18:3d:7f:f1:75:c4:9e:22:2a:b7:cb:
                    b0:76:82:5e:dd:92:de:b3:be:a8:55:73:01:74:be:
                    4a:ca:ad:d0:77:9d:4d:74:5d:4f:62:ce:d1:8f:34:
                    a5:6f:ab:8e:51:07:25:69:45:8d:cf:0e:01:bd:18:
                    b0:78:94:13:9b:f6:83:e4:09:a4:3a:47:8a:ac:51:
                    10:1d:ae:f4:a5:8b:c3:12:c5:ae:a5:63:d0:91:da:
                    70:98:56:0d:7d:4b:cc:33:6d:86:04:9b:e3:ef:e7:
                    dd:17:3b:5c:13:9f:33:37:86:f4:d2:c4:c9:b3:06:
                    49:ac:e3:26:72:37:50:29:85:c6:15:41:2b:4e:19:
                    e1:34:ff:60:47:84:9a:1e:90:a9:b2:60:96:f4:41:
                    a2:66:21:8f:9f:64:8c:32:06:11:ae:0e:fb:72:54:
                    b7:3c:78:21:1e:fe:4f:d1:3b:be:7d:10:7a:86:9a:
                    69:0f:15:77:c8:72:86:7b:89:b5:69:72:da:b5:8f:
                    49:0a:e2:f4:db:5c:d1:a4:87:6f:73:87:e3:8b:7e:
                    f6:f3:04:0c:ff:db:fb:e9:8f:ee:bb:1b:3b:71:60:
                    59:2e:22:de:c2:bb:1c:ef:85:d9:17:30:f1:04:b8:
                    3f:90:cf:99:7c:ee:8f:1a:d1:02:24:eb:9c:c9:17:
                    9d:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:71:3F:07:BA:EE:94:FB:C0:02:3C:C7:DD:7A:33:BF:9F:4B:74:79
            X509v3 Authority Key Identifier:
                keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38312e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:09:48:e2:39:09:dd:25:a0:cf:77:43:21:0b:17:75:61:92:
         1f:9d:63:88:25:4e:76:89:47:b4:7b:b1:92:f5:bb:1e:0e:78:
         59:8b:9a:4d:c3:05:68:67:49:92:dd:72:46:65:7d:b3:70:93:
         01:32:22:b8:33:9c:a0:a1:2a:ab:95:26:99:cb:4c:a7:6f:80:
         00:ba:a7:db:60:d2:92:d7:bd:29:b3:3e:4b:ea:50:6e:d2:f4:
         3e:16:55:e7:5f:91:6d:60:52:d7:8e:d0:07:22:7d:f2:7d:39:
         9e:42:42:46:5f:7e:1a:60:20:fc:ca:85:58:0b:c7:51:85:db:
         98:0a:f0:ed:38:fd:3d:a1:50:f2:27:81:75:65:9f:8e:42:17:
         8b:1c:fc:c4:2e:4a:81:06:86:c7:63:9d:74:5e:2a:64:21:b6:
         a9:f7:3a:37:35:21:a8:49:cb:3f:b3:6c:8e:f0:32:c0:b2:fb:
         88:6e:85:d9:9e:39:86:1d:26:c1:13:06:04:be:a8:fc:e9:a1:
         78:80:71:f6:6e:e8:0f:5d:14:54:15:ff:9e:58:31:f9:a6:5d:
         2d:65:72:b3:af:64:8f:11:f5:47:3a:e0:01:93:78:46:9e:74:
         23:b0:67:76:44:a4:24:bf:4d:33:e4:51:18:f3:c7:d9:f9:49:
         5f:50:43:b0
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUX8Q2EKYTJ4gJVmtqZjY2FLZsp40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDA3MjUxMjA3MzZaFw0yNTA3MjQxMjEyMzZaMDMxMTAvBgNV
BAMTKDczNzEzRjA3QkFFRTk0RkJDMDAyM0NDN0REN0EzM0JGOUY0Qjc0NzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYe2kYPX/xdcSeIiq3y7B2gl7d
kt6zvqhVcwF0vkrKrdB3nU10XU9iztGPNKVvq45RByVpRY3PDgG9GLB4lBOb9oPk
CaQ6R4qsURAdrvSli8MSxa6lY9CR2nCYVg19S8wzbYYEm+Pv590XO1wTnzM3hvTS
xMmzBkms4yZyN1AphcYVQStOGeE0/2BHhJoekKmyYJb0QaJmIY+fZIwyBhGuDvty
VLc8eCEe/k/RO759EHqGmmkPFXfIcoZ7ibVpctq1j0kK4vTbXNGkh29zh+OLfvbz
BAz/2/vpj+67GztxYFkuIt7CuxzvhdkXMPEEuD+Qz5l87o8a0QIk65zJF53pAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUc3E/B7rulPvAAjzH3Xozv59LdHkwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzQzNTJlMzkzNTJlMzgzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1fUTANBgkq
hkiG9w0BAQsFAAOCAQEAeQlI4jkJ3SWgz3dDIQsXdWGSH51jiCVOdolHtHuxkvW7
Hg54WYuaTcMFaGdJkt1yRmV9s3CTATIiuDOcoKEqq5UmmctMp2+AALqn22DSkte9
KbM+S+pQbtL0PhZV51+RbWBS147QByJ98n05nkJCRl9+GmAg/MqFWAvHUYXbmArw
7Tj9PaFQ8ieBdWWfjkIXixz8xC5KgQaGx2OddF4qZCG2qfc6NzUhqEnLP7NsjvAy
wLL7iG6F2Z45hh0mwRMGBL6o/OmheIBx9m7oD10UVBX/nlgx+aZdLWVys69kjxH1
RzrgAZN4Rp50I7BndkSkJL9NM+RRGPPH2flJX1BDsA==
Generated at Fri Jul 26 00:50:03 2024 by rpki-client on console-fra.rpki-client.org