Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38322e302f32332d3234203d3e20383334.roa
File:                     34352e39352e38322e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier:          B2TmBh+hBGb5XVPDevoddWb0fE33JRkLrBwMFEufNIQ=
Subject key identifier:   98:E6:46:F9:4C:A3:0D:E8:00:59:10:77:7E:CB:F8:86:48:C4:D3:66
Certificate issuer:       /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial:       4B94E55932D0D603B87C1208BBA399C534989FA8
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38322e302f32332d3234203d3e20383334.roa
Signing time:             Wed 25 Sep 2024 00:04:29 +0000
ROA not before:           Tue 24 Sep 2024 23:59:29 +0000
ROA not after:            Wed 24 Sep 2025 00:04:29 +0000
asID:                     834
IP address blocks:        45.95.82.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sat 28 Sep 2024 14:27:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:94:e5:59:32:d0:d6:03:b8:7c:12:08:bb:a3:99:c5:34:98:9f:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
        Validity
            Not Before: Sep 24 23:59:29 2024 GMT
            Not After : Sep 24 00:04:29 2025 GMT
        Subject: CN=98E646F94CA30DE8005910777ECBF88648C4D366
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:64:1f:d2:16:8a:4d:ec:a1:d2:d4:bd:64:df:
                    d9:24:82:bc:07:88:5f:67:00:70:5c:e4:97:fb:f5:
                    a5:aa:9f:b1:74:9e:44:19:28:a1:f8:b5:c7:95:1b:
                    0c:0e:7a:ab:29:74:b0:bc:c0:30:d3:e7:a5:fb:4e:
                    93:f6:82:1a:58:6a:ee:e1:bb:43:6b:ca:60:c4:1c:
                    c4:46:66:a4:14:97:ce:61:95:98:f0:30:33:7c:1d:
                    91:7f:d9:f7:94:6b:0c:2b:08:55:71:30:16:cb:1e:
                    00:79:aa:1e:35:e7:97:34:eb:8e:f4:6c:d5:97:5d:
                    d3:b1:2b:63:21:07:8a:85:e6:8b:a4:d3:c1:ff:23:
                    3c:c1:f3:fe:49:d0:51:60:c1:9f:15:ca:f9:c1:82:
                    d2:59:28:2f:3b:58:53:f7:a7:54:9d:e4:b2:12:5d:
                    0c:1b:f6:b9:72:8f:2f:ce:f2:5a:a6:c0:a6:e0:44:
                    5c:10:00:34:81:46:e6:3b:05:45:32:dc:e5:6b:ad:
                    26:97:b4:4f:14:cf:2f:20:de:c9:33:b2:2f:e4:be:
                    3f:3f:73:0e:5c:1c:27:50:a7:66:d0:e2:81:93:65:
                    ea:a0:dd:2d:e8:21:20:64:19:33:63:b7:96:57:25:
                    04:40:90:be:75:74:a6:82:f6:a2:1c:8f:76:02:f4:
                    d5:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:E6:46:F9:4C:A3:0D:E8:00:59:10:77:7E:CB:F8:86:48:C4:D3:66
            X509v3 Authority Key Identifier:
                keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38322e302f32332d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.95.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:9b:1b:d0:c3:2c:35:b8:ee:17:ea:59:a5:89:42:12:a8:79:
         c1:05:e6:f7:7b:8b:6b:59:8c:5f:f0:35:f7:ff:6c:7d:fb:09:
         3d:33:a5:38:ce:88:7d:8f:62:ca:6d:0a:2e:85:41:85:7c:81:
         da:92:ba:3c:99:b2:75:fc:01:3f:c0:93:37:b9:68:03:65:55:
         ef:0e:85:1b:5b:c1:50:e9:55:46:1f:c0:ec:4e:da:61:52:26:
         49:47:2e:33:b4:d7:76:13:a6:9c:7c:bf:2a:34:45:d9:54:39:
         a5:35:d8:77:96:12:08:99:af:b6:f8:5e:87:79:a4:1b:9c:0b:
         0f:30:a1:1d:e8:ac:69:13:ea:8d:f0:ba:39:69:75:ba:fa:b6:
         a6:58:27:d0:ff:a7:73:89:9c:83:1f:ed:93:2c:56:52:d4:03:
         17:6b:50:67:cd:cd:65:23:b4:9d:9f:78:d8:fe:2d:25:b6:31:
         84:17:0b:3d:69:50:d2:72:86:40:77:93:45:79:06:4b:5b:0d:
         55:92:dc:24:c8:c7:b3:c9:3b:85:b0:11:4a:a0:6a:dc:1e:76:
         df:c7:52:a4:e0:6e:8b:53:3d:d4:1f:a9:7d:1b:ae:c0:6e:d4:
         27:20:29:f1:d2:49:be:be:7e:e0:2d:f5:45:75:16:7e:37:8e:
         f2:98:d5:bc
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUS5TlWTLQ1gO4fBIIu6OZxTSYn6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDA5MjQyMzU5MjlaFw0yNTA5MjQwMDA0MjlaMDMxMTAvBgNV
BAMTKDk4RTY0NkY5NENBMzBERTgwMDU5MTA3NzdFQ0JGODg2NDhDNEQzNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZZB/SFopN7KHS1L1k39kkgrwH
iF9nAHBc5Jf79aWqn7F0nkQZKKH4tceVGwwOeqspdLC8wDDT56X7TpP2ghpYau7h
u0NrymDEHMRGZqQUl85hlZjwMDN8HZF/2feUawwrCFVxMBbLHgB5qh4155c06470
bNWXXdOxK2MhB4qF5ouk08H/IzzB8/5J0FFgwZ8VyvnBgtJZKC87WFP3p1Sd5LIS
XQwb9rlyjy/O8lqmwKbgRFwQADSBRuY7BUUy3OVrrSaXtE8Uzy8g3skzsi/kvj8/
cw5cHCdQp2bQ4oGTZeqg3S3oISBkGTNjt5ZXJQRAkL51dKaC9qIcj3YC9NU9AgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUmOZG+UyjDegAWRB3fsv4hkjE02YwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzQzNTJlMzkzNTJlMzgzMjJl
MzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS1fUjANBgkq
hkiG9w0BAQsFAAOCAQEAMZsb0MMsNbjuF+pZpYlCEqh5wQXm93uLa1mMX/A19/9s
ffsJPTOlOM6IfY9iym0KLoVBhXyB2pK6PJmydfwBP8CTN7loA2VV7w6FG1vBUOlV
Rh/A7E7aYVImSUcuM7TXdhOmnHy/KjRF2VQ5pTXYd5YSCJmvtvheh3mkG5wLDzCh
HeisaRPqjfC6OWl1uvq2plgn0P+nc4mcgx/tkyxWUtQDF2tQZ83NZSO0nZ942P4t
JbYxhBcLPWlQ0nKGQHeTRXkGS1sNVZLcJMjHs8k7hbARSqBq3B5238dSpOBui1M9
1B+pfRuuwG7UJyAp8dJJvr5+4C31RXUWfjeO8pjVvA==
Generated at Sat Sep 28 17:45:14 2024 by rpki-client on console-ams.rpki-client.org