Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3134382e302f32342d3234203d3e20323131393735.roa
File:                     34352e38392e3134382e302f32342d3234203d3e20323131393735.roa (raw, json)
Hash identifier:          +/TWxYAgxhJxFmXGaNIYPtUfqnaQXI4D29n7OuoIwrY=
Subject key identifier:   53:03:4A:46:AE:2F:5B:4A:E2:1F:D5:DF:53:F7:9E:98:BA:D7:BB:1F
Certificate issuer:       /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial:       1B2C2A74E9BB0054AFD853AD85AC4E0F07D8B90C
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3134382e302f32342d3234203d3e20323131393735.roa
Signing time:             Tue 24 Oct 2023 15:12:17 +0000
ROA not before:           Tue 24 Oct 2023 15:07:17 +0000
ROA not after:            Tue 22 Oct 2024 15:12:17 +0000
asID:                     211975
IP address blocks:        45.89.148.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 Jul 2024 00:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:2c:2a:74:e9:bb:00:54:af:d8:53:ad:85:ac:4e:0f:07:d8:b9:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
        Validity
            Not Before: Oct 24 15:07:17 2023 GMT
            Not After : Oct 22 15:12:17 2024 GMT
        Subject: CN=53034A46AE2F5B4AE21FD5DF53F79E98BAD7BB1F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:5e:69:b0:47:84:94:f1:83:0f:83:25:de:73:
                    d4:ea:ef:96:c6:99:fc:b4:c9:50:55:30:b1:b0:0a:
                    bd:2c:3d:d8:41:0c:2c:cb:15:cd:bb:57:64:3c:01:
                    4c:38:a9:91:6d:cd:3a:42:46:b2:88:6f:d6:2b:14:
                    dc:83:fc:1d:73:9f:b2:cd:b4:a6:83:a0:b6:9d:20:
                    97:fe:95:68:bf:33:3b:f3:53:2c:51:b9:89:a8:51:
                    78:03:28:15:0f:fd:fd:ff:37:ab:67:f7:34:05:2a:
                    39:32:37:ea:a0:6b:d9:07:be:e3:ed:f7:30:81:8f:
                    4f:7f:07:65:b7:0c:b7:57:1a:00:57:1c:b8:79:81:
                    92:1a:38:c6:06:2f:a2:be:78:2d:c9:37:50:d6:cc:
                    f9:d5:03:7e:2e:cd:95:32:f0:e7:4c:23:86:15:10:
                    5d:55:60:ec:c9:13:fa:3b:6a:7e:0b:57:77:fd:a5:
                    8d:d8:0f:f8:f9:1f:de:0c:5c:41:b1:23:59:26:5a:
                    9f:8f:7d:94:96:88:68:fb:95:e2:0a:7a:e8:2e:33:
                    80:c5:c0:70:b5:d8:74:20:53:8e:d5:c0:00:16:08:
                    8c:2c:65:00:5c:f3:10:c7:3c:02:5b:28:cf:8d:b2:
                    0b:67:0b:e1:c5:ca:47:10:68:fe:9a:7f:86:08:96:
                    d5:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:03:4A:46:AE:2F:5B:4A:E2:1F:D5:DF:53:F7:9E:98:BA:D7:BB:1F
            X509v3 Authority Key Identifier:
                keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3134382e302f32342d3234203d3e20323131393735.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.89.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:85:d4:32:c9:b9:4e:4b:f9:35:0d:08:7a:c6:a2:d1:a2:54:
         16:df:49:df:72:24:10:b0:09:af:5c:c1:e8:5b:8d:5f:16:35:
         58:57:d2:e6:06:c8:31:12:ec:f9:c3:97:52:c3:32:7d:15:e0:
         22:f4:f1:03:8f:8c:54:b8:e4:69:d9:b5:e4:9e:bf:bb:af:39:
         9a:23:70:ce:64:d2:ae:94:ce:bc:2a:58:19:98:25:e2:b5:b8:
         3a:df:d0:a6:14:a4:0c:c0:38:4e:0a:a3:f2:2d:94:c0:87:d1:
         be:3a:c2:4d:6d:a3:16:d7:4d:36:0f:45:f7:03:a2:f0:8d:ac:
         26:b4:44:c8:62:30:45:4e:83:76:8a:b0:08:37:e8:c8:2d:92:
         27:d6:2a:bd:d8:32:f4:b7:17:40:51:a9:7e:42:3a:04:22:90:
         d4:8c:de:a5:b0:84:3f:85:7f:4d:4f:a3:ef:80:f3:7c:d7:d3:
         a5:03:34:f9:ef:68:75:b2:0a:c9:d0:0b:ec:31:57:8d:e2:cf:
         0b:e1:a8:01:87:17:d9:c3:bf:da:3e:07:8d:9d:91:25:56:8d:
         d9:8e:95:24:c3:b0:a2:d6:0e:0a:b6:aa:ce:58:7f:3f:e6:9e:
         ac:56:c2:b7:e0:20:54:88:db:db:92:65:eb:7d:b6:30:8a:21:
         7f:77:de:0e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGywqdOm7AFSv2FOthaxODwfYuQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yMzEwMjQxNTA3MTdaFw0yNDEwMjIxNTEyMTdaMDMxMTAvBgNV
BAMTKDUzMDM0QTQ2QUUyRjVCNEFFMjFGRDVERjUzRjc5RTk4QkFEN0JCMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6XmmwR4SU8YMPgyXec9Tq75bG
mfy0yVBVMLGwCr0sPdhBDCzLFc27V2Q8AUw4qZFtzTpCRrKIb9YrFNyD/B1zn7LN
tKaDoLadIJf+lWi/MzvzUyxRuYmoUXgDKBUP/f3/N6tn9zQFKjkyN+qga9kHvuPt
9zCBj09/B2W3DLdXGgBXHLh5gZIaOMYGL6K+eC3JN1DWzPnVA34uzZUy8OdMI4YV
EF1VYOzJE/o7an4LV3f9pY3YD/j5H94MXEGxI1kmWp+PfZSWiGj7leIKeuguM4DF
wHC12HQgU47VwAAWCIwsZQBc8xDHPAJbKM+NsgtnC+HFykcQaP6af4YIltXPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUUwNKRq4vW0riH9XfU/eemLrXux8wHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzgzOTJlMzEzNDM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzkzNzM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVmUMA0GCSqGSIb3DQEBCwUAA4IBAQCXhdQyyblOS/k1DQh6xqLRolQW30nfciQQ
sAmvXMHoW41fFjVYV9LmBsgxEuz5w5dSwzJ9FeAi9PEDj4xUuORp2bXknr+7rzma
I3DOZNKulM68KlgZmCXitbg639CmFKQMwDhOCqPyLZTAh9G+OsJNbaMW1002D0X3
A6LwjawmtETIYjBFToN2irAIN+jILZIn1iq92DL0txdAUal+QjoEIpDUjN6lsIQ/
hX9NT6PvgPN819OlAzT572h1sgrJ0AvsMVeN4s8L4agBhxfZw7/aPgeNnZElVo3Z
jpUkw7Ci1g4KtqrOWH8/5p6sVsK34CBUiNvbkmXrfbYwiiF/d94O
-----END CERTIFICATE-----
Generated at Wed Jul 24 03:05:04 2024 by rpki-client on console-fra.rpki-client.org