Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e34332e302f32342d3234203d3e20383334.roa
File:                     33312e362e34332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          6dFsIt0RqlRlqsihWTnv5Chqq0YqLBlwqf50+e5ULx0=
Subject key identifier:   79:4F:3F:46:35:C3:CE:03:D6:DD:D1:82:24:A8:62:46:3D:D4:42:A7
Certificate issuer:       /CN=3a96802395455ca00679c41d5c056cae95d4b57d
Certificate serial:       5CE4C6D2DC4BBD86E449CC079CA105F7E8365275
Authority key identifier: 3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e34332e302f32342d3234203d3e20383334.roa
Signing time:             Wed 22 Mar 2023 15:29:45 +0000
ROA not before:           Wed 22 Mar 2023 15:24:45 +0000
ROA not after:            Wed 20 Mar 2024 15:29:45 +0000
asID:                     834
IP address blocks:        31.6.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:e4:c6:d2:dc:4b:bd:86:e4:49:cc:07:9c:a1:05:f7:e8:36:52:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a96802395455ca00679c41d5c056cae95d4b57d
        Validity
            Not Before: Mar 22 15:24:45 2023 GMT
            Not After : Mar 20 15:29:45 2024 GMT
        Subject: CN=794F3F4635C3CE03D6DDD18224A862463DD442A7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d4:90:0e:ea:31:dc:86:23:2d:41:0f:4d:e5:
                    06:7f:41:c1:a6:1b:25:9e:f9:42:b3:a8:94:99:da:
                    83:31:c8:ad:ba:bd:af:eb:1b:ae:e1:c5:80:23:23:
                    4e:fa:9c:3a:8b:b0:84:88:c6:80:e7:02:cf:6a:0f:
                    24:64:28:c9:42:c7:c0:00:5e:ae:b2:8a:3e:eb:6d:
                    3b:d9:e5:d8:71:47:7a:85:55:ed:8e:61:8b:9a:ec:
                    ba:55:8b:ba:9e:57:22:74:04:94:42:f3:2b:35:9d:
                    89:29:10:05:ef:0a:53:5c:e7:3c:ce:52:ef:15:34:
                    a1:49:26:f3:f4:af:bc:4e:1f:ef:2b:a3:18:14:11:
                    f3:95:c3:50:dc:5a:79:bd:72:16:10:56:1f:3f:58:
                    cf:7d:83:b5:e2:70:b6:77:11:a5:7e:cf:c6:02:4c:
                    f9:d9:c3:2f:84:ca:89:9c:b6:2e:d1:04:ce:7c:83:
                    16:1f:ee:83:11:a0:dc:1f:47:10:e9:81:d1:c3:d7:
                    36:b0:04:53:e3:ec:53:39:7b:6e:7d:ba:e5:7d:a0:
                    9f:81:e9:21:bc:8b:40:83:b1:73:d9:d8:c1:42:6e:
                    bc:5d:4e:95:71:ea:bb:bc:df:54:86:7a:a2:1a:22:
                    f3:95:83:77:0c:2a:3e:42:f0:1e:bf:4d:d0:93:33:
                    3e:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:4F:3F:46:35:C3:CE:03:D6:DD:D1:82:24:A8:62:46:3D:D4:42:A7
            X509v3 Authority Key Identifier:
                keyid:3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e34332e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.6.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:30:dc:c7:8a:4d:9a:1d:68:71:d7:83:4f:9e:29:1c:bc:e7:
         cc:9f:8e:3b:c8:c3:c8:07:ab:f9:c1:1d:ad:d9:b2:37:ac:b0:
         f9:4e:4b:34:23:2e:06:64:48:a6:fa:6b:d4:2e:6c:04:65:0e:
         19:b4:9b:f6:55:c4:b5:17:b1:d0:01:a8:28:b0:0b:ec:72:44:
         62:b5:26:bb:81:c4:fc:9f:54:70:f3:96:79:a4:dd:c0:ce:02:
         8f:0f:11:ac:14:93:10:51:60:0c:35:48:7a:8d:d5:c1:e9:b0:
         f5:d7:f1:46:c4:8b:e2:60:e4:be:e2:13:28:e8:88:7b:8f:04:
         8f:71:a8:5e:d4:94:6f:47:27:94:4f:75:1d:d5:dc:c7:52:ba:
         1a:fd:ec:06:c7:86:bb:a2:d1:1e:19:88:66:dc:68:c6:2c:b2:
         f3:f1:8f:8a:7c:83:33:ae:27:dc:58:ae:cf:43:66:92:21:ac:
         06:d6:13:a6:0a:f0:57:11:08:18:e1:57:e4:cb:27:5d:c4:06:
         4b:b9:59:7c:75:96:d6:85:11:de:b0:10:b7:de:4b:aa:97:ed:
         b1:d5:a6:ae:2d:cb:d2:0e:a8:66:fd:f7:8d:3c:00:f1:79:ce:
         eb:20:ef:e9:bc:a2:e0:49:a8:c9:00:6e:89:5d:ab:21:84:00:
         31:2d:73:34
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUXOTG0txLvYbkScwHnKEF9+g2UnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2E5NjgwMjM5NTQ1NWNhMDA2NzljNDFkNWMwNTZjYWU5
NWQ0YjU3ZDAeFw0yMzAzMjIxNTI0NDVaFw0yNDAzMjAxNTI5NDVaMDMxMTAvBgNV
BAMTKDc5NEYzRjQ2MzVDM0NFMDNENkRERDE4MjI0QTg2MjQ2M0RENDQyQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN1JAO6jHchiMtQQ9N5QZ/QcGm
GyWe+UKzqJSZ2oMxyK26va/rG67hxYAjI076nDqLsISIxoDnAs9qDyRkKMlCx8AA
Xq6yij7rbTvZ5dhxR3qFVe2OYYua7LpVi7qeVyJ0BJRC8ys1nYkpEAXvClNc5zzO
Uu8VNKFJJvP0r7xOH+8roxgUEfOVw1DcWnm9chYQVh8/WM99g7XicLZ3EaV+z8YC
TPnZwy+Eyomcti7RBM58gxYf7oMRoNwfRxDpgdHD1zawBFPj7FM5e259uuV9oJ+B
6SG8i0CDsXPZ2MFCbrxdTpVx6ru831SGeqIaIvOVg3cMKj5C8B6/TdCTMz5pAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUeU8/RjXDzgPW3dGCJKhiRj3UQqcwHwYDVR0j
BBgwFoAUOpaAI5VFXKAGecQdXAVsrpXUtX0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTJmZmJjZTctODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2Vl
Nzg4LzAvM0E5NjgwMjM5NTQ1NUNBMDA2NzlDNDFENUMwNTZDQUU5NUQ0QjU3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09wYUFJNVZGWEtBR2VjUWRYQVZzcnBY
VXRYMC5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTJmZmJjZTct
ODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2VlNzg4LzAvMzMzMTJlMzYyZTM0MzMyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBiswDQYJKoZI
hvcNAQELBQADggEBAHcw3MeKTZodaHHXg0+eKRy858yfjjvIw8gHq/nBHa3Zsjes
sPlOSzQjLgZkSKb6a9QubARlDhm0m/ZVxLUXsdABqCiwC+xyRGK1JruBxPyfVHDz
lnmk3cDOAo8PEawUkxBRYAw1SHqN1cHpsPXX8UbEi+Jg5L7iEyjoiHuPBI9xqF7U
lG9HJ5RPdR3V3MdSuhr97AbHhrui0R4ZiGbcaMYssvPxj4p8gzOuJ9xYrs9DZpIh
rAbWE6YK8FcRCBjhV+TLJ13EBku5WXx1ltaFEd6wELfeS6qX7bHVpq4ty9IOqGb9
9408APF5zusg7+m8ouBJqMkAboldqyGEADEtczQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:48 2023 by rpki-client on console-ams.rpki-client.org