Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS12658.roa
File:                     AS12658.roa (raw, json)
Hash identifier:          R33F5PipBwIj5ilnHM1v64g7fzrapUD1wIjxaYZBczE=
Subject key identifier:   A4:01:95:E8:EF:F7:42:3C:E2:73:0B:78:E0:AD:91:BF:BA:C7:6B:65
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       1A7EB5BD8406B632A6414A91D74C9CD7B449CF14
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS12658.roa
Signing time:             Mon 06 Nov 2023 16:07:11 +0000
ROA not before:           Mon 06 Nov 2023 16:02:11 +0000
ROA not after:            Mon 04 Nov 2024 16:07:11 +0000
asID:                     12658
IP address blocks:        141.11.200.0/23 maxlen: 23

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:7e:b5:bd:84:06:b6:32:a6:41:4a:91:d7:4c:9c:d7:b4:49:cf:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Nov  6 16:02:11 2023 GMT
            Not After : Nov  4 16:07:11 2024 GMT
        Subject: CN=A40195E8EFF7423CE2730B78E0AD91BFBAC76B65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:4f:a4:f4:63:b8:6b:ea:b3:40:7d:64:e1:f2:
                    1b:bc:a7:08:35:3e:ba:f5:b0:9c:c7:b4:1c:df:39:
                    d2:21:cb:f1:13:67:8e:e4:35:fd:63:6d:24:1e:86:
                    a8:08:42:55:38:81:9b:cc:ca:d9:c0:15:dc:50:cd:
                    45:16:1c:da:05:3d:8c:e4:18:93:87:7e:33:78:82:
                    ea:20:6e:fc:1c:f1:73:5e:0e:22:85:32:27:74:11:
                    63:c2:01:fc:54:ee:c2:cf:0e:91:b7:ff:d6:44:dc:
                    f8:fb:65:43:57:3d:ba:32:90:dd:23:1f:5d:76:24:
                    f7:e4:24:e7:34:f1:e0:2e:96:e8:0f:3a:f4:b9:0d:
                    eb:06:50:d6:45:e8:7a:c6:81:b1:10:71:d1:86:25:
                    66:25:08:21:20:72:79:71:06:ad:9e:0d:75:1d:f8:
                    e5:6d:e4:91:4e:43:0e:6a:f6:a8:c1:82:15:f7:a5:
                    74:88:ae:c5:40:dc:94:bd:09:ed:5e:9b:e5:91:6a:
                    f7:b6:dd:da:c9:4f:98:f5:a0:78:0a:f1:b4:a4:9a:
                    aa:31:1f:fe:fa:55:74:f4:29:a9:73:0d:02:58:e9:
                    58:1e:b8:66:a4:7d:db:6b:cc:23:3b:80:8e:87:75:
                    b7:73:22:7f:cc:9b:f3:79:f5:af:52:72:b5:c1:6a:
                    42:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:01:95:E8:EF:F7:42:3C:E2:73:0B:78:E0:AD:91:BF:BA:C7:6B:65
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS12658.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         75:f7:25:57:ac:cc:e8:e6:40:ba:58:21:86:4b:2b:11:1b:ab:
         bf:ce:d8:a9:60:33:35:50:8e:1e:e9:cd:91:51:66:62:7e:68:
         77:32:83:0e:e3:ef:a0:a0:70:ce:47:14:1f:64:7c:ea:ee:e5:
         e3:4d:37:45:61:33:38:6e:a4:10:b6:45:f4:ce:72:43:de:66:
         33:00:af:22:49:f0:bf:c3:d9:3f:fb:58:13:56:61:7c:c4:cc:
         27:63:83:a2:80:99:52:dc:6e:de:2b:7f:c1:0a:98:6e:d0:03:
         86:57:ab:d0:e8:0a:68:b3:4a:b3:a6:ed:0f:4a:1a:71:1e:a0:
         29:80:25:74:02:04:6b:4a:18:5c:90:6d:29:b9:33:d9:00:b5:
         bf:32:5a:91:4e:7c:cb:72:6f:71:2e:dc:24:49:e5:72:12:86:
         bb:24:43:d7:5b:39:ed:46:d6:90:07:00:b0:41:c7:c5:3b:d3:
         92:ae:2d:34:1b:69:a1:8c:85:58:ba:b9:da:1e:85:c6:e9:f1:
         6d:31:06:40:73:36:32:83:e6:45:1c:dd:0c:3b:05:22:f2:53:
         85:f6:47:f2:58:76:9d:e1:76:bc:d8:8a:ce:d8:d4:41:b8:87:
         54:2f:19:d6:f7:7a:da:72:87:06:67:c7:ed:e0:8c:e2:94:5e:
         a6:82:f5:58
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUGn61vYQGtjKmQUqR10yc17RJzxQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzExMDYxNjAyMTFaFw0yNDExMDQxNjA3MTFaMDMxMTAvBgNV
BAMTKEE0MDE5NUU4RUZGNzQyM0NFMjczMEI3OEUwQUQ5MUJGQkFDNzZCNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKT6T0Y7hr6rNAfWTh8hu8pwg1
Prr1sJzHtBzfOdIhy/ETZ47kNf1jbSQehqgIQlU4gZvMytnAFdxQzUUWHNoFPYzk
GJOHfjN4guogbvwc8XNeDiKFMid0EWPCAfxU7sLPDpG3/9ZE3Pj7ZUNXPboykN0j
H112JPfkJOc08eAulugPOvS5DesGUNZF6HrGgbEQcdGGJWYlCCEgcnlxBq2eDXUd
+OVt5JFOQw5q9qjBghX3pXSIrsVA3JS9Ce1em+WRave23drJT5j1oHgK8bSkmqox
H/76VXT0KalzDQJY6VgeuGakfdtrzCM7gI6HdbdzIn/Mm/N59a9ScrXBakLzAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUpAGV6O/3Qjzicwt44K2Rv7rHa2UwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTI2NTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGNC8gw
DQYJKoZIhvcNAQELBQADggEBAHX3JVeszOjmQLpYIYZLKxEbq7/O2KlgMzVQjh7p
zZFRZmJ+aHcygw7j76CgcM5HFB9kfOru5eNNN0VhMzhupBC2RfTOckPeZjMAryJJ
8L/D2T/7WBNWYXzEzCdjg6KAmVLcbt4rf8EKmG7QA4ZXq9DoCmizSrOm7Q9KGnEe
oCmAJXQCBGtKGFyQbSm5M9kAtb8yWpFOfMtyb3Eu3CRJ5XIShrskQ9dbOe1G1pAH
ALBBx8U705KuLTQbaaGMhVi6udoehcbp8W0xBkBzNjKD5kUc3Qw7BSLyU4X2R/JY
dp3hdrzYis7Y1EG4h1QvGdb3etpyhwZnx+3gjOKUXqaC9Vg=
Generated at Wed Dec 20 10:38:23 2023 by rpki-client on console-fra.rpki-client.org