Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS199297.roa
File:                     AS199297.roa (raw, json)
Hash identifier:          1n9OU8Q6pjfr224S/Y8Jm1S/GmEBJnlcW3HTDlvofEI=
Subject key identifier:   A7:36:D7:12:04:93:D9:0B:C3:87:DB:5A:66:E5:43:B7:06:56:47:E7
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       6F19F8C044A204633ED4AE4CAF3A6958A4932A50
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS199297.roa
Signing time:             Thu 22 Feb 2024 18:26:09 +0000
ROA not before:           Thu 22 Feb 2024 18:21:09 +0000
ROA not after:            Thu 20 Feb 2025 18:26:09 +0000
asID:                     199297
IP address blocks:        141.11.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Mar 2024 00:00:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:19:f8:c0:44:a2:04:63:3e:d4:ae:4c:af:3a:69:58:a4:93:2a:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Feb 22 18:21:09 2024 GMT
            Not After : Feb 20 18:26:09 2025 GMT
        Subject: CN=A736D7120493D90BC387DB5A66E543B7065647E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:c4:03:2c:67:15:06:e1:f2:84:1b:be:9f:60:
                    41:7b:bf:82:fe:ed:fb:27:f1:5a:89:ab:df:5b:c8:
                    3e:0e:dd:5a:55:34:a7:14:55:c1:c7:64:96:ca:73:
                    b0:b2:65:40:c0:a2:62:b5:f6:fa:55:c4:7e:ef:3d:
                    7c:a0:b9:c2:52:ca:e6:bc:ca:16:51:e4:3d:43:a4:
                    e7:ad:2c:0f:58:e1:d9:15:08:05:6f:fb:9d:ed:89:
                    6b:0d:12:56:69:09:0e:09:66:b0:0b:47:66:ed:bb:
                    04:6c:05:a2:c6:90:31:27:e3:2b:1a:a2:11:13:b6:
                    8e:40:b8:4c:d8:67:f2:2a:51:f9:5c:71:34:1b:b6:
                    8e:db:fd:06:35:d6:e3:37:ea:07:e4:21:ba:33:97:
                    4a:b1:d4:f9:02:2f:ef:27:bd:8b:63:6c:16:ee:1a:
                    03:36:f5:0c:6d:6a:02:da:54:fa:f6:6c:22:9a:80:
                    37:2e:05:26:76:c9:96:7b:f1:95:9b:8f:aa:c3:51:
                    ab:9f:b1:36:6a:1d:e5:13:ee:65:71:ae:ad:b1:53:
                    5a:5c:20:a5:32:21:e3:db:a9:3d:1a:8e:f8:09:31:
                    81:ac:7c:ac:da:f4:7c:3d:7d:b1:d3:ea:c0:0e:22:
                    ef:29:fd:35:03:7f:d0:93:fc:8b:14:a5:d6:ba:0e:
                    3b:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:36:D7:12:04:93:D9:0B:C3:87:DB:5A:66:E5:43:B7:06:56:47:E7
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS199297.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:c9:c4:5f:ed:87:18:6c:b9:ea:c8:38:16:b5:12:bf:94:07:
         48:6e:a1:06:fd:e0:16:2e:8a:8d:5d:4d:0b:d6:9b:5e:be:b9:
         11:76:94:c4:0c:e8:d6:7d:24:17:dc:91:ea:fc:3d:f2:06:d3:
         37:b1:d8:a5:41:20:9b:d8:59:a5:e5:e0:1c:7b:50:40:62:f2:
         43:8c:ff:b8:dd:dc:ff:73:fe:8d:fb:e9:80:de:ba:ac:3f:bd:
         f3:97:f6:08:d5:f5:82:7b:5d:7a:b7:17:60:aa:4d:f6:3f:70:
         d9:1c:17:ef:17:cd:53:8a:76:47:80:ed:02:76:a2:6a:a3:b6:
         0d:dc:49:1c:bf:f1:76:f2:62:17:75:d4:7d:d4:d3:0e:7b:7f:
         e6:75:2c:5d:7e:b5:8b:0c:38:6f:ef:d1:66:c4:4a:77:c3:ab:
         6f:39:b1:b2:00:b5:63:ec:81:cb:af:15:e4:de:99:46:3a:d7:
         fe:0a:6e:de:b3:96:8a:2d:cc:68:36:a6:24:24:3f:60:59:c5:
         8d:bb:cf:2e:39:43:af:5b:73:a8:91:36:93:a0:be:cc:27:45:
         50:81:8f:2d:19:32:02:f9:46:f0:8c:70:86:26:06:d0:5a:96:
         5c:18:48:51:14:a2:7f:d7:8b:97:0e:4b:88:25:54:03:03:4d:
         17:f9:06:ed
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUbxn4wESiBGM+1K5MrzppWKSTKlAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDAyMjIxODIxMDlaFw0yNTAyMjAxODI2MDlaMDMxMTAvBgNV
BAMTKEE3MzZENzEyMDQ5M0Q5MEJDMzg3REI1QTY2RTU0M0I3MDY1NjQ3RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0xAMsZxUG4fKEG76fYEF7v4L+
7fsn8VqJq99byD4O3VpVNKcUVcHHZJbKc7CyZUDAomK19vpVxH7vPXygucJSyua8
yhZR5D1DpOetLA9Y4dkVCAVv+53tiWsNElZpCQ4JZrALR2btuwRsBaLGkDEn4ysa
ohETto5AuEzYZ/IqUflccTQbto7b/QY11uM36gfkIbozl0qx1PkCL+8nvYtjbBbu
GgM29QxtagLaVPr2bCKagDcuBSZ2yZZ78ZWbj6rDUaufsTZqHeUT7mVxrq2xU1pc
IKUyIePbqT0ajvgJMYGsfKza9Hw9fbHT6sAOIu8p/TUDf9CT/IsUpda6DjsHAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUpzbXEgST2QvDh9taZuVDtwZWR+cwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTk5Mjk3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQsq
MA0GCSqGSIb3DQEBCwUAA4IBAQAmycRf7YcYbLnqyDgWtRK/lAdIbqEG/eAWLoqN
XU0L1ptevrkRdpTEDOjWfSQX3JHq/D3yBtM3sdilQSCb2Fml5eAce1BAYvJDjP+4
3dz/c/6N++mA3rqsP73zl/YI1fWCe116txdgqk32P3DZHBfvF81TinZHgO0CdqJq
o7YN3Ekcv/F28mIXddR91NMOe3/mdSxdfrWLDDhv79FmxEp3w6tvObGyALVj7IHL
rxXk3plGOtf+Cm7es5aKLcxoNqYkJD9gWcWNu88uOUOvW3OokTaToL7MJ0VQgY8t
GTIC+UbwjHCGJgbQWpZcGEhRFKJ/14uXDkuIJVQDA00X+Qbt
Generated at Fri Mar 22 02:18:44 2024 by rpki-client on console-ams.rpki-client.org