Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS204372.roa
File:                     AS204372.roa (raw, json)
Hash identifier:          WMAnYXOdjvFOBnOvvNDv6PLgq5sDbQqVcjpCQdAL824=
Subject key identifier:   70:9B:FD:0E:76:69:02:93:2E:C7:D7:A1:88:AE:F8:D5:F9:50:0F:93
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       4FBA4D7E352552138CE5117D67EECFDB4A4C7CF2
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS204372.roa
Signing time:             Tue 27 Dec 2022 14:44:43 +0000
ROA not before:           Tue 27 Dec 2022 14:39:43 +0000
ROA not after:            Tue 26 Dec 2023 14:44:43 +0000
asID:                     204372
IP address blocks:        141.11.216.0/23 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:ba:4d:7e:35:25:52:13:8c:e5:11:7d:67:ee:cf:db:4a:4c:7c:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Dec 27 14:39:43 2022 GMT
            Not After : Dec 26 14:44:43 2023 GMT
        Subject: CN=709BFD0E766902932EC7D7A188AEF8D5F9500F93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c3:25:53:fa:29:5b:36:db:85:64:e6:ee:af:
                    d3:59:a9:7c:0b:38:86:e5:35:35:ff:71:5a:0b:07:
                    94:ec:34:7b:c0:38:c5:73:d0:31:a2:59:7b:d3:60:
                    de:b4:97:a2:42:4e:8b:60:e7:9d:2f:47:5e:cc:9a:
                    8c:27:ee:51:c0:69:e9:7d:27:f2:cd:6c:ae:37:03:
                    fa:f9:92:80:da:f5:f1:84:84:ce:1e:ab:24:3a:99:
                    2f:79:6d:23:30:17:ce:ce:c4:f1:e5:ef:3c:f4:5f:
                    b5:01:b4:00:a2:9c:1b:3e:ab:98:d5:b3:08:cc:42:
                    1d:ea:1a:2d:83:98:4b:29:ed:43:56:7f:c2:45:8d:
                    12:a3:ff:c9:a3:1e:e8:11:32:e1:57:47:c5:d3:ea:
                    4c:58:50:ac:0f:0f:07:58:38:54:86:ce:4e:01:d9:
                    97:e9:59:a7:21:9c:79:fb:b7:65:4c:b9:f1:1d:65:
                    32:4c:9a:b7:97:1f:a8:e8:10:8d:c8:fe:a4:06:02:
                    00:4f:6d:2e:03:51:de:ac:2c:f6:62:49:dd:0f:cb:
                    c6:84:61:4d:64:ae:c5:67:3b:83:65:8c:ce:02:2d:
                    81:0f:6f:a1:8d:5a:b5:7c:0b:f0:81:1e:d3:2a:c5:
                    8b:d6:e0:14:4f:c3:2c:5d:cb:37:17:cc:13:41:fe:
                    17:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:9B:FD:0E:76:69:02:93:2E:C7:D7:A1:88:AE:F8:D5:F9:50:0F:93
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS204372.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.216.0/23

    Signature Algorithm: sha256WithRSAEncryption
         91:46:eb:26:3e:74:83:1d:5f:a7:37:95:9c:b6:5e:cc:24:c8:
         07:68:d4:16:2f:bf:4c:b4:49:54:5b:b5:20:e3:d8:0f:d9:0d:
         a0:b2:b4:d3:1c:2d:1c:ae:2d:59:05:a2:52:a8:43:a5:97:1d:
         f6:5e:e3:b2:91:8c:78:a2:78:18:6e:01:fa:e1:00:06:84:16:
         d9:1a:61:56:be:7d:f0:29:55:64:03:1e:86:b0:22:7f:bd:e3:
         f7:a8:36:6d:d7:9a:05:d5:48:f7:a5:70:4c:de:e4:e6:a1:20:
         66:bf:46:d2:16:9b:34:87:4c:33:47:9c:64:ec:73:0a:cc:64:
         cc:bf:20:e2:28:d4:99:f4:ff:c0:3c:40:9e:06:6e:cc:e1:8c:
         81:88:f3:f7:45:32:e9:8b:7e:17:2e:69:fd:73:3a:0b:88:93:
         78:b3:a0:c4:e5:48:22:4f:a7:b0:11:0d:f8:e6:fd:aa:ea:f6:
         c3:f8:66:dc:13:ea:6c:e4:aa:57:51:83:65:81:b6:58:cc:f2:
         c9:7a:d0:1e:17:97:6d:7f:d4:31:cf:07:8b:1f:61:00:e5:40:
         99:f4:96:5f:76:72:b2:8f:c6:a7:0e:48:60:99:33:87:f4:c9:
         d7:f9:c0:11:3f:2b:a8:1f:61:0e:18:a6:d5:8b:b3:34:8f:2b:
         7a:32:f6:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUT7pNfjUlUhOM5RF9Z+7P20pMfPIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMjEyMjcxNDM5NDNaFw0yMzEyMjYxNDQ0NDNaMDMxMTAvBgNV
BAMTKDcwOUJGRDBFNzY2OTAyOTMyRUM3RDdBMTg4QUVGOEQ1Rjk1MDBGOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUwyVT+ilbNtuFZObur9NZqXwL
OIblNTX/cVoLB5TsNHvAOMVz0DGiWXvTYN60l6JCTotg550vR17Mmown7lHAael9
J/LNbK43A/r5koDa9fGEhM4eqyQ6mS95bSMwF87OxPHl7zz0X7UBtACinBs+q5jV
swjMQh3qGi2DmEsp7UNWf8JFjRKj/8mjHugRMuFXR8XT6kxYUKwPDwdYOFSGzk4B
2ZfpWachnHn7t2VMufEdZTJMmreXH6joEI3I/qQGAgBPbS4DUd6sLPZiSd0Py8aE
YU1krsVnO4NljM4CLYEPb6GNWrV8C/CBHtMqxYvW4BRPwyxdyzcXzBNB/helAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUcJv9DnZpApMux9ehiK741flQD5MwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjA0MzcyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjQvY
MA0GCSqGSIb3DQEBCwUAA4IBAQCRRusmPnSDHV+nN5Wctl7MJMgHaNQWL79MtElU
W7Ug49gP2Q2gsrTTHC0cri1ZBaJSqEOllx32XuOykYx4ongYbgH64QAGhBbZGmFW
vn3wKVVkAx6GsCJ/veP3qDZt15oF1Uj3pXBM3uTmoSBmv0bSFps0h0wzR5xk7HMK
zGTMvyDiKNSZ9P/APECeBm7M4YyBiPP3RTLpi34XLmn9czoLiJN4s6DE5UgiT6ew
EQ345v2q6vbD+GbcE+ps5KpXUYNlgbZYzPLJetAeF5dtf9QxzweLH2EA5UCZ9JZf
dnKyj8anDkhgmTOH9MnX+cARPyuoH2EOGKbVi7M0jyt6Mvai
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:48 2023 by rpki-client on console-ams.rpki-client.org