Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS39368.roa
File:                     AS39368.roa (raw, json)
Hash identifier:          Pbie9HQopwF+eeCkz4z+GwTqtZ4/QKOptt3Z9RJWyXw=
Subject key identifier:   F6:46:C5:19:3A:C7:EE:BC:D5:7B:19:FB:1C:75:B6:69:4B:4A:19:88
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       1D0912CA8251FC24BF6810E64A6CADD6F3E57753
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS39368.roa
Signing time:             Tue 28 Nov 2023 15:05:05 +0000
ROA not before:           Tue 28 Nov 2023 15:00:05 +0000
ROA not after:            Tue 26 Nov 2024 15:05:05 +0000
asID:                     39368
IP address blocks:        141.11.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:09:12:ca:82:51:fc:24:bf:68:10:e6:4a:6c:ad:d6:f3:e5:77:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Nov 28 15:00:05 2023 GMT
            Not After : Nov 26 15:05:05 2024 GMT
        Subject: CN=F646C5193AC7EEBCD57B19FB1C75B6694B4A1988
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:61:b7:ae:ec:14:b5:cb:f2:d0:ca:aa:7b:09:
                    f6:94:6f:46:d4:ad:73:ce:fd:52:bf:0b:2e:c4:4d:
                    fc:6d:1d:cd:73:8c:1c:bb:da:36:c9:d5:8e:fe:a7:
                    7e:52:40:06:46:f9:61:24:28:76:a5:7f:47:ed:d1:
                    33:4a:cc:c9:76:f8:17:fc:a4:e1:c0:41:2f:61:d0:
                    f8:70:5d:a9:2d:0a:7d:6a:ce:eb:05:f9:be:2f:01:
                    35:ec:ca:b8:a1:67:58:bf:84:32:93:71:25:9b:2b:
                    03:a1:aa:aa:de:22:17:f1:02:f5:ad:ad:f9:91:9e:
                    57:ea:5a:10:29:cb:a6:a3:96:e9:68:20:83:c3:47:
                    68:14:77:e9:0f:8b:4e:d9:39:06:40:64:dc:54:48:
                    1d:98:eb:61:31:20:c5:92:89:76:a3:ba:c2:1e:cc:
                    11:37:74:b0:49:04:cb:f6:2a:aa:fb:7e:68:26:93:
                    5c:6a:ce:82:3a:85:c0:51:79:fe:b2:ef:a3:08:3d:
                    70:ec:b0:6d:c6:bb:3f:4d:7e:6f:ab:5b:45:86:5a:
                    30:03:3f:93:d6:71:58:8d:41:6c:b7:4f:6b:0c:67:
                    c9:14:c3:89:fe:38:4a:bf:19:d2:8b:fb:2d:f0:0a:
                    d0:32:5a:e3:99:58:e2:87:ac:7e:c8:e5:0e:db:e2:
                    63:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:46:C5:19:3A:C7:EE:BC:D5:7B:19:FB:1C:75:B6:69:4B:4A:19:88
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS39368.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:0e:0c:03:54:86:fb:3e:02:6b:b0:d9:ae:80:33:4a:33:98:
         00:53:8d:77:ca:f8:36:56:90:7f:be:60:99:9e:27:fa:72:62:
         43:57:51:e8:2f:6a:04:d1:c1:3f:30:00:5f:9e:03:d7:4b:49:
         0d:e5:f6:a3:43:83:0a:ab:6c:43:80:de:12:ce:25:dc:d7:57:
         f2:1b:29:9a:9b:4d:a8:a8:74:b7:11:4d:c7:6a:66:02:2a:b6:
         96:df:3d:1e:83:d1:cb:a7:a0:60:bc:98:bb:5b:94:26:aa:ed:
         f1:a6:a6:3c:e6:60:55:1f:59:2b:b6:95:9a:f2:61:a3:17:02:
         9a:b9:a3:22:c7:25:8b:d7:4b:c3:f1:4e:32:f6:21:e4:c0:dc:
         2d:61:2d:97:d0:f4:c0:3d:f8:cd:d3:fe:44:18:15:03:76:26:
         68:5a:7b:81:01:49:97:fc:9a:2e:61:f7:9d:93:46:d1:d2:88:
         40:ef:b4:2b:5e:ce:16:76:9f:ef:84:9f:1e:50:68:01:ff:cc:
         62:ad:fd:7d:bf:7e:a1:04:d0:b2:7e:72:34:4a:95:88:ee:30:
         d0:d3:f1:72:2e:50:86:fa:b5:8c:1f:f4:ce:91:0e:29:42:e4:
         27:4f:18:33:89:01:88:23:a1:01:42:4a:89:c9:8b:fe:59:fb:
         ec:e8:21:7c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUHQkSyoJR/CS/aBDmSmyt1vPld1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzExMjgxNTAwMDVaFw0yNDExMjYxNTA1MDVaMDMxMTAvBgNV
BAMTKEY2NDZDNTE5M0FDN0VFQkNENTdCMTlGQjFDNzVCNjY5NEI0QTE5ODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Ybeu7BS1y/LQyqp7CfaUb0bU
rXPO/VK/Cy7ETfxtHc1zjBy72jbJ1Y7+p35SQAZG+WEkKHalf0ft0TNKzMl2+Bf8
pOHAQS9h0PhwXaktCn1qzusF+b4vATXsyrihZ1i/hDKTcSWbKwOhqqreIhfxAvWt
rfmRnlfqWhApy6ajluloIIPDR2gUd+kPi07ZOQZAZNxUSB2Y62ExIMWSiXajusIe
zBE3dLBJBMv2Kqr7fmgmk1xqzoI6hcBRef6y76MIPXDssG3Guz9Nfm+rW0WGWjAD
P5PWcViNQWy3T2sMZ8kUw4n+OEq/GdKL+y3wCtAyWuOZWOKHrH7I5Q7b4mMZAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU9kbFGTrH7rzVexn7HHW2aUtKGYgwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzkzNjgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNCyow
DQYJKoZIhvcNAQELBQADggEBABMODANUhvs+Amuw2a6AM0ozmABTjXfK+DZWkH++
YJmeJ/pyYkNXUegvagTRwT8wAF+eA9dLSQ3l9qNDgwqrbEOA3hLOJdzXV/IbKZqb
TaiodLcRTcdqZgIqtpbfPR6D0cunoGC8mLtblCaq7fGmpjzmYFUfWSu2lZryYaMX
Apq5oyLHJYvXS8PxTjL2IeTA3C1hLZfQ9MA9+M3T/kQYFQN2Jmhae4EBSZf8mi5h
952TRtHSiEDvtCtezhZ2n++Enx5QaAH/zGKt/X2/fqEE0LJ+cjRKlYjuMNDT8XIu
UIb6tYwf9M6RDilC5CdPGDOJAYgjoQFCSonJi/5Z++zoIXw=
Generated at Mon Dec 11 11:36:35 2023 by rpki-client on console-ams.rpki-client.org