Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/322e35382e38342e302f32342d3234203d3e203233343730.roa
File:                     322e35382e38342e302f32342d3234203d3e203233343730.roa (raw, json)
Hash identifier:          d+HGiuHctAFer1ZR0N53TN2iximOKcw3XJA1yvEdqW0=
Subject key identifier:   DA:7F:FE:36:97:F1:B8:5C:74:17:B1:84:9C:CF:B6:63:F4:A3:E0:79
Certificate issuer:       /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial:       27FD53FF2384432B99EEB89BF6AF32EC12E29C92
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/322e35382e38342e302f32342d3234203d3e203233343730.roa
Signing time:             Sat 10 Feb 2024 05:59:46 +0000
ROA not before:           Sat 10 Feb 2024 05:54:46 +0000
ROA not after:            Sat 08 Feb 2025 05:59:46 +0000
asID:                     23470
IP address blocks:        2.58.84.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Mar 2024 10:04:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:fd:53:ff:23:84:43:2b:99:ee:b8:9b:f6:af:32:ec:12:e2:9c:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
        Validity
            Not Before: Feb 10 05:54:46 2024 GMT
            Not After : Feb  8 05:59:46 2025 GMT
        Subject: CN=DA7FFE3697F1B85C7417B1849CCFB663F4A3E079
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:8f:fc:ab:73:b1:00:f4:b3:06:e0:54:12:6e:
                    27:d4:a1:98:fd:e8:85:07:ce:9f:6c:36:85:51:29:
                    f7:a1:11:0d:e3:f8:81:26:ae:65:3b:87:f8:73:77:
                    76:e3:78:a4:9a:62:d4:18:ec:06:6b:a8:35:d9:95:
                    67:a1:42:57:7a:05:95:a0:dc:4a:a8:89:09:e5:14:
                    ff:37:d7:5f:42:06:86:71:f2:ae:8f:c3:75:72:b6:
                    73:75:cb:98:3b:8f:1a:57:ed:3a:69:3a:58:29:a1:
                    34:44:ed:a0:df:c9:ef:db:17:47:b4:3a:36:ec:74:
                    9d:01:20:89:62:11:aa:b7:c9:06:83:ec:f4:ca:15:
                    b5:3e:c8:65:cd:15:de:44:07:aa:26:3e:ee:69:5b:
                    5c:b5:1f:d0:42:9c:77:f9:11:d9:79:a6:ec:03:34:
                    b0:10:e3:93:0d:c2:a1:76:e7:09:dc:aa:68:f0:99:
                    49:c5:bd:ec:f2:67:28:73:45:36:61:e4:db:4e:fc:
                    3e:c9:ce:7f:a6:fc:f9:d6:a3:d8:d9:32:3d:3f:cf:
                    2e:92:af:f9:e7:70:43:45:3a:eb:6a:1a:6d:d7:d9:
                    e8:af:4c:f6:25:29:8b:23:8d:36:cf:52:ef:28:5c:
                    a4:00:04:ab:f5:f6:eb:12:73:7d:a6:ae:23:0c:a8:
                    06:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:7F:FE:36:97:F1:B8:5C:74:17:B1:84:9C:CF:B6:63:F4:A3:E0:79
            X509v3 Authority Key Identifier:
                keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/322e35382e38342e302f32342d3234203d3e203233343730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.58.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:64:f9:8e:50:41:eb:37:44:15:0e:0f:1c:08:63:7a:87:3c:
         9b:92:e6:f9:e4:2f:26:85:3e:11:e4:9d:46:da:a8:6d:fe:2e:
         4d:77:45:4f:5a:75:c3:b0:22:e5:74:b8:89:a9:b5:94:0a:71:
         f6:44:5d:15:30:f6:9a:53:27:9b:b0:a8:9a:b7:e6:7f:39:85:
         3c:20:b4:d9:94:e9:70:1a:0a:b1:dd:5a:24:64:53:a6:39:b5:
         e1:c0:42:ea:cd:b3:ca:b2:a3:68:4e:68:ae:5a:c2:72:75:01:
         50:9b:4f:35:d4:62:7b:b5:97:5c:7d:1d:04:89:b3:33:0d:b4:
         40:a6:6e:02:b1:02:60:7e:c1:2f:33:0f:66:77:91:6b:4a:81:
         5d:35:a6:96:4e:01:ea:3b:11:f0:fe:76:52:60:f7:63:21:ec:
         b6:53:f8:52:45:21:82:f7:21:0a:e1:89:1a:24:a1:7d:21:be:
         ec:6a:dc:07:eb:0a:93:2e:a7:05:df:27:8f:29:2c:7f:66:71:
         64:eb:aa:56:45:fe:9a:31:2f:7e:45:42:67:b2:f0:7e:e5:b3:
         a8:e3:d1:13:b8:75:7c:20:1a:ec:4d:bf:e4:0e:b0:6b:84:8d:
         44:88:09:56:bc:88:6a:8e:83:07:56:7b:41:95:42:54:36:a8:
         12:ae:57:77
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUJ/1T/yOEQyuZ7rib9q8y7BLinJIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDAyMTAwNTU0NDZaFw0yNTAyMDgwNTU5NDZaMDMxMTAvBgNV
BAMTKERBN0ZGRTM2OTdGMUI4NUM3NDE3QjE4NDlDQ0ZCNjYzRjRBM0UwNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCij/yrc7EA9LMG4FQSbifUoZj9
6IUHzp9sNoVRKfehEQ3j+IEmrmU7h/hzd3bjeKSaYtQY7AZrqDXZlWehQld6BZWg
3EqoiQnlFP83119CBoZx8q6Pw3VytnN1y5g7jxpX7TppOlgpoTRE7aDfye/bF0e0
OjbsdJ0BIIliEaq3yQaD7PTKFbU+yGXNFd5EB6omPu5pW1y1H9BCnHf5Edl5puwD
NLAQ45MNwqF25wncqmjwmUnFvezyZyhzRTZh5NtO/D7Jzn+m/PnWo9jZMj0/zy6S
r/nncENFOutqGm3X2eivTPYlKYsjjTbPUu8oXKQABKv19usSc32mriMMqAZdAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU2n/+NpfxuFx0F7GEnM+2Y/Sj4HkwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzIyZTM1MzgyZTM4MzQyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMzMzQzNzMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpUMA0G
CSqGSIb3DQEBCwUAA4IBAQAPZPmOUEHrN0QVDg8cCGN6hzybkub55C8mhT4R5J1G
2qht/i5Nd0VPWnXDsCLldLiJqbWUCnH2RF0VMPaaUyebsKiat+Z/OYU8ILTZlOlw
Ggqx3VokZFOmObXhwELqzbPKsqNoTmiuWsJydQFQm0811GJ7tZdcfR0EibMzDbRA
pm4CsQJgfsEvMw9md5FrSoFdNaaWTgHqOxHw/nZSYPdjIey2U/hSRSGC9yEK4Yka
JKF9Ib7satwH6wqTLqcF3yePKSx/ZnFk66pWRf6aMS9+RUJnsvB+5bOo49ETuHV8
IBrsTb/kDrBrhI1EiAlWvIhqjoMHVntBlUJUNqgSrld3
Generated at Mon Mar 11 15:12:39 2024 by rpki-client on console-ams.rpki-client.org