Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323032343038.roa
File:                     3231322e3130322e3131342e302f32342d3234203d3e20323032343038.roa (raw, json)
Hash identifier:          bA+64SeZjVCMAIfm9fWsRIVm+e0SiNXYOc4SPiHzKB8=
Subject key identifier:   29:93:D7:59:55:D0:8B:12:0F:9B:A2:8A:18:45:6D:CC:65:12:6A:93
Certificate issuer:       /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial:       4D58B47AAAC194BCE211C07040353B1288C7A6BB
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323032343038.roa
Signing time:             Mon 24 Jul 2023 04:58:43 +0000
ROA not before:           Mon 24 Jul 2023 04:53:43 +0000
ROA not after:            Mon 22 Jul 2024 04:58:43 +0000
asID:                     202408
IP address blocks:        212.102.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 May 2024 13:42:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:58:b4:7a:aa:c1:94:bc:e2:11:c0:70:40:35:3b:12:88:c7:a6:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
        Validity
            Not Before: Jul 24 04:53:43 2023 GMT
            Not After : Jul 22 04:58:43 2024 GMT
        Subject: CN=2993D75955D08B120F9BA28A18456DCC65126A93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e9:f1:0f:b4:81:e9:29:db:df:ac:52:f9:e3:
                    e2:76:a9:2f:31:b0:ef:2c:e3:3a:82:52:95:cc:8a:
                    de:b3:39:a9:f1:44:6f:1b:87:af:be:27:dc:23:a4:
                    8d:98:bb:75:d7:62:5d:2b:a8:e2:45:dc:d1:29:8c:
                    ad:43:8a:fe:8d:e3:61:42:52:9d:a1:dc:8a:ea:9b:
                    c1:7f:d9:4c:c9:f1:09:a4:22:37:30:43:79:19:a9:
                    87:43:53:80:c6:70:c4:32:4d:dd:21:ed:0e:d1:cd:
                    f5:fd:88:ce:fe:58:2d:d6:f1:99:15:b1:99:0d:08:
                    98:a3:d5:a9:56:a1:f6:77:c8:43:ac:e6:fe:b4:c9:
                    0b:6d:3d:d6:61:e6:f8:29:13:52:30:2f:d1:a2:00:
                    95:a4:6e:01:41:ef:39:b7:41:c5:aa:fa:b1:8d:39:
                    19:24:9b:58:83:1b:f0:78:d8:9d:de:19:0f:20:5c:
                    d5:40:21:3f:b0:f3:ee:77:22:68:2f:7b:d6:82:ff:
                    3b:ec:e6:46:58:ea:65:a7:b6:b2:e2:e0:e2:ad:b3:
                    1b:8e:95:0e:40:4c:67:ca:23:13:71:2d:7b:22:55:
                    5f:64:de:b7:f8:8f:4d:ef:9a:20:15:06:83:1b:f4:
                    bc:55:a0:7e:42:93:9d:3a:4d:9a:21:3b:85:47:f8:
                    85:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:93:D7:59:55:D0:8B:12:0F:9B:A2:8A:18:45:6D:CC:65:12:6A:93
            X509v3 Authority Key Identifier:
                keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3231322e3130322e3131342e302f32342d3234203d3e20323032343038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.102.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:c1:d1:f1:df:cc:d6:8a:59:b1:da:4b:d7:39:85:ec:e9:c5:
         d6:c8:b1:80:08:69:6f:88:9f:35:d1:0e:9d:56:f6:34:6f:7b:
         ff:42:63:17:d0:ab:9b:6a:cd:26:6c:1f:b7:42:19:f2:d5:98:
         f5:1c:7c:e1:ca:cf:42:cd:47:77:1e:cd:b0:3e:1b:6c:50:8b:
         73:a0:60:bb:25:a4:59:6a:a3:22:fe:d3:9f:76:53:43:44:12:
         ad:1a:63:49:12:8f:8b:f7:8b:18:d8:4f:6d:c7:74:35:be:c1:
         59:7a:5f:e0:63:7e:4a:51:61:b4:62:06:c2:71:04:95:d0:ec:
         e0:03:ec:3c:39:34:cd:f7:4e:20:b5:57:c4:78:e1:bb:1b:54:
         45:2f:b2:8b:a6:f5:c2:e3:78:45:70:15:53:eb:ca:da:a0:4e:
         9d:16:e6:e7:ef:17:f9:e0:e5:6c:02:ab:c9:7f:3e:f8:ba:c9:
         7c:9d:2f:c4:1f:ed:91:40:86:35:22:eb:40:ec:a9:05:1a:db:
         46:ed:1a:ec:9c:e3:c8:87:34:9a:18:87:2b:b6:07:9a:b4:a0:
         d0:f4:9b:84:f8:ed:bf:58:dd:11:95:a5:19:1c:87:f0:24:62:
         4c:09:03:09:1f:0b:15:df:0b:9d:67:f0:66:23:b5:0e:16:2a:
         6c:40:f7:47
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUTVi0eqrBlLziEcBwQDU7EojHprswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yMzA3MjQwNDUzNDNaFw0yNDA3MjIwNDU4NDNaMDMxMTAvBgNV
BAMTKDI5OTNENzU5NTVEMDhCMTIwRjlCQTI4QTE4NDU2RENDNjUxMjZBOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP6fEPtIHpKdvfrFL54+J2qS8x
sO8s4zqCUpXMit6zOanxRG8bh6++J9wjpI2Yu3XXYl0rqOJF3NEpjK1Div6N42FC
Up2h3Irqm8F/2UzJ8QmkIjcwQ3kZqYdDU4DGcMQyTd0h7Q7RzfX9iM7+WC3W8ZkV
sZkNCJij1alWofZ3yEOs5v60yQttPdZh5vgpE1IwL9GiAJWkbgFB7zm3QcWq+rGN
ORkkm1iDG/B42J3eGQ8gXNVAIT+w8+53Imgve9aC/zvs5kZY6mWntrLi4OKtsxuO
lQ5ATGfKIxNxLXsiVV9k3rf4j03vmiAVBoMb9LxVoH5Ck506TZohO4VH+IW5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUKZPXWVXQixIPm6KKGEVtzGUSapMwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzIzMTMyMmUzMTMwMzIyZTMx
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMjM0MzAzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANRmcjANBgkqhkiG9w0BAQsFAAOCAQEAL8HR8d/M1opZsdpL1zmF7OnF1six
gAhpb4ifNdEOnVb2NG97/0JjF9Crm2rNJmwft0IZ8tWY9Rx84crPQs1Hdx7NsD4b
bFCLc6BguyWkWWqjIv7Tn3ZTQ0QSrRpjSRKPi/eLGNhPbcd0Nb7BWXpf4GN+SlFh
tGIGwnEEldDs4APsPDk0zfdOILVXxHjhuxtURS+yi6b1wuN4RXAVU+vK2qBOnRbm
5+8X+eDlbAKryX8++LrJfJ0vxB/tkUCGNSLrQOypBRrbRu0a7JzjyIc0mhiHK7YH
mrSg0PSbhPjtv1jdEZWlGRyH8CRiTAkDCR8LFd8LnWfwZiO1DhYqbED3Rw==
-----END CERTIFICATE-----
Generated at Tue May 28 18:07:15 2024 by rpki-client on console-ams.rpki-client.org