Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137302e302f32342d3234203d3e20333937363330.roa
File:                     3130392e3131302e3137302e302f32342d3234203d3e20333937363330.roa (raw, json)
Hash identifier:          LQheawQwGPBYBYwXWokbAARB3S2ejYkXqUjepjE2gAA=
Subject key identifier:   8D:4A:F6:04:4B:F5:21:27:63:5B:BB:1E:38:E5:CD:6E:8B:80:BE:20
Certificate issuer:       /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial:       7DF45B29F8AB221C9A02111A148E81C8B31A85B5
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137302e302f32342d3234203d3e20333937363330.roa
Signing time:             Fri 19 Apr 2024 18:45:58 +0000
ROA not before:           Fri 19 Apr 2024 18:40:58 +0000
ROA not after:            Fri 18 Apr 2025 18:45:58 +0000
asID:                     397630
IP address blocks:        109.110.170.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Nov 2024 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:f4:5b:29:f8:ab:22:1c:9a:02:11:1a:14:8e:81:c8:b3:1a:85:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
        Validity
            Not Before: Apr 19 18:40:58 2024 GMT
            Not After : Apr 18 18:45:58 2025 GMT
        Subject: CN=8D4AF6044BF52127635BBB1E38E5CD6E8B80BE20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:18:2b:b9:46:b2:2a:18:2b:fa:5a:a3:47:62:
                    96:64:8f:23:75:4e:6e:d6:68:98:9b:73:b4:62:22:
                    4d:27:92:d9:ec:bd:b6:03:d0:94:35:4a:26:29:a7:
                    51:33:de:cf:0d:2e:15:2d:cd:1e:2c:cd:7b:0f:bb:
                    ca:ce:c1:59:fc:ef:0c:9c:df:9c:95:26:84:54:ac:
                    20:2c:6b:df:17:a8:6c:24:f4:4b:5d:a4:22:b4:6a:
                    6c:70:f6:7d:7b:05:29:6b:90:d7:73:45:58:73:66:
                    2f:c6:00:43:57:ed:6b:07:5d:9f:c2:50:36:66:58:
                    e4:76:17:85:0c:cc:8c:f2:01:ad:4c:cc:19:c9:31:
                    38:c2:15:49:4b:d6:37:ea:15:ac:b2:40:e2:a5:1c:
                    21:68:ba:f5:0c:c0:63:56:fc:ad:ba:c2:9b:eb:a1:
                    df:7f:f8:e8:87:c7:d9:64:4f:2e:8f:f3:2f:be:e7:
                    93:77:a2:45:c7:d5:df:74:bf:e2:48:bd:f8:cd:28:
                    a7:d8:ee:f9:7e:2a:33:02:24:92:e8:c1:d7:a2:6b:
                    56:de:b2:6c:3f:a3:ef:b2:a4:bd:11:db:1a:c8:eb:
                    f5:cc:07:a9:3d:ed:4f:b3:c7:af:41:a8:69:86:af:
                    89:08:c6:2d:f6:89:df:95:46:89:96:50:07:0b:3d:
                    c7:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:4A:F6:04:4B:F5:21:27:63:5B:BB:1E:38:E5:CD:6E:8B:80:BE:20
            X509v3 Authority Key Identifier:
                keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137302e302f32342d3234203d3e20333937363330.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.110.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:f1:6a:9f:58:be:1c:40:af:86:bf:c1:8f:eb:22:4a:de:31:
         56:e5:5e:95:67:d0:13:c4:5f:6b:1a:98:6c:ea:ae:d1:79:0b:
         06:fd:8c:db:57:65:c2:a7:c4:fa:f0:07:77:29:21:7f:05:01:
         da:43:fd:ad:19:a5:92:bd:15:2b:f3:e4:ad:41:6c:f0:d4:a5:
         f3:ae:37:00:cd:1f:7c:8a:a5:a7:34:af:90:d5:91:53:66:18:
         99:d7:d5:a9:dc:23:43:37:8b:d0:bb:94:4e:a6:1d:a0:7f:92:
         53:76:14:94:e0:08:92:ec:90:24:74:0a:85:48:55:16:6d:ab:
         ed:30:77:ba:91:90:47:d1:7e:98:ba:25:61:8e:d7:59:cb:b0:
         09:38:56:5d:41:28:d1:38:6a:8d:73:4c:d7:b8:ef:1e:df:25:
         f0:38:95:d8:40:26:e3:b2:50:7e:04:4c:40:2f:48:0b:84:5d:
         8f:21:28:5a:36:82:c3:4a:42:49:a2:87:be:5f:ab:23:41:dd:
         49:9a:75:f5:41:2d:70:0e:69:5f:af:9e:27:f3:5b:c3:19:05:
         7d:47:40:1d:fb:f0:84:6b:97:9b:dc:a3:cd:de:9b:0d:10:a6:
         97:2a:e3:9a:b8:81:8b:d8:64:52:2f:d0:de:f4:f7:77:61:ab:
         0a:39:cb:02
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUffRbKfirIhyaAhEaFI6ByLMahbUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDA0MTkxODQwNThaFw0yNTA0MTgxODQ1NThaMDMxMTAvBgNV
BAMTKDhENEFGNjA0NEJGNTIxMjc2MzVCQkIxRTM4RTVDRDZFOEI4MEJFMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUGCu5RrIqGCv6WqNHYpZkjyN1
Tm7WaJibc7RiIk0nktnsvbYD0JQ1SiYpp1Ez3s8NLhUtzR4szXsPu8rOwVn87wyc
35yVJoRUrCAsa98XqGwk9EtdpCK0amxw9n17BSlrkNdzRVhzZi/GAENX7WsHXZ/C
UDZmWOR2F4UMzIzyAa1MzBnJMTjCFUlL1jfqFayyQOKlHCFouvUMwGNW/K26wpvr
od9/+OiHx9lkTy6P8y++55N3okXH1d90v+JIvfjNKKfY7vl+KjMCJJLowdeia1be
smw/o++ypL0R2xrI6/XMB6k97U+zx69BqGmGr4kIxi32id+VRomWUAcLPcf7AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUjUr2BEv1ISdjW7seOOXNbouAviAwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNzM2MzMzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uqjANBgkqhkiG9w0BAQsFAAOCAQEAFfFqn1i+HECvhr/Bj+siSt4xVuVe
lWfQE8RfaxqYbOqu0XkLBv2M21dlwqfE+vAHdykhfwUB2kP9rRmlkr0VK/PkrUFs
8NSl8643AM0ffIqlpzSvkNWRU2YYmdfVqdwjQzeL0LuUTqYdoH+SU3YUlOAIkuyQ
JHQKhUhVFm2r7TB3upGQR9F+mLolYY7XWcuwCThWXUEo0ThqjXNM17jvHt8l8DiV
2EAm47JQfgRMQC9IC4RdjyEoWjaCw0pCSaKHvl+rI0HdSZp19UEtcA5pX6+eJ/Nb
wxkFfUdAHfvwhGuXm9yjzd6bDRCmlyrjmriBi9hkUi/Q3vT3d2GrCjnLAg==
Generated at Mon Nov 11 03:32:37 2024 by rpki-client on console-ams.rpki-client.org