Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e38362e302f32342d3234203d3e20313339363630.roa
File:                     3134362e31392e38362e302f32342d3234203d3e20313339363630.roa (raw, json)
Hash identifier:          T1cGLqLdxkSVSZjPmWAnpIrAySMuFChhG9hweu0oMi8=
Subject key identifier:   05:D9:59:E4:7B:43:F9:62:B1:09:E4:2B:26:EA:B6:E7:03:19:E1:6F
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       49FEB21F2DB7E2C2AD5BDF4E396D24F7981CCEA9
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e38362e302f32342d3234203d3e20313339363630.roa
Signing time:             Fri 01 Dec 2023 07:30:24 +0000
ROA not before:           Fri 01 Dec 2023 07:25:24 +0000
ROA not after:            Fri 29 Nov 2024 07:30:24 +0000
asID:                     139660
IP address blocks:        146.19.86.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Jan 2024 00:00:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:fe:b2:1f:2d:b7:e2:c2:ad:5b:df:4e:39:6d:24:f7:98:1c:ce:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Dec  1 07:25:24 2023 GMT
            Not After : Nov 29 07:30:24 2024 GMT
        Subject: CN=05D959E47B43F962B109E42B26EAB6E70319E16F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:41:0e:6c:84:65:5d:2a:1a:ff:06:7d:39:6a:
                    31:2c:87:e3:00:eb:29:99:f6:53:0c:f1:22:6e:b4:
                    1d:cf:ee:db:ee:9f:5b:30:39:a9:f7:31:fc:80:af:
                    81:ae:2f:84:84:3f:4a:48:e5:9f:3b:56:64:87:66:
                    70:29:fb:77:db:28:7e:f9:36:32:11:ae:8a:b9:cf:
                    6d:af:f4:d7:d3:c6:58:ca:10:2c:bc:39:cd:43:8d:
                    f9:1b:1c:24:c5:22:d9:0e:31:24:8a:96:0e:68:1b:
                    ae:40:65:7e:e9:21:2d:45:25:40:1c:54:e7:a8:ab:
                    e9:79:08:d6:c0:9c:4e:c3:da:66:48:9b:c4:6d:64:
                    3e:44:5f:7e:56:87:b0:48:33:27:2d:68:8d:e4:07:
                    25:fb:95:44:c3:48:4a:4f:41:a9:cd:e5:79:99:8c:
                    fb:9c:d2:6c:24:8d:9f:ff:05:a0:73:0d:71:a2:4f:
                    2e:e9:87:03:94:7a:47:5d:f3:aa:f3:b9:f1:e3:e9:
                    6e:a2:e8:c8:5d:c7:5a:2b:2b:43:cc:19:ba:d1:d0:
                    44:a3:a1:84:67:c6:23:6b:a2:2d:f2:67:e2:48:a4:
                    87:7f:ec:ea:1a:97:6b:99:16:48:8a:be:12:66:3b:
                    31:d7:aa:51:98:d8:ab:08:c0:ba:23:b5:46:01:5b:
                    56:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:D9:59:E4:7B:43:F9:62:B1:09:E4:2B:26:EA:B6:E7:03:19:E1:6F
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3134362e31392e38362e302f32342d3234203d3e20313339363630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.19.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ca:ac:f7:cb:5f:be:75:6d:ed:2a:36:19:06:7d:8d:1e:89:c4:
         5b:b6:4d:67:da:3e:ce:e6:2f:55:ed:ab:d2:f9:98:30:05:c6:
         3c:b1:06:69:5d:7a:3b:44:0d:11:34:1a:63:07:33:32:58:66:
         e4:5d:30:28:29:1c:96:f5:31:57:ec:97:a7:16:66:55:ba:3e:
         48:60:86:f8:dd:be:09:bd:ba:69:e4:8e:1b:b8:c4:de:b0:1b:
         24:dc:e5:86:7c:9a:bc:73:88:d2:a4:79:b6:61:32:ec:52:94:
         21:1e:51:90:38:d4:d8:e0:5d:6d:e6:8f:51:fa:bc:af:5d:9f:
         22:f5:65:2e:5b:c9:a7:57:b0:da:19:3c:26:fc:19:0e:d5:c5:
         f3:a8:7a:2c:99:15:92:97:60:6b:36:1d:ef:7f:80:e2:cc:9f:
         56:1f:83:ae:ae:9d:0c:31:9d:28:1d:0b:d9:2f:e7:42:a6:9f:
         aa:62:19:9a:b7:fe:ed:0e:88:3d:a1:57:d8:4a:c7:ba:d7:e4:
         cd:4f:45:1a:58:fc:ca:d3:a7:b8:f8:32:62:b7:83:47:a1:e1:
         8e:a9:c5:00:eb:3c:ad:c8:ff:cf:2e:8d:74:c9:98:b7:af:05:
         42:7b:6a:f1:70:dd:da:50:d5:06:c4:36:f5:44:de:dc:ca:47:
         b0:c5:d6:72
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSf6yHy234sKtW99OOW0k95gczqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMDEwNzI1MjRaFw0yNDExMjkwNzMwMjRaMDMxMTAvBgNV
BAMTKDA1RDk1OUU0N0I0M0Y5NjJCMTA5RTQyQjI2RUFCNkU3MDMxOUUxNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvQQ5shGVdKhr/Bn05ajEsh+MA
6ymZ9lMM8SJutB3P7tvun1swOan3MfyAr4GuL4SEP0pI5Z87VmSHZnAp+3fbKH75
NjIRroq5z22v9NfTxljKECy8Oc1DjfkbHCTFItkOMSSKlg5oG65AZX7pIS1FJUAc
VOeoq+l5CNbAnE7D2mZIm8RtZD5EX35Wh7BIMyctaI3kByX7lUTDSEpPQanN5XmZ
jPuc0mwkjZ//BaBzDXGiTy7phwOUekdd86rzufHj6W6i6Mhdx1orK0PMGbrR0ESj
oYRnxiNroi3yZ+JIpId/7Ooal2uZFkiKvhJmOzHXqlGY2KsIwLojtUYBW1Z5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBdlZ5HtD+WKxCeQrJuq25wMZ4W8wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNDM2MmUzMTM5MmUzODM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM5MzYzNjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khNWMA0GCSqGSIb3DQEBCwUAA4IBAQDKrPfLX751be0qNhkGfY0eicRbtk1n2j7O
5i9V7avS+ZgwBcY8sQZpXXo7RA0RNBpjBzMyWGbkXTAoKRyW9TFX7JenFmZVuj5I
YIb43b4Jvbpp5I4buMTesBsk3OWGfJq8c4jSpHm2YTLsUpQhHlGQONTY4F1t5o9R
+ryvXZ8i9WUuW8mnV7DaGTwm/BkO1cXzqHosmRWSl2BrNh3vf4DizJ9WH4Ourp0M
MZ0oHQvZL+dCpp+qYhmat/7tDog9oVfYSse61+TNT0UaWPzK06e4+DJit4NHoeGO
qcUA6zytyP/PLo10yZi3rwVCe2rxcN3aUNUGxDb1RN7cykewxdZy
-----END CERTIFICATE-----
Generated at Mon Jan 22 04:52:41 2024 by rpki-client on console-fra.rpki-client.org