Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37392e302f32342d3234203d3e203239383032.roa
File:                     3137312e32322e37392e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier:          fQFYJsrXjy6IwELwtSdCz6iqMqgvbRUWrLFWLg/ci5U=
Subject key identifier:   AE:E2:34:28:17:B2:A7:63:3F:0E:1E:F8:63:86:AD:3A:58:07:82:B7
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       4BA6DFD4FBB815BB69964ADC4080CFD5E4FEB5E9
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37392e302f32342d3234203d3e203239383032.roa
Signing time:             Sat 16 Dec 2023 10:37:03 +0000
ROA not before:           Sat 16 Dec 2023 10:32:03 +0000
ROA not after:            Sat 14 Dec 2024 10:37:03 +0000
asID:                     29802
IP address blocks:        171.22.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:a6:df:d4:fb:b8:15:bb:69:96:4a:dc:40:80:cf:d5:e4:fe:b5:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Dec 16 10:32:03 2023 GMT
            Not After : Dec 14 10:37:03 2024 GMT
        Subject: CN=AEE2342817B2A7633F0E1EF86386AD3A580782B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:9e:a1:dd:58:03:6b:c0:0e:95:15:f8:21:11:
                    75:6d:9f:51:34:3b:65:da:e3:d8:d9:83:0e:a7:84:
                    d0:08:f8:aa:ca:84:8a:d7:4b:3e:a6:74:fb:3c:36:
                    8d:98:0e:0b:23:ea:05:c6:a7:8e:27:39:27:8f:9a:
                    ab:97:24:d9:4d:bd:8d:19:88:51:50:3e:59:03:af:
                    5f:9e:2d:31:f3:42:39:5a:2c:53:a3:65:c4:62:28:
                    2b:6c:8d:79:be:cd:c1:04:4a:c0:37:61:2b:ad:9d:
                    30:d3:e3:73:95:c6:eb:6d:1d:0c:58:a4:a3:6e:21:
                    a3:94:05:55:c8:ca:e0:13:cc:5d:27:9f:55:23:e0:
                    45:c9:ec:48:36:67:1d:cb:20:f5:20:f3:d9:f6:80:
                    fb:3e:39:d3:22:df:90:85:39:df:99:20:96:0f:42:
                    0c:28:7c:4a:94:0b:a2:9c:de:3d:8c:12:52:d0:7f:
                    a3:d9:68:73:2e:5f:ad:c7:8d:4c:9c:0e:7e:97:df:
                    f3:17:8b:16:e3:5a:6a:fa:45:8e:54:2b:60:06:bb:
                    9e:5f:08:08:e5:54:23:9b:72:2f:8c:4b:42:54:8c:
                    01:e1:40:99:58:bf:fa:f7:26:70:52:f6:97:23:6f:
                    2b:15:76:0a:ab:3e:6a:8b:60:a7:b8:3e:8a:8e:68:
                    e7:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:E2:34:28:17:B2:A7:63:3F:0E:1E:F8:63:86:AD:3A:58:07:82:B7
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37392e302f32342d3234203d3e203239383032.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  171.22.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:e3:6e:ac:60:67:47:59:b4:e9:e3:d9:cd:74:c9:21:b4:ee:
         4c:b4:1b:11:7d:d6:b6:dd:a0:fc:5b:ad:bb:b4:cb:1d:e6:8c:
         5e:c7:cd:94:db:4a:b9:2d:73:71:bf:39:39:03:e3:0c:b0:50:
         8a:82:73:27:e2:8e:4f:9e:ff:f4:3a:ad:19:cf:7b:87:9a:58:
         7a:d8:f0:f4:33:aa:75:b7:3b:fb:2d:be:0b:13:54:e1:e6:c6:
         43:48:84:94:68:83:a7:84:21:b6:ad:c4:c0:68:cc:a7:df:c1:
         ab:58:12:f8:35:2e:89:23:43:05:56:74:12:04:9a:f9:fa:94:
         7d:fb:80:1f:bc:c2:41:72:53:00:1c:f4:bd:a6:22:f0:8a:78:
         fb:3d:8a:2d:c2:b1:1d:33:92:6a:b1:b9:b8:3a:36:eb:9d:b4:
         e0:c1:fd:d3:1d:a3:18:1f:6f:af:3a:3a:72:52:ce:48:02:03:
         f5:f8:a2:ae:35:95:de:07:09:dd:44:2b:fa:f0:53:6b:7e:e7:
         1d:58:de:3e:39:44:9f:c0:f9:42:9d:d7:61:54:6d:9d:e3:99:
         09:d2:19:7a:c4:ba:b2:dc:45:49:13:29:b0:b9:ff:9b:11:b4:
         4c:ae:d6:ed:c9:3e:a7:19:ef:eb:3b:95:78:18:6a:88:9b:c2:
         10:ff:f7:9c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUS6bf1Pu4FbtplkrcQIDP1eT+tekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMTYxMDMyMDNaFw0yNDEyMTQxMDM3MDNaMDMxMTAvBgNV
BAMTKEFFRTIzNDI4MTdCMkE3NjMzRjBFMUVGODYzODZBRDNBNTgwNzgyQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmnqHdWANrwA6VFfghEXVtn1E0
O2Xa49jZgw6nhNAI+KrKhIrXSz6mdPs8No2YDgsj6gXGp44nOSePmquXJNlNvY0Z
iFFQPlkDr1+eLTHzQjlaLFOjZcRiKCtsjXm+zcEESsA3YSutnTDT43OVxuttHQxY
pKNuIaOUBVXIyuATzF0nn1Uj4EXJ7Eg2Zx3LIPUg89n2gPs+OdMi35CFOd+ZIJYP
QgwofEqUC6Kc3j2MElLQf6PZaHMuX63HjUycDn6X3/MXixbjWmr6RY5UK2AGu55f
CAjlVCObci+MS0JUjAHhQJlYv/r3JnBS9pcjbysVdgqrPmqLYKe4PoqOaOfTAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUruI0KBeyp2M/Dh74Y4atOlgHgrcwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsW
TzANBgkqhkiG9w0BAQsFAAOCAQEAYONurGBnR1m06ePZzXTJIbTuTLQbEX3Wtt2g
/Futu7TLHeaMXsfNlNtKuS1zcb85OQPjDLBQioJzJ+KOT57/9DqtGc97h5pYetjw
9DOqdbc7+y2+CxNU4ebGQ0iElGiDp4Qhtq3EwGjMp9/Bq1gS+DUuiSNDBVZ0EgSa
+fqUffuAH7zCQXJTABz0vaYi8Ip4+z2KLcKxHTOSarG5uDo265204MH90x2jGB9v
rzo6clLOSAID9fiirjWV3gcJ3UQr+vBTa37nHVjePjlEn8D5Qp3XYVRtneOZCdIZ
esS6stxFSRMpsLn/mxG0TK7W7ck+pxnv6zuVeBhqiJvCEP/3nA==
-----END CERTIFICATE-----
Generated at Sun Dec 17 09:55:14 2023 by rpki-client on console-ams.rpki-client.org