Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa
File:                     3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa (raw, json)
Hash identifier:          Yy12JJjY90pkNcYNfiQ+EW7F0PMjTrs2EFyXhDDTsrM=
Subject key identifier:   AD:E1:F8:D5:B6:41:F1:B8:38:CA:AD:09:26:DC:79:3F:A6:84:88:47
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       7AA6AC5FEC3704BD446C519CEFFA0426B1B9196A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa
Signing time:             Sat 08 Jun 2024 09:05:18 +0000
ROA not before:           Sat 08 Jun 2024 09:00:18 +0000
ROA not after:            Sat 07 Jun 2025 09:05:18 +0000
asID:                     206505
IP address blocks:        193.37.239.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 08:20:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:a6:ac:5f:ec:37:04:bd:44:6c:51:9c:ef:fa:04:26:b1:b9:19:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Jun  8 09:00:18 2024 GMT
            Not After : Jun  7 09:05:18 2025 GMT
        Subject: CN=ADE1F8D5B641F1B838CAAD0926DC793FA6848847
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:08:36:7f:b5:b5:ca:9c:0f:bc:9d:39:98:a0:
                    f9:e6:98:73:df:45:ed:b0:0b:df:30:ae:c8:d1:4b:
                    a2:ed:f6:90:65:b3:c9:f0:d1:a6:4d:23:35:6f:c3:
                    e0:6f:65:d0:9c:a3:7f:7f:c8:aa:a3:ca:9f:3f:90:
                    17:51:35:68:91:a8:95:34:5c:11:d4:1d:3f:57:1b:
                    e0:9a:b0:8a:03:71:64:ff:11:8f:f2:15:06:73:7e:
                    37:9e:f0:d2:72:aa:8e:19:f9:e8:64:d0:c6:5c:a5:
                    c4:1b:ec:30:96:1e:65:13:a8:44:69:69:cb:f3:5c:
                    8c:1c:c2:2e:8f:e3:b3:49:d8:e6:eb:e8:db:29:b9:
                    b6:eb:f6:2a:2b:06:68:2e:a0:c7:62:26:a0:71:f1:
                    c4:59:df:aa:dc:bc:97:b6:7f:d9:5e:47:d0:d6:f6:
                    e8:01:f0:47:9c:7f:cc:3a:b7:33:1b:79:63:dd:c6:
                    07:67:72:7e:84:82:3f:da:2f:31:de:4c:44:5f:e0:
                    a8:da:ce:1f:29:38:db:74:2d:a5:c9:33:67:41:02:
                    7a:50:a3:7f:56:3b:05:a2:2e:01:88:ee:3f:b0:80:
                    bb:54:8d:08:05:fe:c7:fb:fb:10:6a:0a:27:73:62:
                    dd:6d:95:37:2f:55:5b:c2:6a:11:56:f2:45:ea:f6:
                    26:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:E1:F8:D5:B6:41:F1:B8:38:CA:AD:09:26:DC:79:3F:A6:84:88:47
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e20323036353035.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.37.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:68:8f:33:13:c6:47:b4:02:3a:a7:c1:be:19:73:36:63:d5:
         de:6b:a6:e1:75:1f:49:18:a1:72:8c:16:65:3d:e4:ba:c6:5b:
         47:2e:b1:25:11:8b:0c:02:c6:f2:e5:65:bf:fd:1f:77:df:44:
         06:56:13:80:ae:5c:c1:16:7c:bf:f2:56:b0:c7:c3:81:69:33:
         ba:3c:a9:5c:9f:c4:7c:ca:18:35:99:60:7c:77:4e:43:dc:2d:
         ed:99:07:48:d9:8b:8a:b5:b1:d9:c2:ca:6d:a8:d8:91:e2:51:
         14:41:75:6c:0f:12:4a:9b:8c:7a:11:8e:8a:82:33:c9:1f:f0:
         2e:c3:01:b9:fb:7d:43:46:96:2d:5e:10:e4:10:42:8a:77:7d:
         cd:0c:8b:68:85:cb:b5:17:41:16:df:b6:dd:9c:5b:a3:e5:9f:
         92:e9:56:6c:d6:2d:a6:c2:cf:6c:da:d3:2e:27:ac:9c:f4:52:
         34:59:93:b6:3b:e7:9b:a8:10:4d:f6:12:f0:8c:ec:61:15:1d:
         f4:6c:98:24:ab:03:59:45:18:f4:17:56:4f:67:c6:f6:f9:fb:
         2f:25:eb:8a:d3:d6:5f:1d:21:82:ae:01:a5:b6:59:84:8a:29:
         9b:c5:3e:33:ba:ce:a0:28:aa:cb:8c:3c:f9:df:4c:e8:fe:07:
         bb:c5:b1:f2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeqasX+w3BL1EbFGc7/oEJrG5GWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA2MDgwOTAwMThaFw0yNTA2MDcwOTA1MThaMDMxMTAvBgNV
BAMTKEFERTFGOEQ1QjY0MUYxQjgzOENBQUQwOTI2REM3OTNGQTY4NDg4NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKCDZ/tbXKnA+8nTmYoPnmmHPf
Re2wC98wrsjRS6Lt9pBls8nw0aZNIzVvw+BvZdCco39/yKqjyp8/kBdRNWiRqJU0
XBHUHT9XG+CasIoDcWT/EY/yFQZzfjee8NJyqo4Z+ehk0MZcpcQb7DCWHmUTqERp
acvzXIwcwi6P47NJ2Obr6Nspubbr9iorBmguoMdiJqBx8cRZ36rcvJe2f9leR9DW
9ugB8Eecf8w6tzMbeWPdxgdncn6Egj/aLzHeTERf4Kjazh8pONt0LaXJM2dBAnpQ
o39WOwWiLgGI7j+wgLtUjQgF/sf7+xBqCidzYt1tlTcvVVvCahFW8kXq9ibvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUreH41bZB8bg4yq0JJtx5P6aEiEcwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzOTMzMmUzMzM3MmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzNTMwMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBJe8wDQYJKoZIhvcNAQELBQADggEBAGtojzMTxke0Ajqnwb4ZczZj1d5rpuF1
H0kYoXKMFmU95LrGW0cusSURiwwCxvLlZb/9H3ffRAZWE4CuXMEWfL/yVrDHw4Fp
M7o8qVyfxHzKGDWZYHx3TkPcLe2ZB0jZi4q1sdnCym2o2JHiURRBdWwPEkqbjHoR
joqCM8kf8C7DAbn7fUNGli1eEOQQQop3fc0Mi2iFy7UXQRbftt2cW6Pln5LpVmzW
LabCz2za0y4nrJz0UjRZk7Y755uoEE32EvCM7GEVHfRsmCSrA1lFGPQXVk9nxvb5
+y8l64rT1l8dIYKuAaW2WYSKKZvFPjO6zqAoqsuMPPnfTOj+B7vFsfI=
-----END CERTIFICATE-----
Generated at Tue Sep 24 12:04:18 2024 by rpki-client on console-ams.rpki-client.org