Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35372e302f32342d3234203d3e20383334.roa
File:                     322e35392e35372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          2X6ihnvPmpCRbHI+QQqGoQ1a83uHaH3I2B2Oqfq1Q54=
Subject key identifier:   43:E5:D6:00:28:87:94:F8:AA:05:5D:6B:BD:79:FE:FE:7C:CB:6E:12
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       7EC717D794FB49745C5F80607C468ACD35D77A79
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35372e302f32342d3234203d3e20383334.roa
Signing time:             Mon 03 Apr 2023 13:00:10 +0000
ROA not before:           Mon 03 Apr 2023 12:55:10 +0000
ROA not after:            Mon 01 Apr 2024 13:00:10 +0000
asID:                     834
IP address blocks:        2.59.57.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:c7:17:d7:94:fb:49:74:5c:5f:80:60:7c:46:8a:cd:35:d7:7a:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Apr  3 12:55:10 2023 GMT
            Not After : Apr  1 13:00:10 2024 GMT
        Subject: CN=43E5D600288794F8AA055D6BBD79FEFE7CCB6E12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:64:2c:9d:69:36:86:27:27:d9:51:28:86:6d:
                    3a:e8:89:ca:5d:ec:2b:88:00:8d:8a:22:65:66:8c:
                    cc:00:04:83:14:c8:14:8d:9d:00:b2:f7:ea:0d:b7:
                    6d:93:1b:9d:77:be:bb:dc:a6:75:65:4b:0c:f2:68:
                    95:67:2d:9b:b4:a3:53:36:49:b2:9d:24:03:ee:2e:
                    30:e1:76:07:ce:e4:9c:1c:00:b9:3b:67:1d:eb:f1:
                    6b:a2:bd:bf:75:49:f7:7b:95:c5:e3:31:f7:7c:b6:
                    c8:c2:e9:ac:bc:f6:b5:fb:c2:54:88:3a:ae:27:e6:
                    df:10:1e:cc:e4:11:fd:af:4d:c8:65:6b:2c:26:9d:
                    99:3c:23:1d:c6:be:92:76:ec:c0:0e:90:48:7c:7c:
                    e9:98:bf:4a:b3:c2:5a:4d:04:51:a7:d6:05:2f:e9:
                    67:b7:bf:96:a7:63:a2:26:a6:1e:1d:d5:d1:0b:e7:
                    12:4e:04:71:21:d3:09:2b:0b:09:7a:44:88:a7:c3:
                    c0:9e:b3:d5:59:32:4b:c7:94:9a:fb:0d:d2:42:dd:
                    04:8a:cc:bf:17:64:55:66:79:94:de:39:d4:25:2a:
                    6f:77:40:0b:c2:6f:ca:21:c0:4b:e1:6d:17:49:ca:
                    14:8c:2b:c2:cf:e0:1d:9b:9e:31:99:05:e0:00:44:
                    0b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:E5:D6:00:28:87:94:F8:AA:05:5D:6B:BD:79:FE:FE:7C:CB:6E:12
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35372e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.59.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b8:5b:12:bd:a0:6e:2a:ea:f1:a6:55:a7:0b:cc:1c:87:41:16:
         d5:48:48:d8:85:56:cd:0f:7c:3f:36:fd:06:1b:23:f9:d4:06:
         b3:7d:d7:b5:19:71:42:ee:ea:15:54:c1:93:b2:95:8b:81:f6:
         6b:ae:6f:f3:4b:66:30:30:f2:f1:fc:13:d0:0e:2a:99:46:43:
         52:0d:71:7d:fd:e1:cd:89:07:06:15:7d:02:b8:58:df:04:1b:
         63:ab:27:3b:c6:55:a8:2d:e0:f5:85:33:93:51:89:6a:a5:4e:
         ac:e7:5e:59:23:de:84:0b:a9:93:c6:8b:4a:07:68:13:2b:59:
         66:32:5c:89:a4:d1:63:22:4e:6e:f7:0b:6e:17:25:41:fb:fb:
         12:1e:b0:72:b4:7a:3a:8a:04:fa:b0:26:52:fa:5c:43:d7:fa:
         6b:65:52:fd:c5:72:3e:cc:55:b8:94:cf:a7:9b:e8:f4:d2:05:
         be:31:57:8e:40:7a:f4:d0:a4:99:2d:fa:3b:0f:0d:be:ff:b2:
         12:00:f4:0e:a3:5c:30:70:63:bd:fa:8b:b9:41:0a:c3:4e:15:
         8c:f5:04:2e:f2:14:9c:5d:38:8c:44:6f:b2:dd:b9:1f:51:50:
         c2:62:25:48:e3:f3:d3:ff:77:af:9d:29:86:b1:f3:d5:6e:a0:
         5f:16:1b:f7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUfscX15T7SXRcX4BgfEaKzTXXenkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA0MDMxMjU1MTBaFw0yNDA0MDExMzAwMTBaMDMxMTAvBgNV
BAMTKDQzRTVENjAwMjg4Nzk0RjhBQTA1NUQ2QkJENzlGRUZFN0NDQjZFMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ZCydaTaGJyfZUSiGbTroicpd
7CuIAI2KImVmjMwABIMUyBSNnQCy9+oNt22TG513vrvcpnVlSwzyaJVnLZu0o1M2
SbKdJAPuLjDhdgfO5JwcALk7Zx3r8Wuivb91Sfd7lcXjMfd8tsjC6ay89rX7wlSI
Oq4n5t8QHszkEf2vTchlaywmnZk8Ix3GvpJ27MAOkEh8fOmYv0qzwlpNBFGn1gUv
6We3v5anY6Imph4d1dEL5xJOBHEh0wkrCwl6RIinw8Ces9VZMkvHlJr7DdJC3QSK
zL8XZFVmeZTeOdQlKm93QAvCb8ohwEvhbRdJyhSMK8LP4B2bnjGZBeAARAuLAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUQ+XWACiHlPiqBV1rvXn+/nzLbhIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzkyZTM1MzcyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOzkwDQYJKoZI
hvcNAQELBQADggEBALhbEr2gbirq8aZVpwvMHIdBFtVISNiFVs0PfD82/QYbI/nU
BrN917UZcULu6hVUwZOylYuB9muub/NLZjAw8vH8E9AOKplGQ1INcX394c2JBwYV
fQK4WN8EG2OrJzvGVagt4PWFM5NRiWqlTqznXlkj3oQLqZPGi0oHaBMrWWYyXImk
0WMiTm73C24XJUH7+xIesHK0ejqKBPqwJlL6XEPX+mtlUv3Fcj7MVbiUz6eb6PTS
Bb4xV45AevTQpJkt+jsPDb7/shIA9A6jXDBwY736i7lBCsNOFYz1BC7yFJxdOIxE
b7LduR9RUMJiJUjj89P/d6+dKYax89VuoF8WG/c=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:49 2023 by rpki-client on console-ams.rpki-client.org