Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203235333639.roa
File:                     3231322e32332e3231392e302f32342d3234203d3e203235333639.roa (raw, json)
Hash identifier:          +o7cB9YFr3GLvBJy8zr7gVxMXInccf2K0UgIpbJappI=
Subject key identifier:   EC:35:C6:7F:BE:1C:3D:02:69:8B:22:60:79:5F:49:88:CB:C9:C5:5D
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       4115870040FD9F55E2A52401FA60DF08C76A689B
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203235333639.roa
Signing time:             Fri 15 Dec 2023 23:10:33 +0000
ROA not before:           Fri 15 Dec 2023 23:05:33 +0000
ROA not after:            Fri 13 Dec 2024 23:10:33 +0000
asID:                     25369
IP address blocks:        212.23.219.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 10 Sep 2024 00:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:15:87:00:40:fd:9f:55:e2:a5:24:01:fa:60:df:08:c7:6a:68:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Dec 15 23:05:33 2023 GMT
            Not After : Dec 13 23:10:33 2024 GMT
        Subject: CN=EC35C67FBE1C3D02698B2260795F4988CBC9C55D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0e:6a:1d:f3:aa:71:1f:c4:7c:f8:9a:fe:19:
                    a1:50:6b:9b:43:3e:a2:f4:fa:24:cd:2a:c0:0d:14:
                    47:3a:62:89:d8:d9:e0:24:00:79:62:bf:24:54:46:
                    26:6b:b0:c7:04:60:9c:14:cb:6f:dd:01:36:2a:15:
                    22:78:5c:3e:21:88:37:27:66:2d:50:92:40:65:70:
                    6d:a1:2b:e1:d7:3e:6f:40:57:74:86:87:47:10:c9:
                    9e:85:da:83:cb:8e:02:da:52:54:63:7d:44:2a:c4:
                    00:3d:9f:c6:b4:c5:d4:52:c8:25:1c:a4:41:08:92:
                    b1:4b:67:63:d4:24:c5:19:df:0d:11:e6:7e:67:b3:
                    b6:47:2b:24:df:d7:d3:c3:a7:01:3e:91:31:92:01:
                    05:09:b4:ef:51:87:56:c4:51:9f:63:0a:f4:12:3e:
                    29:cc:4a:47:36:2f:26:28:2a:ac:09:68:87:26:e2:
                    e5:05:df:65:d9:62:ba:1a:7b:07:7b:1e:28:a8:bc:
                    e7:81:f6:ee:aa:f0:d8:f0:7d:29:8c:eb:95:04:1e:
                    e5:56:38:da:2d:53:bf:84:09:28:cd:9b:1b:d8:92:
                    88:8d:33:25:db:ec:a5:f3:28:d8:0d:89:a4:66:95:
                    ec:ef:74:07:30:27:64:47:19:75:d0:87:16:79:95:
                    9b:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:35:C6:7F:BE:1C:3D:02:69:8B:22:60:79:5F:49:88:CB:C9:C5:5D
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3231322e32332e3231392e302f32342d3234203d3e203235333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.23.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:bc:52:65:e7:33:37:8e:18:e7:f8:0a:fd:4f:80:08:77:f0:
         e2:84:17:1c:d1:2a:33:a3:66:ab:f3:90:68:32:34:d1:ee:6d:
         71:d6:ca:f2:94:27:7e:0f:18:68:cf:38:5f:d8:b3:3a:fe:95:
         65:da:1d:c9:52:02:17:48:f3:94:52:1c:ba:dc:94:b7:5b:14:
         98:c8:fa:09:b7:a2:7d:f9:e7:65:4c:b7:11:ee:8f:a0:e8:ad:
         2a:4c:8c:fd:e8:03:71:17:3f:00:e1:dc:41:47:3a:d6:1c:4c:
         08:6a:58:54:a1:44:52:9c:d0:68:c8:bd:7f:12:33:7e:8b:ce:
         a5:26:49:d0:74:e7:8c:70:d5:6f:80:8f:b5:d6:86:f9:a3:5c:
         ea:09:d5:d8:69:89:6c:18:76:e6:ef:02:95:21:ca:58:95:ee:
         61:50:60:d3:ba:07:94:93:97:21:cc:91:fc:8e:8a:b5:35:e4:
         34:2f:03:e3:f2:5b:b1:f6:ee:e7:13:5f:11:14:9d:90:88:b4:
         34:0c:1c:be:fb:62:dc:e6:a7:aa:f3:0b:6d:b5:90:01:25:4e:
         ed:a0:dc:49:8f:e2:7b:7c:9a:f4:86:51:cb:b5:ee:18:56:1d:
         7f:78:30:ac:a7:a7:8c:1b:6b:69:4f:4c:17:4d:d9:40:df:b6:
         65:d0:bb:53
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQRWHAED9n1XipSQB+mDfCMdqaJswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMTUyMzA1MzNaFw0yNDEyMTMyMzEwMzNaMDMxMTAvBgNV
BAMTKEVDMzVDNjdGQkUxQzNEMDI2OThCMjI2MDc5NUY0OTg4Q0JDOUM1NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4Dmod86pxH8R8+Jr+GaFQa5tD
PqL0+iTNKsANFEc6YonY2eAkAHlivyRURiZrsMcEYJwUy2/dATYqFSJ4XD4hiDcn
Zi1QkkBlcG2hK+HXPm9AV3SGh0cQyZ6F2oPLjgLaUlRjfUQqxAA9n8a0xdRSyCUc
pEEIkrFLZ2PUJMUZ3w0R5n5ns7ZHKyTf19PDpwE+kTGSAQUJtO9Rh1bEUZ9jCvQS
PinMSkc2LyYoKqwJaIcm4uUF32XZYroaewd7HiiovOeB9u6q8NjwfSmM65UEHuVW
ONotU7+ECSjNmxvYkoiNMyXb7KXzKNgNiaRmlezvdAcwJ2RHGXXQhxZ5lZs9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7DXGf74cPQJpiyJgeV9JiMvJxV0wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIzMTMyMmUzMjMzMmUzMjMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM1MzMzNjM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1BfbMA0GCSqGSIb3DQEBCwUAA4IBAQCcvFJl5zM3jhjn+Ar9T4AId/DihBcc0Soz
o2ar85BoMjTR7m1x1srylCd+Dxhozzhf2LM6/pVl2h3JUgIXSPOUUhy63JS3WxSY
yPoJt6J9+edlTLcR7o+g6K0qTIz96ANxFz8A4dxBRzrWHEwIalhUoURSnNBoyL1/
EjN+i86lJknQdOeMcNVvgI+11ob5o1zqCdXYaYlsGHbm7wKVIcpYle5hUGDTugeU
k5chzJH8joq1NeQ0LwPj8lux9u7nE18RFJ2QiLQ0DBy++2Lc5qeq8wtttZABJU7t
oNxJj+J7fJr0hlHLte4YVh1/eDCsp6eMG2tpT0wXTdlA37Zl0LtT
Generated at Tue Sep 10 02:59:24 2024 by rpki-client on console-ams.rpki-client.org