Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e20323131373135.roa
File:                     34352e3133372e39382e302f32342d3234203d3e20323131373135.roa (raw, json)
Hash identifier:          mcvYgKj4B/vM+8+c96bXWf643/RnuLkGYsd0/WphBZw=
Subject key identifier:   96:B4:68:86:FA:08:63:55:23:B8:D2:C0:AA:AE:3A:8B:26:36:AF:2B
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       61E66B887A65C0DAAA2F86428F60C7F2268AFD8A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e20323131373135.roa
Signing time:             Tue 12 Dec 2023 12:58:51 +0000
ROA not before:           Tue 12 Dec 2023 12:53:51 +0000
ROA not after:            Tue 10 Dec 2024 12:58:51 +0000
asID:                     211715
IP address blocks:        45.137.98.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 09 Feb 2024 11:12:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:e6:6b:88:7a:65:c0:da:aa:2f:86:42:8f:60:c7:f2:26:8a:fd:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Dec 12 12:53:51 2023 GMT
            Not After : Dec 10 12:58:51 2024 GMT
        Subject: CN=96B46886FA08635523B8D2C0AAAE3A8B2636AF2B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:17:95:ee:7d:f1:9c:65:4e:66:e6:fd:4b:b0:
                    ee:4d:ca:73:0c:bb:c7:a6:ea:24:8d:1a:a1:8e:45:
                    9a:a4:9f:82:11:00:fc:51:3f:1a:1e:e9:b2:0e:05:
                    6e:d4:1a:bb:20:fe:c7:75:7c:7f:f6:19:a6:e5:57:
                    12:04:6e:76:5d:d8:9d:05:80:8d:e2:82:ea:11:01:
                    44:e9:8d:b9:8d:11:01:91:29:f3:ba:53:fb:f6:57:
                    30:d1:f9:ec:06:a8:b1:89:cf:ae:38:0d:9c:d2:b0:
                    87:bb:aa:b2:3c:cd:25:7a:e8:ae:18:08:ab:27:89:
                    5b:6e:7b:4e:37:84:73:9c:be:b5:2a:89:1a:07:88:
                    45:93:9f:55:4d:81:3d:57:f8:c1:9c:55:a8:1e:d5:
                    33:a1:d0:fd:15:18:44:0a:62:5d:78:de:c5:25:df:
                    e4:c3:78:b0:23:c7:b1:99:2f:99:d2:fe:19:4b:d9:
                    9a:41:6e:9e:e0:cf:7d:cd:54:85:43:f1:aa:f2:9e:
                    56:e5:a0:77:35:89:94:4d:13:aa:44:ab:9a:d1:be:
                    e0:6b:7c:9e:e1:12:35:b8:be:16:ec:e9:2c:74:0b:
                    5a:24:0d:02:9e:45:41:8f:aa:d1:fa:e2:cb:f2:62:
                    72:9d:b0:48:59:47:19:85:ba:72:82:d8:3e:ab:48:
                    f2:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:B4:68:86:FA:08:63:55:23:B8:D2:C0:AA:AE:3A:8B:26:36:AF:2B
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e20323131373135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:8d:21:fb:49:44:b7:c5:c0:25:d5:90:9d:b5:f0:ac:cb:09:
         34:0f:d9:aa:92:3c:c9:57:5d:36:76:bf:85:a4:e2:88:76:ec:
         9a:f9:7b:90:8a:3d:b6:df:89:69:01:9b:1c:ef:d9:cd:da:e5:
         ce:cd:9b:a5:82:99:25:bb:af:88:e8:d8:49:97:2a:98:c0:ca:
         0c:61:7b:48:0d:a5:10:e6:48:e6:6c:2d:5e:d1:74:f9:4e:22:
         3d:e6:03:ba:02:f5:84:12:de:ad:81:4e:f3:d0:26:e6:aa:f4:
         ac:74:c7:08:9a:d0:1f:cf:5f:d5:ff:b3:dd:09:1b:dd:59:f0:
         95:04:7e:b2:e3:bc:26:f7:92:0c:3b:82:c5:00:00:aa:e1:e8:
         af:83:1c:8f:7d:57:c2:a5:19:8e:b7:68:b6:82:b9:69:02:07:
         c6:ba:9e:77:10:2f:27:f2:25:39:45:40:dc:fe:27:e5:ef:4b:
         37:56:76:6c:7c:e5:14:81:e8:80:24:79:fd:28:14:ee:b7:38:
         5b:db:d7:c7:6c:40:0e:b4:89:63:14:4d:f6:b7:9f:b8:79:b8:
         89:05:14:61:12:8d:ac:75:98:f4:96:54:70:93:a3:60:3e:25:
         3d:b7:71:9b:cf:3f:54:6a:a4:13:35:0d:89:9b:d9:49:03:e7:
         7a:75:18:51
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYeZriHplwNqqL4ZCj2DH8iaK/YowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMTIxMjUzNTFaFw0yNDEyMTAxMjU4NTFaMDMxMTAvBgNV
BAMTKDk2QjQ2ODg2RkEwODYzNTUyM0I4RDJDMEFBQUUzQThCMjYzNkFGMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcF5XuffGcZU5m5v1LsO5NynMM
u8em6iSNGqGORZqkn4IRAPxRPxoe6bIOBW7UGrsg/sd1fH/2GablVxIEbnZd2J0F
gI3iguoRAUTpjbmNEQGRKfO6U/v2VzDR+ewGqLGJz644DZzSsIe7qrI8zSV66K4Y
CKsniVtue043hHOcvrUqiRoHiEWTn1VNgT1X+MGcVage1TOh0P0VGEQKYl143sUl
3+TDeLAjx7GZL5nS/hlL2ZpBbp7gz33NVIVD8arynlbloHc1iZRNE6pEq5rRvuBr
fJ7hEjW4vhbs6Sx0C1okDQKeRUGPqtH64svyYnKdsEhZRxmFunKC2D6rSPL3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUlrRohvoIY1UjuNLAqq46iyY2ryswHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzczMTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYliMA0GCSqGSIb3DQEBCwUAA4IBAQChjSH7SUS3xcAl1ZCdtfCsywk0D9mqkjzJ
V102dr+FpOKIduya+XuQij2234lpAZsc79nN2uXOzZulgpklu6+I6NhJlyqYwMoM
YXtIDaUQ5kjmbC1e0XT5TiI95gO6AvWEEt6tgU7z0CbmqvSsdMcImtAfz1/V/7Pd
CRvdWfCVBH6y47wm95IMO4LFAACq4eivgxyPfVfCpRmOt2i2grlpAgfGup53EC8n
8iU5RUDc/ifl70s3VnZsfOUUgeiAJHn9KBTutzhb29fHbEAOtIljFE32t5+4ebiJ
BRRhEo2sdZj0llRwk6NgPiU9t3Gbzz9UaqQTNQ2Jm9lJA+d6dRhR
Generated at Fri Feb 9 15:20:22 2024 by rpki-client on console-ams.rpki-client.org