Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e20383334.roa
File:                     34352e3133372e39382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          yKtmBRMuaXJZAKw/nfBFV6vQkya+37n7NiqKgapoOmU=
Subject key identifier:   99:F4:D6:AD:CD:D6:EB:82:2A:79:C3:2C:1E:D2:FA:15:F3:4B:0C:A4
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       3EDBFA76779DD4D822AF45E0DC5ACD5C096B4B9A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e20383334.roa
Signing time:             Mon 11 Dec 2023 00:00:08 +0000
ROA not before:           Sun 10 Dec 2023 23:55:08 +0000
ROA not after:            Mon 09 Dec 2024 00:00:08 +0000
asID:                     834
IP address blocks:        45.137.98.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Dec 2023 12:58:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:db:fa:76:77:9d:d4:d8:22:af:45:e0:dc:5a:cd:5c:09:6b:4b:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Dec 10 23:55:08 2023 GMT
            Not After : Dec  9 00:00:08 2024 GMT
        Subject: CN=99F4D6ADCDD6EB822A79C32C1ED2FA15F34B0CA4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:b4:df:00:03:a0:2b:ba:da:d6:4f:30:17:4d:
                    8c:fa:a4:60:35:2f:98:c7:62:b1:d5:04:d5:47:1f:
                    3b:1f:80:98:22:fa:a0:31:32:fd:f3:9d:ba:e4:33:
                    42:85:97:76:fd:3d:e9:dc:14:2b:9c:3d:7d:d8:0c:
                    28:c1:8c:9e:a1:5d:f6:71:28:7c:b6:d0:52:6b:51:
                    7a:34:d9:9a:9e:83:ad:34:ec:28:58:22:3a:b4:f3:
                    1f:35:7b:1e:b9:65:55:68:28:15:c1:db:f9:fe:2e:
                    3d:ca:6f:b7:63:88:94:71:46:f9:4c:a1:84:26:4b:
                    04:39:b5:b0:16:7a:fe:76:2c:2c:ba:76:bf:3d:7d:
                    da:f9:92:09:71:ad:b6:60:7d:fb:84:c9:31:ab:d8:
                    3b:ff:b4:a4:fe:f4:37:5f:11:c2:9f:0b:16:d1:41:
                    b6:08:cd:c3:3e:65:e3:1d:db:ee:c4:59:ff:b6:7d:
                    34:8e:60:b0:64:16:ff:67:6a:6e:cc:ba:34:31:8e:
                    3f:bd:be:f1:b7:6b:36:6a:25:9c:38:bb:d7:b9:ed:
                    1e:65:03:fe:c7:86:bf:91:09:9e:5b:31:4e:bc:2f:
                    89:43:e1:05:6c:43:e4:08:7b:73:84:54:30:90:4d:
                    38:8c:11:e4:b0:fc:aa:a1:46:df:e2:d9:7b:ae:cd:
                    14:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:F4:D6:AD:CD:D6:EB:82:2A:79:C3:2C:1E:D2:FA:15:F3:4B:0C:A4
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:80:bb:c1:48:bd:a0:25:be:63:92:28:93:ac:a3:81:9a:78:
         16:4d:28:67:47:6a:5b:96:6d:bd:ba:b3:17:a6:c7:f8:14:5f:
         0d:4d:9b:ca:4a:b3:40:30:41:fa:a2:60:df:0c:04:b5:65:e9:
         ed:eb:56:9e:2c:af:6e:c0:46:e3:91:87:02:13:f0:a4:90:46:
         d5:d1:d7:db:7f:7b:59:eb:0d:9a:1b:f9:52:ef:01:18:92:34:
         b8:fb:ad:f6:96:d1:44:dc:11:45:14:f9:f8:9c:cf:90:51:44:
         11:99:b8:12:ac:13:f6:a5:e9:1e:77:6b:a9:e1:05:c7:c1:c3:
         13:38:3a:de:43:df:cc:80:b7:37:fe:be:83:6e:c6:46:1c:9d:
         b1:0f:77:d9:8f:be:76:a1:74:1e:86:71:66:07:b8:d0:ba:38:
         5a:a4:a6:d6:66:05:7e:80:11:6a:36:48:0e:d6:5b:12:75:15:
         1a:15:f6:43:17:60:ae:c0:57:86:5d:96:c4:e5:46:cb:16:e2:
         34:a7:4d:27:90:34:3d:94:6c:a8:d2:74:ea:a2:2d:1f:c0:15:
         b3:7e:6d:3c:69:76:c4:e7:f6:66:c4:e9:0f:42:7d:eb:eb:a8:
         f9:ef:ea:d2:7e:10:13:a5:42:6b:e1:e8:61:35:23:3d:91:e7:
         1f:d8:37:e9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUPtv6dned1Ngir0Xg3FrNXAlrS5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMTAyMzU1MDhaFw0yNDEyMDkwMDAwMDhaMDMxMTAvBgNV
BAMTKDk5RjRENkFEQ0RENkVCODIyQTc5QzMyQzFFRDJGQTE1RjM0QjBDQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEtN8AA6ArutrWTzAXTYz6pGA1
L5jHYrHVBNVHHzsfgJgi+qAxMv3znbrkM0KFl3b9PencFCucPX3YDCjBjJ6hXfZx
KHy20FJrUXo02Zqeg6007ChYIjq08x81ex65ZVVoKBXB2/n+Lj3Kb7djiJRxRvlM
oYQmSwQ5tbAWev52LCy6dr89fdr5kglxrbZgffuEyTGr2Dv/tKT+9DdfEcKfCxbR
QbYIzcM+ZeMd2+7EWf+2fTSOYLBkFv9nam7MujQxjj+9vvG3azZqJZw4u9e57R5l
A/7Hhr+RCZ5bMU68L4lD4QVsQ+QIe3OEVDCQTTiMEeSw/KqhRt/i2XuuzRRnAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUmfTWrc3W64IqecMsHtL6FfNLDKQwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYliMA0G
CSqGSIb3DQEBCwUAA4IBAQAdgLvBSL2gJb5jkiiTrKOBmngWTShnR2pblm29urMX
psf4FF8NTZvKSrNAMEH6omDfDAS1Zent61aeLK9uwEbjkYcCE/CkkEbV0dfbf3tZ
6w2aG/lS7wEYkjS4+632ltFE3BFFFPn4nM+QUUQRmbgSrBP2peked2up4QXHwcMT
ODreQ9/MgLc3/r6DbsZGHJ2xD3fZj752oXQehnFmB7jQujhapKbWZgV+gBFqNkgO
1lsSdRUaFfZDF2CuwFeGXZbE5UbLFuI0p00nkDQ9lGyo0nTqoi0fwBWzfm08aXbE
5/ZmxOkPQn3r66j57+rSfhATpUJr4ehhNSM9kecf2Dfp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org