Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e2033323233.roa
File:                     34352e3133372e39392e302f32342d3234203d3e2033323233.roa (raw, json)
Hash identifier:          W7vqjq9jWISa35f27Cqt8cnClbgH8tmc5kWxWUip+Pg=
Subject key identifier:   CB:85:1B:D5:D7:ED:45:C6:39:D5:92:E3:EF:0A:58:5A:39:7E:F0:0C
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       1887355E3E679FE4185268E7E16C25F5C5D18583
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e2033323233.roa
Signing time:             Fri 15 Dec 2023 03:46:10 +0000
ROA not before:           Fri 15 Dec 2023 03:41:10 +0000
ROA not after:            Fri 13 Dec 2024 03:46:10 +0000
asID:                     3223
IP address blocks:        45.137.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Dec 2023 04:54:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:87:35:5e:3e:67:9f:e4:18:52:68:e7:e1:6c:25:f5:c5:d1:85:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Dec 15 03:41:10 2023 GMT
            Not After : Dec 13 03:46:10 2024 GMT
        Subject: CN=CB851BD5D7ED45C639D592E3EF0A585A397EF00C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:9c:e5:1d:d0:f9:1f:6f:03:a2:4b:8d:3f:16:
                    9d:69:dc:f8:3a:2c:15:8b:05:8a:2c:66:16:e5:3b:
                    ec:bc:48:49:9d:2b:e7:9e:ab:a9:79:d0:ef:69:cd:
                    a8:ec:f0:8e:3d:e5:8f:b8:7a:07:eb:88:17:ab:ea:
                    09:7d:e7:03:f9:37:05:40:b0:a3:f0:b4:91:07:b2:
                    07:72:17:96:ec:93:0a:6d:47:47:c4:32:bf:c0:0e:
                    ce:2b:ea:13:44:ba:db:56:0e:06:27:a0:a3:70:5c:
                    bc:f7:69:fd:d4:65:8f:eb:d9:29:d3:54:c4:ed:f6:
                    60:d9:e4:bc:fc:fa:67:57:ef:44:3c:f7:92:ac:c2:
                    2b:bf:aa:80:d5:f7:bc:1f:54:bf:1f:2a:33:03:9c:
                    9a:b2:b4:7b:d5:a7:55:6f:c6:5b:41:37:06:89:15:
                    f8:d3:4f:3e:4a:ac:78:ba:d6:65:81:ff:c5:74:cc:
                    bc:f8:39:c3:21:fb:10:0a:d2:31:fa:38:22:cb:fb:
                    ab:19:2c:cf:b2:74:25:9d:14:8d:0a:a9:c1:3b:a0:
                    cf:c2:24:a5:1d:56:c3:95:9f:76:f2:f8:3a:6c:ba:
                    9b:b6:f3:ac:34:45:75:32:8d:ee:47:8e:07:8d:af:
                    fe:51:5f:58:4a:a4:e9:76:08:86:8c:4f:3d:5c:ea:
                    22:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:85:1B:D5:D7:ED:45:C6:39:D5:92:E3:EF:0A:58:5A:39:7E:F0:0C
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e2033323233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.137.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:ab:bb:42:67:f7:2f:97:b7:3d:24:2f:d7:49:25:d7:01:98:
         cd:7c:3e:a4:78:85:89:6c:e2:ac:a1:c1:cf:33:16:e5:2f:bf:
         93:7f:46:59:7d:9f:30:e0:f1:3b:c0:d4:b4:14:5c:30:2c:09:
         69:42:16:7d:22:bb:5c:76:4a:fc:af:42:9a:95:7e:cd:0b:91:
         c8:af:67:ec:a6:1e:c1:60:0a:88:16:63:0e:11:1e:de:7e:99:
         2e:04:4c:95:81:7a:9f:15:6e:21:78:1a:c4:ba:b5:24:0e:b3:
         c6:36:d0:45:26:67:3a:45:79:8b:a1:a3:c8:6c:16:02:3e:49:
         c2:8c:20:08:a3:87:a6:83:e2:74:42:28:21:92:d4:a4:9b:30:
         fa:9a:a5:34:9e:f2:e4:db:df:ed:98:32:87:5f:50:e3:82:19:
         84:7a:cc:ce:97:99:9f:b8:db:92:42:6f:0c:6f:e6:3f:cb:68:
         d7:f3:96:4b:3b:c3:4f:54:b4:db:a8:b0:d6:d4:a2:73:fc:00:
         ba:13:93:4b:be:66:8c:fe:14:65:8b:9d:14:ec:31:10:5f:e7:
         75:85:e1:30:5f:89:15:a1:1a:2b:07:7c:5b:ff:b3:92:b6:96:
         ee:de:e2:0d:c3:d8:01:62:42:b3:b2:13:67:7a:b6:10:18:0b:
         d0:89:8e:15
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUGIc1Xj5nn+QYUmjn4Wwl9cXRhYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMTUwMzQxMTBaFw0yNDEyMTMwMzQ2MTBaMDMxMTAvBgNV
BAMTKENCODUxQkQ1RDdFRDQ1QzYzOUQ1OTJFM0VGMEE1ODVBMzk3RUYwMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcnOUd0PkfbwOiS40/Fp1p3Pg6
LBWLBYosZhblO+y8SEmdK+eeq6l50O9pzajs8I495Y+4egfriBer6gl95wP5NwVA
sKPwtJEHsgdyF5bskwptR0fEMr/ADs4r6hNEuttWDgYnoKNwXLz3af3UZY/r2SnT
VMTt9mDZ5Lz8+mdX70Q895Kswiu/qoDV97wfVL8fKjMDnJqytHvVp1VvxltBNwaJ
FfjTTz5KrHi61mWB/8V0zLz4OcMh+xAK0jH6OCLL+6sZLM+ydCWdFI0KqcE7oM/C
JKUdVsOVn3by+Dpsupu286w0RXUyje5HjgeNr/5RX1hKpOl2CIaMTz1c6iJfAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUy4Ub1dftRcY51ZLj7wpYWjl+8AwwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzMjMyMzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtiWMw
DQYJKoZIhvcNAQELBQADggEBAAmru0Jn9y+Xtz0kL9dJJdcBmM18PqR4hYls4qyh
wc8zFuUvv5N/Rll9nzDg8TvA1LQUXDAsCWlCFn0iu1x2SvyvQpqVfs0LkcivZ+ym
HsFgCogWYw4RHt5+mS4ETJWBep8VbiF4GsS6tSQOs8Y20EUmZzpFeYuho8hsFgI+
ScKMIAijh6aD4nRCKCGS1KSbMPqapTSe8uTb3+2YModfUOOCGYR6zM6XmZ+425JC
bwxv5j/LaNfzlks7w09UtNuosNbUonP8ALoTk0u+Zoz+FGWLnRTsMRBf53WF4TBf
iRWhGisHfFv/s5K2lu7e4g3D2AFiQrOyE2d6thAYC9CJjhU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org