Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e203439393831.roa
File:                     34352e3135382e35392e302f32342d3234203d3e203439393831.roa (raw, json)
Hash identifier:          uRUek7YS82twtkZs23cKCLZtVDR2zoi/ScD+QxgcNSw=
Subject key identifier:   2F:33:B9:49:03:D5:45:C1:29:67:03:79:0F:12:B9:0E:33:38:96:90
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       4A23A47590271A464ADF9892EC4D27C0CFF8FDA4
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e203439393831.roa
Signing time:             Fri 28 Apr 2023 18:16:48 +0000
ROA not before:           Fri 28 Apr 2023 18:11:48 +0000
ROA not after:            Fri 26 Apr 2024 18:16:48 +0000
asID:                     49981
IP address blocks:        45.158.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Mar 2024 00:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:23:a4:75:90:27:1a:46:4a:df:98:92:ec:4d:27:c0:cf:f8:fd:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Apr 28 18:11:48 2023 GMT
            Not After : Apr 26 18:16:48 2024 GMT
        Subject: CN=2F33B94903D545C1296703790F12B90E33389690
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:9d:2c:55:76:ba:de:5c:20:6c:d8:44:ae:1d:
                    72:3a:6c:c5:ec:c0:41:74:be:3e:46:8f:ec:39:f3:
                    93:7b:bd:80:3e:d7:46:e0:f8:f0:9d:53:07:cb:84:
                    42:ab:c6:0e:8e:89:71:8b:3c:76:01:4f:96:fa:0c:
                    9c:a1:7b:54:7a:3c:01:f7:ad:1d:84:5d:77:4a:e5:
                    4e:55:d6:45:f0:1a:21:90:09:bb:32:4e:df:23:d6:
                    fa:e0:bb:2c:b2:43:f5:18:17:7c:ae:0f:2f:65:30:
                    cf:88:41:ee:20:00:bd:47:aa:1a:ba:26:5a:d9:95:
                    b0:e0:77:e6:06:14:da:2e:85:e4:b4:41:5a:0a:4f:
                    70:10:0d:92:c6:10:4a:2d:f4:b4:ac:c8:44:b9:b7:
                    8c:5f:13:63:7c:4d:d1:7d:c5:72:9e:ce:6c:f6:00:
                    fe:f6:96:88:23:ea:68:5e:0c:bb:bd:bc:c0:8b:8c:
                    0d:eb:1c:df:6d:68:d1:99:9b:5c:fd:6f:3b:af:ac:
                    4f:cb:a7:57:54:56:b6:a1:b6:b5:b9:5f:84:1b:a8:
                    a2:ca:dd:22:09:a3:d7:2d:74:67:07:eb:7a:3e:3e:
                    15:d0:34:0a:42:e6:17:e7:df:9e:87:cc:e4:6b:f4:
                    f9:f2:39:0a:db:79:9e:f9:f4:c5:15:0e:51:17:73:
                    84:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:33:B9:49:03:D5:45:C1:29:67:03:79:0F:12:B9:0E:33:38:96:90
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e203439393831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.158.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:1a:3c:a3:77:24:3e:16:f5:ce:7a:e2:24:1f:76:dd:c1:f5:
         bd:da:b3:1c:96:48:38:37:6a:a9:6f:fa:ca:a7:69:85:8f:3e:
         34:7f:d8:ba:02:e6:b6:fa:15:aa:d5:50:a6:72:4a:a4:8a:a3:
         88:58:4a:22:f9:c4:f7:79:3c:0a:a7:9b:a2:2f:e9:aa:e2:05:
         d8:99:51:af:25:69:8f:74:90:d1:af:e3:c1:3f:30:bb:82:97:
         04:17:a8:2f:7b:92:d4:ca:76:11:70:ac:78:94:e6:ce:6b:54:
         12:92:c5:85:63:3a:e8:fc:cb:a3:e1:d0:cc:d5:4d:b3:c6:40:
         62:30:c5:e5:f3:cd:1c:f9:ff:f2:78:33:99:5a:6f:f6:b0:fd:
         30:48:8f:6d:20:3d:3d:30:10:64:9f:5b:55:ba:e5:6f:07:c4:
         95:3e:d5:21:11:5d:59:bf:0e:f3:7b:d8:7c:b6:d2:30:66:0c:
         4d:86:86:d4:46:2c:db:b0:bd:a3:f5:ef:8d:87:eb:38:64:12:
         b1:87:0d:85:31:1c:c5:21:6f:8f:d8:c0:22:3f:22:94:3b:69:
         5c:f4:a2:ed:37:b1:c8:f0:39:e8:16:ae:18:06:d3:61:26:b9:
         1a:50:7b:08:5e:44:43:f8:b6:76:3a:b0:3a:6e:aa:45:e0:6b:
         f3:d4:85:86
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUSiOkdZAnGkZK35iS7E0nwM/4/aQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA0MjgxODExNDhaFw0yNDA0MjYxODE2NDhaMDMxMTAvBgNV
BAMTKDJGMzNCOTQ5MDNENTQ1QzEyOTY3MDM3OTBGMTJCOTBFMzMzODk2OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKnSxVdrreXCBs2ESuHXI6bMXs
wEF0vj5Gj+w585N7vYA+10bg+PCdUwfLhEKrxg6OiXGLPHYBT5b6DJyhe1R6PAH3
rR2EXXdK5U5V1kXwGiGQCbsyTt8j1vrguyyyQ/UYF3yuDy9lMM+IQe4gAL1Hqhq6
JlrZlbDgd+YGFNouheS0QVoKT3AQDZLGEEot9LSsyES5t4xfE2N8TdF9xXKezmz2
AP72logj6mheDLu9vMCLjA3rHN9taNGZm1z9bzuvrE/Lp1dUVrahtrW5X4QbqKLK
3SIJo9ctdGcH63o+PhXQNApC5hfn356HzORr9PnyOQrbeZ759MUVDlEXc4RxAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQULzO5SQPVRcEpZwN5DxK5DjM4lpAwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzOTM5MzgzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2e
OzANBgkqhkiG9w0BAQsFAAOCAQEAdho8o3ckPhb1znriJB923cH1vdqzHJZIODdq
qW/6yqdphY8+NH/YugLmtvoVqtVQpnJKpIqjiFhKIvnE93k8Cqeboi/pquIF2JlR
ryVpj3SQ0a/jwT8wu4KXBBeoL3uS1Mp2EXCseJTmzmtUEpLFhWM66PzLo+HQzNVN
s8ZAYjDF5fPNHPn/8ngzmVpv9rD9MEiPbSA9PTAQZJ9bVbrlbwfElT7VIRFdWb8O
83vYfLbSMGYMTYaG1EYs27C9o/XvjYfrOGQSsYcNhTEcxSFvj9jAIj8ilDtpXPSi
7TexyPA56BauGAbTYSa5GlB7CF5EQ/i2djqwOm6qReBr89SFhg==
Generated at Fri Mar 15 01:09:58 2024 by rpki-client on console-ams.rpki-client.org