Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e203232373831.roa
File:                     34352e39312e3133382e302f32342d3234203d3e203232373831.roa (raw, json)
Hash identifier:          P/UuSdAcTO1o+77N2b7zB+Fe2ONROk7ss4dzqIA0YF0=
Subject key identifier:   EE:99:F8:52:6E:A1:E6:6B:2C:68:CF:18:E4:47:70:19:89:4D:7A:CD
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       4CDEBB1B8E16762DA5A5EA99295A65424D570E7A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e203232373831.roa
Signing time:             Wed 27 Dec 2023 23:37:52 +0000
ROA not before:           Wed 27 Dec 2023 23:32:52 +0000
ROA not after:            Wed 25 Dec 2024 23:37:52 +0000
asID:                     22781
IP address blocks:        45.91.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 27 Aug 2024 00:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:de:bb:1b:8e:16:76:2d:a5:a5:ea:99:29:5a:65:42:4d:57:0e:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Dec 27 23:32:52 2023 GMT
            Not After : Dec 25 23:37:52 2024 GMT
        Subject: CN=EE99F8526EA1E66B2C68CF18E4477019894D7ACD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:21:22:ee:37:6c:1b:88:04:5c:33:97:e8:68:
                    6c:55:66:8b:77:96:08:fb:14:bb:23:96:32:a4:54:
                    92:da:a0:92:bb:2e:43:9c:60:70:f9:98:66:bd:8c:
                    53:69:54:a0:43:83:e6:2d:a8:87:bd:c8:a4:30:3c:
                    8e:e4:8d:61:dc:e6:51:ff:2e:29:4b:4b:db:c6:3f:
                    ac:ee:93:7f:57:b2:67:23:e6:9a:9f:72:c2:c3:0c:
                    14:85:28:56:59:9b:b2:ac:a0:16:b6:7b:35:d3:db:
                    cd:21:ce:02:7c:a4:37:9e:6a:7e:8e:b7:60:70:db:
                    5b:23:5b:cf:d7:51:31:09:0a:f3:31:0c:2c:05:85:
                    01:33:c6:24:76:35:d7:55:8b:93:f9:70:d3:f5:8c:
                    a0:ec:4a:4c:3c:09:db:6e:89:06:88:f7:66:63:c4:
                    76:d1:6c:68:46:f2:58:ca:27:ab:bb:97:c6:1b:46:
                    5c:c8:62:61:44:29:c4:84:31:1b:09:62:91:38:84:
                    fa:67:14:0d:e9:cd:a4:de:5a:37:f9:82:72:89:b7:
                    01:af:26:04:d2:d8:bd:6c:45:6e:dc:17:f0:49:e4:
                    9c:03:7a:8b:c8:43:16:36:12:c0:f3:38:b5:46:24:
                    08:5e:a4:da:0c:0a:81:c1:a4:ff:4d:29:a9:49:ad:
                    58:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:99:F8:52:6E:A1:E6:6B:2C:68:CF:18:E4:47:70:19:89:4D:7A:CD
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e203232373831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:29:d3:ca:7d:09:5d:92:e1:24:a5:0a:7f:66:7a:7c:e7:78:
         c9:43:cd:77:61:61:42:db:45:99:bd:ab:96:c0:b1:48:da:91:
         e2:88:68:c9:7c:a2:70:7b:d4:cb:6f:cd:01:f8:b8:9e:67:24:
         90:a7:3b:27:64:d2:5e:9d:cf:c7:74:65:ff:2b:0e:03:ff:b1:
         a3:8a:f3:44:26:4e:30:d0:0c:99:c9:d8:ce:b5:e5:20:1c:b9:
         b3:d0:e9:e1:0b:6f:8e:43:13:36:7f:54:8d:4b:9c:d8:b6:25:
         a5:24:ee:d4:74:4c:87:87:f5:db:11:b5:8a:a0:1e:1a:59:9b:
         0e:c3:94:e2:70:c3:26:a9:0f:de:e0:67:da:1c:6d:4d:8b:83:
         3c:bc:54:6b:93:13:9c:6e:20:00:23:e0:eb:1a:c0:25:f5:06:
         80:68:70:be:af:15:17:9d:a5:21:ff:93:ef:ba:8c:57:41:b9:
         ca:1e:01:9b:62:e4:1a:e7:4a:78:ed:80:17:1b:b9:66:8b:cb:
         d6:77:c3:a5:21:e4:4f:9d:98:9b:6e:1e:26:5e:31:63:d0:19:
         a6:f2:48:81:04:56:97:b1:8f:02:cd:06:a9:32:a4:98:81:65:
         15:c2:6b:f6:f4:79:07:e7:4b:36:4d:06:4c:48:17:c8:f5:fa:
         5d:cd:8e:6e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUTN67G44Wdi2lpeqZKVplQk1XDnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMjcyMzMyNTJaFw0yNDEyMjUyMzM3NTJaMDMxMTAvBgNV
BAMTKEVFOTlGODUyNkVBMUU2NkIyQzY4Q0YxOEU0NDc3MDE5ODk0RDdBQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAISLuN2wbiARcM5foaGxVZot3
lgj7FLsjljKkVJLaoJK7LkOcYHD5mGa9jFNpVKBDg+YtqIe9yKQwPI7kjWHc5lH/
LilLS9vGP6zuk39Xsmcj5pqfcsLDDBSFKFZZm7KsoBa2ezXT280hzgJ8pDeean6O
t2Bw21sjW8/XUTEJCvMxDCwFhQEzxiR2NddVi5P5cNP1jKDsSkw8CdtuiQaI92Zj
xHbRbGhG8ljKJ6u7l8YbRlzIYmFEKcSEMRsJYpE4hPpnFA3pzaTeWjf5gnKJtwGv
JgTS2L1sRW7cF/BJ5JwDeovIQxY2EsDzOLVGJAhepNoMCoHBpP9NKalJrViPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU7pn4Um6h5mssaM8Y5EdwGYlNes0wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMjM3MzgzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1b
ijANBgkqhkiG9w0BAQsFAAOCAQEAdCnTyn0JXZLhJKUKf2Z6fOd4yUPNd2FhQttF
mb2rlsCxSNqR4ohoyXyicHvUy2/NAfi4nmckkKc7J2TSXp3Px3Rl/ysOA/+xo4rz
RCZOMNAMmcnYzrXlIBy5s9Dp4QtvjkMTNn9UjUuc2LYlpSTu1HRMh4f12xG1iqAe
GlmbDsOU4nDDJqkP3uBn2hxtTYuDPLxUa5MTnG4gACPg6xrAJfUGgGhwvq8VF52l
If+T77qMV0G5yh4Bm2LkGudKeO2AFxu5ZovL1nfDpSHkT52Ym24eJl4xY9AZpvJI
gQRWl7GPAs0GqTKkmIFlFcJr9vR5B+dLNk0GTEgXyPX6Xc2Obg==
Generated at Tue Aug 27 02:30:36 2024 by rpki-client on console-fra.rpki-client.org