Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/33362e3235352e39342e302f32332d3234203d3e20313532313739.roa
File:                     33362e3235352e39342e302f32332d3234203d3e20313532313739.roa (raw, json)
Hash identifier:          nSQx7hfpRMJOp0WjR+9U1NeL/fiypFjBQ1CFZ7kRQnA=
Subject key identifier:   A2:21:2F:06:B8:5F:68:EE:D0:44:9C:28:20:C7:EE:58:5B:2E:9B:31
Certificate issuer:       /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial:       4CA80499D1F071713A72508EE954D3C9E2C1FB8D
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/33362e3235352e39342e302f32332d3234203d3e20313532313739.roa
Signing time:             Sun 07 Jan 2024 04:35:34 +0000
ROA not before:           Sun 07 Jan 2024 04:30:34 +0000
ROA not after:            Sun 05 Jan 2025 04:35:34 +0000
asID:                     152179
IP address blocks:        36.255.94.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 Jan 2024 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:a8:04:99:d1:f0:71:71:3a:72:50:8e:e9:54:d3:c9:e2:c1:fb:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
        Validity
            Not Before: Jan  7 04:30:34 2024 GMT
            Not After : Jan  5 04:35:34 2025 GMT
        Subject: CN=A2212F06B85F68EED0449C2820C7EE585B2E9B31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:aa:f2:2d:45:e8:85:af:85:38:a2:37:97:6b:
                    6b:62:2f:8b:25:8b:67:51:b6:41:df:8d:6a:96:48:
                    0e:45:34:05:4e:25:d0:67:d2:b4:bc:c3:fd:d3:1a:
                    52:0d:6e:4e:ac:1a:17:22:9d:d2:f1:af:dc:68:e1:
                    dc:e7:a3:c5:11:8d:fa:6f:2b:dc:8f:a2:12:5d:4d:
                    8c:ac:06:fa:c7:b0:11:46:bf:85:01:d2:3a:31:be:
                    95:a4:84:6e:73:36:60:57:44:47:8b:75:c5:38:bb:
                    0b:9f:34:b0:c0:f0:86:f0:54:44:a9:de:4b:18:03:
                    dc:d1:88:e2:52:93:d3:98:30:b8:6f:67:dd:bb:c3:
                    1f:fb:69:55:f0:92:cb:b0:8d:a6:35:bd:6c:3a:df:
                    78:50:2f:42:05:31:39:82:0c:bf:ac:f1:47:90:31:
                    b9:77:6f:6e:5f:75:0b:11:d4:d4:6c:7d:2f:b0:e1:
                    2d:a0:43:f4:c5:9a:6a:94:81:fd:37:13:01:f4:96:
                    f7:42:71:be:13:37:44:63:a3:84:44:0e:43:5c:95:
                    f4:b1:18:73:ab:cc:2e:56:37:0c:fb:00:7e:e8:bb:
                    4c:0c:e8:6e:0f:b7:c0:a6:61:a1:3c:56:6d:ac:97:
                    ac:d0:80:79:ab:e0:6f:94:d4:73:c2:04:c6:4e:43:
                    a7:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:21:2F:06:B8:5F:68:EE:D0:44:9C:28:20:C7:EE:58:5B:2E:9B:31
            X509v3 Authority Key Identifier:
                keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/33362e3235352e39342e302f32332d3234203d3e20313532313739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.255.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         18:68:8e:3f:fe:3b:f4:6b:09:e3:f4:91:54:b7:fd:7f:3e:53:
         ef:99:04:e0:5e:5b:d9:dc:a2:84:85:98:f3:c7:01:cd:9d:5b:
         64:19:52:80:42:35:64:ed:43:a0:15:b2:27:ae:6f:83:3f:cc:
         b9:28:60:06:2a:a1:0a:29:4f:26:3d:b8:a2:22:66:fc:ad:4b:
         fc:29:91:1e:20:ee:65:a4:90:77:53:61:06:07:7d:67:09:68:
         ad:40:66:a7:f8:43:0d:ae:7e:e3:ae:2f:34:fa:54:d5:06:21:
         2d:b3:5c:a2:c6:1d:76:f2:fb:3c:ee:c5:59:50:06:45:75:77:
         6a:b2:24:64:f1:46:77:d8:e9:a8:a9:a9:1c:7e:d9:87:0e:30:
         3a:01:ee:14:aa:1e:66:5b:3c:fd:a9:7e:b3:99:4a:27:67:73:
         02:e8:8a:33:a0:f1:1d:08:c9:5a:57:4b:a1:2e:a4:56:7c:a6:
         1d:2b:e4:9a:59:81:1c:88:c2:48:3a:eb:d2:25:4c:9c:03:00:
         43:c5:f7:25:9b:3c:4d:b8:2f:d3:da:b4:2d:3d:c9:43:14:1f:
         1a:df:05:ed:b6:34:a7:1a:a7:9d:88:ee:c1:39:3b:9c:89:26:
         9f:8a:44:89:19:89:6f:b7:1e:ab:7a:cf:f3:d0:59:c0:6c:1f:
         68:ab:df:b9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTKgEmdHwcXE6clCO6VTTyeLB+40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDAxMDcwNDMwMzRaFw0yNTAxMDUwNDM1MzRaMDMxMTAvBgNV
BAMTKEEyMjEyRjA2Qjg1RjY4RUVEMDQ0OUMyODIwQzdFRTU4NUIyRTlCMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnqvItReiFr4U4ojeXa2tiL4sl
i2dRtkHfjWqWSA5FNAVOJdBn0rS8w/3TGlINbk6sGhcindLxr9xo4dzno8URjfpv
K9yPohJdTYysBvrHsBFGv4UB0joxvpWkhG5zNmBXREeLdcU4uwufNLDA8IbwVESp
3ksYA9zRiOJSk9OYMLhvZ927wx/7aVXwksuwjaY1vWw633hQL0IFMTmCDL+s8UeQ
Mbl3b25fdQsR1NRsfS+w4S2gQ/TFmmqUgf03EwH0lvdCcb4TN0Rjo4REDkNclfSx
GHOrzC5WNwz7AH7ou0wM6G4Pt8CmYaE8Vm2sl6zQgHmr4G+U1HPCBMZOQ6fnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUoiEvBrhfaO7QRJwoIMfuWFsumzEwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzMzNjJlMzIzNTM1MmUzOTM0
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzNTMyMzEzNzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
JP9eMA0GCSqGSIb3DQEBCwUAA4IBAQAYaI4//jv0awnj9JFUt/1/PlPvmQTgXlvZ
3KKEhZjzxwHNnVtkGVKAQjVk7UOgFbInrm+DP8y5KGAGKqEKKU8mPbiiImb8rUv8
KZEeIO5lpJB3U2EGB31nCWitQGan+EMNrn7jri80+lTVBiEts1yixh128vs87sVZ
UAZFdXdqsiRk8UZ32OmoqakcftmHDjA6Ae4Uqh5mWzz9qX6zmUonZ3MC6IozoPEd
CMlaV0uhLqRWfKYdK+SaWYEciMJIOuvSJUycAwBDxfclmzxNuC/T2rQtPclDFB8a
3wXttjSnGqediO7BOTuciSafikSJGYlvtx6res/z0FnAbB9oq9+5
-----END CERTIFICATE-----
Generated at Mon Jan 15 01:04:08 2024 by rpki-client on console-ams.rpki-client.org