Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137322e302f32342d3234203d3e20383334.roa
File:                     34352e382e3137322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          pwrHAo2v3czRLkByPp9kFBR1mAlumiIqfR6pSDszYKw=
Subject key identifier:   DB:65:2E:5D:F9:D4:EA:9A:58:3B:47:F1:DA:84:12:64:F1:18:A2:C7
Certificate issuer:       /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial:       462F84CC2DE1124AC56409F88929BE5A1F75B0A1
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137322e302f32342d3234203d3e20383334.roa
Signing time:             Sun 08 Sep 2024 00:00:23 +0000
ROA not before:           Sat 07 Sep 2024 23:55:23 +0000
ROA not after:            Sun 07 Sep 2025 00:00:23 +0000
asID:                     834
IP address blocks:        45.8.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 13 Sep 2024 23:41:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:2f:84:cc:2d:e1:12:4a:c5:64:09:f8:89:29:be:5a:1f:75:b0:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
        Validity
            Not Before: Sep  7 23:55:23 2024 GMT
            Not After : Sep  7 00:00:23 2025 GMT
        Subject: CN=DB652E5DF9D4EA9A583B47F1DA841264F118A2C7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:11:d2:4b:63:2a:e4:58:12:8b:5b:8a:3d:38:
                    c5:36:03:59:46:0d:80:61:05:31:96:fe:7c:0a:30:
                    1f:c6:a6:3e:53:de:fd:79:42:f6:15:8a:91:c7:11:
                    3c:f3:d7:3c:df:fc:aa:2d:b6:4b:5a:6c:05:b7:00:
                    98:8b:9b:3c:d7:22:5f:d5:ca:6f:70:1a:1a:c0:42:
                    61:0a:89:8e:e8:2e:d2:d6:91:b5:50:be:f8:f4:6e:
                    f7:9e:81:ed:4b:ad:94:07:11:32:84:13:44:53:be:
                    1f:71:d0:a4:99:fc:c1:f3:f0:a3:f8:fd:29:66:c1:
                    48:68:22:5b:8d:fa:fc:79:a3:71:78:10:e8:24:3d:
                    e9:11:35:d4:7d:39:01:75:0a:83:7c:d3:12:c0:ba:
                    18:76:71:c5:0b:61:f7:1c:8d:31:f6:01:0b:ba:f5:
                    51:a2:fa:fe:2f:48:37:bb:4b:ff:23:24:fd:07:e8:
                    81:0b:0b:30:0b:a6:5a:ab:30:82:17:65:d4:7d:8d:
                    38:e3:8a:6f:fb:9d:f2:53:d4:10:2c:db:d1:fc:59:
                    a0:77:20:88:e1:ac:15:92:ea:b6:5d:45:aa:35:a5:
                    c2:2e:a2:8f:91:46:1a:0a:21:89:7f:2d:a3:4a:ec:
                    cd:b6:49:94:29:b7:9c:7c:91:94:d6:1c:c7:22:2c:
                    43:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:65:2E:5D:F9:D4:EA:9A:58:3B:47:F1:DA:84:12:64:F1:18:A2:C7
            X509v3 Authority Key Identifier:
                keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137322e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:e8:22:42:ad:62:73:ec:a0:00:7c:c8:8a:ef:dc:90:6b:b7:
         b0:2d:ad:62:d0:c1:fb:42:bc:01:28:2d:d5:73:52:7e:0b:0b:
         25:2b:ce:df:77:0c:30:a0:4e:6f:65:14:68:90:a5:4d:98:e9:
         b0:ad:16:f6:01:ea:bc:ac:b1:23:ff:ca:17:ae:10:56:a8:a7:
         78:7a:15:33:40:04:f2:5e:06:36:d3:12:ed:1a:22:94:0c:56:
         9e:3e:0e:ec:85:c8:78:d3:56:8f:9c:1e:7f:1a:09:76:ba:9a:
         0b:e4:51:7a:37:7d:f3:2a:d6:e6:82:58:89:d9:43:f3:00:66:
         41:4d:b8:d4:06:03:1f:88:a6:d0:fe:fd:54:10:96:db:40:b6:
         ef:1d:20:ec:1c:a4:e1:81:0a:82:cc:eb:49:b6:34:d0:53:3a:
         a8:a7:68:f3:d4:af:d4:82:dc:0e:f1:8b:25:b6:1e:8b:39:4b:
         ac:ef:5b:ad:48:a6:b0:20:34:85:b8:78:56:86:9a:40:0d:cf:
         4c:1b:e4:e3:62:4b:3b:3d:0e:8a:b2:7d:ec:a6:b3:dd:a0:f6:
         b7:c7:21:24:9b:99:89:8d:a7:0c:18:30:14:1b:2f:4a:d2:05:
         a6:5e:e6:4b:b8:d3:fa:cb:8e:3e:fd:38:24:f5:c3:be:82:3d:
         2f:7b:e2:2f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIURi+EzC3hEkrFZAn4iSm+Wh91sKEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDA5MDcyMzU1MjNaFw0yNTA5MDcwMDAwMjNaMDMxMTAvBgNV
BAMTKERCNjUyRTVERjlENEVBOUE1ODNCNDdGMURBODQxMjY0RjExOEEyQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsEdJLYyrkWBKLW4o9OMU2A1lG
DYBhBTGW/nwKMB/Gpj5T3v15QvYVipHHETzz1zzf/KottktabAW3AJiLmzzXIl/V
ym9wGhrAQmEKiY7oLtLWkbVQvvj0bveege1LrZQHETKEE0RTvh9x0KSZ/MHz8KP4
/SlmwUhoIluN+vx5o3F4EOgkPekRNdR9OQF1CoN80xLAuhh2ccULYfccjTH2AQu6
9VGi+v4vSDe7S/8jJP0H6IELCzALplqrMIIXZdR9jTjjim/7nfJT1BAs29H8WaB3
IIjhrBWS6rZdRao1pcIuoo+RRhoKIYl/LaNK7M22SZQpt5x8kZTWHMciLEO3AgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU22UuXfnU6ppYO0fx2oQSZPEYoscwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzgyZTMxMzczMjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0IrDANBgkq
hkiG9w0BAQsFAAOCAQEAk+giQq1ic+ygAHzIiu/ckGu3sC2tYtDB+0K8ASgt1XNS
fgsLJSvO33cMMKBOb2UUaJClTZjpsK0W9gHqvKyxI//KF64QVqineHoVM0AE8l4G
NtMS7RoilAxWnj4O7IXIeNNWj5wefxoJdrqaC+RRejd98yrW5oJYidlD8wBmQU24
1AYDH4im0P79VBCW20C27x0g7Byk4YEKgszrSbY00FM6qKdo89Sv1ILcDvGLJbYe
izlLrO9brUimsCA0hbh4VoaaQA3PTBvk42JLOz0OirJ97Kaz3aD2t8chJJuZiY2n
DBgwFBsvStIFpl7mS7jT+suOPv04JPXDvoI9L3viLw==
Generated at Sat Sep 14 01:17:17 2024 by rpki-client on console-fra.rpki-client.org