Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e203631333137.roa
File:                     3134312e39382e37322e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier:          34pAiug0MiBQaUi/CVKPZzIUdkwiMEkphnouASp+Q5Q=
Subject key identifier:   D9:09:94:0D:0E:6A:58:BB:27:FD:79:FC:E3:81:67:25:7A:E6:ED:FC
Certificate issuer:       /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial:       316E6FD53B6C64F600E00501A990773AE8781A14
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e203631333137.roa
Signing time:             Thu 04 Apr 2024 11:05:15 +0000
ROA not before:           Thu 04 Apr 2024 11:00:15 +0000
ROA not after:            Thu 03 Apr 2025 11:05:15 +0000
asID:                     61317
IP address blocks:        141.98.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 01 Sep 2024 00:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:6e:6f:d5:3b:6c:64:f6:00:e0:05:01:a9:90:77:3a:e8:78:1a:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
        Validity
            Not Before: Apr  4 11:00:15 2024 GMT
            Not After : Apr  3 11:05:15 2025 GMT
        Subject: CN=D909940D0E6A58BB27FD79FCE38167257AE6EDFC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:bd:86:38:4b:d6:d2:66:e3:b7:5b:eb:a6:96:
                    d4:2c:eb:24:bb:97:45:cf:97:a8:e2:4d:6c:16:e8:
                    f3:a9:df:2b:dd:40:9a:30:39:37:0a:87:79:da:66:
                    7d:09:d6:8c:7a:45:01:3d:1a:59:1f:50:69:98:69:
                    74:1c:be:c8:ed:73:b4:13:62:7e:73:48:6e:41:83:
                    e4:4c:b0:72:b7:43:c3:44:df:b6:4a:c2:ad:eb:2e:
                    72:ce:fd:af:08:e0:ec:fd:89:3e:4e:25:24:99:e0:
                    84:47:44:76:f2:85:fc:e3:24:57:1a:5f:43:40:0a:
                    e8:bf:8f:d0:ac:42:a0:ef:24:71:e1:a3:ad:45:9c:
                    30:ce:df:d3:47:01:46:a4:37:21:79:4f:bc:0d:3a:
                    57:d8:df:29:48:28:84:9b:8d:2f:37:3a:ad:9a:3f:
                    74:e7:ce:3a:01:b4:95:11:2b:b2:c2:c7:71:f7:0a:
                    55:73:ce:52:21:10:76:46:00:81:90:74:84:c9:d1:
                    64:74:32:a9:37:e4:11:76:62:07:26:81:6a:eb:72:
                    b9:2b:86:ca:ad:76:3e:d9:cb:b9:85:aa:74:e6:7c:
                    3e:8e:39:38:2b:69:7c:45:bd:22:f0:35:a5:ff:5b:
                    c2:5c:e9:79:64:1c:c3:cc:49:52:83:18:ff:ee:01:
                    a9:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:09:94:0D:0E:6A:58:BB:27:FD:79:FC:E3:81:67:25:7A:E6:ED:FC
            X509v3 Authority Key Identifier:
                keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e203631333137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.98.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:82:97:12:6e:f2:28:84:5f:af:de:b5:37:6e:5b:63:2b:6a:
         42:95:07:51:35:a7:21:ca:5a:12:85:f3:ac:39:bc:67:b5:fd:
         76:55:23:9d:05:72:3b:97:01:0c:28:62:80:dd:d4:ca:f6:58:
         91:32:af:92:f3:d0:6c:cc:79:7e:bb:00:57:e4:96:37:4a:fe:
         f3:e0:ba:90:8e:dd:53:c7:ee:50:38:79:fc:0b:c4:b8:48:32:
         d4:3b:1a:6c:a6:23:aa:80:50:f3:36:bf:aa:d8:6d:2c:7e:06:
         35:64:f2:57:6d:67:92:1d:2e:8a:df:0f:69:be:8b:0a:07:f1:
         54:06:07:3e:8f:7d:e9:f1:80:2c:f8:fb:23:90:35:99:08:2d:
         f4:9b:c4:93:61:2d:c8:01:5f:98:36:83:c6:f9:73:a8:ec:b8:
         10:73:7d:ba:95:a4:9e:da:d8:24:10:9f:8f:48:0e:b0:68:04:
         e6:a0:c9:7d:b1:14:a5:0e:62:41:04:02:53:f9:bc:b1:ea:e4:
         c5:34:d7:9e:09:b3:7f:4e:24:13:3c:fb:7a:3e:a5:60:82:74:
         c7:47:da:9e:e9:44:93:07:13:3d:59:fa:d8:14:14:e6:22:a5:
         f6:5f:5b:18:5b:ab:3e:69:b3:66:8c:e7:50:99:8d:bf:04:64:
         77:fe:34:82
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUMW5v1TtsZPYA4AUBqZB3Ouh4GhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA0MDQxMTAwMTVaFw0yNTA0MDMxMTA1MTVaMDMxMTAvBgNV
BAMTKEQ5MDk5NDBEMEU2QTU4QkIyN0ZENzlGQ0UzODE2NzI1N0FFNkVERkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTvYY4S9bSZuO3W+umltQs6yS7
l0XPl6jiTWwW6POp3yvdQJowOTcKh3naZn0J1ox6RQE9GlkfUGmYaXQcvsjtc7QT
Yn5zSG5Bg+RMsHK3Q8NE37ZKwq3rLnLO/a8I4Oz9iT5OJSSZ4IRHRHbyhfzjJFca
X0NACui/j9CsQqDvJHHho61FnDDO39NHAUakNyF5T7wNOlfY3ylIKISbjS83Oq2a
P3TnzjoBtJURK7LCx3H3ClVzzlIhEHZGAIGQdITJ0WR0Mqk35BF2YgcmgWrrcrkr
hsqtdj7Zy7mFqnTmfD6OOTgraXxFvSLwNaX/W8Jc6XlkHMPMSVKDGP/uAanvAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU2QmUDQ5qWLsn/Xn844FnJXrm7fwwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzEzNDMxMmUzOTM4MmUzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI1i
SDANBgkqhkiG9w0BAQsFAAOCAQEAuoKXEm7yKIRfr961N25bYytqQpUHUTWnIcpa
EoXzrDm8Z7X9dlUjnQVyO5cBDChigN3UyvZYkTKvkvPQbMx5frsAV+SWN0r+8+C6
kI7dU8fuUDh5/AvEuEgy1DsabKYjqoBQ8za/qthtLH4GNWTyV21nkh0uit8Pab6L
CgfxVAYHPo996fGALPj7I5A1mQgt9JvEk2EtyAFfmDaDxvlzqOy4EHN9upWkntrY
JBCfj0gOsGgE5qDJfbEUpQ5iQQQCU/m8serkxTTXngmzf04kEzz7ej6lYIJ0x0fa
nulEkwcTPVn62BQU5iKl9l9bGFurPmmzZoznUJmNvwRkd/40gg==
Generated at Sun Sep 1 03:31:15 2024 by rpki-client on console-ams.rpki-client.org