Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e20323034313135.roa
File:                     34352e3134362e3130362e302f32342d3234203d3e20323034313135.roa (raw, json)
Hash identifier:          4AqBE13JMqEa0bkQhzdgGW00WgS9NfoPlamgxlTIres=
Subject key identifier:   44:42:38:9D:03:58:A7:DB:07:16:59:EA:42:3B:C9:B7:26:75:9D:15
Certificate issuer:       /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial:       40A051722BEBA3EAB77DE8AEDADCC5D01936ADE4
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e20323034313135.roa
Signing time:             Fri 10 May 2024 11:57:43 +0000
ROA not before:           Fri 10 May 2024 11:52:43 +0000
ROA not after:            Fri 09 May 2025 11:57:43 +0000
asID:                     204115
IP address blocks:        45.146.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 10 Jun 2024 09:25:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:a0:51:72:2b:eb:a3:ea:b7:7d:e8:ae:da:dc:c5:d0:19:36:ad:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
        Validity
            Not Before: May 10 11:52:43 2024 GMT
            Not After : May  9 11:57:43 2025 GMT
        Subject: CN=4442389D0358A7DB071659EA423BC9B726759D15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:93:47:30:69:ee:9e:1d:4c:08:45:8f:3b:7b:
                    7b:3d:c0:0e:5e:4f:14:ee:88:1e:03:6a:d9:6c:ac:
                    32:bd:a6:06:ba:13:11:e3:f3:6a:d5:77:0d:17:04:
                    f2:dd:50:1d:ce:41:4b:ce:b4:ba:b5:c0:e9:0f:99:
                    2d:81:b7:8b:42:f1:10:f5:7d:ae:cc:63:68:6d:c9:
                    e4:31:be:e3:ea:74:e2:5d:3b:0d:e7:57:79:15:82:
                    d0:b7:f0:9e:05:e5:c8:f3:d2:0a:d5:73:3a:21:1c:
                    fc:51:23:4c:1f:cd:24:a7:29:ff:61:21:15:b6:d3:
                    75:8c:66:de:bf:38:bd:3c:4c:2c:54:57:ae:88:a2:
                    8f:ac:a4:ef:e6:9a:80:21:da:d7:bf:a3:8e:32:1f:
                    58:da:53:ac:84:47:e5:c6:db:54:0b:13:dc:0d:99:
                    9f:5a:27:83:b0:e8:a8:a9:de:b5:6a:8e:a6:d8:fc:
                    fe:5d:8f:f4:ff:13:a5:80:2a:44:97:21:45:6b:78:
                    1b:cc:b1:e1:dc:2a:6e:05:40:d4:eb:cf:45:b7:82:
                    e1:d9:a0:c2:34:a9:c7:9e:9d:5d:e6:27:2c:33:79:
                    ef:60:64:8a:35:2f:71:be:71:58:52:c4:05:fc:3f:
                    67:1e:bb:88:f0:3b:20:c1:e8:f3:57:28:c0:ec:e9:
                    f9:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:42:38:9D:03:58:A7:DB:07:16:59:EA:42:3B:C9:B7:26:75:9D:15
            X509v3 Authority Key Identifier:
                keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130362e302f32342d3234203d3e20323034313135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.146.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:d9:b9:aa:7f:86:65:76:56:2b:49:52:b2:fb:75:74:42:f1:
         15:97:f7:92:68:8e:98:fe:fa:29:ce:1f:cd:4f:d1:53:63:6a:
         93:55:9a:99:1f:eb:9b:54:5e:64:2b:8d:e7:1c:3e:66:73:52:
         83:46:3c:7d:72:84:6f:f4:b3:c1:61:9c:85:fd:8d:1a:4f:b4:
         49:53:0a:df:a3:e3:36:f5:a4:c4:f9:7a:5e:e3:f2:56:9e:7f:
         68:73:85:d8:d3:02:67:48:e5:a0:9a:b5:aa:a4:b9:6f:89:11:
         52:05:61:05:a4:1f:6d:83:f4:df:d1:91:ae:85:10:79:02:45:
         b9:3e:d1:3c:7f:ab:00:aa:77:da:8d:c3:73:68:a2:da:87:f6:
         72:0e:34:67:c2:be:c4:83:82:11:63:73:f1:03:2e:17:37:c3:
         89:af:8c:1f:a8:24:fe:c7:06:23:3c:28:19:f5:a6:d7:41:91:
         ce:56:92:4d:3b:08:e9:9f:f1:34:c8:76:62:77:10:cd:b8:32:
         95:ed:9e:f0:92:3a:22:28:28:90:f2:de:50:d3:99:14:22:62:
         c7:e7:d3:57:b8:21:ee:07:e9:93:c8:cb:a3:ad:87:45:cb:26:
         16:62:95:57:a6:6f:06:67:37:9d:89:53:32:1c:60:a2:2c:c3:
         25:e2:47:93
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQKBRcivro+q3feiu2tzF0Bk2reQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDA1MTAxMTUyNDNaFw0yNTA1MDkxMTU3NDNaMDMxMTAvBgNV
BAMTKDQ0NDIzODlEMDM1OEE3REIwNzE2NTlFQTQyM0JDOUI3MjY3NTlEMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0k0cwae6eHUwIRY87e3s9wA5e
TxTuiB4DatlsrDK9pga6ExHj82rVdw0XBPLdUB3OQUvOtLq1wOkPmS2Bt4tC8RD1
fa7MY2htyeQxvuPqdOJdOw3nV3kVgtC38J4F5cjz0grVczohHPxRI0wfzSSnKf9h
IRW203WMZt6/OL08TCxUV66Ioo+spO/mmoAh2te/o44yH1jaU6yER+XG21QLE9wN
mZ9aJ4Ow6Kip3rVqjqbY/P5dj/T/E6WAKkSXIUVreBvMseHcKm4FQNTrz0W3guHZ
oMI0qceenV3mJywzee9gZIo1L3G+cVhSxAX8P2ceu4jwOyDB6PNXKMDs6fn7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUREI4nQNYp9sHFlnqQjvJtyZ1nRUwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTMxMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkmowDQYJKoZIhvcNAQELBQADggEBAKfZuap/hmV2VitJUrL7dXRC8RWX95Jo
jpj++inOH81P0VNjapNVmpkf65tUXmQrjeccPmZzUoNGPH1yhG/0s8FhnIX9jRpP
tElTCt+j4zb1pMT5el7j8laef2hzhdjTAmdI5aCataqkuW+JEVIFYQWkH22D9N/R
ka6FEHkCRbk+0Tx/qwCqd9qNw3NootqH9nIONGfCvsSDghFjc/EDLhc3w4mvjB+o
JP7HBiM8KBn1ptdBkc5Wkk07COmf8TTIdmJ3EM24MpXtnvCSOiIoKJDy3lDTmRQi
Ysfn01e4Ie4H6ZPIy6Oth0XLJhZilVembwZnN52JUzIcYKIswyXiR5M=
-----END CERTIFICATE-----
Generated at Mon Jun 10 15:24:35 2024 by rpki-client on console-ams.rpki-client.org