Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32382e302f32342d3234203d3e203630313137.roa
File:                     38322e3131382e32382e302f32342d3234203d3e203630313137.roa (raw, json)
Hash identifier:          n0lLrd8aJFWOH0YPyceeU+Wv/shngRduvDg3ickekV4=
Subject key identifier:   70:47:DB:12:4B:1E:E1:BF:A2:2D:A2:3A:1F:FA:EB:DA:7A:D7:4B:53
Certificate issuer:       /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial:       34570736CCB7F22D6856D1AA9D3344F04421975C
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32382e302f32342d3234203d3e203630313137.roa
Signing time:             Fri 08 Mar 2024 18:23:52 +0000
ROA not before:           Fri 08 Mar 2024 18:18:52 +0000
ROA not after:            Fri 07 Mar 2025 18:23:52 +0000
asID:                     60117
IP address blocks:        82.118.28.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 12 Apr 2024 15:56:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:57:07:36:cc:b7:f2:2d:68:56:d1:aa:9d:33:44:f0:44:21:97:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
        Validity
            Not Before: Mar  8 18:18:52 2024 GMT
            Not After : Mar  7 18:23:52 2025 GMT
        Subject: CN=7047DB124B1EE1BFA22DA23A1FFAEBDA7AD74B53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:bc:8d:a8:49:9b:34:00:7c:2e:34:9e:6f:eb:
                    80:82:8a:52:1c:66:f0:19:c4:a9:9c:91:96:7d:84:
                    a9:85:90:05:88:fc:c2:e1:ec:d0:80:29:a9:f1:6f:
                    38:00:2b:c6:b3:d5:0f:17:66:fe:b9:39:eb:e4:fb:
                    03:1a:26:ba:86:2a:39:41:28:80:c5:b3:f1:dc:61:
                    ad:79:50:ad:2d:ec:7c:3c:6e:94:25:b7:61:e5:09:
                    16:9c:10:fa:2e:60:6d:4c:ac:10:48:a8:7b:62:ec:
                    11:97:24:6d:1d:33:e1:26:0f:fe:7a:6a:8a:e6:76:
                    e1:ff:fa:35:60:02:fa:d9:77:6e:bc:26:fc:c0:e3:
                    3f:5b:97:fb:ab:3a:47:36:0a:6c:69:ae:52:4e:41:
                    26:87:37:4f:77:e8:2a:7c:03:af:fc:dc:09:30:cb:
                    98:42:b5:12:06:1c:6f:de:d5:6c:ef:24:27:34:e9:
                    09:7c:20:7d:0c:03:a7:6e:35:3a:60:95:05:8a:f3:
                    e0:f6:04:cb:35:8c:01:8a:69:1b:6b:4c:76:7f:d8:
                    c6:b5:cf:dc:c1:cf:6b:d5:65:1a:ed:c8:ff:e3:ff:
                    c7:f4:54:9f:1f:32:a3:10:74:6f:6a:49:98:76:e3:
                    35:b9:e1:50:ef:43:39:eb:fc:d5:78:77:31:45:0a:
                    c3:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:47:DB:12:4B:1E:E1:BF:A2:2D:A2:3A:1F:FA:EB:DA:7A:D7:4B:53
            X509v3 Authority Key Identifier:
                keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32382e302f32342d3234203d3e203630313137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.118.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:4c:a4:97:f9:c4:f3:0b:cb:52:ba:c6:94:8b:b9:4e:b5:01:
         98:9f:20:8a:95:5b:b0:e5:b1:50:54:42:07:77:a4:6c:3a:e2:
         56:f8:4f:ab:96:0a:98:80:44:c6:2a:1a:f6:47:4d:c1:77:dd:
         a7:e8:48:8a:f3:33:20:a7:11:b0:ff:08:77:cf:93:af:f5:46:
         6c:88:5e:b4:89:e4:39:89:f9:ea:5d:96:df:d9:6f:19:8c:bb:
         e5:b0:e7:7c:6b:9b:cf:74:eb:a6:64:50:ff:70:42:60:f2:75:
         48:df:e6:d0:20:7e:08:66:7f:d2:90:1d:7e:a9:2b:e8:3b:dd:
         2d:aa:99:2b:27:f8:b2:37:21:29:23:d8:cc:11:16:5f:c1:b6:
         e2:29:27:86:a9:ea:13:d7:1b:a6:11:4c:08:56:10:9a:e7:79:
         c3:10:07:de:d7:8e:c8:87:a5:4a:d1:08:37:9e:fb:09:66:4e:
         87:4b:23:5e:29:29:53:45:93:c4:ac:a2:bc:33:1f:7f:2e:da:
         84:1c:00:08:97:7a:5e:c7:43:e8:c4:c1:6a:57:fe:16:1c:31:
         13:65:d0:ad:1b:0f:a8:9d:d9:07:34:91:1d:44:a9:47:e8:49:
         a1:e3:75:d5:20:03:ad:6b:c4:ac:8a:01:1e:22:59:7e:c5:95:
         b0:d1:ea:a6
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNFcHNsy38i1oVtGqnTNE8EQhl1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDAzMDgxODE4NTJaFw0yNTAzMDcxODIzNTJaMDMxMTAvBgNV
BAMTKDcwNDdEQjEyNEIxRUUxQkZBMjJEQTIzQTFGRkFFQkRBN0FENzRCNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpvI2oSZs0AHwuNJ5v64CCilIc
ZvAZxKmckZZ9hKmFkAWI/MLh7NCAKanxbzgAK8az1Q8XZv65Oevk+wMaJrqGKjlB
KIDFs/HcYa15UK0t7Hw8bpQlt2HlCRacEPouYG1MrBBIqHti7BGXJG0dM+EmD/56
aormduH/+jVgAvrZd268JvzA4z9bl/urOkc2CmxprlJOQSaHN0936Cp8A6/83Akw
y5hCtRIGHG/e1WzvJCc06Ql8IH0MA6duNTpglQWK8+D2BMs1jAGKaRtrTHZ/2Ma1
z9zBz2vVZRrtyP/j/8f0VJ8fMqMQdG9qSZh24zW54VDvQznr/NV4dzFFCsMDAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUcEfbEkse4b+iLaI6H/rr2nrXS1MwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMjM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMDMxMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFJ2
HDANBgkqhkiG9w0BAQsFAAOCAQEAUUykl/nE8wvLUrrGlIu5TrUBmJ8gipVbsOWx
UFRCB3ekbDriVvhPq5YKmIBExioa9kdNwXfdp+hIivMzIKcRsP8Id8+Tr/VGbIhe
tInkOYn56l2W39lvGYy75bDnfGubz3TrpmRQ/3BCYPJ1SN/m0CB+CGZ/0pAdfqkr
6DvdLaqZKyf4sjchKSPYzBEWX8G24iknhqnqE9cbphFMCFYQmud5wxAH3teOyIel
StEIN577CWZOh0sjXikpU0WTxKyivDMffy7ahBwACJd6XsdD6MTBalf+FhwxE2XQ
rRsPqJ3ZBzSRHUSpR+hJoeN11SADrWvErIoBHiJZfsWVsNHqpg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org