Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20313336373837.roa
File:                     3139322e3134352e38312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier:          1lN7nmP6NPT2/v2R+NjVkV4x7YccRwwdAovkSC6wqqU=
Subject key identifier:   28:95:7A:97:A1:E9:2A:2B:AF:65:21:26:74:FF:F6:FE:E4:7B:AC:B1
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       26F843FA082D9289176BE265035DE8701C4DD913
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20313336373837.roa
Signing time:             Sun 14 Jan 2024 18:09:57 +0000
ROA not before:           Sun 14 Jan 2024 18:04:57 +0000
ROA not after:            Sun 12 Jan 2025 18:09:57 +0000
asID:                     136787
IP address blocks:        192.145.81.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 16 Jun 2024 10:49:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:f8:43:fa:08:2d:92:89:17:6b:e2:65:03:5d:e8:70:1c:4d:d9:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Jan 14 18:04:57 2024 GMT
            Not After : Jan 12 18:09:57 2025 GMT
        Subject: CN=28957A97A1E92A2BAF65212674FFF6FEE47BACB1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:34:10:4f:82:7a:d4:53:47:77:1d:6d:f1:51:
                    a3:88:5a:9b:13:64:1c:48:2b:86:6d:98:16:c3:db:
                    c8:d3:f1:66:95:b2:34:1d:2e:fb:8f:a4:33:56:47:
                    b3:7d:0c:d8:38:59:0b:d2:30:8f:34:d7:e3:3f:8d:
                    d0:d1:8f:90:a8:d2:4c:49:fc:95:9a:eb:91:d3:0b:
                    07:35:03:b8:ce:db:6c:57:35:fe:d1:a9:01:52:9a:
                    a6:bb:e5:68:54:00:a8:33:83:80:5c:b7:e5:42:a5:
                    cd:02:2a:4d:33:ca:35:d4:5f:6d:72:14:59:56:a7:
                    72:db:12:17:1d:a7:97:1d:e0:83:c5:c1:c1:8e:5b:
                    35:61:7e:46:a2:30:79:85:03:58:ad:4e:89:57:ed:
                    03:bc:e0:ae:2b:f4:84:f0:29:4b:5c:d1:db:08:44:
                    e0:f2:4b:3f:4a:de:d3:1f:95:5f:88:2b:34:11:f6:
                    e2:fb:1a:94:43:f0:28:fb:fa:7d:af:da:fc:96:8e:
                    75:28:99:81:44:fa:b9:ba:ef:14:2b:f2:34:ba:26:
                    cd:5f:f8:fc:99:ce:10:84:5e:d0:5a:73:6c:b8:9c:
                    05:60:4c:51:3b:31:32:f4:08:0b:2f:7a:b3:6a:63:
                    85:6d:12:35:78:90:39:62:10:b9:78:3e:c0:78:56:
                    18:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:95:7A:97:A1:E9:2A:2B:AF:65:21:26:74:FF:F6:FE:E4:7B:AC:B1
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20313336373837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.145.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:e1:d4:9a:ec:b3:2c:a2:5e:ef:84:ef:4b:2e:9a:27:b5:a4:
         54:fb:a6:20:6e:47:fe:ed:e8:cf:bb:87:d2:b4:fd:c3:12:ed:
         fd:bb:92:d9:51:72:10:10:d2:e3:80:49:00:f6:26:68:aa:a1:
         5c:3a:51:a1:3b:81:61:d5:07:53:13:b1:54:a3:4c:8e:20:36:
         2b:5a:76:bf:bc:a9:98:3f:4d:22:bd:07:97:33:72:87:4c:65:
         c6:06:f7:3c:d8:72:33:02:39:75:3b:08:79:c6:6a:6e:bb:f0:
         e6:b0:1b:d9:c5:da:15:11:5a:65:c2:4f:be:01:54:ff:f2:01:
         03:05:92:74:da:d6:ff:af:39:e1:fc:7e:0f:0a:3b:4f:aa:b8:
         e7:8d:91:b4:2c:d2:6b:b0:da:17:ff:b0:dd:6f:f5:a7:46:ca:
         b7:ad:e7:99:3c:5f:9b:76:ee:99:09:67:a4:73:31:c1:6b:a1:
         37:e7:5a:5a:fa:52:e1:f0:d1:66:72:b2:10:eb:70:b3:b4:29:
         1d:bc:75:d2:11:56:0b:71:71:cb:12:08:32:17:11:17:66:7e:
         21:c7:db:06:34:9c:68:55:2f:37:21:9d:cd:fa:f7:db:3b:8f:
         0e:b4:7e:40:47:4e:14:ac:ad:ce:6c:32:3a:7b:25:6f:6b:a5:
         b8:ed:2f:fd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJvhD+ggtkokXa+JlA13ocBxN2RMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMTQxODA0NTdaFw0yNTAxMTIxODA5NTdaMDMxMTAvBgNV
BAMTKDI4OTU3QTk3QTFFOTJBMkJBRjY1MjEyNjc0RkZGNkZFRTQ3QkFDQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYNBBPgnrUU0d3HW3xUaOIWpsT
ZBxIK4ZtmBbD28jT8WaVsjQdLvuPpDNWR7N9DNg4WQvSMI801+M/jdDRj5Co0kxJ
/JWa65HTCwc1A7jO22xXNf7RqQFSmqa75WhUAKgzg4Bct+VCpc0CKk0zyjXUX21y
FFlWp3LbEhcdp5cd4IPFwcGOWzVhfkaiMHmFA1itTolX7QO84K4r9ITwKUtc0dsI
RODySz9K3tMflV+IKzQR9uL7GpRD8Cj7+n2v2vyWjnUomYFE+rm67xQr8jS6Js1f
+PyZzhCEXtBac2y4nAVgTFE7MTL0CAsverNqY4VtEjV4kDliELl4PsB4VhgXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKJV6l6HpKiuvZSEmdP/2/uR7rLEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMyMmUzMTM0MzUyZTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADAkVEwDQYJKoZIhvcNAQELBQADggEBAHHh1JrssyyiXu+E70sumie1pFT7piBu
R/7t6M+7h9K0/cMS7f27ktlRchAQ0uOASQD2JmiqoVw6UaE7gWHVB1MTsVSjTI4g
Nitadr+8qZg/TSK9B5czcodMZcYG9zzYcjMCOXU7CHnGam678OawG9nF2hURWmXC
T74BVP/yAQMFknTa1v+vOeH8fg8KO0+quOeNkbQs0muw2hf/sN1v9adGyret55k8
X5t27pkJZ6RzMcFroTfnWlr6UuHw0WZyshDrcLO0KR28ddIRVgtxccsSCDIXERdm
fiHH2wY0nGhVLzchnc3699s7jw60fkBHThSsrc5sMjp7JW9rpbjtL/0=
-----END CERTIFICATE-----
Generated at Sun Jun 16 13:32:07 2024 by rpki-client on console-ams.rpki-client.org