Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34332e3131382e302f32342d3234203d3e203631333137.roa
File:                     3139332e34332e3131382e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier:          LnD+uea5N+d4tIpgQa8liCUw1euyfSaWFaQAQ+bXGKg=
Subject key identifier:   96:B5:2B:68:74:6F:42:17:7D:73:D5:AC:92:17:02:50:D5:96:DC:B9
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       76205A281B9161F351A32B4F6EBDF78B7A1B672D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34332e3131382e302f32342d3234203d3e203631333137.roa
Signing time:             Mon 26 Feb 2024 08:53:31 +0000
ROA not before:           Mon 26 Feb 2024 08:48:31 +0000
ROA not after:            Mon 24 Feb 2025 08:53:31 +0000
asID:                     61317
IP address blocks:        193.43.118.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 10 May 2024 13:27:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:20:5a:28:1b:91:61:f3:51:a3:2b:4f:6e:bd:f7:8b:7a:1b:67:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Feb 26 08:48:31 2024 GMT
            Not After : Feb 24 08:53:31 2025 GMT
        Subject: CN=96B52B68746F42177D73D5AC92170250D596DCB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:f0:c0:50:b3:45:d2:0a:08:cc:10:fa:70:25:
                    70:d1:30:04:9f:55:49:24:e2:ff:2a:b8:3c:26:d0:
                    60:a2:1f:e1:14:c8:b2:aa:b4:19:dc:2f:64:0c:18:
                    06:c0:58:55:b5:ca:a3:b5:cc:9d:97:a5:43:58:45:
                    6e:84:b0:0c:79:e9:80:b5:ae:c0:f1:92:0c:85:f9:
                    70:25:cb:5d:c6:f7:81:4a:a5:5b:10:bb:17:c8:3f:
                    ab:fa:57:cd:bc:94:7e:5b:30:c3:42:cd:82:7f:8b:
                    cd:87:3f:10:b5:ec:28:61:43:00:c8:4d:f8:2d:e3:
                    e3:5b:48:30:e9:34:3b:99:ec:6a:ea:c9:9f:3d:17:
                    d6:56:68:9e:5d:c5:3b:7b:5d:c5:39:c2:ff:af:d5:
                    87:21:76:62:86:d4:58:97:da:94:a7:65:11:02:77:
                    93:94:49:33:7b:32:54:2b:ca:b8:3a:8b:78:8c:b2:
                    a1:5b:fb:82:6a:39:d5:47:1b:4c:36:00:12:74:29:
                    6b:cd:3d:1a:fc:60:a4:e9:ca:69:a5:a8:26:aa:9c:
                    5a:7c:05:d6:81:dd:b6:e0:65:92:f8:b7:03:70:9b:
                    79:7b:e6:dc:e5:bc:33:54:9f:2f:77:87:d9:0c:6b:
                    93:7a:49:b3:e5:dc:29:0f:16:07:ec:f2:ed:46:b1:
                    d4:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:B5:2B:68:74:6F:42:17:7D:73:D5:AC:92:17:02:50:D5:96:DC:B9
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34332e3131382e302f32342d3234203d3e203631333137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.43.118.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:47:b8:14:cb:d3:35:8c:d7:50:bc:e3:bc:fc:19:f1:d6:85:
         26:11:e6:d6:28:f2:65:c4:cd:43:3e:65:6e:00:f9:a9:b2:c2:
         8a:3a:62:2d:7d:9b:9b:1f:51:cc:dd:7a:e0:91:4f:8d:89:d7:
         6e:3a:24:41:1d:c7:85:4c:fe:07:3a:bf:f1:33:1a:21:c9:34:
         25:cc:de:52:76:38:05:3f:1c:5d:fb:c9:d6:98:36:ef:88:90:
         43:16:97:b8:89:dc:b6:7b:e1:17:01:d8:42:ff:5b:1f:dc:e8:
         8c:d4:cd:ef:a8:37:f5:f1:e3:28:f7:36:5d:f1:5e:45:3f:5a:
         15:28:f5:f3:a5:49:90:32:25:6a:5a:2a:f3:86:6f:6d:be:82:
         c0:6d:f9:8b:ef:a4:75:20:b2:3c:35:98:a3:fd:a1:7f:a0:65:
         86:d0:ac:3d:9a:e7:26:18:9a:44:76:1c:c9:d0:de:c4:fb:53:
         59:71:8b:30:48:b1:8e:31:06:8b:09:3d:37:a3:38:22:05:b1:
         3e:ff:be:60:60:5e:27:41:db:04:ad:e8:5b:5e:f9:54:e3:a6:
         1e:2c:8d:20:9f:e4:0b:a2:d0:a5:51:25:87:15:d7:1a:91:4d:
         44:64:e2:31:9b:ba:96:0c:34:b4:8e:bd:b9:9d:c0:f4:e6:ca:
         8e:f8:38:b5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdiBaKBuRYfNRoytPbr33i3obZy0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzFaFw0yNTAyMjQwODUzMzFaMDMxMTAvBgNV
BAMTKDk2QjUyQjY4NzQ2RjQyMTc3RDczRDVBQzkyMTcwMjUwRDU5NkRDQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN8MBQs0XSCgjMEPpwJXDRMASf
VUkk4v8quDwm0GCiH+EUyLKqtBncL2QMGAbAWFW1yqO1zJ2XpUNYRW6EsAx56YC1
rsDxkgyF+XAly13G94FKpVsQuxfIP6v6V828lH5bMMNCzYJ/i82HPxC17ChhQwDI
Tfgt4+NbSDDpNDuZ7GrqyZ89F9ZWaJ5dxTt7XcU5wv+v1YchdmKG1FiX2pSnZREC
d5OUSTN7MlQryrg6i3iMsqFb+4JqOdVHG0w2ABJ0KWvNPRr8YKTpymmlqCaqnFp8
BdaB3bbgZZL4twNwm3l75tzlvDNUny93h9kMa5N6SbPl3CkPFgfs8u1GsdRpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUlrUraHRvQhd9c9WskhcCUNWW3LkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzNDMzMmUzMTMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSt2MA0GCSqGSIb3DQEBCwUAA4IBAQBGR7gUy9M1jNdQvOO8/Bnx1oUmEebWKPJl
xM1DPmVuAPmpssKKOmItfZubH1HM3XrgkU+NidduOiRBHceFTP4HOr/xMxohyTQl
zN5SdjgFPxxd+8nWmDbviJBDFpe4idy2e+EXAdhC/1sf3OiM1M3vqDf18eMo9zZd
8V5FP1oVKPXzpUmQMiVqWirzhm9tvoLAbfmL76R1ILI8NZij/aF/oGWG0Kw9mucm
GJpEdhzJ0N7E+1NZcYswSLGOMQaLCT03ozgiBbE+/75gYF4nQdsErehbXvlU46Ye
LI0gn+QLotClUSWHFdcakU1EZOIxm7qWDDS0jr25ncD05sqO+Di1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org