Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233322e302f32332d3234203d3e2030.roa
File:                     3139342e33322e3233322e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier:          QCKB5I6+flnhiar0TZWO++W41znmP19WJxRepmnewVo=
Subject key identifier:   FF:C5:05:04:4D:98:97:11:CF:EE:C2:C6:95:D0:AE:3E:CA:65:A2:A6
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       3AA46FD12723375BB0C50AD77E2B0C74FD83AF87
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233322e302f32332d3234203d3e2030.roa
Signing time:             Fri 20 Oct 2023 13:41:48 +0000
ROA not before:           Fri 20 Oct 2023 13:36:48 +0000
ROA not after:            Fri 18 Oct 2024 13:41:48 +0000
asID:                     0
IP address blocks:        194.32.232.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sun 14 Jan 2024 18:04:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:a4:6f:d1:27:23:37:5b:b0:c5:0a:d7:7e:2b:0c:74:fd:83:af:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Oct 20 13:36:48 2023 GMT
            Not After : Oct 18 13:41:48 2024 GMT
        Subject: CN=FFC505044D989711CFEEC2C695D0AE3ECA65A2A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:c0:ef:9b:fa:a4:3d:94:26:7d:8b:82:9b:73:
                    85:f6:fd:b3:ab:e4:f3:3c:dc:83:e3:90:b3:d8:78:
                    f4:64:e9:c8:3c:a9:99:d5:75:bc:b0:8b:26:3f:68:
                    ec:23:28:bd:60:b5:fe:f9:2c:78:5c:b0:97:b2:96:
                    79:c6:6b:d4:44:2d:71:23:05:57:6f:48:5f:8d:e3:
                    ac:12:65:a4:c5:c2:75:a4:b2:be:e0:fb:a8:62:c1:
                    73:71:ad:c1:e5:3f:e7:f1:bc:68:a0:93:ff:55:91:
                    80:f9:62:ca:64:3d:c4:46:e9:26:06:e9:50:cc:9e:
                    a8:3e:9d:05:bf:8f:81:f8:f3:3e:3d:2d:ee:81:84:
                    a5:d0:eb:29:60:d4:e1:12:71:59:03:d7:51:b9:e1:
                    b9:68:fc:28:1e:7a:c0:a0:91:f0:d8:c1:27:2d:67:
                    05:f6:40:15:73:09:6b:5f:a1:ab:46:bb:0b:be:c9:
                    99:cd:74:69:77:93:9e:8b:b3:99:bb:37:62:1f:5f:
                    1d:d9:2b:45:d9:16:a3:ee:79:5c:49:5d:73:25:e2:
                    aa:22:5c:fc:44:b9:70:a0:c3:e2:c7:ec:9f:37:63:
                    69:39:a0:b8:9d:6c:5f:0d:e0:e8:c7:64:12:31:02:
                    a8:68:6d:53:f3:dc:81:c6:82:d0:da:be:1a:cf:55:
                    74:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:C5:05:04:4D:98:97:11:CF:EE:C2:C6:95:D0:AE:3E:CA:65:A2:A6
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e33322e3233322e302f32332d3234203d3e2030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.32.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:32:a9:d3:b9:cd:14:82:7c:1e:d7:16:f4:45:42:34:3f:68:
         3d:80:87:65:72:ab:28:d1:bd:92:3f:27:f4:ee:fb:e0:7b:07:
         e0:1e:0a:3d:5f:4f:86:2e:46:6d:a2:c5:7d:69:c7:6f:bf:5c:
         db:32:bf:b1:b7:bf:0e:b8:39:3a:43:5e:4c:58:2a:76:cb:61:
         28:28:46:c1:fa:ab:a2:2e:04:2e:6f:cf:46:68:12:7a:e6:3e:
         98:05:bf:34:e5:bf:13:cf:aa:f3:35:1f:6e:e0:13:5c:83:63:
         65:24:67:26:6a:79:e0:57:b2:b4:b8:a8:ab:2a:3c:74:11:38:
         1a:b2:28:d3:10:89:31:8e:ea:b6:0c:7d:e0:25:ef:8b:a8:46:
         05:4b:0a:c5:08:30:29:37:c9:51:07:1b:8e:15:f7:4e:90:1c:
         36:67:d6:26:f8:44:32:ae:33:ab:7b:2d:a4:71:80:ab:b2:99:
         22:7f:0a:ae:0c:96:0d:e3:c6:e7:c1:64:94:47:62:22:8e:96:
         38:fb:e5:58:d2:80:1a:37:cb:84:ae:71:b7:06:78:88:c7:ef:
         d6:47:34:cc:37:4c:5c:50:2d:d6:15:b3:32:da:79:2d:cc:5a:
         96:36:f7:bf:9f:a0:6b:cd:1d:b2:c8:bb:d3:fd:b7:0d:c9:a6:
         67:60:c5:35
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUOqRv0ScjN1uwxQrXfisMdP2Dr4cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NDhaFw0yNDEwMTgxMzQxNDhaMDMxMTAvBgNV
BAMTKEZGQzUwNTA0NEQ5ODk3MTFDRkVFQzJDNjk1RDBBRTNFQ0E2NUEyQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbwO+b+qQ9lCZ9i4Kbc4X2/bOr
5PM83IPjkLPYePRk6cg8qZnVdbywiyY/aOwjKL1gtf75LHhcsJeylnnGa9RELXEj
BVdvSF+N46wSZaTFwnWksr7g+6hiwXNxrcHlP+fxvGigk/9VkYD5YspkPcRG6SYG
6VDMnqg+nQW/j4H48z49Le6BhKXQ6ylg1OEScVkD11G54blo/CgeesCgkfDYwSct
ZwX2QBVzCWtfoatGuwu+yZnNdGl3k56Ls5m7N2IfXx3ZK0XZFqPueVxJXXMl4qoi
XPxEuXCgw+LH7J83Y2k5oLidbF8N4OjHZBIxAqhobVPz3IHGgtDavhrPVXQPAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU/8UFBE2YlxHP7sLGldCuPsploqYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMzMyMmUzMjMz
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcIg6DANBgkq
hkiG9w0BAQsFAAOCAQEAizKp07nNFIJ8HtcW9EVCND9oPYCHZXKrKNG9kj8n9O77
4HsH4B4KPV9Phi5GbaLFfWnHb79c2zK/sbe/Drg5OkNeTFgqdsthKChGwfqroi4E
Lm/PRmgSeuY+mAW/NOW/E8+q8zUfbuATXINjZSRnJmp54FeytLioqyo8dBE4GrIo
0xCJMY7qtgx94CXvi6hGBUsKxQgwKTfJUQcbjhX3TpAcNmfWJvhEMq4zq3stpHGA
q7KZIn8KrgyWDePG58FklEdiIo6WOPvlWNKAGjfLhK5xtwZ4iMfv1kc0zDdMXFAt
1hWzMtp5Lcxaljb3v5+ga80dssi70/23DcmmZ2DFNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org