Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3135312e3132302e302f32332d3233203d3e203437353833.roa
File:                     34352e3135312e3132302e302f32332d3233203d3e203437353833.roa (raw, json)
Hash identifier:          Z4pTBvJVhha5puEQWnxs1KzI3hcTL7Ie1mLtdu4hJ3A=
Subject key identifier:   85:60:B2:FC:CE:A4:CC:00:0B:1D:17:EF:3B:53:85:9B:AC:E4:63:0D
Certificate issuer:       /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial:       5066C31084E609DE9C7C79A1FCA1B30EAC1EAF2B
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3135312e3132302e302f32332d3233203d3e203437353833.roa
Signing time:             Mon 26 Feb 2024 08:53:39 +0000
ROA not before:           Mon 26 Feb 2024 08:48:39 +0000
ROA not after:            Mon 24 Feb 2025 08:53:39 +0000
asID:                     47583
IP address blocks:        45.151.120.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 13 Jun 2024 11:07:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:66:c3:10:84:e6:09:de:9c:7c:79:a1:fc:a1:b3:0e:ac:1e:af:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
        Validity
            Not Before: Feb 26 08:48:39 2024 GMT
            Not After : Feb 24 08:53:39 2025 GMT
        Subject: CN=8560B2FCCEA4CC000B1D17EF3B53859BACE4630D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:07:2c:67:55:ef:be:c8:1d:de:12:ac:1f:4f:
                    37:3a:25:a3:20:85:c2:70:a4:bf:ba:b9:eb:90:be:
                    64:19:e9:71:39:bb:49:c9:68:5d:5b:fe:b8:b1:1b:
                    fa:0f:45:78:39:dd:be:69:ad:c0:fe:8e:b8:ef:92:
                    a2:b3:71:ed:04:c8:81:8f:7f:02:01:6d:fb:fd:4c:
                    09:c2:2c:f3:5b:57:ac:0f:6c:45:fe:29:c9:35:bc:
                    86:8f:db:e0:a5:ed:38:4e:21:c7:05:35:8f:6d:5a:
                    f1:65:31:63:28:6b:1c:54:2d:59:68:32:20:22:ba:
                    66:9d:59:22:f5:d8:b8:65:a1:19:59:11:7f:cd:aa:
                    80:a1:6b:e0:7f:49:90:98:0f:12:9b:6e:77:01:bd:
                    c1:f6:ac:b9:36:01:6d:91:00:af:74:de:67:fe:f8:
                    ef:97:91:b3:e6:69:77:a2:73:2c:3e:80:88:3a:6e:
                    c2:54:56:da:3a:f1:37:2b:ac:46:81:d0:97:1a:b8:
                    97:93:64:5b:7f:df:4a:21:74:7d:4c:c3:8d:0d:e9:
                    0b:09:18:b7:94:b0:d8:27:7a:3e:6a:eb:79:e6:b4:
                    08:6d:b3:ec:a7:a1:a3:a6:dc:56:24:cb:a7:fa:fb:
                    6f:f7:5b:54:78:95:f8:b6:f9:f7:5e:7a:d3:84:68:
                    3c:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:60:B2:FC:CE:A4:CC:00:0B:1D:17:EF:3B:53:85:9B:AC:E4:63:0D
            X509v3 Authority Key Identifier:
                keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3135312e3132302e302f32332d3233203d3e203437353833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.151.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         af:f4:e3:50:8c:6a:b7:12:7f:13:95:e4:d9:0d:ec:e9:f8:cd:
         ce:f6:fd:4b:ff:04:ec:ba:b5:6a:e2:62:37:83:28:aa:fc:60:
         0e:e5:15:4f:4d:01:53:c5:e0:c8:cd:cf:b6:03:8c:01:ae:a6:
         12:4f:18:07:ca:83:2a:44:21:95:d9:8f:8b:4e:2a:61:ea:67:
         79:d2:5d:ad:a5:93:48:77:e1:70:db:d2:50:43:9c:67:f3:40:
         0a:d0:b9:50:bd:a8:f5:0a:4a:3b:6a:4a:8b:91:5e:95:09:1b:
         2a:e4:b9:3d:f0:ee:2b:0c:52:a6:96:bc:ab:27:db:51:b7:57:
         c0:b0:e0:f2:74:f4:61:32:21:2d:5a:4b:a4:30:0a:bb:31:b4:
         36:69:51:47:00:55:eb:20:fb:b6:c1:7d:d8:ef:ea:e6:7f:b8:
         4d:1e:7d:10:1b:64:94:4d:e9:14:82:8b:6d:d9:d2:8f:c4:b5:
         01:23:df:4b:9e:97:17:3c:e0:d7:15:bc:93:5e:ff:c7:2a:d3:
         b6:09:8b:42:9c:90:9d:7d:af:fe:11:9c:30:cc:ac:7d:b9:c3:
         cb:bc:fe:bb:e4:ec:86:cd:36:84:a9:dc:79:b1:33:5d:eb:e3:
         84:be:f3:57:ca:d8:d1:56:ed:d0:37:4b:0a:63:e6:b0:33:8d:
         06:3d:b6:ab
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUGbDEITmCd6cfHmh/KGzDqweryswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAyMjYwODQ4MzlaFw0yNTAyMjQwODUzMzlaMDMxMTAvBgNV
BAMTKDg1NjBCMkZDQ0VBNENDMDAwQjFEMTdFRjNCNTM4NTlCQUNFNDYzMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaByxnVe++yB3eEqwfTzc6JaMg
hcJwpL+6ueuQvmQZ6XE5u0nJaF1b/rixG/oPRXg53b5prcD+jrjvkqKzce0EyIGP
fwIBbfv9TAnCLPNbV6wPbEX+Kck1vIaP2+Cl7ThOIccFNY9tWvFlMWMoaxxULVlo
MiAiumadWSL12LhloRlZEX/NqoCha+B/SZCYDxKbbncBvcH2rLk2AW2RAK903mf+
+O+XkbPmaXeicyw+gIg6bsJUVto68TcrrEaB0JcauJeTZFt/30ohdH1Mw40N6QsJ
GLeUsNgnej5q63nmtAhts+ynoaOm3FYky6f6+2/3W1R4lfi2+fdeetOEaDzvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhWCy/M6kzAALHRfvO1OFm6zkYw0wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzEzNTMxMmUzMTMy
MzAyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
LZd4MA0GCSqGSIb3DQEBCwUAA4IBAQCv9ONQjGq3En8TleTZDezp+M3O9v1L/wTs
urVq4mI3gyiq/GAO5RVPTQFTxeDIzc+2A4wBrqYSTxgHyoMqRCGV2Y+LTiph6md5
0l2tpZNId+Fw29JQQ5xn80AK0LlQvaj1Cko7akqLkV6VCRsq5Lk98O4rDFKmlryr
J9tRt1fAsODydPRhMiEtWkukMAq7MbQ2aVFHAFXrIPu2wX3Y7+rmf7hNHn0QG2SU
TekUgott2dKPxLUBI99LnpcXPODXFbyTXv/HKtO2CYtCnJCdfa/+EZwwzKx9ucPL
vP675OyGzTaEqdx5sTNd6+OEvvNXytjRVu3QN0sKY+awM40GPbar
-----END CERTIFICATE-----
Generated at Thu Jun 13 14:15:33 2024 by rpki-client on console-fra.rpki-client.org