Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32372e302f32342d3234203d3e20383334.roa
File:                     38322e3131382e32372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          JaMAxbmhBPrQuGjC127wqlMBR5YOwkGrWMWYFnD2p2Y=
Subject key identifier:   AE:D4:3A:B6:25:18:A2:AC:51:10:A6:B0:4F:64:63:74:D8:BF:B7:D0
Certificate issuer:       /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial:       3E38DFE3B4F611F6C53D5B998DA0DDFEF7EA7B34
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32372e302f32342d3234203d3e20383334.roa
Signing time:             Mon 04 Aug 2025 00:05:41 +0000
ROA not before:           Mon 04 Aug 2025 00:00:41 +0000
ROA not after:            Mon 03 Aug 2026 00:05:41 +0000
asID:                     834
IP address blocks:        82.118.27.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 04 Aug 2025 09:52:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:38:df:e3:b4:f6:11:f6:c5:3d:5b:99:8d:a0:dd:fe:f7:ea:7b:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
        Validity
            Not Before: Aug  4 00:00:41 2025 GMT
            Not After : Aug  3 00:05:41 2026 GMT
        Subject: CN=AED43AB62518A2AC5110A6B04F646374D8BFB7D0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:c6:e5:c3:0e:5d:20:64:2b:a8:63:e6:cd:ad:
                    4e:1e:e1:72:da:9b:66:76:db:fc:92:0f:92:55:be:
                    61:ba:4c:75:3c:f7:0e:c6:2e:79:f9:7e:2c:ff:66:
                    30:61:c7:df:02:8d:78:66:c0:dc:cb:70:f9:61:52:
                    23:fa:d1:92:1a:b5:0e:1f:c1:c4:b0:14:0f:0e:d2:
                    68:1e:60:e5:ad:25:a1:d6:02:66:32:e5:a1:a3:9e:
                    a1:26:57:77:30:2a:f1:b5:c4:b1:8e:0c:ef:73:3d:
                    d9:61:5c:43:da:70:aa:fc:3d:8c:3d:8a:6d:b6:52:
                    38:7b:75:3e:90:6c:18:fc:a5:4e:25:10:7b:95:7b:
                    57:1d:d4:6c:a5:a4:d1:a4:91:aa:c1:3b:34:ba:4c:
                    90:75:b6:a4:47:6d:a2:56:be:d9:d5:ca:b2:96:96:
                    c8:98:85:82:c2:f9:98:32:39:d1:53:d8:d8:a7:7c:
                    08:6e:5b:38:e4:8b:44:ab:46:df:57:c6:14:ff:16:
                    1d:2b:20:c1:d6:fc:20:6a:f2:aa:7a:08:4a:be:50:
                    e6:59:de:b1:75:43:0c:0d:c2:60:da:67:77:cb:f7:
                    ce:45:5c:44:d5:44:f5:34:f0:0a:fc:17:67:ce:c1:
                    77:74:b8:a2:d1:a5:61:64:7d:ec:2d:8f:90:d9:d2:
                    23:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:D4:3A:B6:25:18:A2:AC:51:10:A6:B0:4F:64:63:74:D8:BF:B7:D0
            X509v3 Authority Key Identifier:
                keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32372e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.118.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:bb:0d:19:58:72:dd:99:85:02:b8:bd:82:59:f4:c0:72:50:
         92:51:d3:41:d0:7a:61:ec:8d:4f:17:00:c3:94:e6:49:e0:9e:
         41:82:f2:e2:80:bd:f4:17:3d:2d:f8:3c:3d:ca:55:27:c8:59:
         33:67:6d:dd:42:b1:94:c1:63:e4:88:56:18:d3:e5:9b:30:b9:
         34:5e:d6:64:10:f9:6c:91:e7:d9:be:69:90:7e:66:7f:c3:04:
         ab:f3:7e:cb:22:83:96:99:63:15:4f:91:6b:6a:72:e4:ca:90:
         6b:72:3a:f0:f1:be:4c:e8:86:6d:39:5b:fe:24:a1:37:a6:37:
         3c:47:ed:e1:44:34:c6:f5:e7:c7:0e:e6:8e:37:41:a8:45:4c:
         38:1f:62:e5:e4:b3:4a:ac:2f:d0:e5:d8:2f:7c:ac:73:ad:d3:
         1d:99:8c:8d:62:a4:aa:94:aa:26:52:8f:8d:9a:74:c7:32:c5:
         2a:88:c3:c2:54:d2:46:fa:28:b2:3e:74:bd:67:e8:b4:d0:9b:
         b4:7f:0e:4f:86:12:54:09:cf:ad:dc:3e:53:05:88:a5:f1:e4:
         0a:4a:de:b4:5b:7f:36:61:64:c4:31:0a:55:7b:81:35:8f:9f:
         9a:70:78:1b:2a:7e:55:6b:f4:77:ff:91:5b:77:12:69:67:8b:
         0f:42:03:db
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUPjjf47T2EfbFPVuZjaDd/vfqezQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTA4MDQwMDAwNDFaFw0yNjA4MDMwMDA1NDFaMDMxMTAvBgNV
BAMTKEFFRDQzQUI2MjUxOEEyQUM1MTEwQTZCMDRGNjQ2Mzc0RDhCRkI3RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHxuXDDl0gZCuoY+bNrU4e4XLa
m2Z22/ySD5JVvmG6THU89w7GLnn5fiz/ZjBhx98CjXhmwNzLcPlhUiP60ZIatQ4f
wcSwFA8O0mgeYOWtJaHWAmYy5aGjnqEmV3cwKvG1xLGODO9zPdlhXEPacKr8PYw9
im22Ujh7dT6QbBj8pU4lEHuVe1cd1GylpNGkkarBOzS6TJB1tqRHbaJWvtnVyrKW
lsiYhYLC+ZgyOdFT2NinfAhuWzjki0SrRt9XxhT/Fh0rIMHW/CBq8qp6CEq+UOZZ
3rF1QwwNwmDaZ3fL985FXETVRPU08Ar8F2fOwXd0uKLRpWFkfewtj5DZ0iMDAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUrtQ6tiUYoqxREKawT2RjdNi/t9AwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUnYbMA0G
CSqGSIb3DQEBCwUAA4IBAQBIuw0ZWHLdmYUCuL2CWfTAclCSUdNB0Hph7I1PFwDD
lOZJ4J5BgvLigL30Fz0t+Dw9ylUnyFkzZ23dQrGUwWPkiFYY0+WbMLk0XtZkEPls
kefZvmmQfmZ/wwSr837LIoOWmWMVT5FranLkypBrcjrw8b5M6IZtOVv+JKE3pjc8
R+3hRDTG9efHDuaON0GoRUw4H2Ll5LNKrC/Q5dgvfKxzrdMdmYyNYqSqlKomUo+N
mnTHMsUqiMPCVNJG+iiyPnS9Z+i00Ju0fw5PhhJUCc+t3D5TBYil8eQKSt60W382
YWTEMQpVe4E1j5+acHgbKn5Va/R3/5FbdxJpZ4sPQgPb
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:15:21 2025 by rpki-client