Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20323131393735.roa
File:                     38352e3230392e3232392e302f32342d3234203d3e20323131393735.roa (raw, json)
Hash identifier:          gTJ1v8QIBelH3ARyQQCBIby8zqqyP9uOTG6aymQUq/w=
Subject key identifier:   93:B8:F1:86:E5:1D:1A:25:F7:70:34:C2:CB:73:D1:14:A8:93:40:EA
Certificate issuer:       /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial:       7584110F534BC754EE5DDD8C8A0A9AD7980C0C9A
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20323131393735.roa
Signing time:             Thu 11 Jan 2024 18:16:55 +0000
ROA not before:           Thu 11 Jan 2024 18:11:55 +0000
ROA not after:            Thu 09 Jan 2025 18:16:55 +0000
asID:                     211975
IP address blocks:        85.209.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 11 Nov 2024 00:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:84:11:0f:53:4b:c7:54:ee:5d:dd:8c:8a:0a:9a:d7:98:0c:0c:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
        Validity
            Not Before: Jan 11 18:11:55 2024 GMT
            Not After : Jan  9 18:16:55 2025 GMT
        Subject: CN=93B8F186E51D1A25F77034C2CB73D114A89340EA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:4b:c8:42:bf:0c:f5:01:fc:bd:ba:b3:89:98:
                    eb:8f:2f:2c:83:fe:da:00:40:1c:c2:13:5b:d5:d7:
                    0d:47:7b:a4:b8:04:f6:c7:b1:9b:b7:7d:27:76:2a:
                    d6:ac:37:42:ea:46:83:62:20:7c:61:7d:84:d9:12:
                    3a:b7:0a:9a:8d:fd:a1:87:e7:f1:a1:89:06:ed:92:
                    7a:46:be:18:69:31:07:cd:92:97:5c:39:f9:52:99:
                    c5:b7:d9:2c:9f:8a:03:24:2e:5c:78:aa:d7:a3:43:
                    65:97:7b:6f:bd:f2:fa:d8:e8:54:5e:cb:79:d6:51:
                    11:97:71:c5:bc:d0:27:84:a7:d9:38:9d:74:6a:4c:
                    52:73:35:a9:94:3c:b8:b2:40:c8:91:3e:35:55:dc:
                    d3:12:fb:05:4f:96:a4:08:08:8a:01:df:c8:71:88:
                    6c:b9:12:73:31:46:44:5e:7c:4c:bc:33:6e:a3:8e:
                    0e:c0:1b:88:f0:93:50:19:8d:29:bb:11:20:99:e1:
                    43:9e:0f:44:40:6e:5f:c7:bc:48:71:9a:a3:34:59:
                    5c:a4:d1:5a:59:36:2c:3c:c6:d5:a4:0e:ca:5e:74:
                    6b:f6:ca:f7:73:44:02:4b:80:dc:9a:05:3e:b1:5b:
                    91:ad:52:bf:eb:f5:99:e1:a7:84:9a:94:26:8b:ed:
                    4e:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:B8:F1:86:E5:1D:1A:25:F7:70:34:C2:CB:73:D1:14:A8:93:40:EA
            X509v3 Authority Key Identifier:
                keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20323131393735.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:06:52:cc:4f:0d:ba:26:e7:4d:67:93:5c:78:fb:fa:3f:2f:
         cb:38:1d:80:36:4d:da:ab:c4:68:93:bf:6a:66:d3:0d:49:72:
         7a:9e:aa:65:75:5c:42:b0:26:ce:52:cd:db:81:8b:02:00:ff:
         d2:97:e1:ca:10:f2:33:be:44:fc:0e:a1:cc:69:28:69:86:66:
         f3:46:ac:e6:90:2b:8d:ca:af:a4:8f:cc:2e:df:78:96:fc:96:
         f8:37:ae:e5:3f:1b:5c:45:ad:53:a0:7d:fe:92:68:2d:1d:c4:
         67:06:63:d2:61:48:07:a9:c0:5f:3a:ad:b4:f8:07:55:64:2d:
         81:1b:ee:1f:28:b5:b5:6c:d2:ef:cf:7f:75:f1:10:19:d3:91:
         d9:af:f6:51:c0:6d:ed:6f:39:81:f4:65:1c:51:ab:03:05:9f:
         26:11:d2:32:93:ef:4f:ec:8d:6c:cd:d0:e3:08:37:da:e7:f2:
         db:9a:ec:5e:82:4a:f0:f5:a5:61:ae:f7:71:44:9d:e3:d5:3f:
         b7:02:7c:1e:73:0d:e5:67:93:43:f8:8f:25:01:7d:bf:fb:47:
         97:81:95:9b:63:7a:fe:dc:c6:71:45:db:2b:fd:8c:05:9e:e0:
         a9:7e:33:9d:27:fa:d6:ee:a1:9a:9f:c9:7d:4c:d9:a1:76:42:
         16:b6:e8:4c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdYQRD1NLx1TuXd2Migqa15gMDJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDAxMTExODExNTVaFw0yNTAxMDkxODE2NTVaMDMxMTAvBgNV
BAMTKDkzQjhGMTg2RTUxRDFBMjVGNzcwMzRDMkNCNzNEMTE0QTg5MzQwRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2S8hCvwz1Afy9urOJmOuPLyyD
/toAQBzCE1vV1w1He6S4BPbHsZu3fSd2KtasN0LqRoNiIHxhfYTZEjq3CpqN/aGH
5/GhiQbtknpGvhhpMQfNkpdcOflSmcW32SyfigMkLlx4qtejQ2WXe2+98vrY6FRe
y3nWURGXccW80CeEp9k4nXRqTFJzNamUPLiyQMiRPjVV3NMS+wVPlqQICIoB38hx
iGy5EnMxRkRefEy8M26jjg7AG4jwk1AZjSm7ESCZ4UOeD0RAbl/HvEhxmqM0WVyk
0VpZNiw8xtWkDspedGv2yvdzRAJLgNyaBT6xW5GtUr/r9Znhp4SalCaL7U6lAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUk7jxhuUdGiX3cDTCy3PRFKiTQOowHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzEzOTM3MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0eUwDQYJKoZIhvcNAQELBQADggEBAEoGUsxPDbom501nk1x4+/o/L8s4HYA2
TdqrxGiTv2pm0w1JcnqeqmV1XEKwJs5SzduBiwIA/9KX4coQ8jO+RPwOocxpKGmG
ZvNGrOaQK43Kr6SPzC7feJb8lvg3ruU/G1xFrVOgff6SaC0dxGcGY9JhSAepwF86
rbT4B1VkLYEb7h8otbVs0u/Pf3XxEBnTkdmv9lHAbe1vOYH0ZRxRqwMFnyYR0jKT
70/sjWzN0OMIN9rn8tua7F6CSvD1pWGu93FEnePVP7cCfB5zDeVnk0P4jyUBfb/7
R5eBlZtjev7cxnFF2yv9jAWe4Kl+M50n+tbuoZqfyX1M2aF2Qha26Ew=
-----END CERTIFICATE-----
Generated at Mon Nov 11 01:07:39 2024 by rpki-client on console-fra.rpki-client.org