Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32332d3234203d3e20383334.roa
File:                     3138352e3130302e3231342e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier:          hE57DYHYadDcxArBNXHrSOhHni8fhFxqIb2UCTkltX0=
Subject key identifier:   F4:3F:53:7A:DB:F8:CD:68:FA:7E:8C:81:7A:89:BB:64:CC:F5:81:F3
Certificate issuer:       /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial:       4DAE23E93686DB774D1F79207E2FD87BC8D88C3F
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32332d3234203d3e20383334.roa
Signing time:             Thu 11 Apr 2024 10:05:55 +0000
ROA not before:           Thu 11 Apr 2024 10:00:55 +0000
ROA not after:            Thu 10 Apr 2025 10:05:55 +0000
asID:                     834
IP address blocks:        185.100.214.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 Apr 2024 16:22:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:ae:23:e9:36:86:db:77:4d:1f:79:20:7e:2f:d8:7b:c8:d8:8c:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
        Validity
            Not Before: Apr 11 10:00:55 2024 GMT
            Not After : Apr 10 10:05:55 2025 GMT
        Subject: CN=F43F537ADBF8CD68FA7E8C817A89BB64CCF581F3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:71:83:c5:88:99:18:64:f3:69:59:be:96:6c:
                    ce:9e:e6:aa:45:b6:84:4f:db:98:68:45:cb:47:5c:
                    bc:8c:f1:91:65:28:b7:48:ec:66:6c:93:23:d3:4b:
                    af:85:a1:1f:2f:43:1c:8e:38:07:4e:0e:7e:72:12:
                    74:a4:5a:3b:64:29:38:a3:bf:df:3d:f0:a4:54:4c:
                    bf:de:34:2b:bd:35:0f:5e:a3:96:a6:84:13:6f:bd:
                    c1:9b:1c:a9:fe:8a:03:59:a3:fe:3f:2d:ee:a7:e7:
                    eb:f9:83:f1:3a:09:46:d0:d7:6a:88:e8:90:4b:e1:
                    b4:c2:7b:0d:46:79:6d:52:f4:8f:67:18:a7:40:e4:
                    6a:8c:39:b5:0d:75:82:98:c0:46:7c:d7:6c:bc:a6:
                    24:3e:a8:34:72:10:61:3f:73:d5:8b:67:d4:61:ea:
                    b3:de:95:f9:10:ea:22:2d:f3:cb:16:fd:f3:79:f2:
                    f9:ba:f3:be:86:1c:9f:2f:bd:69:75:25:09:d8:26:
                    7f:e1:47:ee:56:98:5c:a8:e1:e2:61:21:80:5f:02:
                    53:03:46:bb:af:13:e7:6a:7d:0d:01:c8:d4:da:a7:
                    9b:67:c5:1e:fb:83:21:e4:48:72:b7:e5:58:c7:4f:
                    71:fe:80:6a:df:20:c1:34:75:16:b0:32:5b:fd:bf:
                    56:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:3F:53:7A:DB:F8:CD:68:FA:7E:8C:81:7A:89:BB:64:CC:F5:81:F3
            X509v3 Authority Key Identifier:
                keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32332d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.100.214.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:a5:c6:54:4b:fe:89:69:d1:59:31:0a:92:a2:c5:85:74:d6:
         9a:9f:08:65:fd:db:f6:74:ac:bd:64:cf:62:18:c7:a1:5e:ed:
         cf:fa:94:36:09:89:62:21:a1:aa:6f:5c:7c:4e:0f:62:b6:08:
         5b:1e:72:70:68:56:8f:0c:4c:3c:c6:c9:48:06:67:82:85:5f:
         b7:93:ad:8c:82:0f:e5:b3:ab:c7:9b:f4:a9:46:aa:c7:65:ff:
         ad:6c:66:f8:ce:34:7d:33:e4:da:e1:b4:b8:be:c5:29:02:0b:
         64:3b:29:1e:d6:b9:da:ce:e0:a4:ac:10:95:67:38:66:75:54:
         07:7e:76:bd:14:40:ff:ac:f3:af:45:b5:67:83:c3:f2:fb:c3:
         82:23:c3:28:18:a6:59:a2:f9:a0:1b:18:9f:a7:ab:e9:cd:3b:
         cb:57:a1:33:60:75:17:b4:a9:f7:b1:56:5d:84:4e:9f:47:82:
         10:05:13:6a:67:03:fe:45:6e:26:9a:3b:fd:8c:51:ec:20:01:
         f1:ce:eb:d6:17:26:68:8e:f2:99:ac:36:26:e1:d2:53:f9:4b:
         7a:4a:f8:09:81:ec:84:26:df:67:13:63:05:88:32:4a:11:8a:
         a1:9d:df:9b:c8:f7:6d:5c:0d:b1:ed:0c:f3:d6:04:31:f2:ee:
         00:ce:d4:44
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUTa4j6TaG23dNH3kgfi/Ye8jYjD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA0MTExMDAwNTVaFw0yNTA0MTAxMDA1NTVaMDMxMTAvBgNV
BAMTKEY0M0Y1MzdBREJGOENENjhGQTdFOEM4MTdBODlCQjY0Q0NGNTgxRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwcYPFiJkYZPNpWb6WbM6e5qpF
toRP25hoRctHXLyM8ZFlKLdI7GZskyPTS6+FoR8vQxyOOAdODn5yEnSkWjtkKTij
v9898KRUTL/eNCu9NQ9eo5amhBNvvcGbHKn+igNZo/4/Le6n5+v5g/E6CUbQ12qI
6JBL4bTCew1GeW1S9I9nGKdA5GqMObUNdYKYwEZ812y8piQ+qDRyEGE/c9WLZ9Rh
6rPelfkQ6iIt88sW/fN58vm6876GHJ8vvWl1JQnYJn/hR+5WmFyo4eJhIYBfAlMD
RruvE+dqfQ0ByNTap5tnxR77gyHkSHK35VjHT3H+gGrfIME0dRawMlv9v1bRAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU9D9Tetv4zWj6foyBeom7ZMz1gfMwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMwMzAyZTMy
MzEzNDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAblk
1jANBgkqhkiG9w0BAQsFAAOCAQEAjKXGVEv+iWnRWTEKkqLFhXTWmp8IZf3b9nSs
vWTPYhjHoV7tz/qUNgmJYiGhqm9cfE4PYrYIWx5ycGhWjwxMPMbJSAZngoVft5Ot
jIIP5bOrx5v0qUaqx2X/rWxm+M40fTPk2uG0uL7FKQILZDspHta52s7gpKwQlWc4
ZnVUB352vRRA/6zzr0W1Z4PD8vvDgiPDKBimWaL5oBsYn6er6c07y1ehM2B1F7Sp
97FWXYROn0eCEAUTamcD/kVuJpo7/YxR7CAB8c7r1hcmaI7ymaw2JuHSU/lLekr4
CYHshCbfZxNjBYgyShGKoZ3fm8j3bVwNse0M89YEMfLuAM7URA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:16 2024 by rpki-client on console-fra.rpki-client.org