Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32342d3234203d3e20323135313031.roa
File:                     3138352e3130302e3231342e302f32342d3234203d3e20323135313031.roa (raw, json)
Hash identifier:          gCEeGEqw3PIt2eeK9cWpDuswsNdlKxbCQDVBUkF8QRM=
Subject key identifier:   43:97:DE:D1:7A:F9:75:F0:00:19:B2:21:C5:5D:8B:5D:B8:C8:FB:AD
Certificate issuer:       /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial:       4BC4AB7FC69269086826A5DE654D378D9F4F9334
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32342d3234203d3e20323135313031.roa
Signing time:             Fri 19 Apr 2024 07:44:09 +0000
ROA not before:           Fri 19 Apr 2024 07:39:09 +0000
ROA not after:            Fri 18 Apr 2025 07:44:09 +0000
asID:                     215101
IP address blocks:        185.100.214.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Sep 2024 10:39:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:c4:ab:7f:c6:92:69:08:68:26:a5:de:65:4d:37:8d:9f:4f:93:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
        Validity
            Not Before: Apr 19 07:39:09 2024 GMT
            Not After : Apr 18 07:44:09 2025 GMT
        Subject: CN=4397DED17AF975F00019B221C55D8B5DB8C8FBAD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:8c:2b:79:05:de:ea:bb:6d:7c:2e:9e:f7:31:
                    04:f8:ef:08:9e:1c:6d:a4:54:23:04:6b:52:5b:06:
                    23:6e:5f:4a:78:c4:54:a7:03:6f:24:c0:68:3c:e1:
                    c9:0f:bb:a3:65:43:a7:87:a0:5d:8f:a4:0e:f2:30:
                    14:a9:5f:da:9b:ea:e5:ef:74:2c:44:db:e3:34:64:
                    02:b1:cd:05:c5:1d:27:e6:77:be:87:3b:d0:cb:e4:
                    e5:60:0e:b4:f2:0d:d2:09:05:e9:e6:92:9e:ae:07:
                    4c:5f:8b:99:d5:80:09:a1:fd:43:e7:89:f3:e6:15:
                    7a:24:78:ae:cf:81:d8:77:73:87:f8:54:52:f6:0d:
                    af:22:da:4d:e0:4d:13:e1:48:b7:ce:28:b4:a0:c7:
                    3f:49:cd:4e:ad:50:cd:4e:5c:54:34:49:e8:dd:eb:
                    b2:2b:3e:f8:8f:7f:fa:4d:fc:cc:ca:b4:b9:e8:f4:
                    24:af:33:83:4c:bc:fd:04:d6:1a:c3:3c:ac:d9:83:
                    89:51:62:4f:16:23:fa:55:54:b9:74:c9:dd:c7:c5:
                    a5:64:a7:d4:ae:6b:55:b1:ca:55:db:ca:3a:64:c1:
                    c0:25:51:c9:c1:90:51:27:b4:2b:9a:1d:e7:78:50:
                    b0:e4:b3:51:82:48:7f:c1:69:f8:ce:f8:d0:53:cb:
                    15:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:97:DE:D1:7A:F9:75:F0:00:19:B2:21:C5:5D:8B:5D:B8:C8:FB:AD
            X509v3 Authority Key Identifier:
                keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32342d3234203d3e20323135313031.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.100.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:5a:0d:f3:21:40:ed:ac:1c:d9:f5:7e:d2:07:92:11:dc:5c:
         d2:38:81:c2:f1:ed:ca:6b:04:45:fc:0a:cb:30:62:68:2a:fe:
         05:c5:17:1d:6f:dc:ad:17:a2:38:fe:59:62:d6:5a:cf:c5:5e:
         90:dc:05:44:39:d3:33:e4:f7:e9:55:22:05:81:5f:46:df:68:
         0f:82:e2:b0:71:ef:c7:dc:99:14:de:5a:ac:ee:a7:18:9f:42:
         e3:d5:ac:27:b3:10:55:07:8a:8f:74:df:fb:64:c6:cb:a5:be:
         39:89:f3:d6:34:ed:13:ad:9d:4a:fc:bc:80:6a:51:6e:e9:cb:
         07:03:84:9b:d4:3c:50:2b:2d:12:e0:cf:32:50:6a:38:c1:c5:
         37:aa:6b:78:5f:4c:00:35:07:8d:46:e3:1c:e9:e5:f2:f0:1b:
         ee:6f:e2:25:b2:c6:45:6e:64:5f:3c:f3:62:c4:83:8b:82:28:
         1c:27:c4:74:ec:c8:68:84:dc:af:da:25:c0:b6:74:08:b8:98:
         46:7f:52:41:61:80:80:25:8f:b4:fb:d1:1b:fe:0a:5e:cf:bf:
         3e:88:53:28:15:67:fa:ff:e7:b1:01:df:45:fa:7a:70:0b:66:
         77:7a:69:be:53:e3:51:f9:d0:5d:df:60:5f:67:91:00:9c:93:
         4a:99:26:6f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUS8Srf8aSaQhoJqXeZU03jZ9PkzQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA0MTkwNzM5MDlaFw0yNTA0MTgwNzQ0MDlaMDMxMTAvBgNV
BAMTKDQzOTdERUQxN0FGOTc1RjAwMDE5QjIyMUM1NUQ4QjVEQjhDOEZCQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChjCt5Bd7qu218Lp73MQT47wie
HG2kVCMEa1JbBiNuX0p4xFSnA28kwGg84ckPu6NlQ6eHoF2PpA7yMBSpX9qb6uXv
dCxE2+M0ZAKxzQXFHSfmd76HO9DL5OVgDrTyDdIJBenmkp6uB0xfi5nVgAmh/UPn
ifPmFXokeK7Pgdh3c4f4VFL2Da8i2k3gTRPhSLfOKLSgxz9JzU6tUM1OXFQ0Sejd
67IrPviPf/pN/MzKtLno9CSvM4NMvP0E1hrDPKzZg4lRYk8WI/pVVLl0yd3HxaVk
p9Sua1WxylXbyjpkwcAlUcnBkFEntCuaHed4ULDks1GCSH/BafjO+NBTyxUJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUQ5fe0Xr5dfAAGbIhxV2LXbjI+60wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMwMzAyZTMy
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMxMzAzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlk1jANBgkqhkiG9w0BAQsFAAOCAQEAG1oN8yFA7awc2fV+0geSEdxc0jiB
wvHtymsERfwKyzBiaCr+BcUXHW/crReiOP5ZYtZaz8VekNwFRDnTM+T36VUiBYFf
Rt9oD4LisHHvx9yZFN5arO6nGJ9C49WsJ7MQVQeKj3Tf+2TGy6W+OYnz1jTtE62d
Svy8gGpRbunLBwOEm9Q8UCstEuDPMlBqOMHFN6preF9MADUHjUbjHOnl8vAb7m/i
JbLGRW5kXzzzYsSDi4IoHCfEdOzIaITcr9olwLZ0CLiYRn9SQWGAgCWPtPvRG/4K
Xs+/PohTKBVn+v/nsQHfRfp6cAtmd3ppvlPjUfnQXd9gX2eRAJyTSpkmbw==
-----END CERTIFICATE-----
Generated at Wed Sep 11 13:30:06 2024 by rpki-client on console-fra.rpki-client.org