Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203631333137.roa
File:                     38352e3233372e3230382e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier:          waP/1caRC0O+hXkGuftxA4uvGO/korrZa2VEKqFJejY=
Subject key identifier:   DD:65:AB:EA:43:23:D6:AB:E0:B9:7F:6A:47:D5:D4:4E:F6:C6:0C:FE
Certificate issuer:       /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial:       5102151D7C7DAC86605C6EF4EA3987E5A29155EB
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203631333137.roa
Signing time:             Tue 14 Nov 2023 12:19:28 +0000
ROA not before:           Tue 14 Nov 2023 12:14:28 +0000
ROA not after:            Tue 12 Nov 2024 12:19:28 +0000
asID:                     61317
IP address blocks:        85.237.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 10:21:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:02:15:1d:7c:7d:ac:86:60:5c:6e:f4:ea:39:87:e5:a2:91:55:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
        Validity
            Not Before: Nov 14 12:14:28 2023 GMT
            Not After : Nov 12 12:19:28 2024 GMT
        Subject: CN=DD65ABEA4323D6ABE0B97F6A47D5D44EF6C60CFE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:6f:c6:68:3c:b8:10:46:fe:67:64:4f:02:59:
                    c4:ed:68:25:3a:33:be:91:6e:7e:a3:30:0b:65:fa:
                    df:6d:5a:32:f8:ec:16:01:f3:6c:22:4e:2e:3d:3e:
                    e6:82:be:36:6d:c1:67:58:83:c4:59:82:fe:70:b2:
                    36:44:74:ae:cc:ff:db:b6:1f:30:8f:38:c9:61:3c:
                    90:79:7b:b4:55:fc:bf:20:e0:ea:4e:23:fc:64:5e:
                    86:f1:ab:f4:90:8b:2e:07:14:c0:d6:11:c7:5d:d6:
                    6e:28:6b:88:e5:14:55:2d:5c:6d:82:4c:07:16:75:
                    34:26:4e:54:7a:da:2c:fc:a1:fa:17:fc:4f:a1:03:
                    6d:1f:5b:6e:63:8e:62:53:e7:93:c4:54:ff:25:94:
                    e3:6a:49:47:5e:e9:00:b0:49:03:fa:c3:0f:11:3a:
                    c4:a4:24:53:0c:8a:79:5f:57:b5:38:95:6a:8f:66:
                    7d:ed:84:da:26:c1:5d:84:e5:c6:f1:89:57:5a:dd:
                    d5:e3:e5:d1:26:40:ca:1d:5f:4d:c5:a1:f8:2e:2a:
                    28:ed:46:48:ec:af:4d:cc:6e:c8:75:4b:95:45:c7:
                    1d:1c:a2:bd:d8:f3:0c:8d:29:32:b8:46:df:cd:30:
                    83:d8:7a:af:08:0f:47:2c:8e:73:be:b4:39:d3:08:
                    be:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:65:AB:EA:43:23:D6:AB:E0:B9:7F:6A:47:D5:D4:4E:F6:C6:0C:FE
            X509v3 Authority Key Identifier:
                keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203631333137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:a3:0c:7a:d7:2c:41:44:ab:af:ab:ec:c8:40:30:38:55:ff:
         9d:6d:52:ca:a7:73:83:48:c7:14:01:1a:2c:0a:81:ea:e8:7b:
         11:31:3b:6f:46:50:56:77:43:6f:d2:92:87:ca:b1:54:a6:06:
         7e:f4:44:2a:9a:f8:3b:bd:1d:50:b0:73:7c:e1:a3:e2:05:ec:
         de:52:1c:86:8f:38:52:50:28:bd:52:8e:91:7e:f4:01:fd:3f:
         0c:4f:4f:4b:27:a0:db:61:ec:98:a8:c5:3d:96:f5:b6:ee:e8:
         6c:e6:8e:ec:9c:43:e6:b6:68:bb:0d:66:82:ac:ec:49:f0:e2:
         04:67:77:e8:d8:49:53:4e:9f:a4:3e:83:96:32:5b:b5:c1:c4:
         60:5f:9c:5c:75:56:3a:bc:99:d1:8d:80:99:d2:5b:1b:10:8c:
         07:c3:5d:27:57:fc:38:f4:9f:1b:c6:64:d4:28:f1:dc:57:8f:
         82:ab:73:02:bd:1c:65:0c:d8:c9:72:89:36:d8:02:84:e8:6b:
         8b:d2:16:cc:22:13:2a:2f:9a:06:9e:ba:36:99:c9:85:8a:62:
         ae:83:01:a4:8f:be:74:b7:5c:45:1d:a8:e6:10:5c:e5:4e:2f:
         c1:c7:a9:8f:0a:22:70:11:16:23:29:76:fa:22:53:ab:6c:df:
         62:69:4b:c2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUQIVHXx9rIZgXG706jmH5aKRVeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMTQxMjE0MjhaFw0yNDExMTIxMjE5MjhaMDMxMTAvBgNV
BAMTKERENjVBQkVBNDMyM0Q2QUJFMEI5N0Y2QTQ3RDVENDRFRjZDNjBDRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsb8ZoPLgQRv5nZE8CWcTtaCU6
M76Rbn6jMAtl+t9tWjL47BYB82wiTi49PuaCvjZtwWdYg8RZgv5wsjZEdK7M/9u2
HzCPOMlhPJB5e7RV/L8g4OpOI/xkXobxq/SQiy4HFMDWEcdd1m4oa4jlFFUtXG2C
TAcWdTQmTlR62iz8ofoX/E+hA20fW25jjmJT55PEVP8llONqSUde6QCwSQP6ww8R
OsSkJFMMinlfV7U4lWqPZn3thNomwV2E5cbxiVda3dXj5dEmQModX03FofguKijt
Rkjsr03Mbsh1S5VFxx0cor3Y8wyNKTK4Rt/NMIPYeq8ID0csjnO+tDnTCL7FAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU3WWr6kMj1qvguX9qR9XUTvbGDP4wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3QMA0GCSqGSIb3DQEBCwUAA4IBAQBOowx61yxBRKuvq+zIQDA4Vf+dbVLKp3OD
SMcUARosCoHq6HsRMTtvRlBWd0Nv0pKHyrFUpgZ+9EQqmvg7vR1QsHN84aPiBeze
UhyGjzhSUCi9Uo6RfvQB/T8MT09LJ6DbYeyYqMU9lvW27uhs5o7snEPmtmi7DWaC
rOxJ8OIEZ3fo2ElTTp+kPoOWMlu1wcRgX5xcdVY6vJnRjYCZ0lsbEIwHw10nV/w4
9J8bxmTUKPHcV4+Cq3MCvRxlDNjJcok22AKE6GuL0hbMIhMqL5oGnro2mcmFimKu
gwGkj750t1xFHajmEFzlTi/Bx6mPCiJwERYjKXb6IlOrbN9iaUvC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:16 2024 by rpki-client on console-fra.rpki-client.org