Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e20383334.roa
File:                     38352e3233372e3230382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          ijgzTy/s3p1H/3SHUO4QtDydFdku8CAdmrrB6rj2qRc=
Subject key identifier:   CA:5A:17:F3:18:3A:18:46:90:95:4B:24:14:8F:0B:C8:B3:A2:B3:CC
Certificate issuer:       /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial:       365D8AEADBD46F9E9367A5BCEFA7F9F142C38FEE
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e20383334.roa
Signing time:             Tue 19 Dec 2023 10:21:38 +0000
ROA not before:           Tue 19 Dec 2023 10:16:38 +0000
ROA not after:            Tue 17 Dec 2024 10:21:38 +0000
asID:                     834
IP address blocks:        85.237.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 16:16:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:5d:8a:ea:db:d4:6f:9e:93:67:a5:bc:ef:a7:f9:f1:42:c3:8f:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
        Validity
            Not Before: Dec 19 10:16:38 2023 GMT
            Not After : Dec 17 10:21:38 2024 GMT
        Subject: CN=CA5A17F3183A184690954B24148F0BC8B3A2B3CC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:16:64:cb:12:6a:ae:2f:88:b6:5c:13:fb:3f:
                    90:43:04:1f:31:a0:e5:3e:22:00:f7:e7:39:a2:92:
                    57:ec:1f:2f:26:9d:2c:b2:df:cc:e4:af:69:d1:86:
                    3b:40:bc:90:bf:8b:70:1f:c5:90:2d:78:bc:ed:35:
                    ef:0a:72:75:6f:12:42:57:29:83:56:5c:b2:6d:a2:
                    0b:18:e3:1d:7d:25:20:50:71:9a:7b:7a:72:be:58:
                    a3:bd:14:ba:14:b1:84:90:d6:f1:a2:32:2d:46:82:
                    ec:25:52:c9:42:f3:f3:9e:ce:ac:ba:8d:02:e0:fe:
                    dd:5e:02:e7:2e:1b:46:6b:ff:09:03:d3:83:02:46:
                    72:10:95:c0:1c:51:10:f1:09:4d:8c:d7:2a:66:ae:
                    60:bb:39:d3:9b:78:d5:47:34:12:4e:d3:39:a1:8e:
                    57:56:69:c1:6f:78:8b:40:00:83:37:05:9f:6c:32:
                    0f:16:29:fb:86:1c:56:d2:f6:77:e0:1d:a4:8d:fc:
                    5b:50:c4:ba:60:39:c0:44:cf:5d:15:d8:21:fd:69:
                    89:a9:37:a8:ea:b3:e2:bf:1f:e7:66:90:7b:7f:b7:
                    71:cd:c9:25:02:73:90:f0:42:48:e8:e4:f4:24:8e:
                    8a:15:53:fd:2a:b4:62:e8:bc:d7:99:a2:e2:cf:de:
                    f3:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:5A:17:F3:18:3A:18:46:90:95:4B:24:14:8F:0B:C8:B3:A2:B3:CC
            X509v3 Authority Key Identifier:
                keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.237.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:93:fe:87:ff:ec:3c:d3:6f:fd:7b:50:f7:67:84:86:02:19:
         5b:00:47:23:26:0b:8e:dc:8c:64:a8:a7:43:7a:41:73:85:19:
         e7:ae:ba:6d:d8:bc:b7:76:44:36:b1:33:15:77:46:4c:2a:5e:
         6a:f3:5e:47:03:a2:fa:d5:1c:3a:d2:7a:5e:8c:16:58:e7:40:
         27:db:a0:24:cd:8c:6c:57:9a:ae:2f:69:aa:80:57:b4:55:72:
         f3:0d:1e:d4:7e:59:c5:89:d2:93:7d:62:1e:ab:b4:63:8d:ec:
         6d:e2:46:39:5f:00:8b:21:b0:b2:20:83:b7:90:c2:78:d5:c2:
         f2:f5:2d:c7:ac:7e:cb:6f:1b:03:b9:53:b7:fb:a9:13:99:27:
         59:a0:a0:68:e8:da:a0:27:9e:35:c3:fb:85:58:e3:61:56:c2:
         8d:dc:73:dd:ec:66:ec:e7:95:2e:59:0d:df:6a:86:fc:93:a6:
         d0:66:e8:96:15:40:e3:99:98:2e:2f:85:51:5e:c1:f4:9e:5d:
         7a:73:af:0a:a7:85:ae:dc:67:2f:18:41:52:86:42:f2:a3:2c:
         50:45:01:ef:39:3f:9b:f8:5f:20:f9:63:cd:53:24:de:76:de:
         4a:0f:1e:9f:32:7a:90:94:40:75:67:25:b5:10:b9:b6:1e:6f:
         9f:52:4d:c4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUNl2K6tvUb56TZ6W876f58ULDj+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzEyMTkxMDE2MzhaFw0yNDEyMTcxMDIxMzhaMDMxMTAvBgNV
BAMTKENBNUExN0YzMTgzQTE4NDY5MDk1NEIyNDE0OEYwQkM4QjNBMkIzQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAFmTLEmquL4i2XBP7P5BDBB8x
oOU+IgD35zmiklfsHy8mnSyy38zkr2nRhjtAvJC/i3AfxZAteLztNe8KcnVvEkJX
KYNWXLJtogsY4x19JSBQcZp7enK+WKO9FLoUsYSQ1vGiMi1GguwlUslC8/Oezqy6
jQLg/t1eAucuG0Zr/wkD04MCRnIQlcAcURDxCU2M1ypmrmC7OdObeNVHNBJO0zmh
jldWacFveItAAIM3BZ9sMg8WKfuGHFbS9nfgHaSN/FtQxLpgOcBEz10V2CH9aYmp
N6jqs+K/H+dmkHt/t3HNySUCc5DwQkjo5PQkjooVU/0qtGLovNeZouLP3vOpAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUyloX8xg6GEaQlUskFI8LyLOis8wwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV7dAw
DQYJKoZIhvcNAQELBQADggEBADuT/of/7DzTb/17UPdnhIYCGVsARyMmC47cjGSo
p0N6QXOFGeeuum3YvLd2RDaxMxV3RkwqXmrzXkcDovrVHDrSel6MFljnQCfboCTN
jGxXmq4vaaqAV7RVcvMNHtR+WcWJ0pN9Yh6rtGON7G3iRjlfAIshsLIgg7eQwnjV
wvL1LcesfstvGwO5U7f7qROZJ1mgoGjo2qAnnjXD+4VY42FWwo3cc93sZuznlS5Z
Dd9qhvyTptBm6JYVQOOZmC4vhVFewfSeXXpzrwqnha7cZy8YQVKGQvKjLFBFAe85
P5v4XyD5Y81TJN523koPHp8yepCUQHVnJbUQubYeb59STcQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:06 2024 by rpki-client on console-ams.rpki-client.org