Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e20333937353633.roa
File:                     3138352e3231372e3134302e302f32342d3234203d3e20333937353633.roa (raw, json)
Hash identifier:          UwcanlwzaTlaxUt+mulKdgBZOf8fyOx09efrzP+BNNQ=
Subject key identifier:   17:79:9D:0C:8B:83:B8:C1:2A:C6:A3:1B:AA:CE:F9:B9:68:1B:86:1D
Certificate issuer:       /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial:       45F03D3CAC8B2B37E4418CCCF47CD5FAED0704FB
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e20333937353633.roa
Signing time:             Mon 03 Jul 2023 14:45:19 +0000
ROA not before:           Mon 03 Jul 2023 14:40:19 +0000
ROA not after:            Mon 01 Jul 2024 14:45:19 +0000
asID:                     397563
IP address blocks:        185.217.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:f0:3d:3c:ac:8b:2b:37:e4:41:8c:cc:f4:7c:d5:fa:ed:07:04:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
        Validity
            Not Before: Jul  3 14:40:19 2023 GMT
            Not After : Jul  1 14:45:19 2024 GMT
        Subject: CN=17799D0C8B83B8C12AC6A31BAACEF9B9681B861D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:e2:88:8d:85:0c:95:85:60:f6:b1:77:67:be:
                    ae:a1:05:c6:d2:9d:8e:45:29:66:e7:d2:c7:2a:0d:
                    90:b2:6f:7e:c3:0f:af:37:32:bd:95:01:75:25:3a:
                    bc:dc:f4:e7:13:a3:2b:43:2d:c1:ed:45:0c:58:83:
                    3d:8a:a7:04:7e:6a:cf:94:f0:42:cf:5e:5a:b4:fe:
                    1e:65:5a:18:77:78:ca:df:c9:97:79:46:5a:1d:5d:
                    a6:8f:cf:af:e4:f9:33:88:a2:6d:a1:bb:56:f0:fc:
                    6d:ef:d3:ce:04:cd:e5:8f:64:06:4c:73:3c:10:0f:
                    9b:45:4b:90:e9:c1:18:91:eb:0d:0f:0f:26:53:7d:
                    2e:a8:93:e7:b9:c3:6d:75:57:ad:e6:30:50:bb:7f:
                    b1:f0:d0:05:ad:9e:60:ba:61:62:6a:bd:83:4e:7e:
                    f1:3b:f2:b6:4f:81:4d:7c:83:42:86:c3:60:f7:2d:
                    5a:03:c5:d2:9f:a7:85:e0:2a:20:cb:b7:50:c3:62:
                    03:eb:9a:c9:8c:e1:17:27:8b:9e:4a:a4:e7:07:43:
                    56:c3:15:6e:07:1d:7e:cd:db:2f:26:51:b3:a8:b7:
                    99:62:77:16:49:e5:40:33:1d:d5:d4:bd:5b:2a:96:
                    9d:8e:e5:95:a7:e2:fc:6d:80:d7:9b:43:47:8a:cb:
                    bd:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:79:9D:0C:8B:83:B8:C1:2A:C6:A3:1B:AA:CE:F9:B9:68:1B:86:1D
            X509v3 Authority Key Identifier:
                keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e20333937353633.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.217.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:f3:39:87:5f:fc:af:a3:5e:fc:cd:53:5c:57:f2:36:ad:02:
         10:bf:d5:e5:cc:c3:a6:b0:4f:0e:fc:85:40:77:59:b6:03:0e:
         96:7a:a4:97:f3:10:86:08:a6:22:b8:68:c4:11:b8:7a:fc:33:
         33:f3:30:14:b8:09:a9:14:f1:98:ee:12:a5:23:c0:d2:7c:74:
         c5:b3:9c:fa:2a:73:8f:58:41:5d:18:cb:2d:c8:dd:b4:3b:d1:
         ba:27:80:28:6f:9f:2d:1a:ec:78:ed:26:6e:5a:a3:51:c4:35:
         40:dd:c9:30:b2:0f:38:5f:d9:f9:89:0c:0a:fc:8d:02:d4:39:
         f0:bc:a6:94:04:6a:c8:ce:13:33:8c:cd:61:55:e9:5a:28:df:
         f6:05:6a:d0:79:02:f2:6f:ed:a4:ab:1e:4d:cc:85:44:94:1f:
         9e:2b:c2:a6:8f:9c:4f:a2:e6:31:cd:e6:81:0d:49:c8:b0:58:
         44:0d:c8:f4:de:a2:67:54:2f:b1:4b:0f:23:54:9e:f6:b0:34:
         52:18:2c:ae:77:21:30:68:c7:f2:1b:ff:c7:43:e9:cb:58:08:
         ba:9e:13:b5:1c:3b:0e:b0:08:12:ad:a8:7c:76:dc:d6:af:11:
         67:ba:f1:22:0a:9b:70:59:b5:76:51:c9:87:16:82:1b:1f:19:
         ba:55:e6:e4
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIURfA9PKyLKzfkQYzM9HzV+u0HBPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzA3MDMxNDQwMTlaFw0yNDA3MDExNDQ1MTlaMDMxMTAvBgNV
BAMTKDE3Nzk5RDBDOEI4M0I4QzEyQUM2QTMxQkFBQ0VGOUI5NjgxQjg2MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh4oiNhQyVhWD2sXdnvq6hBcbS
nY5FKWbn0scqDZCyb37DD683Mr2VAXUlOrzc9OcToytDLcHtRQxYgz2KpwR+as+U
8ELPXlq0/h5lWhh3eMrfyZd5RlodXaaPz6/k+TOIom2hu1bw/G3v084EzeWPZAZM
czwQD5tFS5DpwRiR6w0PDyZTfS6ok+e5w211V63mMFC7f7Hw0AWtnmC6YWJqvYNO
fvE78rZPgU18g0KGw2D3LVoDxdKfp4XgKiDLt1DDYgPrmsmM4Rcni55KpOcHQ1bD
FW4HHX7N2y8mUbOot5lidxZJ5UAzHdXUvVsqlp2O5ZWn4vxtgNebQ0eKy70PAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUF3mdDIuDuMEqxqMbqs75uWgbhh0wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMxMzcyZTMx
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNzM1MzYzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnZjDANBgkqhkiG9w0BAQsFAAOCAQEAfPM5h1/8r6Ne/M1TXFfyNq0CEL/V
5czDprBPDvyFQHdZtgMOlnqkl/MQhgimIrhoxBG4evwzM/MwFLgJqRTxmO4SpSPA
0nx0xbOc+ipzj1hBXRjLLcjdtDvRuieAKG+fLRrseO0mblqjUcQ1QN3JMLIPOF/Z
+YkMCvyNAtQ58LymlARqyM4TM4zNYVXpWijf9gVq0HkC8m/tpKseTcyFRJQfnivC
po+cT6LmMc3mgQ1JyLBYRA3I9N6iZ1QvsUsPI1Se9rA0UhgsrnchMGjH8hv/x0Pp
y1gIup4TtRw7DrAIEq2ofHbc1q8RZ7rxIgqbcFm1dlHJhxaCGx8ZulXm5A==
-----END CERTIFICATE-----
Generated at Fri Aug 4 13:35:16 2023 by rpki-client on console-fra.rpki-client.org