Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135322e302f32342d3234203d3e203231383539.roa
File:                     3138352e3232362e3135322e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier:          F9iuAanJEEbVEERaJR9/j1xvDTlgvvnBxwS7zcjm43g=
Subject key identifier:   CF:D4:DD:B6:E3:4F:09:5A:E4:F0:C6:C8:13:F5:E7:F0:2B:9E:38:07
Certificate issuer:       /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial:       38985B971A4AEACC3E506A5F8F5DE83F7E4FB5CB
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135322e302f32342d3234203d3e203231383539.roa
Signing time:             Tue 09 Jan 2024 09:49:17 +0000
ROA not before:           Tue 09 Jan 2024 09:44:17 +0000
ROA not after:            Tue 07 Jan 2025 09:49:17 +0000
asID:                     21859
IP address blocks:        185.226.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 Apr 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:98:5b:97:1a:4a:ea:cc:3e:50:6a:5f:8f:5d:e8:3f:7e:4f:b5:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
        Validity
            Not Before: Jan  9 09:44:17 2024 GMT
            Not After : Jan  7 09:49:17 2025 GMT
        Subject: CN=CFD4DDB6E34F095AE4F0C6C813F5E7F02B9E3807
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ff:6b:43:33:60:cf:1a:3c:7f:a3:28:e7:38:
                    f2:b3:e3:f6:36:01:eb:35:ac:40:84:1d:91:a4:5f:
                    15:99:ca:21:ca:89:f0:97:86:cb:d4:3a:20:34:3f:
                    75:35:cc:48:c1:be:4c:c6:a4:fd:dc:51:5b:50:d3:
                    40:5e:ff:40:12:94:89:2e:91:65:a9:d2:2d:23:7c:
                    3b:8f:5c:76:52:4b:bc:91:53:bc:84:23:58:c6:77:
                    db:86:c9:ad:4b:aa:27:05:29:95:63:ed:71:aa:58:
                    59:06:0c:b8:51:e1:f6:16:06:1a:9e:6a:f3:9b:20:
                    e2:38:a8:7e:81:6d:f8:1b:e1:ed:27:fd:64:a9:da:
                    ac:4a:37:b8:e1:da:4e:67:e1:4a:f2:c4:9d:95:f3:
                    d7:93:df:89:38:3d:68:24:2e:89:80:c2:b0:e5:a9:
                    ab:7e:81:c0:9f:31:59:10:c6:a5:46:18:0e:5f:b9:
                    9b:1f:93:53:43:55:e8:ac:4a:27:d0:5e:06:9d:ba:
                    89:18:94:23:7c:3a:e7:78:9c:11:33:f4:6b:89:4d:
                    51:ec:85:bf:c3:85:e9:ae:08:80:e1:51:c0:0b:e4:
                    1e:50:97:32:0c:1b:7c:5f:fc:52:3e:7a:02:0b:0c:
                    73:c8:31:ae:d3:57:90:9c:d2:1d:97:56:c0:4b:8b:
                    40:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:D4:DD:B6:E3:4F:09:5A:E4:F0:C6:C8:13:F5:E7:F0:2B:9E:38:07
            X509v3 Authority Key Identifier:
                keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135322e302f32342d3234203d3e203231383539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:fb:7a:e8:47:dd:71:29:f6:1d:50:24:b4:a6:e7:c5:30:35:
         3e:1a:00:3a:0a:06:df:66:2b:03:58:bd:04:61:d3:a3:65:99:
         4d:77:4a:e0:9b:6e:bf:da:e3:f9:9e:8a:65:ef:78:8e:02:8b:
         09:c1:68:e2:84:40:1f:37:6a:dd:0b:7e:02:86:2f:63:47:fe:
         b1:7d:d0:00:68:cf:17:a5:53:a3:53:37:ac:38:25:94:41:22:
         f4:c5:68:7d:c7:35:26:8b:29:6e:b4:7d:28:22:1a:ec:bd:b4:
         8f:ac:54:b5:d2:65:fa:6e:c2:5b:76:5a:92:6a:de:1a:86:bb:
         19:e3:1a:fd:9f:b0:71:26:a5:9e:58:6c:6a:7f:10:fd:95:b0:
         de:55:57:3d:76:b2:3e:04:97:2b:0b:b3:7d:08:62:cf:90:e0:
         5e:8e:7a:3d:53:ec:5d:76:fe:c7:64:54:47:9e:df:d0:f2:c4:
         8b:4b:ef:1b:ce:69:1d:57:0b:01:d6:af:d1:e9:ca:87:80:14:
         6a:5c:04:86:4b:03:8f:4f:67:93:f8:15:8d:9c:d6:3b:d5:a3:
         61:85:b1:fe:d6:f7:41:23:a1:c6:43:51:76:61:f5:9c:10:f1:
         75:0f:74:c9:9f:13:4e:a1:2e:99:81:84:a6:4b:57:ef:d9:3e:
         cd:96:f7:54
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOJhblxpK6sw+UGpfj13oP35PtcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDAxMDkwOTQ0MTdaFw0yNTAxMDcwOTQ5MTdaMDMxMTAvBgNV
BAMTKENGRDREREI2RTM0RjA5NUFFNEYwQzZDODEzRjVFN0YwMkI5RTM4MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1/2tDM2DPGjx/oyjnOPKz4/Y2
Aes1rECEHZGkXxWZyiHKifCXhsvUOiA0P3U1zEjBvkzGpP3cUVtQ00Be/0ASlIku
kWWp0i0jfDuPXHZSS7yRU7yEI1jGd9uGya1LqicFKZVj7XGqWFkGDLhR4fYWBhqe
avObIOI4qH6Bbfgb4e0n/WSp2qxKN7jh2k5n4UryxJ2V89eT34k4PWgkLomAwrDl
qat+gcCfMVkQxqVGGA5fuZsfk1NDVeisSifQXgaduokYlCN8Oud4nBEz9GuJTVHs
hb/DhemuCIDhUcAL5B5QlzIMG3xf/FI+egILDHPIMa7TV5Cc0h2XVsBLi0BrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUz9TdtuNPCVrk8MbIE/Xn8CueOAcwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMyMzYyZTMx
MzUzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzODM1Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC54pgwDQYJKoZIhvcNAQELBQADggEBAEL7euhH3XEp9h1QJLSm58UwNT4aADoK
Bt9mKwNYvQRh06NlmU13SuCbbr/a4/meimXveI4CiwnBaOKEQB83at0LfgKGL2NH
/rF90ABozxelU6NTN6w4JZRBIvTFaH3HNSaLKW60fSgiGuy9tI+sVLXSZfpuwlt2
WpJq3hqGuxnjGv2fsHEmpZ5YbGp/EP2VsN5VVz12sj4ElysLs30IYs+Q4F6Oej1T
7F12/sdkVEee39DyxItL7xvOaR1XCwHWr9HpyoeAFGpcBIZLA49PZ5P4FY2c1jvV
o2GFsf7W90EjocZDUXZh9ZwQ8XUPdMmfE06hLpmBhKZLV+/ZPs2W91Q=
-----END CERTIFICATE-----
Generated at Tue Apr 9 00:57:04 2024 by rpki-client on console-ams.rpki-client.org