Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135332e302f32342d3234203d3e203230343733.roa
File:                     3138352e3232362e3135332e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier:          bIHKN7QSGi11t7siS8vw6gbgCm8Rp0hAs0L0SapWf84=
Subject key identifier:   9B:CC:0F:97:3E:BD:3D:7F:DA:3A:90:22:88:FF:0A:E1:33:7A:1E:75
Certificate issuer:       /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial:       7214A29C3DEE23624AB6930DC78234F92215B3BC
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135332e302f32342d3234203d3e203230343733.roa
Signing time:             Fri 13 Oct 2023 12:53:51 +0000
ROA not before:           Fri 13 Oct 2023 12:48:51 +0000
ROA not after:            Fri 11 Oct 2024 12:53:51 +0000
asID:                     20473
IP address blocks:        185.226.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 Apr 2024 10:03:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:14:a2:9c:3d:ee:23:62:4a:b6:93:0d:c7:82:34:f9:22:15:b3:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
        Validity
            Not Before: Oct 13 12:48:51 2023 GMT
            Not After : Oct 11 12:53:51 2024 GMT
        Subject: CN=9BCC0F973EBD3D7FDA3A902288FF0AE1337A1E75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:8a:ad:3a:83:a6:aa:d8:d2:52:14:e9:b0:56:
                    e5:08:94:5b:2c:09:67:64:fd:70:0a:44:a3:fd:5b:
                    07:7b:dc:ba:33:c6:a4:f7:8b:f3:c4:91:38:ff:52:
                    c3:e4:4b:fe:24:42:bd:bf:23:87:33:83:82:66:c6:
                    23:6c:8e:f9:1f:15:5e:85:60:06:8b:5c:1f:b8:3a:
                    a9:d6:37:af:43:bd:88:27:96:45:33:90:bb:6f:77:
                    0c:7d:bd:2a:f8:2b:df:76:7f:d3:9f:46:98:27:da:
                    03:82:1b:d8:90:5c:e5:ce:cc:28:db:b9:4f:75:fb:
                    6e:d6:59:20:dd:02:10:71:5b:95:a1:ac:2c:c6:d8:
                    dc:e5:58:1a:4a:80:f1:55:fb:e4:1a:3a:70:0d:9d:
                    49:38:b1:2b:c1:a0:b0:1e:b0:db:ad:f5:7a:c0:5e:
                    97:83:18:3d:4c:d7:2f:60:2c:58:c7:31:c3:18:65:
                    1c:42:cf:88:1d:a9:d0:78:66:17:ee:e3:d8:7a:e2:
                    74:c4:86:0f:4e:67:11:0f:d8:e5:2e:59:25:23:22:
                    4e:90:b5:ec:bb:46:d0:51:af:53:d4:fc:6a:f3:b6:
                    27:34:78:86:1c:36:e8:c6:05:04:7c:9b:48:1e:19:
                    4f:3f:aa:10:ce:79:38:e4:7c:34:28:95:a5:5c:4f:
                    dd:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:CC:0F:97:3E:BD:3D:7F:DA:3A:90:22:88:FF:0A:E1:33:7A:1E:75
            X509v3 Authority Key Identifier:
                keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135332e302f32342d3234203d3e203230343733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:8b:66:9d:cd:24:b4:26:58:69:3c:b3:36:c9:68:58:b3:d9:
         af:a7:da:78:ac:3b:fb:5a:5c:fe:71:83:5e:e0:3e:f2:f8:7c:
         c6:0c:af:08:cb:05:0a:30:18:85:04:4a:f2:46:28:5e:e6:8a:
         fb:af:de:9b:34:fb:45:60:ee:9e:77:f5:c6:e8:94:f7:4d:8a:
         72:ae:b7:cd:86:61:a2:d5:b1:2a:77:40:c9:1f:f5:75:b1:c6:
         e8:59:0b:62:d6:a1:36:75:7e:c7:6d:72:2d:e3:0b:d3:13:74:
         10:1a:98:08:3f:5f:8d:bc:6f:5a:94:66:74:e5:50:a2:e3:64:
         ed:9b:1c:f0:33:5c:29:75:17:43:04:7b:04:36:76:84:11:f1:
         4b:32:1d:2f:b6:79:47:6c:f3:ff:a3:24:f2:35:af:a9:be:42:
         b4:cd:77:3e:b2:56:8c:70:c8:35:da:5e:6d:9d:d4:e9:da:de:
         5c:7e:c8:3a:12:34:f0:ae:59:71:e8:dd:72:e6:e2:27:e1:57:
         4f:a9:f5:36:f9:97:47:86:18:a2:3b:ad:fc:d4:8c:c2:4a:18:
         f5:bb:e9:4d:be:1b:80:c9:c1:24:db:c2:e5:3a:68:e4:ca:96:
         a1:51:4a:d4:a5:0e:33:e3:90:62:26:d8:da:1a:f1:84:3b:56:
         3c:49:e4:d4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUchSinD3uI2JKtpMNx4I0+SIVs7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzEwMTMxMjQ4NTFaFw0yNDEwMTExMjUzNTFaMDMxMTAvBgNV
BAMTKDlCQ0MwRjk3M0VCRDNEN0ZEQTNBOTAyMjg4RkYwQUUxMzM3QTFFNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPiq06g6aq2NJSFOmwVuUIlFss
CWdk/XAKRKP9Wwd73LozxqT3i/PEkTj/UsPkS/4kQr2/I4czg4JmxiNsjvkfFV6F
YAaLXB+4OqnWN69DvYgnlkUzkLtvdwx9vSr4K992f9OfRpgn2gOCG9iQXOXOzCjb
uU91+27WWSDdAhBxW5WhrCzG2NzlWBpKgPFV++QaOnANnUk4sSvBoLAesNut9XrA
XpeDGD1M1y9gLFjHMcMYZRxCz4gdqdB4Zhfu49h64nTEhg9OZxEP2OUuWSUjIk6Q
tey7RtBRr1PU/Grztic0eIYcNujGBQR8m0geGU8/qhDOeTjkfDQolaVcT92TAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUm8wPlz69PX/aOpAiiP8K4TN6HnUwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMyMzYyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDM3MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC54pkwDQYJKoZIhvcNAQELBQADggEBAJqLZp3NJLQmWGk8szbJaFiz2a+n2nis
O/taXP5xg17gPvL4fMYMrwjLBQowGIUESvJGKF7mivuv3ps0+0Vg7p539cbolPdN
inKut82GYaLVsSp3QMkf9XWxxuhZC2LWoTZ1fsdtci3jC9MTdBAamAg/X428b1qU
ZnTlUKLjZO2bHPAzXCl1F0MEewQ2doQR8UsyHS+2eUds8/+jJPI1r6m+QrTNdz6y
VoxwyDXaXm2d1Ona3lx+yDoSNPCuWXHo3XLm4ifhV0+p9Tb5l0eGGKI7rfzUjMJK
GPW76U2+G4DJwSTbwuU6aOTKlqFRStSlDjPjkGIm2Noa8YQ7VjxJ5NQ=
-----END CERTIFICATE-----
Generated at Tue Apr 9 14:36:31 2024 by rpki-client on console-fra.rpki-client.org