Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135352e302f32342d3234203d3e2033323537.roa
File:                     3138352e3232362e3135352e302f32342d3234203d3e2033323537.roa (raw, json)
Hash identifier:          r47v9N7SNIBMjqQllWtRRa07nGw7fdFc/g98dVlyia0=
Subject key identifier:   24:66:5E:6C:22:C7:B7:A2:89:DF:4B:BB:62:3B:99:62:D6:73:83:CA
Certificate issuer:       /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial:       2BE3C70B6186F206394156BD676BAAEAD307B997
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135352e302f32342d3234203d3e2033323537.roa
Signing time:             Tue 02 Jan 2024 14:02:58 +0000
ROA not before:           Tue 02 Jan 2024 13:57:58 +0000
ROA not after:            Tue 31 Dec 2024 14:02:58 +0000
asID:                     3257
IP address blocks:        185.226.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Jan 2024 18:30:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:e3:c7:0b:61:86:f2:06:39:41:56:bd:67:6b:aa:ea:d3:07:b9:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
        Validity
            Not Before: Jan  2 13:57:58 2024 GMT
            Not After : Dec 31 14:02:58 2024 GMT
        Subject: CN=24665E6C22C7B7A289DF4BBB623B9962D67383CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:44:4a:be:4f:bb:4e:c3:c6:2f:ff:49:bd:28:
                    11:a3:97:8d:d9:10:88:90:36:34:16:bb:a5:ed:69:
                    50:69:3b:a6:fc:a9:d1:4f:b1:d5:d8:2a:24:cb:ca:
                    40:c0:d6:1e:87:f8:ce:ee:de:20:c2:d8:bf:c7:55:
                    65:c6:8f:d7:27:44:ff:dd:83:71:d0:25:0a:73:74:
                    43:30:64:b5:30:22:be:fc:c8:38:36:30:ca:1d:d6:
                    42:45:ef:2b:7e:22:53:3b:7b:3c:f0:18:4d:4e:0e:
                    b6:d6:b3:4d:51:84:14:b1:eb:15:4e:19:54:43:7c:
                    e2:1d:86:19:6d:2f:8e:af:ae:f9:14:c1:03:5e:b3:
                    eb:0d:c6:92:8b:45:2c:a7:c9:10:fd:96:87:11:df:
                    b4:0b:9e:60:a8:2e:d6:20:c2:d3:72:9f:3d:53:b0:
                    a9:4a:1a:25:9a:b4:de:a5:ec:f9:3a:b3:c0:85:e3:
                    45:2f:dc:51:9f:ca:c6:87:e3:02:42:a5:3f:44:96:
                    0c:f6:eb:e0:54:7e:fb:7f:84:c5:d9:a1:2a:88:15:
                    0e:8b:0d:84:88:da:22:8e:22:79:f3:02:2e:f0:2d:
                    96:6d:5e:d8:62:c7:ca:3e:69:fb:44:0f:a7:82:12:
                    be:a4:6b:55:5f:3c:33:e8:f6:0f:1d:77:ce:fd:37:
                    a8:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:66:5E:6C:22:C7:B7:A2:89:DF:4B:BB:62:3B:99:62:D6:73:83:CA
            X509v3 Authority Key Identifier:
                keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135352e302f32342d3234203d3e2033323537.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:8b:16:0f:cf:15:10:51:44:4c:ac:f4:94:08:1b:c9:eb:82:
         49:4f:07:6e:29:bf:2a:36:c3:e2:91:40:51:51:ad:79:cd:a0:
         00:87:90:66:b0:bc:f5:ca:dc:c1:8a:96:81:67:44:09:08:0f:
         c0:22:7f:28:e1:55:1d:3e:26:40:73:fe:a0:a4:74:4e:09:a7:
         7a:81:2f:01:08:c5:fb:9a:6c:cd:27:87:24:58:ad:e3:c9:28:
         c4:e0:f3:8e:da:b7:42:5f:c5:14:bd:7b:16:05:3d:e6:c0:5f:
         e6:ce:43:99:fe:c4:d2:df:fd:c5:f5:21:0a:dd:8c:b9:b6:19:
         8f:7f:e2:95:05:a1:52:8b:a6:02:d5:78:ad:33:3f:e9:23:18:
         a5:84:3c:23:5e:fa:5d:8e:16:93:07:a8:02:ad:3a:61:7a:52:
         70:3a:69:8b:d8:9b:aa:1c:8f:40:5f:48:62:0b:63:36:c0:87:
         02:f8:86:a6:dd:82:37:bc:9e:e9:6b:85:aa:7b:e8:55:b7:dd:
         11:b4:78:9d:65:6d:20:db:aa:46:88:9c:8c:4a:58:9c:ba:5c:
         56:eb:ae:46:10:ce:a4:bf:fc:b7:79:f7:2a:8b:be:5f:d7:54:
         da:b3:c1:63:86:84:e8:84:03:17:21:25:0a:c6:26:83:17:21:
         d9:78:66:88
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUK+PHC2GG8gY5QVa9Z2uq6tMHuZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDAxMDIxMzU3NThaFw0yNDEyMzExNDAyNThaMDMxMTAvBgNV
BAMTKDI0NjY1RTZDMjJDN0I3QTI4OURGNEJCQjYyM0I5OTYyRDY3MzgzQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8REq+T7tOw8Yv/0m9KBGjl43Z
EIiQNjQWu6XtaVBpO6b8qdFPsdXYKiTLykDA1h6H+M7u3iDC2L/HVWXGj9cnRP/d
g3HQJQpzdEMwZLUwIr78yDg2MMod1kJF7yt+IlM7ezzwGE1ODrbWs01RhBSx6xVO
GVRDfOIdhhltL46vrvkUwQNes+sNxpKLRSynyRD9locR37QLnmCoLtYgwtNynz1T
sKlKGiWatN6l7Pk6s8CF40Uv3FGfysaH4wJCpT9Elgz26+BUfvt/hMXZoSqIFQ6L
DYSI2iKOInnzAi7wLZZtXthix8o+aftED6eCEr6ka1VfPDPo9g8dd879N6ivAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJGZebCLHt6KJ30u7YjuZYtZzg8owHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMyMzYyZTMx
MzUzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzNTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ueKbMA0GCSqGSIb3DQEBCwUAA4IBAQAoixYPzxUQUURMrPSUCBvJ64JJTwduKb8q
NsPikUBRUa15zaAAh5BmsLz1ytzBipaBZ0QJCA/AIn8o4VUdPiZAc/6gpHROCad6
gS8BCMX7mmzNJ4ckWK3jySjE4POO2rdCX8UUvXsWBT3mwF/mzkOZ/sTS3/3F9SEK
3Yy5thmPf+KVBaFSi6YC1XitMz/pIxilhDwjXvpdjhaTB6gCrTphelJwOmmL2Juq
HI9AX0hiC2M2wIcC+Iam3YI3vJ7pa4Wqe+hVt90RtHidZW0g26pGiJyMSliculxW
665GEM6kv/y3efcqi75f11Tas8FjhoTohAMXISUKxiaDFyHZeGaI
Generated at Mon Jan 8 21:36:23 2024 by rpki-client on console-ams.rpki-client.org