Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ebc533f-7f31-4bd6-874d-e736e9fde5bd/0/3138352e33312e3230322e302f32342d3234203d3e203433323839.roa
File:                     3138352e33312e3230322e302f32342d3234203d3e203433323839.roa (raw, json)
Hash identifier:          Mcs/45+kA1GR5XtxWWTsjAjIED9HgIEuojXOebYclMk=
Subject key identifier:   1D:70:50:4A:B2:47:6C:62:95:0E:D7:FA:EC:8D:E9:F5:DE:19:B0:4A
Certificate issuer:       /CN=6464045da5bed0687d15cbda67a04eb87a8fb03e
Certificate serial:       47D2AE71CD6FA51FF11302709131567879A9FFC0
Authority key identifier: 64:64:04:5D:A5:BE:D0:68:7D:15:CB:DA:67:A0:4E:B8:7A:8F:B0:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZGQEXaW-0Gh9FcvaZ6BOuHqPsD4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/7ebc533f-7f31-4bd6-874d-e736e9fde5bd/0/3138352e33312e3230322e302f32342d3234203d3e203433323839.roa
Signing time:             Tue 30 Jan 2024 08:28:20 +0000
ROA not before:           Tue 30 Jan 2024 08:23:20 +0000
ROA not after:            Tue 28 Jan 2025 08:28:20 +0000
asID:                     43289
IP address blocks:        185.31.202.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 May 2024 00:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:d2:ae:71:cd:6f:a5:1f:f1:13:02:70:91:31:56:78:79:a9:ff:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6464045da5bed0687d15cbda67a04eb87a8fb03e
        Validity
            Not Before: Jan 30 08:23:20 2024 GMT
            Not After : Jan 28 08:28:20 2025 GMT
        Subject: CN=1D70504AB2476C62950ED7FAEC8DE9F5DE19B04A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:58:f0:0e:e2:dd:be:84:97:e1:32:52:13:25:
                    69:78:56:27:03:5f:3b:cb:e7:ad:7f:9b:55:ca:82:
                    fb:1c:48:ca:0b:9b:ff:66:2a:3f:fa:d6:9e:d1:e4:
                    52:8c:a0:20:dd:45:be:47:44:72:f7:6e:5f:bb:aa:
                    d4:d9:56:b4:ca:7b:06:b5:53:39:84:8f:74:4f:63:
                    4f:b6:95:d7:2e:c5:8a:c5:f2:a2:66:14:59:d8:58:
                    78:09:3e:42:38:ae:1f:b2:9e:8b:9c:18:f1:c3:44:
                    f3:d2:44:c2:e8:01:f1:55:77:08:bd:b1:bb:21:48:
                    b9:3f:54:84:23:2b:96:88:ed:3e:80:fa:c1:54:a3:
                    53:12:84:93:83:95:8b:d0:72:77:08:fe:ad:51:cb:
                    76:f1:1e:a1:ff:68:ad:f0:ff:73:19:9a:f5:f6:55:
                    7b:1d:74:f6:ff:ee:05:8a:37:7a:6f:d2:b5:06:3e:
                    2b:c8:e8:26:1c:e2:26:05:31:26:78:4a:7a:32:0c:
                    6a:10:2f:82:09:1d:61:f3:03:7d:4e:d6:32:7f:88:
                    04:c0:e7:a9:ff:9d:67:c0:1a:a6:4a:38:e7:b5:92:
                    62:9e:32:6b:df:5b:5a:8a:0b:60:89:02:72:7c:aa:
                    6d:f3:b6:76:5a:97:1c:47:3b:38:ba:4a:e9:d0:c8:
                    db:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:70:50:4A:B2:47:6C:62:95:0E:D7:FA:EC:8D:E9:F5:DE:19:B0:4A
            X509v3 Authority Key Identifier:
                keyid:64:64:04:5D:A5:BE:D0:68:7D:15:CB:DA:67:A0:4E:B8:7A:8F:B0:3E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/7ebc533f-7f31-4bd6-874d-e736e9fde5bd/0/6464045DA5BED0687D15CBDA67A04EB87A8FB03E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGQEXaW-0Gh9FcvaZ6BOuHqPsD4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ebc533f-7f31-4bd6-874d-e736e9fde5bd/0/3138352e33312e3230322e302f32342d3234203d3e203433323839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.31.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:50:da:a9:3e:ab:c9:ed:a2:da:b3:93:78:95:4f:2e:79:34:
         ed:2e:ce:d5:57:6a:4a:31:13:87:76:ea:ae:b2:c0:ec:47:1d:
         ff:96:6a:01:d8:73:36:93:25:05:8b:f6:3f:70:55:86:3e:f5:
         d2:dc:27:d0:c9:33:01:dc:4a:ea:85:8c:a3:03:8e:2f:10:87:
         cc:dd:1b:cb:d0:9e:95:1f:a0:84:fa:5f:a0:b6:e7:75:91:8c:
         9a:cc:dd:04:0e:14:ba:78:a6:4e:ea:7a:77:f6:28:19:35:c9:
         c2:5a:1f:80:db:99:63:80:8b:ea:fe:4a:77:ef:4d:6d:79:a1:
         7b:47:c5:b4:1a:f9:4d:f5:32:fa:2b:a1:b5:3e:0d:5a:16:c6:
         2d:ea:07:9a:6d:9f:6b:2f:f0:1d:70:16:55:85:73:a5:b1:b5:
         fb:0a:57:5a:36:43:b7:e4:10:37:d0:0c:9c:64:7d:02:30:ce:
         6d:a7:94:da:ab:eb:be:2b:e4:ee:eb:fe:4f:fb:24:df:4b:7c:
         3d:c7:43:72:5d:4f:f9:65:28:ac:f5:2c:f3:c8:08:35:a9:92:
         7f:94:e6:20:3b:82:1f:a0:29:f4:36:b3:e9:7a:0c:75:93:24:
         b3:8b:3b:d3:7b:61:47:e4:62:70:41:33:ab:6c:97:61:82:40:
         ec:1c:9d:e7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUR9Kucc1vpR/xEwJwkTFWeHmp/8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjQ2NDA0NWRhNWJlZDA2ODdkMTVjYmRhNjdhMDRlYjg3
YThmYjAzZTAeFw0yNDAxMzAwODIzMjBaFw0yNTAxMjgwODI4MjBaMDMxMTAvBgNV
BAMTKDFENzA1MDRBQjI0NzZDNjI5NTBFRDdGQUVDOERFOUY1REUxOUIwNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvWPAO4t2+hJfhMlITJWl4VicD
XzvL561/m1XKgvscSMoLm/9mKj/61p7R5FKMoCDdRb5HRHL3bl+7qtTZVrTKewa1
UzmEj3RPY0+2ldcuxYrF8qJmFFnYWHgJPkI4rh+ynoucGPHDRPPSRMLoAfFVdwi9
sbshSLk/VIQjK5aI7T6A+sFUo1MShJODlYvQcncI/q1Ry3bxHqH/aK3w/3MZmvX2
VXsddPb/7gWKN3pv0rUGPivI6CYc4iYFMSZ4SnoyDGoQL4IJHWHzA31O1jJ/iATA
56n/nWfAGqZKOOe1kmKeMmvfW1qKC2CJAnJ8qm3ztnZalxxHOzi6SunQyNvbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHXBQSrJHbGKVDtf67I3p9d4ZsEowHwYDVR0j
BBgwFoAUZGQEXaW+0Gh9FcvaZ6BOuHqPsD4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ViYzUzM2YtN2YzMS00YmQ2LTg3NGQtZTczNmU5ZmRl
NWJkLzAvNjQ2NDA0NURBNUJFRDA2ODdEMTVDQkRBNjdBMDRFQjg3QThGQjAzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1pHUUVYYVctMEdoOUZjdmFaNkJPdUhx
UHNENC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2ViYzUzM2Yt
N2YzMS00YmQ2LTg3NGQtZTczNmU5ZmRlNWJkLzAvMzEzODM1MmUzMzMxMmUzMjMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMzMzIzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uR/KMA0GCSqGSIb3DQEBCwUAA4IBAQCLUNqpPqvJ7aLas5N4lU8ueTTtLs7VV2pK
MROHduqussDsRx3/lmoB2HM2kyUFi/Y/cFWGPvXS3CfQyTMB3ErqhYyjA44vEIfM
3RvL0J6VH6CE+l+gtud1kYyazN0EDhS6eKZO6np39igZNcnCWh+A25ljgIvq/kp3
701teaF7R8W0GvlN9TL6K6G1Pg1aFsYt6geabZ9rL/AdcBZVhXOlsbX7CldaNkO3
5BA30AycZH0CMM5tp5Taq+u+K+Tu6/5P+yTfS3w9x0NyXU/5ZSis9SzzyAg1qZJ/
lOYgO4IfoCn0NrPpegx1kySzizvTe2FH5GJwQTOrbJdhgkDsHJ3n
Generated at Tue May 28 03:15:40 2024 by rpki-client on console-ams.rpki-client.org