Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3137382e3230382e3137382e302f32332d3234203d3e20323037333236.roa
File:                     3137382e3230382e3137382e302f32332d3234203d3e20323037333236.roa (raw, json)
Hash identifier:          u7k5GkPo7OPhJwYjq0ivGv+W6wzFAkmi6DLJJ6MMz3o=
Subject key identifier:   29:8B:0C:A6:FD:35:9A:C0:C7:09:56:CC:F7:D3:F9:1C:0C:F6:35:DC
Certificate issuer:       /CN=3a96802395455ca00679c41d5c056cae95d4b57d
Certificate serial:       18E35E38A1DA35A47343BCE0DFDA2E479AF3AEAF
Authority key identifier: 3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3137382e3230382e3137382e302f32332d3234203d3e20323037333236.roa
Signing time:             Wed 22 Mar 2023 15:29:40 +0000
ROA not before:           Wed 22 Mar 2023 15:24:40 +0000
ROA not after:            Wed 20 Mar 2024 15:29:40 +0000
asID:                     207326
IP address blocks:        178.208.178.0/23 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:e3:5e:38:a1:da:35:a4:73:43:bc:e0:df:da:2e:47:9a:f3:ae:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a96802395455ca00679c41d5c056cae95d4b57d
        Validity
            Not Before: Mar 22 15:24:40 2023 GMT
            Not After : Mar 20 15:29:40 2024 GMT
        Subject: CN=298B0CA6FD359AC0C70956CCF7D3F91C0CF635DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e1:85:c3:0a:f9:22:97:df:7f:d0:3f:3a:5c:
                    ad:8f:f3:4e:ad:09:26:0b:7f:60:71:6c:19:c7:b7:
                    4f:13:4c:db:0a:39:21:c7:1d:f0:2c:c0:2d:9b:7a:
                    ec:d3:53:54:7b:1d:cc:3d:99:34:7d:9f:7d:c3:ee:
                    ff:90:c8:b4:6c:67:0b:a4:4c:f1:ef:1c:98:4d:9c:
                    bb:fe:ff:f1:3c:fd:84:96:44:e4:27:bb:c2:4f:9f:
                    97:e6:c5:e5:23:a4:a4:0a:89:48:58:bd:8a:0a:30:
                    71:d5:9c:26:9c:93:63:00:d4:22:fb:b3:d3:b8:4a:
                    d8:f0:14:5d:ef:be:8d:20:6e:79:ef:55:13:11:07:
                    f4:40:07:d7:21:23:81:0e:cb:4d:7c:28:2b:f4:5f:
                    f7:72:06:72:01:e8:94:8b:86:a4:a7:8d:d2:6d:e3:
                    52:a6:4d:a6:00:d4:01:0f:90:db:88:c1:a0:b2:8a:
                    aa:72:2e:07:c3:af:cd:11:2f:e1:8e:6c:61:97:ff:
                    a5:3a:63:dd:e5:80:b2:f7:47:17:b6:1a:c3:e3:25:
                    b1:2f:26:d1:53:7f:63:fa:5c:33:68:10:33:1e:44:
                    e4:8d:72:87:20:20:a3:60:58:17:75:17:d1:b8:93:
                    39:e6:99:36:e1:ad:45:7c:8c:88:bf:17:67:d2:b2:
                    39:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:8B:0C:A6:FD:35:9A:C0:C7:09:56:CC:F7:D3:F9:1C:0C:F6:35:DC
            X509v3 Authority Key Identifier:
                keyid:3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3137382e3230382e3137382e302f32332d3234203d3e20323037333236.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.208.178.0/23

    Signature Algorithm: sha256WithRSAEncryption
         94:83:1a:37:f9:17:1a:7b:b6:a7:b2:68:35:e3:19:84:8c:39:
         49:3e:8d:a4:4b:e9:bf:b1:23:22:b5:29:f3:99:af:ee:8f:9e:
         13:fc:60:33:6d:f6:2b:f0:bd:62:61:27:c8:f5:ca:44:91:55:
         02:f0:72:11:3b:19:6e:65:2c:b3:ec:ba:ba:d0:fc:21:e2:b3:
         27:ee:83:61:d0:06:95:0d:a5:c1:a9:80:41:bb:6d:21:14:a9:
         da:80:38:ee:86:9b:70:e2:98:8a:20:10:b3:5c:5c:f4:c8:eb:
         b3:16:06:3d:d6:7f:46:8e:cc:ff:60:fc:24:6b:37:63:77:5c:
         03:c8:bd:f0:03:4f:13:65:9f:e7:2d:d0:7a:21:47:23:89:de:
         f8:a2:4b:ce:a2:48:03:9e:1c:51:0f:5f:3a:06:2e:8a:8d:1b:
         f8:20:2a:d3:07:5c:df:d3:a5:c7:0e:95:35:62:31:66:d0:20:
         0c:e5:77:c3:1c:20:ac:74:16:7d:de:c7:86:63:60:34:15:dd:
         0f:96:bd:c6:ea:30:15:46:86:e6:27:53:c1:3b:b8:80:2d:0f:
         da:68:df:de:4d:75:c5:9e:a0:89:5b:fd:81:c1:4a:b2:82:41:
         60:8d:3e:4a:cd:56:8d:48:34:14:89:9b:0d:6a:83:e7:ce:0c:
         43:5a:db:ec
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUGONeOKHaNaRzQ7zg39ouR5rzrq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2E5NjgwMjM5NTQ1NWNhMDA2NzljNDFkNWMwNTZjYWU5
NWQ0YjU3ZDAeFw0yMzAzMjIxNTI0NDBaFw0yNDAzMjAxNTI5NDBaMDMxMTAvBgNV
BAMTKDI5OEIwQ0E2RkQzNTlBQzBDNzA5NTZDQ0Y3RDNGOTFDMENGNjM1REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI4YXDCvkil99/0D86XK2P806t
CSYLf2BxbBnHt08TTNsKOSHHHfAswC2beuzTU1R7Hcw9mTR9n33D7v+QyLRsZwuk
TPHvHJhNnLv+//E8/YSWROQnu8JPn5fmxeUjpKQKiUhYvYoKMHHVnCack2MA1CL7
s9O4StjwFF3vvo0gbnnvVRMRB/RAB9chI4EOy018KCv0X/dyBnIB6JSLhqSnjdJt
41KmTaYA1AEPkNuIwaCyiqpyLgfDr80RL+GObGGX/6U6Y93lgLL3Rxe2GsPjJbEv
JtFTf2P6XDNoEDMeROSNcocgIKNgWBd1F9G4kznmmTbhrUV8jIi/F2fSsjk5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUKYsMpv01msDHCVbM99P5HAz2NdwwHwYDVR0j
BBgwFoAUOpaAI5VFXKAGecQdXAVsrpXUtX0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTJmZmJjZTctODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2Vl
Nzg4LzAvM0E5NjgwMjM5NTQ1NUNBMDA2NzlDNDFENUMwNTZDQUU5NUQ0QjU3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09wYUFJNVZGWEtBR2VjUWRYQVZzcnBY
VXRYMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTJmZmJjZTct
ODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2VlNzg4LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzczODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzAzNzMzMzIzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbLQsjANBgkqhkiG9w0BAQsFAAOCAQEAlIMaN/kXGnu2p7JoNeMZhIw5ST6N
pEvpv7EjIrUp85mv7o+eE/xgM232K/C9YmEnyPXKRJFVAvByETsZbmUss+y6utD8
IeKzJ+6DYdAGlQ2lwamAQbttIRSp2oA47oabcOKYiiAQs1xc9MjrsxYGPdZ/Ro7M
/2D8JGs3Y3dcA8i98ANPE2Wf5y3QeiFHI4ne+KJLzqJIA54cUQ9fOgYuio0b+CAq
0wdc39Olxw6VNWIxZtAgDOV3wxwgrHQWfd7HhmNgNBXdD5a9xuowFUaG5idTwTu4
gC0P2mjf3k11xZ6giVv9gcFKsoJBYI0+Ss1WjUg0FImbDWqD584MQ1rb7A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:48 2023 by rpki-client on console-ams.rpki-client.org