Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211237.roa
File:                     AS211237.roa (raw, json)
Hash identifier:          649xuQzGPVzQvsQyUIUz7GHuNm1sEkuzVzrTGTL+3JA=
Subject key identifier:   08:58:8E:3B:0A:4C:97:14:BC:51:39:1E:7E:B5:D6:B4:28:89:B0:68
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       4AD4A4CE0B62A3F35E690C2DF5CF235FCFB08DEF
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211237.roa
Signing time:             Thu 26 Jan 2023 22:00:10 +0000
ROA not before:           Thu 26 Jan 2023 21:55:10 +0000
ROA not after:            Thu 25 Jan 2024 22:00:10 +0000
asID:                     211237
IP address blocks:        141.11.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:d4:a4:ce:0b:62:a3:f3:5e:69:0c:2d:f5:cf:23:5f:cf:b0:8d:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Jan 26 21:55:10 2023 GMT
            Not After : Jan 25 22:00:10 2024 GMT
        Subject: CN=08588E3B0A4C9714BC51391E7EB5D6B42889B068
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:af:03:b0:ca:64:8a:c6:ac:8b:dd:5a:a4:5e:
                    82:84:28:26:b9:d1:27:22:d7:a3:82:97:5b:39:0e:
                    dc:b9:44:1e:01:f6:39:ef:1d:e2:f1:e3:96:85:7d:
                    4d:85:d8:a4:50:b1:8e:5a:d3:97:ec:ce:be:66:e7:
                    48:d4:80:7f:69:9e:83:c3:44:68:4c:12:09:7f:73:
                    1d:38:c9:c3:d8:f1:6a:86:61:b1:46:cd:04:c9:fb:
                    df:f7:6d:a5:ff:cf:8a:77:17:4d:f5:8d:89:29:57:
                    4d:e1:10:b8:27:65:c5:e9:d5:0d:c4:78:b1:80:1e:
                    4d:fa:6e:25:35:7f:1f:13:dc:f9:69:b0:d5:0e:25:
                    a6:96:73:51:40:b2:19:7d:d3:de:75:16:b5:b1:c6:
                    90:13:8a:1e:4c:09:1c:49:1b:c7:4b:96:0d:6b:cb:
                    77:01:28:f0:9a:74:e2:ac:d4:f9:4f:3e:61:79:44:
                    bd:52:3e:4f:8c:89:17:45:bf:f5:26:89:e1:be:8d:
                    25:d8:da:67:5d:ce:88:5e:57:96:dc:bc:36:ac:1d:
                    6c:c6:4d:cc:91:76:0a:ab:e6:d9:9c:89:aa:08:17:
                    81:2d:db:18:d3:66:49:bc:b0:cc:84:08:d8:90:7e:
                    b9:33:6a:22:9e:65:f9:b4:19:8f:19:f1:a2:b4:7e:
                    90:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:58:8E:3B:0A:4C:97:14:BC:51:39:1E:7E:B5:D6:B4:28:89:B0:68
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:f2:ed:7d:87:cd:32:a9:3a:b8:09:d1:ad:33:aa:ab:29:46:
         3f:de:ce:f8:57:c6:08:4e:bf:eb:ca:ff:b4:05:c2:e4:63:0d:
         23:2e:92:30:6c:21:1b:42:98:3b:d6:ca:94:d7:33:cf:2f:b7:
         71:f0:cb:ea:d5:77:58:e2:38:eb:22:40:99:fc:d1:b9:d3:87:
         23:d8:2f:d6:59:5d:2a:25:e6:af:f1:d7:c8:57:0f:cc:44:db:
         bf:89:01:a9:14:ab:fd:f4:43:77:0b:45:cf:49:f9:ca:8c:52:
         34:2a:63:64:e5:4e:c3:ef:6d:e3:5d:c6:3c:ab:f3:d1:1b:50:
         76:a4:33:a0:e7:16:c9:b5:b3:f8:2f:0a:4b:69:08:61:34:40:
         16:48:45:8f:29:60:dc:5a:28:cc:36:55:4f:fb:9e:cb:22:cc:
         c0:81:2a:84:a3:71:5b:de:f3:e1:bb:e9:8f:22:19:68:5c:54:
         60:c0:a2:9b:d9:73:80:58:9c:80:da:7e:b6:4c:b0:31:c2:90:
         1c:20:af:6b:a2:9a:47:05:9a:9f:9c:ec:df:bd:49:61:4d:4a:
         a4:da:6d:d5:d6:e5:fc:d4:18:f0:cb:06:00:7d:75:2d:19:c0:
         00:98:1a:00:17:8e:e8:e0:b1:b2:d9:81:07:66:0e:a5:0f:ec:
         39:22:ad:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUStSkzgtio/NeaQwt9c8jX8+wje8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzAxMjYyMTU1MTBaFw0yNDAxMjUyMjAwMTBaMDMxMTAvBgNV
BAMTKDA4NTg4RTNCMEE0Qzk3MTRCQzUxMzkxRTdFQjVENkI0Mjg4OUIwNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkrwOwymSKxqyL3VqkXoKEKCa5
0Sci16OCl1s5Dty5RB4B9jnvHeLx45aFfU2F2KRQsY5a05fszr5m50jUgH9pnoPD
RGhMEgl/cx04ycPY8WqGYbFGzQTJ+9/3baX/z4p3F031jYkpV03hELgnZcXp1Q3E
eLGAHk36biU1fx8T3PlpsNUOJaaWc1FAshl90951FrWxxpATih5MCRxJG8dLlg1r
y3cBKPCadOKs1PlPPmF5RL1SPk+MiRdFv/UmieG+jSXY2mddzoheV5bcvDasHWzG
TcyRdgqr5tmciaoIF4Et2xjTZkm8sMyECNiQfrkzaiKeZfm0GY8Z8aK0fpDFAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUCFiOOwpMlxS8UTkefrXWtCiJsGgwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjExMjM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQto
MA0GCSqGSIb3DQEBCwUAA4IBAQCw8u19h80yqTq4CdGtM6qrKUY/3s74V8YITr/r
yv+0BcLkYw0jLpIwbCEbQpg71sqU1zPPL7dx8Mvq1XdY4jjrIkCZ/NG504cj2C/W
WV0qJeav8dfIVw/MRNu/iQGpFKv99EN3C0XPSfnKjFI0KmNk5U7D723jXcY8q/PR
G1B2pDOg5xbJtbP4LwpLaQhhNEAWSEWPKWDcWijMNlVP+57LIszAgSqEo3Fb3vPh
u+mPIhloXFRgwKKb2XOAWJyA2n62TLAxwpAcIK9roppHBZqfnOzfvUlhTUqk2m3V
1uX81BjwywYAfXUtGcAAmBoAF47o4LGy2YEHZg6lD+w5Iq32
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:48 2023 by rpki-client on console-ams.rpki-client.org