Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232312e302f32342d3234203d3e20383334.roa
File:                     3138352e3230352e3232312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          +sshW/EWcEB66Dv+fL5RUSfjwQ0kid+xzPnJ7fhfbic=
Subject key identifier:   34:CD:A3:D9:E5:00:53:B1:63:D8:E0:45:6F:DD:AB:84:96:A2:E0:28
Certificate issuer:       /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial:       6B7BF4963BC5F86AC1C438331B18AB6B9553E2F5
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232312e302f32342d3234203d3e20383334.roa
Signing time:             Tue 06 Feb 2024 00:00:03 +0000
ROA not before:           Mon 05 Feb 2024 23:55:03 +0000
ROA not after:            Tue 04 Feb 2025 00:00:03 +0000
asID:                     834
IP address blocks:        185.205.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 06 Feb 2024 09:19:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:7b:f4:96:3b:c5:f8:6a:c1:c4:38:33:1b:18:ab:6b:95:53:e2:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
        Validity
            Not Before: Feb  5 23:55:03 2024 GMT
            Not After : Feb  4 00:00:03 2025 GMT
        Subject: CN=34CDA3D9E50053B163D8E0456FDDAB8496A2E028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:a8:97:4a:41:9e:5e:1f:c7:99:db:cc:45:ff:
                    c4:17:c5:61:f4:28:c8:d0:80:57:1a:d9:0f:8b:d4:
                    e8:50:fb:b0:91:b2:73:30:b0:ab:e6:73:1e:f7:0f:
                    ec:94:e1:71:aa:2a:07:bd:8f:3b:e4:27:b7:2e:f7:
                    1f:f7:30:f8:52:0e:4a:67:ae:1b:6e:c5:c0:18:47:
                    93:41:33:cf:50:ff:36:1e:ab:c2:31:cb:8f:a3:35:
                    81:14:06:9f:c0:c1:80:e1:b1:92:d0:f4:11:56:c4:
                    c8:d7:a1:cb:44:1c:1a:c4:81:bc:d1:2c:8c:af:08:
                    90:32:13:fa:3e:a0:3e:eb:81:24:0b:d9:74:cc:a2:
                    71:09:19:b3:e9:ce:06:2b:c9:77:c4:c1:3b:80:5a:
                    bb:67:f1:0f:cc:e8:af:f7:d0:a2:25:8a:b7:bb:c8:
                    49:05:ce:eb:96:f8:84:22:7c:7c:9f:61:2c:bf:e5:
                    e1:3d:ce:27:ec:6c:ee:2b:4f:3d:18:aa:6e:ba:c6:
                    c2:a2:00:bb:93:89:d2:59:ce:79:75:7c:c9:ad:78:
                    ea:1b:8a:52:7a:db:c3:cf:b0:82:28:f6:87:51:f5:
                    c6:5d:bd:e1:31:71:e1:d3:26:09:12:03:9d:17:fb:
                    c5:4f:5c:a1:c8:60:16:db:72:69:e3:77:bb:e6:01:
                    6d:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:CD:A3:D9:E5:00:53:B1:63:D8:E0:45:6F:DD:AB:84:96:A2:E0:28
            X509v3 Authority Key Identifier:
                keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232312e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.205.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:bf:e7:0d:ed:85:42:5b:4e:15:18:f4:87:7e:87:90:6e:c9:
         fd:5e:1a:26:94:c3:e0:2a:85:a9:aa:5f:dc:78:e4:04:b7:f9:
         7e:ea:fb:6c:69:03:9a:e8:41:d8:b5:a8:c1:ac:89:b7:a7:12:
         3b:46:58:48:00:96:26:17:67:ac:46:06:aa:b6:d9:f8:ab:dc:
         83:c1:e2:c7:99:ea:c4:7d:7f:1c:db:13:b0:56:db:4e:76:df:
         20:b0:88:b3:15:66:67:2d:35:8d:58:01:f0:01:9b:5f:f6:fd:
         66:60:69:85:8a:ec:a6:70:8e:8e:4d:2e:8c:84:b5:a1:1d:1b:
         15:8f:69:52:09:91:a5:ab:2f:b3:fd:bf:74:cc:18:3d:1c:5f:
         b5:a0:b7:f3:60:f1:a9:b1:96:0a:9e:54:70:c8:36:2c:26:5e:
         14:ab:54:7e:b0:e9:c7:46:a6:2a:28:8f:9c:ea:d8:b6:53:b5:
         05:da:cd:8e:3d:2c:c6:ab:4a:70:79:5b:8f:a6:c6:01:ee:8d:
         db:92:72:39:cc:23:1f:bb:59:52:e7:42:ed:2f:c2:11:22:8e:
         93:c1:53:e2:c4:ea:24:67:71:b6:8d:55:19:51:87:f4:81:c8:
         eb:2e:f6:ca:d7:fa:52:21:35:d2:c4:38:29:f4:62:a6:0d:d1:
         59:54:83:10
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUa3v0ljvF+GrBxDgzGxira5VT4vUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDAyMDUyMzU1MDNaFw0yNTAyMDQwMDAwMDNaMDMxMTAvBgNV
BAMTKDM0Q0RBM0Q5RTUwMDUzQjE2M0Q4RTA0NTZGRERBQjg0OTZBMkUwMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUqJdKQZ5eH8eZ28xF/8QXxWH0
KMjQgFca2Q+L1OhQ+7CRsnMwsKvmcx73D+yU4XGqKge9jzvkJ7cu9x/3MPhSDkpn
rhtuxcAYR5NBM89Q/zYeq8Ixy4+jNYEUBp/AwYDhsZLQ9BFWxMjXoctEHBrEgbzR
LIyvCJAyE/o+oD7rgSQL2XTMonEJGbPpzgYryXfEwTuAWrtn8Q/M6K/30KIlire7
yEkFzuuW+IQifHyfYSy/5eE9zifsbO4rTz0Yqm66xsKiALuTidJZznl1fMmteOob
ilJ628PPsIIo9odR9cZdveExceHTJgkSA50X+8VPXKHIYBbbcmnjd7vmAW29AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUNM2j2eUAU7Fj2OBFb92rhJai4CgwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzMjMwMzUyZTMy
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnN
3TANBgkqhkiG9w0BAQsFAAOCAQEAHr/nDe2FQltOFRj0h36HkG7J/V4aJpTD4CqF
qapf3HjkBLf5fur7bGkDmuhB2LWowayJt6cSO0ZYSACWJhdnrEYGqrbZ+Kvcg8Hi
x5nqxH1/HNsTsFbbTnbfILCIsxVmZy01jVgB8AGbX/b9ZmBphYrspnCOjk0ujIS1
oR0bFY9pUgmRpasvs/2/dMwYPRxftaC382DxqbGWCp5UcMg2LCZeFKtUfrDpx0am
KiiPnOrYtlO1BdrNjj0sxqtKcHlbj6bGAe6N25JyOcwjH7tZUudC7S/CESKOk8FT
4sTqJGdxto1VGVGH9IHI6y72ytf6UiE10sQ4KfRipg3RWVSDEA==
Generated at Tue Feb 6 12:22:12 2024 by rpki-client on console-fra.rpki-client.org