Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232312e302f32342d3234203d3e20343030383130.roa
File:                     3138352e342e3232312e302f32342d3234203d3e20343030383130.roa (raw, json)
Hash identifier:          oo35sL+C+Q6P0JzS2GhzCe6zGJ6kmIZYSdwc5rFte/w=
Subject key identifier:   AF:41:8D:E3:E8:0A:B5:A1:98:97:68:2D:F0:F0:7B:E1:D4:95:2E:9F
Certificate issuer:       /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial:       1B139C9D0036D90CD0E870A181306F1060311795
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232312e302f32342d3234203d3e20343030383130.roa
Signing time:             Sat 06 Apr 2024 21:48:36 +0000
ROA not before:           Sat 06 Apr 2024 21:43:36 +0000
ROA not after:            Sat 05 Apr 2025 21:48:36 +0000
asID:                     400810
IP address blocks:        185.4.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 Apr 2024 08:15:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:13:9c:9d:00:36:d9:0c:d0:e8:70:a1:81:30:6f:10:60:31:17:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
        Validity
            Not Before: Apr  6 21:43:36 2024 GMT
            Not After : Apr  5 21:48:36 2025 GMT
        Subject: CN=AF418DE3E80AB5A19897682DF0F07BE1D4952E9F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9c:31:7d:d0:8f:45:67:86:65:ce:37:39:60:
                    63:8e:61:30:19:0f:b1:a7:9e:d6:22:9c:45:ee:02:
                    04:76:88:32:fc:00:7e:e0:be:3e:77:2e:f3:96:5f:
                    91:3e:74:9a:52:54:64:9f:8c:8e:29:af:27:cc:12:
                    2d:31:77:8f:b8:8b:9d:e4:9e:7c:2f:34:55:fe:d0:
                    f1:d8:10:18:24:31:df:7b:75:66:6c:40:33:7b:62:
                    a2:9d:af:6c:b0:44:b6:eb:13:ad:da:07:b3:81:47:
                    a7:7c:2b:da:68:06:b8:aa:4e:31:f4:12:9a:65:b0:
                    3a:01:60:f4:1a:af:7f:b6:bb:dc:f8:45:54:86:4c:
                    26:ed:a3:1e:b0:38:1f:dc:5e:89:81:f3:7a:0b:83:
                    db:d3:0a:7b:5b:ad:bc:1e:bf:11:fd:8f:6f:c0:af:
                    5c:37:db:3c:27:ae:f9:5d:d4:76:88:02:b2:88:dd:
                    f1:61:83:51:ed:83:b1:8a:d0:7a:3c:b2:5e:d2:98:
                    12:66:d2:d2:3a:db:53:94:32:83:b3:7d:97:9b:03:
                    1e:82:c8:33:5b:35:70:a9:ed:0f:a6:10:ea:2b:b7:
                    fd:ac:65:83:40:71:ca:bc:50:09:49:89:4d:ae:b2:
                    6b:a2:05:e6:4e:06:ce:a2:3f:c2:ef:0c:fb:5a:de:
                    9b:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:41:8D:E3:E8:0A:B5:A1:98:97:68:2D:F0:F0:7B:E1:D4:95:2E:9F
            X509v3 Authority Key Identifier:
                keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232312e302f32342d3234203d3e20343030383130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.4.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:2e:c3:89:39:0b:c2:f4:5f:13:29:db:0f:1d:d9:d4:01:7f:
         56:a5:76:54:f3:b6:e6:d9:b0:0a:5c:3f:35:ab:14:44:31:b2:
         3b:32:7a:db:a7:37:ad:11:38:f3:b0:d0:d3:03:13:06:7b:36:
         08:fb:d6:8e:c5:a7:0c:95:c6:0b:89:40:4d:6f:08:2d:23:55:
         df:1d:0f:4b:fd:5a:f1:c6:5e:8b:41:92:10:d8:e0:80:22:ba:
         1c:7b:80:5e:43:e4:d1:17:58:b8:85:05:b7:a1:80:18:12:f8:
         ea:6a:1b:86:e2:f3:64:55:ed:3d:fd:e1:98:6e:94:17:66:cb:
         59:ef:fa:e9:20:1a:35:52:24:6e:e0:3f:85:fd:0a:dd:51:39:
         a4:60:24:8b:28:2b:62:26:02:0e:07:f3:ee:d6:74:da:4a:56:
         e1:e6:12:b6:6a:3b:9d:09:a8:0a:89:b2:34:f5:10:7c:e7:8b:
         53:f0:42:70:66:b2:e7:23:2f:f0:a9:b5:e0:6d:f5:09:2d:72:
         a9:45:d3:9a:53:d9:f1:36:33:25:08:2e:e6:8d:5b:83:a2:a2:
         a2:87:6a:60:96:8c:23:4c:40:12:b8:03:47:6f:7c:07:7f:d9:
         b6:38:60:6e:76:42:8c:81:7f:38:e8:45:b4:cb:37:0a:9e:9c:
         da:f9:ca:4b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGxOcnQA22QzQ6HChgTBvEGAxF5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDA0MDYyMTQzMzZaFw0yNTA0MDUyMTQ4MzZaMDMxMTAvBgNV
BAMTKEFGNDE4REUzRTgwQUI1QTE5ODk3NjgyREYwRjA3QkUxRDQ5NTJFOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCnDF90I9FZ4Zlzjc5YGOOYTAZ
D7GnntYinEXuAgR2iDL8AH7gvj53LvOWX5E+dJpSVGSfjI4pryfMEi0xd4+4i53k
nnwvNFX+0PHYEBgkMd97dWZsQDN7YqKdr2ywRLbrE63aB7OBR6d8K9poBriqTjH0
EpplsDoBYPQar3+2u9z4RVSGTCbtox6wOB/cXomB83oLg9vTCntbrbwevxH9j2/A
r1w32zwnrvld1HaIArKI3fFhg1Htg7GK0Ho8sl7SmBJm0tI621OUMoOzfZebAx6C
yDNbNXCp7Q+mEOort/2sZYNAccq8UAlJiU2usmuiBeZOBs6iP8LvDPta3pu3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUr0GN4+gKtaGYl2gt8PB74dSVLp8wHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzNDJlMzIzMjMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMwMzgzMTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uQTdMA0GCSqGSIb3DQEBCwUAA4IBAQCeLsOJOQvC9F8TKdsPHdnUAX9WpXZU87bm
2bAKXD81qxREMbI7MnrbpzetETjzsNDTAxMGezYI+9aOxacMlcYLiUBNbwgtI1Xf
HQ9L/Vrxxl6LQZIQ2OCAIroce4BeQ+TRF1i4hQW3oYAYEvjqahuG4vNkVe09/eGY
bpQXZstZ7/rpIBo1UiRu4D+F/QrdUTmkYCSLKCtiJgIOB/Pu1nTaSlbh5hK2ajud
CagKibI09RB854tT8EJwZrLnIy/wqbXgbfUJLXKpRdOaU9nxNjMlCC7mjVuDoqKi
h2pglowjTEASuANHb3wHf9m2OGBudkKMgX846EW0yzcKnpza+cpL
Generated at Thu Apr 18 11:24:58 2024 by rpki-client on console-fra.rpki-client.org