Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/3138352e3232392e3232302e302f32342d3234203d3e20323131343339.roa
File:                     3138352e3232392e3232302e302f32342d3234203d3e20323131343339.roa (raw, json)
Hash identifier:          XUNThm/z2HfdljL85FpOvtdVr/M5oi/LAKxThxiS9+c=
Subject key identifier:   77:0F:90:9E:46:61:39:5D:14:B5:E3:62:47:D1:68:BA:B3:39:D5:CE
Certificate issuer:       /CN=bad36cdaf43498a668b553f581ccd281ac1a8cd7
Certificate serial:       69A487E5B052585FE6025732E74069F745F77623
Authority key identifier: BA:D3:6C:DA:F4:34:98:A6:68:B5:53:F5:81:CC:D2:81:AC:1A:8C:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/utNs2vQ0mKZotVP1gczSgawajNc.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/3138352e3232392e3232302e302f32342d3234203d3e20323131343339.roa
Signing time:             Wed 07 Jun 2023 06:45:38 +0000
ROA not before:           Wed 07 Jun 2023 06:40:38 +0000
ROA not after:            Wed 05 Jun 2024 06:45:38 +0000
asID:                     211439
IP address blocks:        185.229.220.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:a4:87:e5:b0:52:58:5f:e6:02:57:32:e7:40:69:f7:45:f7:76:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bad36cdaf43498a668b553f581ccd281ac1a8cd7
        Validity
            Not Before: Jun  7 06:40:38 2023 GMT
            Not After : Jun  5 06:45:38 2024 GMT
        Subject: CN=770F909E4661395D14B5E36247D168BAB339D5CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:50:25:2b:eb:f1:cc:86:99:bb:86:65:b4:32:
                    cd:da:89:15:76:b1:c2:2c:16:3e:c2:94:fb:db:38:
                    13:fa:66:fd:b8:7a:02:36:33:1c:97:78:07:78:57:
                    64:5b:9a:71:22:97:32:f5:bb:0c:0e:09:cd:1b:78:
                    bf:56:61:2c:4e:0b:29:32:5f:80:7f:ea:5f:6e:8c:
                    96:13:70:9c:2b:10:0d:f8:36:85:16:f8:e2:ea:49:
                    4c:36:e4:de:10:fd:eb:0a:09:13:60:d0:ba:38:1e:
                    22:33:c9:99:00:d2:3a:20:9d:a4:29:b6:e4:8c:34:
                    80:a9:c0:13:3f:e9:e0:0e:ac:fd:31:2b:1b:52:ef:
                    27:f3:d5:e3:cf:bf:94:d3:25:18:7c:ef:04:72:73:
                    b7:5d:20:e9:2a:d2:65:06:f6:c2:44:7f:42:65:5c:
                    34:61:e5:99:e1:ee:2d:36:75:7d:6f:db:b7:c2:26:
                    42:cf:85:25:01:1c:5d:90:e2:77:d2:d5:70:e6:5c:
                    8c:fa:33:24:de:52:dc:e7:18:c9:28:d9:8f:20:f8:
                    fa:10:f9:18:1b:fd:28:79:ca:d6:cc:79:57:0c:52:
                    cb:2b:83:81:23:ca:db:98:be:47:de:dc:88:8b:8d:
                    76:12:37:bb:6c:42:7e:21:5c:96:3b:18:4a:33:f7:
                    52:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:0F:90:9E:46:61:39:5D:14:B5:E3:62:47:D1:68:BA:B3:39:D5:CE
            X509v3 Authority Key Identifier:
                keyid:BA:D3:6C:DA:F4:34:98:A6:68:B5:53:F5:81:CC:D2:81:AC:1A:8C:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/BAD36CDAF43498A668B553F581CCD281AC1A8CD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/utNs2vQ0mKZotVP1gczSgawajNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/3138352e3232392e3232302e302f32342d3234203d3e20323131343339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.229.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:dc:cd:13:b7:01:45:d2:67:18:c1:03:68:f5:e6:b0:ac:c0:
         03:17:69:b9:11:b9:eb:43:37:16:03:8e:8f:b4:80:86:12:ca:
         6a:a7:70:9f:2f:36:cb:90:44:49:da:22:cf:e8:96:40:bd:ce:
         37:fc:be:eb:98:cc:a0:b7:e9:ed:d7:4a:0d:7d:aa:dd:26:68:
         62:c3:c0:3c:4e:79:dd:f1:c4:5c:b2:69:dd:5d:ed:39:15:1a:
         75:0d:37:a3:de:aa:cf:67:c9:34:56:b4:62:4b:b5:9e:29:00:
         00:b4:cb:8b:ef:8c:c4:3b:9c:92:b8:44:fd:c9:d1:b9:c6:d0:
         a1:e1:5c:35:18:47:5a:12:c9:2c:09:5d:54:12:39:84:99:47:
         a1:28:fa:b8:10:88:b2:52:0b:a1:1e:bf:f3:49:99:05:4f:c1:
         cb:7f:db:99:5f:66:e1:a5:44:49:bd:44:bc:72:d9:09:9c:96:
         19:d0:26:ae:f5:56:12:f4:1e:14:2e:62:86:e4:4d:1c:5c:10:
         0c:27:e9:e7:2b:fd:b8:0c:fb:5f:e0:60:f1:fc:e6:fa:c0:90:
         d1:c8:eb:7e:8e:00:f2:a9:8b:b7:f8:c5:50:5f:fa:1c:ff:ec:
         2c:8b:b2:53:7e:55:ab:9c:11:50:99:35:f0:29:ee:05:63:1d:
         33:55:19:a4
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUaaSH5bBSWF/mAlcy50Bp90X3diMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmFkMzZjZGFmNDM0OThhNjY4YjU1M2Y1ODFjY2QyODFh
YzFhOGNkNzAeFw0yMzA2MDcwNjQwMzhaFw0yNDA2MDUwNjQ1MzhaMDMxMTAvBgNV
BAMTKDc3MEY5MDlFNDY2MTM5NUQxNEI1RTM2MjQ3RDE2OEJBQjMzOUQ1Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdUCUr6/HMhpm7hmW0Ms3aiRV2
scIsFj7ClPvbOBP6Zv24egI2MxyXeAd4V2RbmnEilzL1uwwOCc0beL9WYSxOCyky
X4B/6l9ujJYTcJwrEA34NoUW+OLqSUw25N4Q/esKCRNg0Lo4HiIzyZkA0jognaQp
tuSMNICpwBM/6eAOrP0xKxtS7yfz1ePPv5TTJRh87wRyc7ddIOkq0mUG9sJEf0Jl
XDRh5Znh7i02dX1v27fCJkLPhSUBHF2Q4nfS1XDmXIz6MyTeUtznGMko2Y8g+PoQ
+Rgb/Sh5ytbMeVcMUssrg4EjytuYvkfe3IiLjXYSN7tsQn4hXJY7GEoz91JJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUdw+QnkZhOV0UteNiR9FourM51c4wHwYDVR0j
BBgwFoAUutNs2vQ0mKZotVP1gczSgawajNcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjE3NDc5ZDEtOTVkOC00YTE0LThlZTItZGUxMDBjNjY3
NzRjLzAvQkFEMzZDREFGNDM0OThBNjY4QjU1M0Y1ODFDQ0QyODFBQzFBOENENy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3V0TnMydlEwbUtab3RWUDFnY3pTZ2F3
YWpOYy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjE3NDc5ZDEt
OTVkOC00YTE0LThlZTItZGUxMDBjNjY3NzRjLzAvMzEzODM1MmUzMjMyMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnl3DANBgkqhkiG9w0BAQsFAAOCAQEArtzNE7cBRdJnGMEDaPXmsKzAAxdp
uRG560M3FgOOj7SAhhLKaqdwny82y5BESdoiz+iWQL3ON/y+65jMoLfp7ddKDX2q
3SZoYsPAPE553fHEXLJp3V3tORUadQ03o96qz2fJNFa0Yku1nikAALTLi++MxDuc
krhE/cnRucbQoeFcNRhHWhLJLAldVBI5hJlHoSj6uBCIslILoR6/80mZBU/By3/b
mV9m4aVESb1EvHLZCZyWGdAmrvVWEvQeFC5ihuRNHFwQDCfp5yv9uAz7X+Bg8fzm
+sCQ0cjrfo4A8qmLt/jFUF/6HP/sLIuyU35Vq5wRUJk18CnuBWMdM1UZpA==
Generated at Thu Sep 14 00:36:45 2023 by rpki-client on console-ams.rpki-client.org