Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/3138352e3232392e3232312e302f32342d3234203d3e20313734.roa
File:                     3138352e3232392e3232312e302f32342d3234203d3e20313734.roa (raw, json)
Hash identifier:          RXmJExAZbGVVHCnHugDskYURmalWAbovgselJdpJuuI=
Subject key identifier:   54:3D:D6:35:C1:4A:8A:D1:B4:CB:9A:0A:60:91:F0:18:E2:DF:3B:CD
Certificate issuer:       /CN=bad36cdaf43498a668b553f581ccd281ac1a8cd7
Certificate serial:       2283F76DF5CC05C666DFD6DAB213B5517370DC
Authority key identifier: BA:D3:6C:DA:F4:34:98:A6:68:B5:53:F5:81:CC:D2:81:AC:1A:8C:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/utNs2vQ0mKZotVP1gczSgawajNc.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/3138352e3232392e3232312e302f32342d3234203d3e20313734.roa
Signing time:             Thu 15 Jun 2023 14:46:19 +0000
ROA not before:           Thu 15 Jun 2023 14:41:19 +0000
ROA not after:            Thu 13 Jun 2024 14:46:19 +0000
asID:                     174
IP address blocks:        185.229.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:83:f7:6d:f5:cc:05:c6:66:df:d6:da:b2:13:b5:51:73:70:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bad36cdaf43498a668b553f581ccd281ac1a8cd7
        Validity
            Not Before: Jun 15 14:41:19 2023 GMT
            Not After : Jun 13 14:46:19 2024 GMT
        Subject: CN=543DD635C14A8AD1B4CB9A0A6091F018E2DF3BCD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:65:ce:1b:51:83:28:1d:93:25:76:05:c6:f3:
                    89:0a:3e:63:85:71:9e:4a:0f:78:3e:9d:31:85:b5:
                    0d:a8:fa:a0:28:0e:ed:59:e6:25:3e:0c:c1:94:d9:
                    64:53:28:62:d7:f3:16:a4:11:a6:be:0b:0a:24:6b:
                    41:b0:fc:12:fa:b4:28:0a:5e:fb:29:3c:39:22:47:
                    d6:ea:c2:cb:14:f5:b3:66:b9:ee:96:eb:bc:fd:39:
                    ef:93:5b:cc:a6:4c:c8:79:a4:95:fd:e0:89:d3:dd:
                    12:f0:b7:3e:39:59:e4:fe:81:d9:43:0d:8f:7c:b3:
                    ba:5f:1d:5d:af:e7:13:40:31:80:00:38:67:e7:9c:
                    2c:ae:3e:95:b2:57:60:6d:93:e7:44:7b:df:7d:eb:
                    93:f4:ce:a0:b2:41:ea:8f:12:b4:e3:83:af:cf:dd:
                    3b:52:a0:a7:34:c8:de:30:8d:93:b2:0d:be:de:56:
                    d1:fb:6c:5c:a3:15:8f:fa:49:d5:2b:d2:8d:15:8b:
                    3d:fc:4d:98:b3:72:83:46:1a:5c:5f:ce:ff:36:0e:
                    4a:97:e7:98:c8:29:83:b8:1c:73:c0:93:70:be:85:
                    61:51:ee:de:1b:04:6b:c7:e1:71:7e:2d:c7:d8:7c:
                    fa:8c:83:27:71:ba:71:e3:65:fd:83:98:37:b1:99:
                    8d:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:3D:D6:35:C1:4A:8A:D1:B4:CB:9A:0A:60:91:F0:18:E2:DF:3B:CD
            X509v3 Authority Key Identifier:
                keyid:BA:D3:6C:DA:F4:34:98:A6:68:B5:53:F5:81:CC:D2:81:AC:1A:8C:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/BAD36CDAF43498A668B553F581CCD281AC1A8CD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/utNs2vQ0mKZotVP1gczSgawajNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b17479d1-95d8-4a14-8ee2-de100c66774c/0/3138352e3232392e3232312e302f32342d3234203d3e20313734.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.229.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:67:8e:92:d6:54:1d:8a:01:65:c9:55:6a:5a:15:14:e9:35:
         71:a2:fc:f2:cd:08:f1:3b:87:7e:b8:5c:37:19:29:92:aa:5c:
         7e:99:f1:44:74:68:f0:8f:a8:a0:c4:ff:44:30:d9:c0:ca:2b:
         8d:b8:b8:cf:aa:f9:b7:7f:66:44:48:55:67:99:89:99:66:6e:
         42:26:3a:e4:c4:04:3c:82:d3:3f:8c:55:9b:94:89:0f:43:7b:
         ad:60:84:3d:65:c8:47:de:ab:1b:2e:0b:ee:c6:35:4d:79:4d:
         b2:b6:8a:37:92:2f:4a:d1:16:e2:f6:31:fb:90:69:53:1f:d3:
         c6:a6:1c:1f:10:b1:69:d3:7c:c4:62:5f:e5:c4:fa:68:87:46:
         42:c7:12:84:af:b7:cd:9f:f5:ba:a4:cb:37:4f:c9:94:e8:18:
         4c:1c:be:3e:4e:06:1a:de:a0:c1:e4:6a:45:bf:a0:e5:6a:36:
         45:19:4f:45:b8:61:dd:53:38:8f:ef:af:9d:5d:16:eb:18:7b:
         0f:b4:2e:b5:d1:a2:76:36:ea:d5:42:bf:64:4b:c4:0c:c4:46:
         22:dc:66:43:f1:bd:c7:ff:43:32:09:44:26:b5:f7:1e:7e:e0:
         9b:de:dd:38:99:8e:ae:f7:ad:87:71:e0:67:9e:21:8b:4e:e2:
         22:7c:20:f8
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgITIoP3bfXMBcZm39bashO1UXNw3DANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyhiYWQzNmNkYWY0MzQ5OGE2NjhiNTUzZjU4MWNjZDI4MWFj
MWE4Y2Q3MB4XDTIzMDYxNTE0NDExOVoXDTI0MDYxMzE0NDYxOVowMzExMC8GA1UE
AxMoNTQzREQ2MzVDMTRBOEFEMUI0Q0I5QTBBNjA5MUYwMThFMkRGM0JDRDCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALhlzhtRgygdkyV2BcbziQo+Y4Vx
nkoPeD6dMYW1Daj6oCgO7VnmJT4MwZTZZFMoYtfzFqQRpr4LCiRrQbD8Evq0KApe
+yk8OSJH1urCyxT1s2a57pbrvP0575NbzKZMyHmklf3gidPdEvC3PjlZ5P6B2UMN
j3yzul8dXa/nE0AxgAA4Z+ecLK4+lbJXYG2T50R7333rk/TOoLJB6o8StOODr8/d
O1KgpzTI3jCNk7INvt5W0ftsXKMVj/pJ1SvSjRWLPfxNmLNyg0YaXF/O/zYOSpfn
mMgpg7gcc8CTcL6FYVHu3hsEa8fhcX4tx9h8+oyDJ3G6ceNl/YOYN7GZjV0CAwEA
AaOCAjswggI3MB0GA1UdDgQWBBRUPdY1wUqK0bTLmgpgkfAY4t87zTAfBgNVHSME
GDAWgBS602za9DSYpmi1U/WBzNKBrBqM1zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9iMTc0NzlkMS05NWQ4LTRhMTQtOGVlMi1kZTEwMGM2Njc3
NGMvMC9CQUQzNkNEQUY0MzQ5OEE2NjhCNTUzRjU4MUNDRDI4MUFDMUE4Q0Q3LmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvdXROczJ2UTBtS1pvdFZQMWdjelNnYXdh
ak5jLmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUFBzALhoGLcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9iMTc0NzlkMS05
NWQ4LTRhMTQtOGVlMi1kZTEwMGM2Njc3NGMvMC8zMTM4MzUyZTMyMzIzOTJlMzIz
MjMxMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNzM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueXd
MA0GCSqGSIb3DQEBCwUAA4IBAQBIZ46S1lQdigFlyVVqWhUU6TVxovzyzQjxO4d+
uFw3GSmSqlx+mfFEdGjwj6igxP9EMNnAyiuNuLjPqvm3f2ZESFVnmYmZZm5CJjrk
xAQ8gtM/jFWblIkPQ3utYIQ9ZchH3qsbLgvuxjVNeU2ytoo3ki9K0Rbi9jH7kGlT
H9PGphwfELFp03zEYl/lxPpoh0ZCxxKEr7fNn/W6pMs3T8mU6BhMHL4+TgYa3qDB
5GpFv6DlajZFGU9FuGHdUziP76+dXRbrGHsPtC610aJ2NurVQr9kS8QMxEYi3GZD
8b3H/0MyCUQmtfcefuCb3t04mY6u962HceBnniGLTuIifCD4
Generated at Fri Sep 15 00:30:45 2023 by rpki-client on console-fra.rpki-client.org