Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137352e302f32342d3234203d3e203231383539.roa
File:                     3138352e3137322e3137352e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier:          ngEPgv3z65pJ+Gs6jQj/BQoYxMJuPA7agIBK3ldajMY=
Subject key identifier:   65:88:04:D1:19:AE:7A:16:DF:D8:72:1D:6A:CF:22:3F:42:BE:C0:3D
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       68BA98C65CE7B11F1DD9BDDBCC2BAF84A7AAF254
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137352e302f32342d3234203d3e203231383539.roa
Signing time:             Sat 02 Dec 2023 09:02:21 +0000
ROA not before:           Sat 02 Dec 2023 08:57:21 +0000
ROA not after:            Sat 30 Nov 2024 09:02:21 +0000
asID:                     21859
IP address blocks:        185.172.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:ba:98:c6:5c:e7:b1:1f:1d:d9:bd:db:cc:2b:af:84:a7:aa:f2:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Dec  2 08:57:21 2023 GMT
            Not After : Nov 30 09:02:21 2024 GMT
        Subject: CN=658804D119AE7A16DFD8721D6ACF223F42BEC03D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:28:ad:dc:12:04:00:11:45:bd:7a:71:77:8f:
                    43:8a:95:e7:8e:54:60:b9:8d:4d:d5:e7:c8:1f:cf:
                    a9:f3:24:45:26:fe:82:87:26:97:56:59:97:af:55:
                    a5:0c:d0:32:5e:eb:a2:77:ed:28:79:b6:8e:9a:89:
                    ab:2e:12:0e:ed:7e:03:e0:3a:f0:62:ed:ba:b0:68:
                    b5:05:38:5a:b9:e9:e8:4d:08:d0:82:06:94:91:64:
                    92:f4:a1:bd:64:68:2f:f1:82:4e:06:91:ba:6e:3c:
                    a1:19:e3:a6:78:1f:e4:11:1f:88:71:c6:1b:d1:1b:
                    5b:8b:e6:1b:8e:49:92:ff:62:cd:f0:5a:de:e3:07:
                    57:7d:c3:7c:84:23:ca:ac:c6:55:ca:da:cd:fa:3d:
                    ad:14:27:c3:6c:dc:c6:2a:fc:6b:0c:fc:65:51:3c:
                    92:e6:31:d1:85:90:3f:af:97:47:58:27:20:38:d1:
                    a0:e9:d7:a2:4a:93:5b:90:2c:20:2d:1a:1b:f2:78:
                    00:45:7a:87:b2:5e:f6:e7:05:c0:b2:8c:17:1a:71:
                    ef:e1:a7:10:81:4a:09:b1:ae:87:88:66:a4:d4:4a:
                    b3:7f:fb:d8:15:a1:f7:a8:e7:b6:a8:ba:fb:83:bd:
                    1e:bd:18:ca:e9:0f:39:35:1f:e1:6f:2d:bd:1e:b9:
                    b6:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:88:04:D1:19:AE:7A:16:DF:D8:72:1D:6A:CF:22:3F:42:BE:C0:3D
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137352e302f32342d3234203d3e203231383539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c1:58:96:a7:36:61:18:9e:6a:92:5f:54:1f:89:da:ea:c6:88:
         25:2c:50:f9:e6:0e:47:7e:3a:12:9c:76:e4:69:2a:9a:7f:b1:
         bc:91:ec:7d:4f:22:90:7f:04:45:73:fe:c6:c2:f5:dc:2b:4b:
         2a:ab:5e:03:2b:2f:1e:14:72:20:b2:86:7a:31:5d:71:fe:f1:
         d4:61:94:5d:25:40:cc:b2:4d:16:f6:aa:37:21:18:ac:4a:b7:
         aa:c6:b0:1c:a4:e4:d4:ed:f5:cf:39:87:82:60:e4:94:54:a9:
         6d:54:86:f1:0a:58:22:d4:fb:7b:e9:a8:7c:21:dd:14:0e:42:
         17:c7:dd:a7:f7:69:91:59:58:3c:ef:cc:20:3a:2e:9a:8d:08:
         08:4c:ed:43:fa:4e:85:dc:be:57:b2:3c:a3:08:3d:6e:85:12:
         0c:81:ad:6a:3a:4b:04:ec:36:a3:1f:d3:6f:bc:85:33:c9:73:
         7f:39:fe:3c:e2:57:b5:40:7a:53:5c:c1:e7:25:d3:1e:4f:11:
         a8:00:7b:a6:e7:37:a2:f9:de:55:d0:a0:70:2c:83:e1:15:6b:
         58:e3:17:8b:b8:99:18:f1:15:82:65:9d:67:cb:fe:63:80:ea:
         9e:8f:5c:63:f2:2c:a7:1a:ef:76:df:0a:3e:1a:10:bb:53:40:
         9f:9e:1b:60
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaLqYxlznsR8d2b3bzCuvhKeq8lQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMDIwODU3MjFaFw0yNDExMzAwOTAyMjFaMDMxMTAvBgNV
BAMTKDY1ODgwNEQxMTlBRTdBMTZERkQ4NzIxRDZBQ0YyMjNGNDJCRUMwM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1KK3cEgQAEUW9enF3j0OKleeO
VGC5jU3V58gfz6nzJEUm/oKHJpdWWZevVaUM0DJe66J37Sh5to6aiasuEg7tfgPg
OvBi7bqwaLUFOFq56ehNCNCCBpSRZJL0ob1kaC/xgk4GkbpuPKEZ46Z4H+QRH4hx
xhvRG1uL5huOSZL/Ys3wWt7jB1d9w3yEI8qsxlXK2s36Pa0UJ8Ns3MYq/GsM/GVR
PJLmMdGFkD+vl0dYJyA40aDp16JKk1uQLCAtGhvyeABFeoeyXvbnBcCyjBcace/h
pxCBSgmxroeIZqTUSrN/+9gVofeo57aouvuDvR69GMrpDzk1H+FvLb0eubY/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZYgE0Rmuehbf2HIdas8iP0K+wD0wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzODM1Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5rK8wDQYJKoZIhvcNAQELBQADggEBAMFYlqc2YRieapJfVB+J2urGiCUsUPnm
Dkd+OhKcduRpKpp/sbyR7H1PIpB/BEVz/sbC9dwrSyqrXgMrLx4UciCyhnoxXXH+
8dRhlF0lQMyyTRb2qjchGKxKt6rGsByk5NTt9c85h4Jg5JRUqW1UhvEKWCLU+3vp
qHwh3RQOQhfH3af3aZFZWDzvzCA6LpqNCAhM7UP6ToXcvleyPKMIPW6FEgyBrWo6
SwTsNqMf02+8hTPJc385/jziV7VAelNcwecl0x5PEagAe6bnN6L53lXQoHAsg+EV
a1jjF4u4mRjxFYJlnWfL/mOA6p6PXGPyLKca73bfCj4aELtTQJ+eG2A=
Generated at Tue Jan 2 04:11:01 2024 by rpki-client on console-ams.rpki-client.org