Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137352e302f32342d3234203d3e20383334.roa
File:                     3138352e3137322e3137352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          wDRhvJg8oUl0IvEWY8zG0zF2WPDKp2HGNndzSy1oXxs=
Subject key identifier:   59:87:53:24:FC:08:DD:E1:2A:15:CE:ED:32:22:96:15:7F:68:51:DA
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       36C3C0EC35D64BE463EAD83A57038DCA1F6FC5C2
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137352e302f32342d3234203d3e20383334.roa
Signing time:             Mon 05 Feb 2024 09:14:11 +0000
ROA not before:           Mon 05 Feb 2024 09:09:11 +0000
ROA not after:            Mon 03 Feb 2025 09:14:11 +0000
asID:                     834
IP address blocks:        185.172.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Feb 2024 12:05:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:c3:c0:ec:35:d6:4b:e4:63:ea:d8:3a:57:03:8d:ca:1f:6f:c5:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Feb  5 09:09:11 2024 GMT
            Not After : Feb  3 09:14:11 2025 GMT
        Subject: CN=59875324FC08DDE12A15CEED322296157F6851DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:e1:87:c4:11:84:7c:95:32:48:f9:f7:67:13:
                    31:70:47:b4:63:ef:7f:13:cb:18:79:ef:fe:e8:05:
                    84:39:55:5f:a0:db:e5:34:70:26:22:c2:e8:28:c0:
                    82:8c:10:42:cb:e6:ca:60:24:df:5c:49:e3:17:da:
                    4f:5d:f4:9b:af:a3:bb:09:ba:38:5b:34:ef:8d:6c:
                    c9:2f:5e:a7:f0:e3:59:f7:f3:ed:3e:0e:0d:7e:c9:
                    a4:2a:e3:53:a6:31:a8:cf:5c:47:89:f8:25:1f:a8:
                    20:b8:9c:d5:45:4d:7f:8c:31:2d:3a:7a:19:62:66:
                    63:e2:5f:e0:f4:84:23:ba:04:f9:e9:00:0f:71:2d:
                    d1:7a:9b:2c:32:15:90:ff:01:fa:ca:17:49:7d:b6:
                    d3:20:a4:9a:fe:6f:87:6b:f1:39:7d:0e:9a:32:20:
                    4d:c7:b0:fb:fe:f8:f7:f7:ca:1d:3d:01:5d:90:d9:
                    82:5a:f8:66:83:e3:2a:e3:45:7f:19:ee:9f:cc:04:
                    a3:09:75:ca:88:71:b5:c3:28:45:63:8c:37:4c:a5:
                    51:e7:44:3c:15:d8:0d:cb:4e:e2:10:46:26:10:67:
                    60:ce:66:ae:4c:a8:47:a2:7a:83:d2:d3:c2:ef:0b:
                    9c:10:cc:c1:91:0d:73:be:4e:e1:be:90:c2:87:86:
                    a4:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:87:53:24:FC:08:DD:E1:2A:15:CE:ED:32:22:96:15:7F:68:51:DA
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137352e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:55:be:87:64:f9:0c:ce:d3:2e:9d:34:dc:2f:0c:6e:e6:08:
         8b:b8:ce:91:11:59:5b:66:15:93:74:27:f1:cd:10:13:cf:35:
         e5:c3:0d:54:75:94:08:e1:07:06:35:9f:6e:06:3f:b6:5f:41:
         7b:21:52:6d:86:77:74:e3:6b:fa:a3:5f:4f:34:ee:c0:47:8d:
         db:9b:60:bd:fe:a1:8b:66:64:72:3e:54:47:e5:a0:5f:d1:03:
         06:90:04:c0:02:e9:d7:97:63:f6:59:35:c5:8b:e6:b5:64:db:
         62:4b:38:59:86:e5:2d:c3:49:c9:80:fd:87:34:0d:4d:b8:38:
         a4:14:57:54:12:1f:af:fc:3a:b9:cb:ca:d1:14:63:59:09:20:
         f6:dd:2b:b8:fb:21:13:44:55:c9:cf:a6:10:26:dc:55:ee:0f:
         17:5a:35:3d:cc:d1:a7:58:85:88:fe:36:32:fa:e0:12:b2:ba:
         4f:23:26:bd:7e:07:3d:43:12:ab:ef:b9:5d:2e:b6:fb:78:d7:
         92:b8:05:7a:fe:ea:86:a8:0a:4a:c2:4b:96:05:e0:d3:a8:07:
         98:16:58:cd:76:7a:fe:9e:58:89:a5:38:5b:34:bf:7c:61:2a:
         bc:80:54:48:c9:47:94:4b:b3:7a:6a:f8:94:ee:00:f6:25:fb:
         b4:9f:b0:12
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNsPA7DXWS+Rj6tg6VwONyh9vxcIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMDUwOTA5MTFaFw0yNTAyMDMwOTE0MTFaMDMxMTAvBgNV
BAMTKDU5ODc1MzI0RkMwOERERTEyQTE1Q0VFRDMyMjI5NjE1N0Y2ODUxREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg4YfEEYR8lTJI+fdnEzFwR7Rj
738Tyxh57/7oBYQ5VV+g2+U0cCYiwugowIKMEELL5spgJN9cSeMX2k9d9Juvo7sJ
ujhbNO+NbMkvXqfw41n38+0+Dg1+yaQq41OmMajPXEeJ+CUfqCC4nNVFTX+MMS06
ehliZmPiX+D0hCO6BPnpAA9xLdF6mywyFZD/AfrKF0l9ttMgpJr+b4dr8Tl9Dpoy
IE3HsPv++Pf3yh09AV2Q2YJa+GaD4yrjRX8Z7p/MBKMJdcqIcbXDKEVjjDdMpVHn
RDwV2A3LTuIQRiYQZ2DOZq5MqEeieoPS08LvC5wQzMGRDXO+TuG+kMKHhqRPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUWYdTJPwI3eEqFc7tMiKWFX9oUdowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALms
rzANBgkqhkiG9w0BAQsFAAOCAQEAjFW+h2T5DM7TLp003C8MbuYIi7jOkRFZW2YV
k3Qn8c0QE8815cMNVHWUCOEHBjWfbgY/tl9BeyFSbYZ3dONr+qNfTzTuwEeN25tg
vf6hi2Zkcj5UR+WgX9EDBpAEwALp15dj9lk1xYvmtWTbYks4WYblLcNJyYD9hzQN
Tbg4pBRXVBIfr/w6ucvK0RRjWQkg9t0ruPshE0RVyc+mECbcVe4PF1o1PczRp1iF
iP42MvrgErK6TyMmvX4HPUMSq++5XS62+3jXkrgFev7qhqgKSsJLlgXg06gHmBZY
zXZ6/p5YiaU4WzS/fGEqvIBUSMlHlEuzemr4lO4A9iX7tJ+wEg==
Generated at Mon Feb 5 17:16:56 2024 by rpki-client on console-ams.rpki-client.org