Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e20343030333935.roa
File:                     3138352e3231332e3234332e302f32342d3234203d3e20343030333935.roa (raw, json)
Hash identifier:          f9KHZfOJlQSrllEUQYx5pSalROH5h5sZrvaKduv5lEg=
Subject key identifier:   61:3E:75:7C:54:FF:DF:37:86:2E:38:81:76:9E:C9:6F:E3:95:66:D2
Certificate issuer:       /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial:       4AED4DBD3EB761ACAFBFAEC133A9FC4A2E5449B3
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e20343030333935.roa
Signing time:             Wed 22 Nov 2023 07:47:55 +0000
ROA not before:           Wed 22 Nov 2023 07:42:55 +0000
ROA not after:            Wed 20 Nov 2024 07:47:55 +0000
asID:                     400395
IP address blocks:        185.213.243.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Apr 2024 00:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:ed:4d:bd:3e:b7:61:ac:af:bf:ae:c1:33:a9:fc:4a:2e:54:49:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
        Validity
            Not Before: Nov 22 07:42:55 2023 GMT
            Not After : Nov 20 07:47:55 2024 GMT
        Subject: CN=613E757C54FFDF37862E3881769EC96FE39566D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:f6:e2:db:55:8a:f1:0f:17:84:17:46:47:e2:
                    ab:40:92:3a:f6:ac:36:f6:f4:7d:05:5f:c9:e8:54:
                    79:dc:23:2d:f2:d0:00:ba:c1:b4:d9:c8:03:59:e9:
                    05:5f:e8:9b:fc:83:11:46:d0:e9:ae:35:14:3e:19:
                    fa:02:cd:4d:4e:bb:68:b5:f0:5d:4c:05:d7:5d:41:
                    be:0d:72:4f:f6:60:d8:da:89:a9:0a:9e:61:61:c4:
                    f5:58:ca:63:47:6b:40:07:59:e4:d7:22:58:d3:9e:
                    cb:06:26:27:a5:66:25:e3:de:51:99:6d:61:54:30:
                    0f:02:85:ba:b6:b7:04:92:8e:62:61:37:6d:4e:4c:
                    13:8c:75:18:f8:f6:08:41:20:29:4f:6d:e5:cc:01:
                    45:f9:79:6a:d3:f5:44:5d:c6:4d:89:a9:82:e7:ad:
                    b7:d6:84:ee:39:b4:3a:65:6a:29:1d:92:dd:ec:19:
                    b9:06:2c:97:06:bc:c9:52:8c:c3:c6:a1:21:59:fa:
                    59:71:ac:3d:67:cb:cd:c7:eb:09:c0:2c:65:ca:b4:
                    da:00:6d:b8:fc:e3:08:ac:18:97:d9:b6:4d:f4:59:
                    1b:a3:b9:7a:8a:fe:14:f1:b3:a8:89:7f:36:ee:13:
                    68:ab:81:da:a1:02:f6:31:34:1c:ae:ec:18:2f:73:
                    9a:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:3E:75:7C:54:FF:DF:37:86:2E:38:81:76:9E:C9:6F:E3:95:66:D2
            X509v3 Authority Key Identifier:
                keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e20343030333935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.213.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:7f:f4:94:8c:99:82:5c:14:7f:2d:00:2e:95:26:db:72:1b:
         a0:96:d1:64:9a:6b:69:2c:67:fa:93:bb:94:f2:89:3b:bf:75:
         3a:8f:04:36:7b:c5:7d:fe:73:53:a7:fa:fe:e0:44:f2:d9:e9:
         b6:a6:a4:a8:d2:95:d7:e1:b7:17:8d:98:13:7f:20:74:78:ee:
         a9:b8:e4:e3:1d:6c:99:1b:d0:0d:4b:b9:33:ab:ac:2f:0f:b0:
         54:e2:5d:c0:a9:8e:79:6c:56:37:41:10:a0:fa:f7:65:f5:3c:
         b3:99:0c:16:79:4e:db:93:74:bb:a0:aa:fd:eb:17:4a:07:20:
         0a:5f:55:ca:ac:80:f3:bf:75:45:10:36:53:cd:e9:86:c2:95:
         ef:39:de:6a:86:c8:d9:2a:9a:88:24:54:0e:9b:f8:ce:05:95:
         76:63:39:4b:9d:71:13:48:b1:0b:24:f2:64:b1:b3:a1:70:30:
         ad:fc:c4:fc:6d:22:ac:36:60:44:97:17:31:cc:64:c2:95:50:
         25:f3:f6:28:b6:ff:f6:9f:d5:8b:06:05:b3:0b:7e:db:d3:9d:
         f1:55:ba:fe:6e:d8:20:98:c2:69:c6:c1:2c:6f:19:97:36:db:
         e9:27:77:42:f6:13:6c:49:a5:31:72:e3:dd:dd:3f:ed:86:c1:
         57:96:f2:bf
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSu1NvT63Yayvv67BM6n8Si5USbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzExMjIwNzQyNTVaFw0yNDExMjAwNzQ3NTVaMDMxMTAvBgNV
BAMTKDYxM0U3NTdDNTRGRkRGMzc4NjJFMzg4MTc2OUVDOTZGRTM5NTY2RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDm9uLbVYrxDxeEF0ZH4qtAkjr2
rDb29H0FX8noVHncIy3y0AC6wbTZyANZ6QVf6Jv8gxFG0OmuNRQ+GfoCzU1Ou2i1
8F1MBdddQb4Nck/2YNjaiakKnmFhxPVYymNHa0AHWeTXIljTnssGJielZiXj3lGZ
bWFUMA8Chbq2twSSjmJhN21OTBOMdRj49ghBIClPbeXMAUX5eWrT9URdxk2JqYLn
rbfWhO45tDplaikdkt3sGbkGLJcGvMlSjMPGoSFZ+llxrD1ny83H6wnALGXKtNoA
bbj84wisGJfZtk30WRujuXqK/hTxs6iJfzbuE2irgdqhAvYxNByu7Bgvc5pDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUYT51fFT/3zeGLjiBdp7Jb+OVZtIwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMDMzMzkzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV8zANBgkqhkiG9w0BAQsFAAOCAQEAEH/0lIyZglwUfy0ALpUm23IboJbR
ZJpraSxn+pO7lPKJO791Oo8ENnvFff5zU6f6/uBE8tnptqakqNKV1+G3F42YE38g
dHjuqbjk4x1smRvQDUu5M6usLw+wVOJdwKmOeWxWN0EQoPr3ZfU8s5kMFnlO25N0
u6Cq/esXSgcgCl9VyqyA8791RRA2U83phsKV7zneaobI2SqaiCRUDpv4zgWVdmM5
S51xE0ixCyTyZLGzoXAwrfzE/G0irDZgRJcXMcxkwpVQJfP2KLb/9p/ViwYFswt+
29Od8VW6/m7YIJjCacbBLG8Zlzbb6Sd3QvYTbEmlMXLj3d0/7YbBV5byvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-fra.rpki-client.org