Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e312e302f32342d3234203d3e20323130353432.roa
File:                     3135392e3235332e312e302f32342d3234203d3e20323130353432.roa (raw, json)
Hash identifier:          wbBS2s0IS68xoLr+xJKhqI0g6Z0PpWqspzEcRrUPPHk=
Subject key identifier:   EE:C6:05:DF:CB:8E:8D:D5:4F:73:B5:22:41:35:8E:4E:3E:0C:30:9E
Certificate issuer:       /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial:       0EFEB88E36EAFFD6AB9D1639B423B748950DF807
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e312e302f32342d3234203d3e20323130353432.roa
Signing time:             Fri 03 May 2024 04:56:16 +0000
ROA not before:           Fri 03 May 2024 04:51:16 +0000
ROA not after:            Fri 02 May 2025 04:56:16 +0000
asID:                     210542
IP address blocks:        159.253.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 03 Aug 2024 00:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:fe:b8:8e:36:ea:ff:d6:ab:9d:16:39:b4:23:b7:48:95:0d:f8:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
        Validity
            Not Before: May  3 04:51:16 2024 GMT
            Not After : May  2 04:56:16 2025 GMT
        Subject: CN=EEC605DFCB8E8DD54F73B52241358E4E3E0C309E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:91:ee:3b:55:14:c7:8f:cb:e8:43:4e:d9:aa:
                    bc:dc:d2:b6:42:d5:24:16:e1:3c:15:8b:7b:19:c3:
                    d1:f3:fe:95:5b:c7:0d:3d:de:60:2d:1e:df:75:5c:
                    bf:9f:31:5c:32:47:21:15:06:e3:d3:b5:e4:9c:5e:
                    44:35:7b:4d:03:15:7e:11:41:2a:5a:20:0f:09:9e:
                    f7:f8:9c:df:5b:c9:11:8e:f1:2a:4e:dd:b1:14:02:
                    fa:e8:28:7b:c2:b6:1b:dc:df:f7:97:70:8e:9e:55:
                    30:9a:85:fb:78:c3:19:72:65:ef:9b:72:22:9a:12:
                    86:7d:8d:06:35:9c:77:03:6c:8d:1d:52:e4:ac:ab:
                    83:ba:50:cf:cc:4c:41:c5:54:cc:1f:cf:21:1b:81:
                    5a:61:9d:43:5d:d2:a1:c7:bb:39:8d:d3:33:94:41:
                    57:89:c1:07:93:2c:fb:7b:b9:85:77:da:b2:68:52:
                    87:64:55:f0:ac:97:38:0a:8e:56:f6:02:09:2c:4b:
                    84:d5:79:87:b2:8a:1c:7b:bf:7b:56:c7:06:f3:c4:
                    b6:00:d0:a4:4d:ea:55:14:a7:a8:12:78:61:79:a5:
                    97:2b:c2:57:78:4c:49:38:98:fa:f4:57:d4:12:53:
                    d6:86:8f:b1:e5:05:bd:cd:1f:bb:b8:9e:36:6d:d9:
                    58:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:C6:05:DF:CB:8E:8D:D5:4F:73:B5:22:41:35:8E:4E:3E:0C:30:9E
            X509v3 Authority Key Identifier:
                keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e312e302f32342d3234203d3e20323130353432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.253.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:c3:a0:f2:5b:c3:20:60:a9:94:71:e0:f7:6b:7f:b4:17:2f:
         cd:b9:ae:f2:5f:45:31:c3:02:ea:9b:64:d7:72:c8:03:68:58:
         31:14:02:2a:15:a4:54:04:c0:c0:ad:45:ac:41:6b:d0:9f:7b:
         6c:7b:80:d7:50:d1:a0:c4:be:e2:4a:8e:da:07:6c:91:0e:67:
         82:6d:34:2d:7d:9f:4d:9f:55:9a:64:d2:bd:4e:14:8c:f8:2f:
         31:a1:bf:fc:e9:82:3a:67:78:12:21:fb:a6:62:82:f3:eb:6e:
         78:9f:f3:55:05:ff:50:ea:60:0e:05:51:50:0c:a0:cf:05:a7:
         3b:cf:b9:f7:ee:44:1e:3d:46:9c:43:5c:bb:10:c1:67:84:a3:
         5d:a5:50:40:7c:a6:ca:ef:9b:d3:0c:d8:66:53:ef:7a:dd:f5:
         00:8c:7e:05:24:08:54:9a:2e:14:db:64:b9:f4:fb:fd:20:2d:
         3b:10:60:5d:c7:33:49:d2:b5:7e:b9:5a:f8:86:16:7a:25:27:
         bf:8a:a7:9c:dd:7c:2b:92:80:7a:f5:c7:60:50:d4:57:af:8d:
         39:7e:f0:d0:96:21:b2:b0:d6:1b:9a:73:80:7f:e1:2e:24:10:
         02:57:f3:37:72:bf:da:7f:e3:81:15:e7:ab:dd:8e:d8:52:26:
         c4:47:12:05
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDv64jjbq/9arnRY5tCO3SJUN+AcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDA1MDMwNDUxMTZaFw0yNTA1MDIwNDU2MTZaMDMxMTAvBgNV
BAMTKEVFQzYwNURGQ0I4RThERDU0RjczQjUyMjQxMzU4RTRFM0UwQzMwOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfke47VRTHj8voQ07Zqrzc0rZC
1SQW4TwVi3sZw9Hz/pVbxw093mAtHt91XL+fMVwyRyEVBuPTteScXkQ1e00DFX4R
QSpaIA8Jnvf4nN9byRGO8SpO3bEUAvroKHvCthvc3/eXcI6eVTCahft4wxlyZe+b
ciKaEoZ9jQY1nHcDbI0dUuSsq4O6UM/MTEHFVMwfzyEbgVphnUNd0qHHuzmN0zOU
QVeJwQeTLPt7uYV32rJoUodkVfCslzgKjlb2AgksS4TVeYeyihx7v3tWxwbzxLYA
0KRN6lUUp6gSeGF5pZcrwld4TEk4mPr0V9QSU9aGj7HlBb3NH7u4njZt2VhpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7sYF38uOjdVPc7UiQTWOTj4MMJ4wHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMwMzUzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
n/0BMA0GCSqGSIb3DQEBCwUAA4IBAQAmw6DyW8MgYKmUceD3a3+0Fy/Nua7yX0Ux
wwLqm2TXcsgDaFgxFAIqFaRUBMDArUWsQWvQn3tse4DXUNGgxL7iSo7aB2yRDmeC
bTQtfZ9Nn1WaZNK9ThSM+C8xob/86YI6Z3gSIfumYoLz6254n/NVBf9Q6mAOBVFQ
DKDPBac7z7n37kQePUacQ1y7EMFnhKNdpVBAfKbK75vTDNhmU+963fUAjH4FJAhU
mi4U22S59Pv9IC07EGBdxzNJ0rV+uVr4hhZ6JSe/iqec3XwrkoB69cdgUNRXr405
fvDQliGysNYbmnOAf+EuJBACV/M3cr/af+OBFeer3Y7YUibERxIF
Generated at Sat Aug 3 01:23:06 2024 by rpki-client on console-fra.rpki-client.org