Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232362e302f32342d3234203d3e203331383938.roa
File:                     3138352e31332e3232362e302f32342d3234203d3e203331383938.roa (raw, json)
Hash identifier:          N3gDZn+JeJTJ0BgpAeRIvzwudgnUacnvpnN80oeZ2lc=
Subject key identifier:   51:1C:E2:0A:27:CA:24:21:4A:B0:A2:55:72:4D:58:B8:86:DB:4A:98
Certificate issuer:       /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial:       2734F218C52B378C126E1DBF1E504614FC7549D3
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232362e302f32342d3234203d3e203331383938.roa
Signing time:             Wed 10 Apr 2024 13:04:01 +0000
ROA not before:           Wed 10 Apr 2024 12:59:01 +0000
ROA not after:            Wed 09 Apr 2025 13:04:01 +0000
asID:                     31898
IP address blocks:        185.13.226.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 08:16:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:34:f2:18:c5:2b:37:8c:12:6e:1d:bf:1e:50:46:14:fc:75:49:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
        Validity
            Not Before: Apr 10 12:59:01 2024 GMT
            Not After : Apr  9 13:04:01 2025 GMT
        Subject: CN=511CE20A27CA24214AB0A255724D58B886DB4A98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:a7:c5:03:58:34:1b:bd:33:8b:ac:e8:16:da:
                    93:4a:70:ab:6b:10:ed:3a:2a:41:0b:80:ca:c7:09:
                    93:19:86:f7:fe:d2:2d:1e:0f:02:fa:40:0a:27:3a:
                    98:b8:ed:27:38:01:40:06:9f:79:ea:b4:77:15:e8:
                    38:4e:b2:3f:e1:1e:22:e8:84:a6:e9:73:6b:67:ad:
                    f4:89:43:53:41:90:ac:f3:30:7c:28:b9:a3:e8:01:
                    56:49:e9:e8:57:c1:06:7c:56:02:8b:53:b5:c7:52:
                    da:e6:e4:e4:5f:61:8a:c3:dc:53:21:d5:fb:78:8b:
                    ec:3f:d2:cf:bb:cd:0b:f8:6c:e8:1d:f4:00:b3:15:
                    fb:8c:84:67:f3:d9:5b:34:ef:ba:0d:eb:94:7d:0a:
                    a2:84:d9:1c:b3:c4:28:06:67:da:36:8a:6e:31:2b:
                    d1:e2:68:34:b2:0e:f4:53:1f:90:ae:4a:07:79:db:
                    37:38:6e:8e:9c:d6:3e:7b:8a:06:97:0b:f2:d4:fd:
                    19:1b:49:ce:01:e1:57:25:6d:3b:50:19:cc:db:2c:
                    e1:0d:70:8c:89:05:69:d1:c3:a3:36:80:6e:1e:79:
                    ca:61:fd:ca:5c:42:0f:4f:e1:41:f4:ee:e3:6b:d4:
                    c6:e2:33:02:00:b3:01:10:9b:a0:8d:bc:78:4d:32:
                    da:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:1C:E2:0A:27:CA:24:21:4A:B0:A2:55:72:4D:58:B8:86:DB:4A:98
            X509v3 Authority Key Identifier:
                keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232362e302f32342d3234203d3e203331383938.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.13.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:7d:29:13:68:c7:42:3a:45:9d:be:13:65:5a:78:73:22:36:
         91:da:e5:51:b7:be:36:37:68:49:0a:5f:ae:9d:56:f8:7c:e6:
         c7:bb:f7:3b:26:e6:90:d6:82:a5:5c:d2:42:05:86:cf:01:bf:
         f9:ee:73:ba:88:cf:dd:92:7f:86:b3:14:03:7d:15:a2:3e:ce:
         b4:30:c7:ce:16:d6:fe:24:6b:12:e5:c5:67:ff:ef:d5:51:2a:
         86:ea:cb:92:a2:86:61:76:c4:d8:a5:cf:1e:32:fb:3b:03:60:
         04:7e:0a:25:63:a8:dd:d8:26:c0:2c:b4:be:89:72:9b:ab:67:
         af:be:ce:51:57:35:33:ff:2c:da:90:cf:f8:5f:86:03:d9:f9:
         36:34:14:c1:65:8e:8e:68:99:03:03:f9:9d:62:6c:4e:d5:e3:
         26:ca:0f:d1:70:a8:fc:0e:93:fb:9b:65:d5:96:bd:ed:79:63:
         51:91:5c:f8:ea:76:d9:43:92:58:95:29:cd:2e:b0:a1:a0:a1:
         fb:c7:43:47:1a:d5:bf:48:c4:d0:be:c4:e1:98:f5:7f:97:b4:
         44:68:54:db:28:c9:ef:c5:0a:28:47:af:3c:89:b5:5a:e3:08:
         97:a7:00:ec:c3:36:95:ec:74:6e:08:b2:1a:b4:28:d3:db:c3:
         3a:a6:30:ba
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJzTyGMUrN4wSbh2/HlBGFPx1SdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDA0MTAxMjU5MDFaFw0yNTA0MDkxMzA0MDFaMDMxMTAvBgNV
BAMTKDUxMUNFMjBBMjdDQTI0MjE0QUIwQTI1NTcyNEQ1OEI4ODZEQjRBOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTp8UDWDQbvTOLrOgW2pNKcKtr
EO06KkELgMrHCZMZhvf+0i0eDwL6QAonOpi47Sc4AUAGn3nqtHcV6DhOsj/hHiLo
hKbpc2tnrfSJQ1NBkKzzMHwouaPoAVZJ6ehXwQZ8VgKLU7XHUtrm5ORfYYrD3FMh
1ft4i+w/0s+7zQv4bOgd9ACzFfuMhGfz2Vs077oN65R9CqKE2RyzxCgGZ9o2im4x
K9HiaDSyDvRTH5CuSgd52zc4bo6c1j57igaXC/LU/RkbSc4B4VclbTtQGczbLOEN
cIyJBWnRw6M2gG4eecph/cpcQg9P4UH07uNr1MbiMwIAswEQm6CNvHhNMtqBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUURziCifKJCFKsKJVck1YuIbbSpgwHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzODM1MmUzMTMzMmUzMjMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzgzOTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uQ3iMA0GCSqGSIb3DQEBCwUAA4IBAQCFfSkTaMdCOkWdvhNlWnhzIjaR2uVRt742
N2hJCl+unVb4fObHu/c7JuaQ1oKlXNJCBYbPAb/57nO6iM/dkn+GsxQDfRWiPs60
MMfOFtb+JGsS5cVn/+/VUSqG6suSooZhdsTYpc8eMvs7A2AEfgolY6jd2CbALLS+
iXKbq2evvs5RVzUz/yzakM/4X4YD2fk2NBTBZY6OaJkDA/mdYmxO1eMmyg/RcKj8
DpP7m2XVlr3teWNRkVz46nbZQ5JYlSnNLrChoKH7x0NHGtW/SMTQvsThmPV/l7RE
aFTbKMnvxQooR688ibVa4wiXpwDswzaV7HRuCLIatCjT28M6pjC6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-fra.rpki-client.org