Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37302e302f32342d3234203d3e20313336373837.roa
File:                     3135352e3133332e37302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier:          OAXlGCztFRYmqSQYIkIsuxrd1j7L+6tJ8g6g9xdSB7g=
Subject key identifier:   CE:03:B7:95:7E:7A:40:BF:B0:D5:CB:9E:6D:AA:5D:F1:CB:3B:35:B4
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       5A53BAEECEE5A03D2D51FCE49AD90DA3AFEB0F6E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37302e302f32342d3234203d3e20313336373837.roa
Signing time:             Mon 26 Feb 2024 08:53:08 +0000
ROA not before:           Mon 26 Feb 2024 08:48:08 +0000
ROA not after:            Mon 24 Feb 2025 08:53:08 +0000
asID:                     136787
IP address blocks:        155.133.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Mar 2024 09:27:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:53:ba:ee:ce:e5:a0:3d:2d:51:fc:e4:9a:d9:0d:a3:af:eb:0f:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Feb 26 08:48:08 2024 GMT
            Not After : Feb 24 08:53:08 2025 GMT
        Subject: CN=CE03B7957E7A40BFB0D5CB9E6DAA5DF1CB3B35B4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:66:8d:8d:17:ed:e8:2a:cc:3f:33:7b:86:9b:
                    46:e9:8a:0d:0b:54:a1:7c:ed:e2:d6:4b:c2:30:00:
                    a7:72:37:32:3b:4f:9e:40:1b:49:93:23:3f:e2:d5:
                    cc:83:f8:36:74:3d:dc:fa:59:93:67:34:d2:e7:91:
                    42:99:1c:29:15:83:42:ae:55:66:72:1f:1c:66:4f:
                    b8:f8:62:08:55:b8:70:26:fa:c0:f6:cf:56:fe:5b:
                    f7:02:27:12:44:18:3d:3a:fb:ff:67:df:65:ff:fb:
                    62:c3:a0:38:71:6d:10:48:af:01:f8:55:dd:ef:d3:
                    57:3a:2b:04:a6:6e:10:f5:6d:a2:34:52:6d:71:01:
                    bf:c8:9e:1c:94:32:45:72:a4:41:24:13:eb:cb:00:
                    f3:21:4e:37:52:49:d3:c7:27:5d:ad:c6:5a:1f:e3:
                    a6:4f:88:74:99:f8:14:7e:bb:2b:67:e3:a9:e3:10:
                    ba:11:9a:97:0c:61:e0:07:f8:31:c7:74:99:6a:25:
                    66:8d:e2:21:42:5e:88:4e:c4:50:68:ba:60:80:b9:
                    e4:3d:2e:59:b3:71:ff:76:45:6d:5f:86:8f:53:6b:
                    8f:65:00:ed:39:22:c7:de:04:8f:dc:c6:50:32:05:
                    b6:53:3f:46:5c:6c:e3:23:46:0a:19:bf:53:52:d8:
                    88:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:03:B7:95:7E:7A:40:BF:B0:D5:CB:9E:6D:AA:5D:F1:CB:3B:35:B4
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37302e302f32342d3234203d3e20313336373837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.133.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:2e:5c:8a:62:7e:8a:6c:c3:c8:bc:96:be:36:21:1a:c3:ad:
         43:af:a3:eb:f6:b9:54:60:8d:ad:93:71:4c:86:49:86:46:f6:
         22:a6:3d:7d:44:b6:96:4e:2a:20:4d:57:8c:50:56:ad:2d:50:
         a3:16:cb:55:24:93:44:4a:5d:68:b0:8b:e4:32:3e:e7:58:d8:
         b6:b8:40:ae:3e:95:8e:2c:4f:5e:88:9c:28:62:be:a9:cd:71:
         00:69:bd:19:ef:bf:e5:26:f4:e5:84:43:b1:98:72:26:87:30:
         38:2f:89:09:39:31:a1:42:a3:cf:0b:53:d5:85:7d:42:5d:1a:
         82:d3:be:20:cb:71:6a:de:25:e0:0a:a0:e2:16:58:d8:3d:a2:
         28:d9:7b:a0:8b:98:12:d0:df:a4:a2:8d:e9:d7:20:84:00:ab:
         0d:b2:7e:89:8f:3c:3e:a6:98:a9:ff:f9:f8:0d:95:f0:4b:07:
         fa:98:b6:de:29:6a:2c:0a:12:67:d2:3e:fc:47:1e:b8:a9:c2:
         5f:66:60:81:e6:ea:5c:16:6b:8f:56:c3:93:9d:a2:72:9f:f6:
         24:cf:fa:59:ff:ac:85:c5:e7:41:74:4c:68:eb:a7:2b:94:89:
         3a:83:1b:3e:89:b6:04:ee:96:f7:d2:50:06:04:b9:f2:65:4b:
         34:f7:1c:87
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWlO67s7loD0tUfzkmtkNo6/rD24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDhaFw0yNTAyMjQwODUzMDhaMDMxMTAvBgNV
BAMTKENFMDNCNzk1N0U3QTQwQkZCMEQ1Q0I5RTZEQUE1REYxQ0IzQjM1QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDZo2NF+3oKsw/M3uGm0bpig0L
VKF87eLWS8IwAKdyNzI7T55AG0mTIz/i1cyD+DZ0Pdz6WZNnNNLnkUKZHCkVg0Ku
VWZyHxxmT7j4YghVuHAm+sD2z1b+W/cCJxJEGD06+/9n32X/+2LDoDhxbRBIrwH4
Vd3v01c6KwSmbhD1baI0Um1xAb/InhyUMkVypEEkE+vLAPMhTjdSSdPHJ12txlof
46ZPiHSZ+BR+uytn46njELoRmpcMYeAH+DHHdJlqJWaN4iFCXohOxFBoumCAueQ9
Llmzcf92RW1fho9Ta49lAO05IsfeBI/cxlAyBbZTP0ZcbOMjRgoZv1NS2IhvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzgO3lX56QL+w1cuebapd8cs7NbQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM3
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhUYwDQYJKoZIhvcNAQELBQADggEBAHAuXIpifopsw8i8lr42IRrDrUOvo+v2
uVRgja2TcUyGSYZG9iKmPX1EtpZOKiBNV4xQVq0tUKMWy1Ukk0RKXWiwi+QyPudY
2La4QK4+lY4sT16InChivqnNcQBpvRnvv+Um9OWEQ7GYciaHMDgviQk5MaFCo88L
U9WFfUJdGoLTviDLcWreJeAKoOIWWNg9oijZe6CLmBLQ36SijenXIIQAqw2yfomP
PD6mmKn/+fgNlfBLB/qYtt4paiwKEmfSPvxHHripwl9mYIHm6lwWa49Ww5OdonKf
9iTP+ln/rIXF50F0TGjrpyuUiTqDGz6JtgTulvfSUAYEufJlSzT3HIc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org