Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139302e3134312e302f32342d3234203d3e2032383536.roa
File:                     3138352e3139302e3134312e302f32342d3234203d3e2032383536.roa (raw, json)
Hash identifier:          AHd6iHLkTTA0y0indG1sY62q/qM30pjsQ+pE/Vs9mWI=
Subject key identifier:   71:C8:B8:62:36:63:DA:9E:88:E7:A9:87:8B:69:97:2D:94:6E:F6:73
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       79A54D5513AB15B9751E69279CE556E06A843190
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139302e3134312e302f32342d3234203d3e2032383536.roa
Signing time:             Fri 20 Oct 2023 13:41:53 +0000
ROA not before:           Fri 20 Oct 2023 13:36:53 +0000
ROA not after:            Fri 18 Oct 2024 13:41:53 +0000
asID:                     2856
IP address blocks:        185.190.141.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 03 Nov 2023 18:41:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:a5:4d:55:13:ab:15:b9:75:1e:69:27:9c:e5:56:e0:6a:84:31:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Oct 20 13:36:53 2023 GMT
            Not After : Oct 18 13:41:53 2024 GMT
        Subject: CN=71C8B8623663DA9E88E7A9878B69972D946EF673
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:7d:37:e4:28:c7:47:cc:76:2e:7d:2c:e8:50:
                    25:4b:cf:63:2a:20:a9:ec:21:1b:d4:95:46:a6:d8:
                    f3:77:88:be:26:cf:1c:10:7d:3a:fd:16:5e:8b:25:
                    4d:a3:15:59:37:92:bf:4e:22:96:b2:f2:a4:5e:29:
                    fc:34:01:66:54:61:d9:49:f7:0e:a6:b0:a9:4d:e9:
                    14:b4:07:41:50:76:7d:ca:4e:ed:55:dc:5e:a6:f6:
                    56:9b:af:7d:29:a1:d6:a7:65:3a:03:c7:7b:77:0e:
                    83:ae:ae:d8:1b:1c:47:0f:2e:a6:64:c4:89:b8:e1:
                    86:c8:89:44:48:8f:24:0b:00:43:ba:b5:7d:bf:13:
                    ce:7c:8f:cb:db:af:6c:27:ed:08:01:ca:b8:c5:71:
                    cc:e9:8c:d2:12:42:f6:95:6c:a6:5d:b3:2a:20:68:
                    0c:ff:3b:ef:6b:9b:7f:5c:44:0f:df:2c:71:3c:2c:
                    f1:aa:74:10:a7:c8:15:68:0d:e0:8e:d6:ab:54:40:
                    d6:43:3c:8b:85:2c:74:81:93:2a:99:d7:a3:47:d9:
                    fc:09:e4:bc:a5:fa:bf:e3:71:d9:ae:66:62:50:f9:
                    ae:2e:b2:e6:87:55:a8:86:27:9b:11:b4:85:63:4c:
                    0a:17:c6:0e:0e:47:93:90:f7:2f:88:a4:76:85:fa:
                    1e:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:C8:B8:62:36:63:DA:9E:88:E7:A9:87:8B:69:97:2D:94:6E:F6:73
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139302e3134312e302f32342d3234203d3e2032383536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.190.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:6c:b7:17:7d:45:de:da:b5:92:76:06:61:08:d2:2a:ce:66:
         85:25:56:6c:db:2b:cc:1a:2b:2a:0b:3d:1b:81:db:77:74:91:
         4b:82:d2:8b:2b:0e:83:ca:6b:19:cd:3f:f1:6c:59:68:00:8e:
         fc:f6:74:f1:f7:f5:29:f1:66:81:2d:d1:fe:cb:13:00:08:5e:
         61:db:bd:ca:d4:14:69:b2:05:0f:5e:d0:b2:f9:28:d4:86:8c:
         61:03:c8:44:7b:82:bf:15:4f:c0:5b:dd:d2:2c:ab:43:45:29:
         5c:a5:93:69:aa:07:12:e8:63:71:52:d9:43:b6:45:f3:ce:25:
         08:33:ed:8a:79:b4:f9:05:66:2d:1e:0d:07:e1:9b:7c:ee:5f:
         e7:14:4f:1e:39:1c:ee:e4:28:79:42:75:18:c3:02:56:f8:8d:
         68:1a:52:75:68:2b:c6:39:42:d4:60:c5:8c:9a:0a:55:d3:7f:
         d4:c2:f8:fc:98:32:ea:59:2d:a5:1e:aa:cd:02:cf:47:e9:8a:
         c4:50:51:55:1b:25:2d:aa:43:c4:e3:7f:aa:b2:cb:c6:6e:15:
         18:b1:07:4d:39:29:05:22:7f:51:23:02:c9:90:23:3a:5c:ee:
         31:cb:18:08:aa:64:50:79:8a:6a:78:3c:78:51:27:61:b6:94:
         6c:00:19:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeaVNVROrFbl1HmknnOVW4GqEMZAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTNaFw0yNDEwMTgxMzQxNTNaMDMxMTAvBgNV
BAMTKDcxQzhCODYyMzY2M0RBOUU4OEU3QTk4NzhCNjk5NzJEOTQ2RUY2NzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqfTfkKMdHzHYufSzoUCVLz2Mq
IKnsIRvUlUam2PN3iL4mzxwQfTr9Fl6LJU2jFVk3kr9OIpay8qReKfw0AWZUYdlJ
9w6msKlN6RS0B0FQdn3KTu1V3F6m9labr30podanZToDx3t3DoOurtgbHEcPLqZk
xIm44YbIiURIjyQLAEO6tX2/E858j8vbr2wn7QgByrjFcczpjNISQvaVbKZdsyog
aAz/O+9rm39cRA/fLHE8LPGqdBCnyBVoDeCO1qtUQNZDPIuFLHSBkyqZ16NH2fwJ
5Lyl+r/jcdmuZmJQ+a4usuaHVaiGJ5sRtIVjTAoXxg4OR5OQ9y+IpHaF+h41AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcci4YjZj2p6I56mHi2mXLZRu9nMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzAyZTMx
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzgzNTM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ub6NMA0GCSqGSIb3DQEBCwUAA4IBAQBUbLcXfUXe2rWSdgZhCNIqzmaFJVZs2yvM
GisqCz0bgdt3dJFLgtKLKw6DymsZzT/xbFloAI789nTx9/Up8WaBLdH+yxMACF5h
273K1BRpsgUPXtCy+SjUhoxhA8hEe4K/FU/AW93SLKtDRSlcpZNpqgcS6GNxUtlD
tkXzziUIM+2KebT5BWYtHg0H4Zt87l/nFE8eORzu5Ch5QnUYwwJW+I1oGlJ1aCvG
OULUYMWMmgpV03/Uwvj8mDLqWS2lHqrNAs9H6YrEUFFVGyUtqkPE43+qssvGbhUY
sQdNOSkFIn9RIwLJkCM6XO4xyxgIqmRQeYpqeDx4USdhtpRsABmw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org