Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39392e302f32342d3234203d3e20313336373837.roa
File:                     3138352e3231342e39392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier:          rj+0n3vleglLgF95b3Kjs8Aw7I6LGDIltmyAu/iW/yk=
Subject key identifier:   40:83:85:E5:93:37:41:43:C5:2A:0E:91:F4:46:56:3E:79:58:36:AF
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       01B105AE0956DC478E32E101031EA8E9B31AA6F1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39392e302f32342d3234203d3e20313336373837.roa
Signing time:             Mon 26 Feb 2024 08:53:30 +0000
ROA not before:           Mon 26 Feb 2024 08:48:30 +0000
ROA not after:            Mon 24 Feb 2025 08:53:30 +0000
asID:                     136787
IP address blocks:        185.214.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 17 Apr 2024 13:06:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:b1:05:ae:09:56:dc:47:8e:32:e1:01:03:1e:a8:e9:b3:1a:a6:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Feb 26 08:48:30 2024 GMT
            Not After : Feb 24 08:53:30 2025 GMT
        Subject: CN=408385E593374143C52A0E91F446563E795836AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7e:d3:37:1c:be:62:66:5f:96:96:6a:e5:ee:
                    77:a6:69:d2:ac:3e:84:56:eb:93:b6:63:82:1d:2a:
                    5b:98:0a:30:f0:63:1f:6a:62:48:a3:91:95:ee:63:
                    36:cb:00:ad:d4:0e:34:ac:70:d9:96:cb:01:60:02:
                    28:3f:42:d8:be:ca:f9:21:42:00:60:01:03:a3:da:
                    bc:7e:67:88:d2:b1:5a:9c:b9:48:d0:44:af:46:24:
                    1a:55:38:65:6c:46:62:4a:59:8e:95:05:f4:8e:77:
                    23:da:af:23:7f:fa:19:88:d9:b4:02:5a:10:6e:a6:
                    4f:3d:66:18:45:65:45:f1:e5:85:6f:53:5e:3a:3b:
                    12:2f:d1:50:14:63:7d:cb:09:12:5d:ce:1f:86:b3:
                    b2:97:ec:90:2d:93:c8:92:86:a7:4e:51:15:c9:d7:
                    88:6d:b6:7a:f5:78:83:8e:e9:02:fc:39:91:53:b4:
                    c3:de:9f:f0:4a:63:1c:25:5e:9a:c1:a3:03:34:53:
                    27:f2:77:52:80:69:17:3b:77:c0:d5:8f:81:33:97:
                    b7:8e:ff:2a:83:9c:55:9c:de:ab:af:45:ef:bf:92:
                    d6:5b:bf:e1:5d:14:46:8f:79:8a:23:7d:79:bc:ce:
                    63:5a:45:bb:58:50:fa:92:8d:49:af:8b:a8:36:a8:
                    b2:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:83:85:E5:93:37:41:43:C5:2A:0E:91:F4:46:56:3E:79:58:36:AF
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39392e302f32342d3234203d3e20313336373837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.214.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:09:a7:62:9e:ba:62:d9:2d:6b:94:c4:82:c6:8a:8e:02:f9:
         68:07:84:b1:c3:ac:01:93:7e:91:3c:80:d7:0d:19:97:1f:c6:
         e8:c6:0d:74:c5:e7:9a:38:ea:07:be:75:0f:78:f2:84:15:40:
         47:77:8d:0a:26:13:91:7b:a2:5e:e7:d7:54:6a:8c:fc:2f:c7:
         a6:23:1c:75:88:c8:bb:5a:a0:48:67:52:f6:22:7d:7a:59:45:
         7a:68:db:18:59:3e:9a:9b:66:bc:bf:93:ea:13:a1:05:b5:d7:
         64:ef:5c:c4:f8:fe:1a:0b:e5:96:42:d5:bd:e8:ae:7f:38:b1:
         bc:f1:74:08:99:b0:e4:69:8c:37:4d:f8:c3:37:f4:8f:ef:35:
         fe:b4:27:ad:9d:c6:ec:47:94:93:14:2d:d7:4e:0f:89:e0:75:
         2d:cd:2a:c1:ce:ce:85:ed:c3:a9:81:69:32:ad:70:6e:4f:01:
         13:80:b2:4c:00:73:8d:cc:c8:b8:43:90:89:79:7b:31:97:ef:
         fb:f5:62:5c:35:f0:da:35:27:e1:aa:62:cd:4b:0d:7f:a7:f8:
         8c:03:df:36:49:0f:ae:50:64:8f:4f:07:48:19:18:76:21:c6:
         2d:e6:02:fd:71:1a:51:7c:0f:93:1a:3e:db:b7:95:69:28:f4:
         ac:70:40:75
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAbEFrglW3EeOMuEBAx6o6bMapvEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzBaFw0yNTAyMjQwODUzMzBaMDMxMTAvBgNV
BAMTKDQwODM4NUU1OTMzNzQxNDNDNTJBMEU5MUY0NDY1NjNFNzk1ODM2QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLftM3HL5iZl+Wlmrl7nemadKs
PoRW65O2Y4IdKluYCjDwYx9qYkijkZXuYzbLAK3UDjSscNmWywFgAig/Qti+yvkh
QgBgAQOj2rx+Z4jSsVqcuUjQRK9GJBpVOGVsRmJKWY6VBfSOdyParyN/+hmI2bQC
WhBupk89ZhhFZUXx5YVvU146OxIv0VAUY33LCRJdzh+Gs7KX7JAtk8iShqdOURXJ
14httnr1eIOO6QL8OZFTtMPen/BKYxwlXprBowM0Uyfyd1KAaRc7d8DVj4Ezl7eO
/yqDnFWc3quvRe+/ktZbv+FdFEaPeYojfXm8zmNaRbtYUPqSjUmvi6g2qLJrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQIOF5ZM3QUPFKg6R9EZWPnlYNq8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTM5
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51mMwDQYJKoZIhvcNAQELBQADggEBAD4Jp2KeumLZLWuUxILGio4C+WgHhLHD
rAGTfpE8gNcNGZcfxujGDXTF55o46ge+dQ948oQVQEd3jQomE5F7ol7n11RqjPwv
x6YjHHWIyLtaoEhnUvYifXpZRXpo2xhZPpqbZry/k+oToQW112TvXMT4/hoL5ZZC
1b3orn84sbzxdAiZsORpjDdN+MM39I/vNf60J62dxuxHlJMULddOD4ngdS3NKsHO
zoXtw6mBaTKtcG5PAROAskwAc43MyLhDkIl5ezGX7/v1Ylw18No1J+GqYs1LDX+n
+IwD3zZJD65QZI9PB0gZGHYhxi3mAv1xGlF8D5MaPtu3lWko9KxwQHU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org