Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32342d3234203d3e20313336373837.roa
File:                     3138352e3233342e37302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier:          +Oz4Xb930pacSDOVBA6g2x2n+8dBjHdY/qHPjDP/O38=
Subject key identifier:   AA:14:E4:91:34:1D:C3:AF:67:EF:0E:93:1E:C3:85:12:A6:5A:DD:FD
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       411B2747AA97260B8A4CF6378BF8D9550E76FA2D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32342d3234203d3e20313336373837.roa
Signing time:             Fri 26 Jan 2024 19:02:29 +0000
ROA not before:           Fri 26 Jan 2024 18:57:29 +0000
ROA not after:            Fri 24 Jan 2025 19:02:29 +0000
asID:                     136787
IP address blocks:        185.234.70.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 30 May 2024 16:08:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:1b:27:47:aa:97:26:0b:8a:4c:f6:37:8b:f8:d9:55:0e:76:fa:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Jan 26 18:57:29 2024 GMT
            Not After : Jan 24 19:02:29 2025 GMT
        Subject: CN=AA14E491341DC3AF67EF0E931EC38512A65ADDFD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:44:f9:58:4a:73:42:1b:ed:7b:3e:2b:3b:17:
                    51:ac:48:be:bb:4f:22:04:32:e6:aa:23:6f:85:a6:
                    a0:8d:6a:6b:71:c3:e3:5c:13:df:ee:63:35:78:b6:
                    e7:34:e8:a3:95:79:1d:ec:04:23:20:be:94:b0:b4:
                    f4:2d:4a:40:95:58:78:dc:ba:da:a7:7d:1f:85:a1:
                    b5:5c:89:4c:42:03:30:00:eb:1e:55:e5:ca:2b:1b:
                    2f:01:09:ab:bc:24:e5:88:4d:89:6f:4d:5e:e9:14:
                    db:7b:14:83:af:a8:37:8c:31:c5:38:92:07:f9:f1:
                    a5:1a:01:a5:2c:ad:b4:34:75:7c:c6:9a:97:ff:52:
                    36:f4:ae:3d:28:bd:8d:74:a2:3b:9f:17:d6:62:be:
                    b8:3e:2e:bf:f0:c1:a1:7e:04:d9:30:f0:82:4e:2c:
                    fc:71:31:cd:4c:ad:12:69:d8:95:9e:13:af:b2:7f:
                    1b:88:c0:ef:61:79:0d:6c:8b:2e:d6:82:e4:43:14:
                    7c:ca:58:39:fb:77:49:8e:0a:de:ea:15:25:3d:13:
                    6c:00:59:e7:d8:6a:93:21:6e:30:10:8d:e0:ae:b2:
                    71:d9:a2:63:f9:11:b3:71:ac:b4:e4:b8:2c:a4:d4:
                    1b:57:78:07:16:76:bf:41:5d:64:a2:a8:bd:36:f6:
                    3c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:14:E4:91:34:1D:C3:AF:67:EF:0E:93:1E:C3:85:12:A6:5A:DD:FD
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32342d3234203d3e20313336373837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:af:f2:17:32:40:44:ae:b3:7f:07:4f:4d:f5:1c:3d:20:e3:
         1b:c2:24:ad:de:01:e4:6a:55:c0:42:eb:94:2f:38:5d:17:ba:
         5c:08:e9:12:93:a1:e4:9a:56:93:33:5d:45:cc:fc:88:4b:3a:
         35:25:95:bd:dd:a6:29:98:0b:72:7d:a2:89:72:8e:9b:01:10:
         c0:d9:2e:d2:12:61:87:cd:1c:28:dc:56:e8:d9:70:84:19:06:
         61:4d:ee:03:a8:0b:b5:5f:b1:b5:71:78:3a:d1:81:50:9a:23:
         00:b0:9a:5a:d0:73:65:6a:df:45:2e:5e:65:c6:eb:c0:a7:b2:
         34:73:39:3e:04:01:7a:51:e5:ad:54:24:66:06:1c:5a:f9:b1:
         f0:3a:fe:32:97:b9:2c:1b:84:ea:ad:e5:27:4b:0f:fb:93:62:
         ec:3f:65:3e:fe:2c:7c:88:30:27:0e:53:2d:4c:df:84:d2:eb:
         3f:02:2a:c0:ca:bb:0c:85:b2:96:19:46:53:95:c3:3e:3e:45:
         f0:f2:77:c7:44:b0:2c:ef:59:e0:af:0d:21:ea:a6:60:a9:1c:
         22:a3:c3:b6:b5:34:67:90:bf:02:3a:66:40:23:44:8a:a7:31:
         1a:03:48:9d:e7:5e:64:eb:06:64:df:ff:de:28:2c:1a:2c:d8:
         ca:05:c4:59
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQRsnR6qXJguKTPY3i/jZVQ52+i0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MjlaFw0yNTAxMjQxOTAyMjlaMDMxMTAvBgNV
BAMTKEFBMTRFNDkxMzQxREMzQUY2N0VGMEU5MzFFQzM4NTEyQTY1QURERkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5RPlYSnNCG+17Pis7F1GsSL67
TyIEMuaqI2+FpqCNamtxw+NcE9/uYzV4tuc06KOVeR3sBCMgvpSwtPQtSkCVWHjc
utqnfR+FobVciUxCAzAA6x5V5corGy8BCau8JOWITYlvTV7pFNt7FIOvqDeMMcU4
kgf58aUaAaUsrbQ0dXzGmpf/Ujb0rj0ovY10ojufF9Zivrg+Lr/wwaF+BNkw8IJO
LPxxMc1MrRJp2JWeE6+yfxuIwO9heQ1siy7WguRDFHzKWDn7d0mOCt7qFSU9E2wA
WefYapMhbjAQjeCusnHZomP5EbNxrLTkuCyk1BtXeAcWdr9BXWSiqL029jxdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqhTkkTQdw69n7w6THsOFEqZa3f0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzQyZTM3
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC56kYwDQYJKoZIhvcNAQELBQADggEBAJSv8hcyQESus38HT031HD0g4xvCJK3e
AeRqVcBC65QvOF0XulwI6RKToeSaVpMzXUXM/IhLOjUllb3dpimYC3J9oolyjpsB
EMDZLtISYYfNHCjcVujZcIQZBmFN7gOoC7VfsbVxeDrRgVCaIwCwmlrQc2Vq30Uu
XmXG68CnsjRzOT4EAXpR5a1UJGYGHFr5sfA6/jKXuSwbhOqt5SdLD/uTYuw/ZT7+
LHyIMCcOUy1M34TS6z8CKsDKuwyFspYZRlOVwz4+RfDyd8dEsCzvWeCvDSHqpmCp
HCKjw7a1NGeQvwI6ZkAjRIqnMRoDSJ3nXmTrBmTf/94oLBos2MoFxFk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org