Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37312e302f32342d3234203d3e20313336373837.roa
File:                     3138352e3233342e37312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier:          E7GXw36iNZL749oCPMPDft24F5x5BQeVGZUyUdwUKTc=
Subject key identifier:   CE:8D:07:15:16:02:C7:DE:21:9D:DF:DF:EB:71:04:92:FA:F2:97:F7
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       428AE1D9988A05EAEC1DD9DD76DCA6E263B410B2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37312e302f32342d3234203d3e20313336373837.roa
Signing time:             Fri 26 Jan 2024 19:02:30 +0000
ROA not before:           Fri 26 Jan 2024 18:57:30 +0000
ROA not after:            Fri 24 Jan 2025 19:02:30 +0000
asID:                     136787
IP address blocks:        185.234.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 30 May 2024 16:09:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:8a:e1:d9:98:8a:05:ea:ec:1d:d9:dd:76:dc:a6:e2:63:b4:10:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Jan 26 18:57:30 2024 GMT
            Not After : Jan 24 19:02:30 2025 GMT
        Subject: CN=CE8D07151602C7DE219DDFDFEB710492FAF297F7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:95:36:47:b7:b3:c1:17:95:ef:57:34:c4:eb:
                    c6:c6:fe:c9:dc:22:59:28:b3:9b:a7:0a:eb:07:e2:
                    78:ca:1f:a2:de:e6:17:8b:f1:19:b5:0c:e0:9c:1c:
                    75:9d:35:2a:ec:37:d9:b5:bb:d2:db:a7:a3:b9:22:
                    9a:bc:24:39:94:9d:9d:0c:60:ec:fd:23:8b:8f:c7:
                    51:82:7b:99:8f:28:b4:27:dd:fd:2c:1a:99:df:0d:
                    20:33:68:86:c8:47:5b:ff:6d:a5:8e:6e:d1:43:35:
                    58:ee:c5:84:11:ce:0f:ed:3a:a2:af:dd:a2:85:86:
                    e8:54:35:61:41:b6:21:08:90:00:ab:d0:c9:49:82:
                    f0:92:4e:2f:5c:34:3c:0f:1b:3c:42:09:ee:82:e1:
                    dc:77:5c:83:da:5a:68:0c:39:c5:34:92:02:c6:aa:
                    7b:e6:a1:c5:d7:c6:6a:2c:ea:26:1c:58:49:b4:8b:
                    2c:90:d2:21:2a:53:b4:54:38:d1:17:c0:aa:0a:1e:
                    2a:77:94:19:c7:6e:56:07:76:43:09:e3:e1:8d:7c:
                    b2:46:33:d8:ba:ea:29:e5:81:29:c8:12:cb:c3:a7:
                    84:0f:18:f3:5e:b4:f3:c1:8b:9c:ba:b1:9b:6f:e5:
                    82:a3:94:90:0b:30:0b:f9:76:de:d1:2a:20:b4:0a:
                    c5:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:8D:07:15:16:02:C7:DE:21:9D:DF:DF:EB:71:04:92:FA:F2:97:F7
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37312e302f32342d3234203d3e20313336373837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:30:cc:96:d5:21:7c:bb:36:53:c8:e4:12:71:75:e7:f4:86:
         da:33:5e:dd:ad:dd:85:90:22:59:45:27:aa:ee:b8:69:95:fb:
         26:97:06:da:6e:37:63:00:0a:ef:a1:84:46:1b:f5:df:91:91:
         ec:76:57:2e:68:d5:98:d8:ef:93:22:45:3b:32:8e:a9:13:8a:
         c3:8e:5a:02:e7:05:2d:62:0b:6d:ff:bd:96:e0:44:1e:71:3c:
         37:2c:59:b5:0d:a2:5f:02:19:71:59:8f:57:dd:36:41:8c:79:
         4b:4b:ba:a1:a1:12:71:b1:74:60:49:a0:85:7f:56:6a:f5:27:
         9e:29:03:48:a6:d5:46:70:b5:dd:f6:33:43:76:29:b5:f0:8d:
         ef:c0:47:f8:ae:b8:ad:6d:36:6f:09:77:bd:0e:08:c7:7e:70:
         b0:e8:e4:d3:57:40:d5:d0:a4:77:d6:fb:55:85:5b:fb:7f:b5:
         84:c7:82:42:05:5d:f6:de:f8:03:55:28:d7:c5:6f:1a:c6:8b:
         79:62:a8:f6:90:62:cd:93:7f:ef:aa:c7:2f:10:ed:69:fd:d6:
         c4:dc:5a:2b:2c:78:e6:6d:b4:a1:c6:5f:53:81:ba:06:aa:df:
         be:23:48:ec:8a:fa:c5:b5:18:cb:88:60:8e:d0:d9:a1:2c:b1:
         31:86:48:76
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQorh2ZiKBersHdnddtym4mO0ELIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MzBaFw0yNTAxMjQxOTAyMzBaMDMxMTAvBgNV
BAMTKENFOEQwNzE1MTYwMkM3REUyMTlEREZERkVCNzEwNDkyRkFGMjk3RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDlTZHt7PBF5XvVzTE68bG/snc
Ilkos5unCusH4njKH6Le5heL8Rm1DOCcHHWdNSrsN9m1u9Lbp6O5Ipq8JDmUnZ0M
YOz9I4uPx1GCe5mPKLQn3f0sGpnfDSAzaIbIR1v/baWObtFDNVjuxYQRzg/tOqKv
3aKFhuhUNWFBtiEIkACr0MlJgvCSTi9cNDwPGzxCCe6C4dx3XIPaWmgMOcU0kgLG
qnvmocXXxmos6iYcWEm0iyyQ0iEqU7RUONEXwKoKHip3lBnHblYHdkMJ4+GNfLJG
M9i66inlgSnIEsvDp4QPGPNetPPBi5y6sZtv5YKjlJALMAv5dt7RKiC0CsUjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzo0HFRYCx94hnd/f63EEkvryl/cwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzQyZTM3
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC56kcwDQYJKoZIhvcNAQELBQADggEBAH0wzJbVIXy7NlPI5BJxdef0htozXt2t
3YWQIllFJ6ruuGmV+yaXBtpuN2MACu+hhEYb9d+Rkex2Vy5o1ZjY75MiRTsyjqkT
isOOWgLnBS1iC23/vZbgRB5xPDcsWbUNol8CGXFZj1fdNkGMeUtLuqGhEnGxdGBJ
oIV/Vmr1J54pA0im1UZwtd32M0N2KbXwje/AR/iuuK1tNm8Jd70OCMd+cLDo5NNX
QNXQpHfW+1WFW/t/tYTHgkIFXfbe+ANVKNfFbxrGi3liqPaQYs2Tf++qxy8Q7Wn9
1sTcWisseOZttKHGX1OBugaq374jSOyK+sW1GMuIYI7Q2aEssTGGSHY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org