Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32342d3234203d3e203139343337.roa
File:                     3138352e3234312e3134382e302f32342d3234203d3e203139343337.roa (raw, json)
Hash identifier:          q0selbFT6+VDjHn8bOHZ2J9S6RFwiC21V6lzJSjunPs=
Subject key identifier:   BE:05:10:EC:0D:63:36:56:27:A3:AA:AF:3B:0F:AB:EA:CE:FB:0D:4E
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       242CDBE8DD7CAF5B1609ED42B2D621173BC19258
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32342d3234203d3e203139343337.roa
Signing time:             Fri 20 Oct 2023 13:41:50 +0000
ROA not before:           Fri 20 Oct 2023 13:36:50 +0000
ROA not after:            Fri 18 Oct 2024 13:41:50 +0000
asID:                     19437
IP address blocks:        185.241.148.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Mar 2024 08:48:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:2c:db:e8:dd:7c:af:5b:16:09:ed:42:b2:d6:21:17:3b:c1:92:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Oct 20 13:36:50 2023 GMT
            Not After : Oct 18 13:41:50 2024 GMT
        Subject: CN=BE0510EC0D63365627A3AAAF3B0FABEACEFB0D4E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e5:81:36:9f:bc:77:0a:66:60:e2:9d:4c:63:
                    0f:97:b0:b7:45:55:c1:d2:b1:fd:94:fe:65:39:b1:
                    0b:65:8f:f5:62:1d:f5:ca:4d:4c:b1:50:2c:96:32:
                    26:f6:4f:74:76:b0:2c:c8:0c:b5:77:9c:ab:52:2a:
                    0b:21:c2:37:bd:09:02:05:03:50:41:72:be:6f:29:
                    be:2f:84:f6:f5:27:e2:7e:a1:31:29:8a:56:2d:36:
                    c8:92:89:88:32:bc:fa:bc:f9:df:4e:48:06:8d:48:
                    b7:59:75:df:ef:f6:ed:e3:7c:3f:0e:c5:65:f5:7f:
                    74:c4:fd:f3:2e:6b:ca:71:27:f4:1e:20:ad:e7:0f:
                    d1:c1:12:5c:51:1f:bf:67:03:dd:af:e8:05:dc:2f:
                    f2:07:62:43:f4:25:14:bf:ae:aa:93:d4:89:31:5e:
                    14:e6:45:36:1d:7d:43:3b:bf:ec:c3:85:11:64:69:
                    e9:f5:60:ff:04:3a:aa:44:ac:9d:68:f3:01:14:e1:
                    ec:bc:b3:61:14:9c:ee:06:f1:a2:5a:e4:0c:fa:1c:
                    c0:8c:cf:8e:c7:5f:76:1b:ed:b0:0f:e3:aa:ef:66:
                    a2:ac:b7:54:7f:42:00:47:82:9a:92:4e:f8:05:84:
                    e7:d8:ab:da:c3:ec:6b:8c:e8:73:80:7d:2c:dd:34:
                    07:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:05:10:EC:0D:63:36:56:27:A3:AA:AF:3B:0F:AB:EA:CE:FB:0D:4E
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32342d3234203d3e203139343337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.241.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:88:be:e1:9c:13:6c:1b:77:fb:a8:9b:cc:59:db:4d:5a:9f:
         81:d3:56:5d:d7:1f:25:36:9c:6d:60:86:78:a2:dc:4b:e0:df:
         37:06:6d:c3:78:0c:73:c7:d4:75:5c:27:d9:bb:3b:a1:60:0a:
         2b:eb:83:26:01:30:ec:b7:50:b7:ec:d9:ab:d9:ed:91:30:20:
         a2:67:a7:32:57:77:a9:41:be:7d:35:60:6f:f7:56:ff:62:45:
         1b:f6:2f:fa:09:24:fd:b4:2f:33:af:a7:bc:8a:32:5c:d1:d0:
         76:dd:5c:27:18:6c:61:4f:35:84:40:e4:97:2c:2c:89:f9:b5:
         e2:a1:44:04:fb:58:ab:d9:7e:27:62:ac:11:43:00:a9:5c:80:
         61:79:df:0b:0a:7c:4b:a8:a8:34:1c:f1:4e:b4:1f:ca:4b:ae:
         24:dc:4a:b9:c0:10:97:47:b5:4c:85:2f:40:3d:bd:15:fa:ef:
         d1:0c:f5:9f:f8:18:1f:47:65:df:bb:5a:d5:c6:48:2f:2c:85:
         75:84:2e:49:fd:51:1a:5f:90:3c:88:b8:c8:28:12:41:67:f0:
         da:17:25:5d:2a:13:58:f4:d5:59:ea:4b:3a:3d:aa:af:e6:1c:
         d5:9c:44:36:5d:2d:72:48:d9:47:f6:d4:a4:e2:3e:51:83:f8:
         b9:83:a3:0b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJCzb6N18r1sWCe1CstYhFzvBklgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTBaFw0yNDEwMTgxMzQxNTBaMDMxMTAvBgNV
BAMTKEJFMDUxMEVDMEQ2MzM2NTYyN0EzQUFBRjNCMEZBQkVBQ0VGQjBENEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI5YE2n7x3CmZg4p1MYw+XsLdF
VcHSsf2U/mU5sQtlj/ViHfXKTUyxUCyWMib2T3R2sCzIDLV3nKtSKgshwje9CQIF
A1BBcr5vKb4vhPb1J+J+oTEpilYtNsiSiYgyvPq8+d9OSAaNSLdZdd/v9u3jfD8O
xWX1f3TE/fMua8pxJ/QeIK3nD9HBElxRH79nA92v6AXcL/IHYkP0JRS/rqqT1Ikx
XhTmRTYdfUM7v+zDhRFkaen1YP8EOqpErJ1o8wEU4ey8s2EUnO4G8aJa5Az6HMCM
z47HX3Yb7bAP46rvZqKst1R/QgBHgpqSTvgFhOfYq9rD7GuM6HOAfSzdNAfjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvgUQ7A1jNlYno6qvOw+r6s77DU4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzEyZTMx
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzNDMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58ZQwDQYJKoZIhvcNAQELBQADggEBAEuIvuGcE2wbd/uom8xZ201an4HTVl3X
HyU2nG1ghnii3Evg3zcGbcN4DHPH1HVcJ9m7O6FgCivrgyYBMOy3ULfs2avZ7ZEw
IKJnpzJXd6lBvn01YG/3Vv9iRRv2L/oJJP20LzOvp7yKMlzR0HbdXCcYbGFPNYRA
5JcsLIn5teKhRAT7WKvZfidirBFDAKlcgGF53wsKfEuoqDQc8U60H8pLriTcSrnA
EJdHtUyFL0A9vRX679EM9Z/4GB9HZd+7WtXGSC8shXWELkn9URpfkDyIuMgoEkFn
8NoXJV0qE1j01VnqSzo9qq/mHNWcRDZdLXJI2Uf21KTiPlGD+LmDows=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org