Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234352e3138312e302f32342d3234203d3e203139343337.roa
File:                     3138352e3234352e3138312e302f32342d3234203d3e203139343337.roa (raw, json)
Hash identifier:          e2W6hIVNPoTemcaJFC6rbGeTzfZY8UEGCXipvnFk18U=
Subject key identifier:   68:0F:54:74:8C:3C:8A:C6:95:C2:D5:FF:D1:87:41:F9:1C:47:24:A0
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       5E5BE2428A570FE9E597A44CF82CD738D9E0FD62
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234352e3138312e302f32342d3234203d3e203139343337.roa
Signing time:             Fri 20 Oct 2023 13:41:53 +0000
ROA not before:           Fri 20 Oct 2023 13:36:53 +0000
ROA not after:            Fri 18 Oct 2024 13:41:53 +0000
asID:                     19437
IP address blocks:        185.245.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Mar 2024 16:41:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:5b:e2:42:8a:57:0f:e9:e5:97:a4:4c:f8:2c:d7:38:d9:e0:fd:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Oct 20 13:36:53 2023 GMT
            Not After : Oct 18 13:41:53 2024 GMT
        Subject: CN=680F54748C3C8AC695C2D5FFD18741F91C4724A0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4c:bb:3b:65:9d:cf:92:33:d7:b4:da:b8:2d:
                    7f:34:9a:9f:94:61:6c:03:a1:ec:dd:e4:03:f5:76:
                    6a:5f:d0:e6:dd:76:a0:99:07:fc:21:e4:84:52:be:
                    6d:6b:5f:d5:50:e8:43:6a:58:7b:5b:e5:6b:ea:0f:
                    09:fc:25:e9:ad:6f:6d:1b:16:05:ab:73:fa:89:b1:
                    41:d2:a7:08:9a:fc:aa:48:18:7c:f5:5b:74:b2:ad:
                    0a:19:f6:0f:f0:73:4d:d5:1a:33:0e:ca:f9:db:8e:
                    38:a1:39:e0:fb:8c:7e:98:1e:ba:d6:63:ff:58:ce:
                    98:bd:f3:55:7b:40:09:ee:2e:1c:e2:10:d3:07:b3:
                    b1:11:48:2c:5f:a9:ef:6c:14:6c:92:ce:01:4d:7e:
                    4b:ec:25:8d:d3:53:e8:a0:c2:c4:8a:4b:f9:ee:2b:
                    5c:73:3e:28:bb:b6:cd:2b:1f:f7:f5:91:3d:25:76:
                    31:ba:af:67:f7:f9:aa:f2:a6:85:3d:50:15:be:9f:
                    33:45:c7:ab:49:6a:ba:bf:81:e0:5f:09:1e:2a:53:
                    40:65:3d:61:84:cc:af:8d:14:ad:7e:e4:e9:10:da:
                    00:d0:c2:3f:da:6e:8b:24:a7:bb:b7:e2:f6:4e:98:
                    f4:55:f9:50:6e:e1:d1:f1:89:d2:6a:99:09:87:a9:
                    dd:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:0F:54:74:8C:3C:8A:C6:95:C2:D5:FF:D1:87:41:F9:1C:47:24:A0
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234352e3138312e302f32342d3234203d3e203139343337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.245.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:8c:22:54:32:b6:90:f8:f7:00:9f:81:6b:c7:28:a8:e7:1d:
         04:15:00:17:1d:56:03:b2:6b:96:04:60:bb:d7:41:b6:bd:f9:
         6f:1d:1b:03:9a:bb:2c:4d:90:45:cc:0e:62:01:44:c5:c0:02:
         e0:4a:ba:65:ae:6e:57:bf:c3:74:5c:f8:f3:6d:59:20:12:2c:
         21:58:c5:d3:ef:e9:0f:e3:1a:a0:55:89:17:fe:ae:11:4d:9d:
         3d:25:1d:9b:16:5c:9e:f4:c3:95:17:b9:ed:cb:bc:ba:dd:c2:
         a9:f6:01:d4:0d:24:78:a5:cf:9a:e8:f8:ac:4c:ae:9a:bb:46:
         4d:10:cf:20:06:d7:0a:43:8c:a4:c0:37:ea:82:67:0b:8d:c4:
         07:29:80:8f:e9:64:e2:a7:73:98:e7:d1:fc:ee:af:a2:4a:4e:
         f8:3a:ec:45:97:cf:cb:a4:07:5e:b8:e1:0d:7d:ee:42:2d:38:
         c0:1b:a9:95:1c:87:ba:10:b4:2c:9e:f4:11:26:4a:08:5f:b8:
         08:4b:04:0d:02:ae:15:87:d9:c5:8d:98:0b:fa:90:43:19:75:
         8f:8d:ac:9d:e4:01:63:41:95:a6:ef:f8:8c:6c:b3:0c:d5:16:
         67:a3:1f:79:a1:c1:b7:bf:0e:77:94:ae:68:1f:4d:30:41:00:
         5f:15:67:9b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXlviQopXD+nll6RM+CzXONng/WIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTNaFw0yNDEwMTgxMzQxNTNaMDMxMTAvBgNV
BAMTKDY4MEY1NDc0OEMzQzhBQzY5NUMyRDVGRkQxODc0MUY5MUM0NzI0QTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvTLs7ZZ3PkjPXtNq4LX80mp+U
YWwDoezd5AP1dmpf0ObddqCZB/wh5IRSvm1rX9VQ6ENqWHtb5WvqDwn8Jemtb20b
FgWrc/qJsUHSpwia/KpIGHz1W3SyrQoZ9g/wc03VGjMOyvnbjjihOeD7jH6YHrrW
Y/9Yzpi981V7QAnuLhziENMHs7ERSCxfqe9sFGySzgFNfkvsJY3TU+igwsSKS/nu
K1xzPii7ts0rH/f1kT0ldjG6r2f3+arypoU9UBW+nzNFx6tJarq/geBfCR4qU0Bl
PWGEzK+NFK1+5OkQ2gDQwj/aboskp7u34vZOmPRV+VBu4dHxidJqmQmHqd15AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUaA9UdIw8isaVwtX/0YdB+RxHJKAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzUyZTMx
MzgzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzNDMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC59bUwDQYJKoZIhvcNAQELBQADggEBAE2MIlQytpD49wCfgWvHKKjnHQQVABcd
VgOya5YEYLvXQba9+W8dGwOauyxNkEXMDmIBRMXAAuBKumWuble/w3Rc+PNtWSAS
LCFYxdPv6Q/jGqBViRf+rhFNnT0lHZsWXJ70w5UXue3LvLrdwqn2AdQNJHilz5ro
+KxMrpq7Rk0QzyAG1wpDjKTAN+qCZwuNxAcpgI/pZOKnc5jn0fzur6JKTvg67EWX
z8ukB1644Q197kItOMAbqZUch7oQtCye9BEmSghfuAhLBA0CrhWH2cWNmAv6kEMZ
dY+NrJ3kAWNBlabv+IxsswzVFmejH3mhwbe/DneUrmgfTTBBAF8VZ5s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org