Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234322e302f32342d3234203d3e203432333636.roa
File:                     38352e3139302e3234322e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier:          N+4JwCcfo600lRTHzWkEdERjqMHrSzwt9yAS+b20O8w=
Subject key identifier:   31:51:76:77:D7:E0:93:89:60:89:8B:5A:A0:31:A6:BA:F5:2D:F8:D1
Certificate issuer:       /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial:       74838F0DD0CCA8BB23EC530B628D4E9F418A85CD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234322e302f32342d3234203d3e203432333636.roa
Signing time:             Tue 26 Mar 2024 18:03:16 +0000
ROA not before:           Tue 26 Mar 2024 17:58:16 +0000
ROA not after:            Tue 25 Mar 2025 18:03:16 +0000
asID:                     42366
IP address blocks:        85.190.242.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 Apr 2024 07:29:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:83:8f:0d:d0:cc:a8:bb:23:ec:53:0b:62:8d:4e:9f:41:8a:85:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
        Validity
            Not Before: Mar 26 17:58:16 2024 GMT
            Not After : Mar 25 18:03:16 2025 GMT
        Subject: CN=31517677D7E0938960898B5AA031A6BAF52DF8D1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:f2:02:aa:bf:18:6a:36:ac:f4:5b:91:44:a1:
                    59:5d:2d:de:e8:59:0d:1b:75:37:bd:f8:6d:0e:38:
                    8c:fa:12:f3:18:1b:f4:a2:a6:55:2b:50:e7:3d:ab:
                    98:5d:29:6e:23:9b:a9:04:5d:f5:cd:b8:01:af:b0:
                    0c:44:4d:f1:4f:a8:93:7c:a8:ad:c9:b4:74:92:68:
                    cb:e0:20:ac:07:67:0b:32:41:5e:bb:b1:9c:01:fb:
                    d0:d9:8f:3c:36:ac:13:ac:72:54:ee:ba:93:84:ce:
                    f9:de:3f:7d:96:15:26:49:6a:85:9a:33:3a:57:31:
                    4a:7a:d0:be:9d:fa:92:c0:8e:a5:40:76:c4:05:82:
                    e5:a6:93:94:d3:78:1e:d1:88:70:43:37:84:ea:e8:
                    04:2c:51:12:b4:7b:0f:bf:d1:56:40:8b:b0:1e:08:
                    d4:62:ed:57:df:5e:25:b2:c8:02:89:ff:29:9b:e4:
                    7d:79:64:f0:0d:06:0f:42:29:af:28:54:6a:88:39:
                    24:9b:e5:eb:dd:f4:ff:96:18:68:cc:5c:45:68:f4:
                    7e:11:f2:d7:4b:9a:c5:87:98:09:43:fe:79:b4:c2:
                    a0:22:58:81:f4:73:d8:5b:e9:93:14:4d:f4:2b:87:
                    dc:08:61:01:1b:19:2c:e4:53:87:d3:a0:ad:cc:97:
                    ee:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:51:76:77:D7:E0:93:89:60:89:8B:5A:A0:31:A6:BA:F5:2D:F8:D1
            X509v3 Authority Key Identifier:
                keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234322e302f32342d3234203d3e203432333636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.190.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:fd:85:b6:3a:4a:c2:89:b3:ec:44:8a:2c:24:fc:86:d6:70:
         ca:3f:c4:9e:27:f9:9d:60:b2:b8:17:79:e9:d1:97:cd:0d:56:
         f5:e4:ca:8e:16:55:fc:c6:56:89:e6:3b:16:66:21:aa:ef:ee:
         8b:3d:ac:4f:f9:a4:ab:fe:af:62:0c:97:f3:01:8f:39:1d:6b:
         0f:5a:0d:34:d8:ae:96:58:8d:9e:65:ee:4a:5f:8e:9e:91:84:
         01:ec:27:53:64:ee:66:42:91:59:22:27:72:cb:7d:ec:72:cc:
         17:11:9d:53:d5:e9:d9:01:d0:6c:5d:be:cc:ad:07:26:e4:9f:
         8f:2b:57:e6:47:92:f8:56:6d:30:f9:d3:39:1d:4d:ba:6b:0b:
         69:11:d7:f4:f4:63:c2:29:b4:25:0b:77:f3:67:49:29:e3:81:
         46:26:61:ff:95:41:66:f8:ed:63:60:b8:15:0e:8a:f0:30:a3:
         83:b9:15:64:cc:d5:9d:3a:d5:81:72:a1:28:ed:4d:75:59:90:
         53:0d:ab:7e:12:43:21:51:cf:d0:50:65:d9:cf:4f:8e:75:b2:
         55:f6:83:ac:3d:77:94:57:66:f2:40:00:fb:3a:fc:74:f7:11:
         91:2a:b4:15:5d:11:81:9e:a8:a5:af:ba:08:f9:ad:6e:74:96:
         75:01:7a:11
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdIOPDdDMqLsj7FMLYo1On0GKhc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMjYxNzU4MTZaFw0yNTAzMjUxODAzMTZaMDMxMTAvBgNV
BAMTKDMxNTE3Njc3RDdFMDkzODk2MDg5OEI1QUEwMzFBNkJBRjUyREY4RDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw8gKqvxhqNqz0W5FEoVldLd7o
WQ0bdTe9+G0OOIz6EvMYG/SiplUrUOc9q5hdKW4jm6kEXfXNuAGvsAxETfFPqJN8
qK3JtHSSaMvgIKwHZwsyQV67sZwB+9DZjzw2rBOsclTuupOEzvneP32WFSZJaoWa
MzpXMUp60L6d+pLAjqVAdsQFguWmk5TTeB7RiHBDN4Tq6AQsURK0ew+/0VZAi7Ae
CNRi7VffXiWyyAKJ/ymb5H15ZPANBg9CKa8oVGqIOSSb5evd9P+WGGjMXEVo9H4R
8tdLmsWHmAlD/nm0wqAiWIH0c9hb6ZMUTfQrh9wIYQEbGSzkU4fToK3Ml+6fAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUMVF2d9fgk4lgiYtaoDGmuvUt+NEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM0
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Vb7yMA0GCSqGSIb3DQEBCwUAA4IBAQAl/YW2OkrCibPsRIosJPyG1nDKP8SeJ/md
YLK4F3np0ZfNDVb15MqOFlX8xlaJ5jsWZiGq7+6LPaxP+aSr/q9iDJfzAY85HWsP
Wg002K6WWI2eZe5KX46ekYQB7CdTZO5mQpFZIidyy33scswXEZ1T1enZAdBsXb7M
rQcm5J+PK1fmR5L4Vm0w+dM5HU26awtpEdf09GPCKbQlC3fzZ0kp44FGJmH/lUFm
+O1jYLgVDorwMKODuRVkzNWdOtWBcqEo7U11WZBTDat+EkMhUc/QUGXZz0+OdbJV
9oOsPXeUV2byQAD7Ovx09xGRKrQVXRGBnqilr7oI+a1udJZ1AXoR
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org