Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20313938393839.roa
File:                     352e3138312e3138352e302f32342d3234203d3e20313938393839.roa (raw, json)
Hash identifier:          bBHB0qGvsL7fJlqEB/WNCVCcsuCkMHwqBkS10Cf+hw4=
Subject key identifier:   35:78:A4:58:AC:81:CA:D0:85:DD:A4:97:EC:9B:60:20:29:D0:38:7D
Certificate issuer:       /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial:       209A96FB7379AEFB3783059148D26A960FDDF856
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20313938393839.roa
Signing time:             Sun 21 Apr 2024 05:28:55 +0000
ROA not before:           Sun 21 Apr 2024 05:23:55 +0000
ROA not after:            Sun 20 Apr 2025 05:28:55 +0000
asID:                     198989
IP address blocks:        5.181.185.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 18 Jun 2024 10:04:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:9a:96:fb:73:79:ae:fb:37:83:05:91:48:d2:6a:96:0f:dd:f8:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
        Validity
            Not Before: Apr 21 05:23:55 2024 GMT
            Not After : Apr 20 05:28:55 2025 GMT
        Subject: CN=3578A458AC81CAD085DDA497EC9B602029D0387D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:3d:69:30:0d:91:3c:cb:00:a0:56:74:b6:1b:
                    d0:59:1c:14:f7:17:97:33:0f:5f:ef:9e:57:cf:58:
                    06:91:b1:80:c3:09:03:ea:b9:82:a7:68:1b:13:25:
                    18:91:d9:90:c0:ee:51:5a:86:14:f7:c3:e4:b1:c8:
                    01:fd:dd:ca:01:5f:9c:4f:42:58:fc:9c:6d:12:30:
                    da:16:75:97:2f:a5:7a:68:b0:cc:3c:b6:a2:65:14:
                    14:3c:7e:9c:fe:ec:e6:7e:33:3f:dd:c4:95:2c:b1:
                    60:70:df:67:f0:9f:c1:5c:a4:a0:1b:9b:80:97:ee:
                    aa:5f:3a:2b:ee:a6:cb:3b:de:0a:e4:0b:9a:db:5f:
                    e0:9a:fb:11:28:09:3a:a2:c9:4c:ef:7a:f5:aa:57:
                    7b:b9:88:66:41:15:58:77:3c:74:ad:b1:78:0b:79:
                    14:ff:0e:80:36:9b:87:8c:c3:c2:88:50:b8:66:f2:
                    56:d8:f4:ea:d8:1f:50:d4:12:85:a2:4b:73:6d:a2:
                    c3:07:07:d6:bb:72:86:62:50:f5:d3:30:83:f3:65:
                    a8:60:6e:3b:d4:5c:b2:19:50:a1:b6:de:ff:0f:b3:
                    ad:32:95:5d:8e:65:b9:e1:72:52:73:41:90:fe:97:
                    28:a1:7b:1e:a0:40:13:48:ca:37:1d:0a:6d:48:f2:
                    f8:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:78:A4:58:AC:81:CA:D0:85:DD:A4:97:EC:9B:60:20:29:D0:38:7D
            X509v3 Authority Key Identifier:
                keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20313938393839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:33:d6:b4:60:89:62:72:c3:af:cc:3e:22:46:5b:29:6f:48:
         e2:8c:13:5b:6d:87:50:2e:e6:70:cd:b1:b2:0c:34:a0:67:8f:
         4c:ca:73:12:7f:01:32:75:78:df:7a:40:e3:a8:10:e7:c2:f6:
         46:82:27:0a:fd:32:62:13:78:62:77:af:34:77:46:3f:a9:ff:
         ed:a1:22:a0:eb:6c:8d:b7:dd:28:58:25:79:c1:aa:07:0b:77:
         b1:d3:91:d8:7c:95:16:43:1f:d2:7d:ca:0b:9a:05:5a:77:8e:
         11:85:36:30:32:b4:c9:8b:24:e2:26:dd:50:d6:46:c8:18:f1:
         bb:04:48:50:e9:ad:72:5c:1b:50:19:d3:93:52:76:4d:fa:0e:
         74:81:1e:55:b9:a4:f4:5c:a5:0d:e2:5e:97:0d:5c:89:1b:76:
         2b:75:6a:35:10:29:73:98:12:ef:56:95:85:cd:6b:67:a9:47:
         c5:c0:f7:dd:e7:7c:e2:6d:84:d9:6a:cb:39:27:b1:33:0c:b3:
         11:4f:7c:fe:3b:3f:f9:31:06:5a:e1:4f:cf:e1:41:a5:18:f3:
         84:11:51:00:bc:4b:c8:65:aa:ce:52:87:a9:e5:3c:35:78:eb:
         58:81:59:2c:a6:b7:0f:f3:2c:6d:7d:d4:d0:0a:1c:1e:e1:02:
         46:07:6e:9a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIJqW+3N5rvs3gwWRSNJqlg/d+FYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDA0MjEwNTIzNTVaFw0yNTA0MjAwNTI4NTVaMDMxMTAvBgNV
BAMTKDM1NzhBNDU4QUM4MUNBRDA4NUREQTQ5N0VDOUI2MDIwMjlEMDM4N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDePWkwDZE8ywCgVnS2G9BZHBT3
F5czD1/vnlfPWAaRsYDDCQPquYKnaBsTJRiR2ZDA7lFahhT3w+SxyAH93coBX5xP
Qlj8nG0SMNoWdZcvpXposMw8tqJlFBQ8fpz+7OZ+Mz/dxJUssWBw32fwn8FcpKAb
m4CX7qpfOivupss73grkC5rbX+Ca+xEoCTqiyUzvevWqV3u5iGZBFVh3PHStsXgL
eRT/DoA2m4eMw8KIULhm8lbY9OrYH1DUEoWiS3NtosMHB9a7coZiUPXTMIPzZahg
bjvUXLIZUKG23v8Ps60ylV2OZbnhclJzQZD+lyihex6gQBNIyjcdCm1I8vh5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNXikWKyBytCF3aSX7JtgICnQOH0wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM4MzkzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbW5MA0GCSqGSIb3DQEBCwUAA4IBAQARM9a0YIlicsOvzD4iRlspb0jijBNbbYdQ
LuZwzbGyDDSgZ49MynMSfwEydXjfekDjqBDnwvZGgicK/TJiE3hid680d0Y/qf/t
oSKg62yNt90oWCV5waoHC3ex05HYfJUWQx/SfcoLmgVad44RhTYwMrTJiyTiJt1Q
1kbIGPG7BEhQ6a1yXBtQGdOTUnZN+g50gR5VuaT0XKUN4l6XDVyJG3YrdWo1EClz
mBLvVpWFzWtnqUfFwPfd53zibYTZass5J7EzDLMRT3z+Oz/5MQZa4U/P4UGlGPOE
EVEAvEvIZarOUoep5Tw1eOtYgVksprcP8yxtfdTQChwe4QJGB26a
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:54:40 2024 by rpki-client on console-ams.rpki-client.org