Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e203239383032.roa
File:                     352e3138312e3138352e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier:          17BSMcHC2pFfMFu3kk8chb0SlfEgepmXIIAVBawQL9E=
Subject key identifier:   01:CE:E4:1C:1A:AC:13:6F:2E:B4:31:6D:C2:23:C6:BB:8F:45:4E:DC
Certificate issuer:       /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial:       2B0B2355C29021F6FD13D656AE529E4199945D38
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e203239383032.roa
Signing time:             Wed 08 Nov 2023 11:33:19 +0000
ROA not before:           Wed 08 Nov 2023 11:28:19 +0000
ROA not after:            Wed 06 Nov 2024 11:33:19 +0000
asID:                     29802
IP address blocks:        5.181.185.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 Apr 2024 10:04:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:0b:23:55:c2:90:21:f6:fd:13:d6:56:ae:52:9e:41:99:94:5d:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
        Validity
            Not Before: Nov  8 11:28:19 2023 GMT
            Not After : Nov  6 11:33:19 2024 GMT
        Subject: CN=01CEE41C1AAC136F2EB4316DC223C6BB8F454EDC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:60:0c:a6:8a:45:3f:48:88:a3:69:b8:c5:1a:
                    31:10:6e:a2:ed:51:18:76:42:6b:bd:03:65:9e:05:
                    18:34:b0:b9:6f:70:a5:8f:01:4e:91:0d:36:24:89:
                    4a:73:4a:78:fa:2c:3e:ee:a1:62:37:13:19:12:18:
                    16:41:86:4f:5e:69:95:b8:94:b3:f3:0c:ea:ae:3b:
                    bb:c3:a4:fa:70:e5:46:3c:71:d5:b1:ba:23:a7:ba:
                    43:60:aa:e5:bb:cf:c9:8a:31:4f:65:81:b1:59:18:
                    3f:f0:df:76:48:29:83:b7:8c:c5:30:5b:6a:50:f6:
                    c8:74:34:46:ab:1b:db:f3:73:df:8f:14:40:fa:07:
                    fe:01:6c:bb:c5:fc:cc:c3:4d:b9:f9:c8:a7:ab:09:
                    8a:0f:d3:c5:b0:3f:79:77:5c:95:09:cf:04:ab:56:
                    7b:65:a2:36:37:19:36:81:bd:bf:71:76:c5:89:18:
                    77:10:57:dd:cd:d0:8c:d7:6b:37:e5:f8:f2:22:a3:
                    7a:d3:f8:32:78:92:58:1b:e0:3a:50:91:f1:f6:50:
                    fc:b2:8c:61:47:d3:f0:38:20:55:8b:0d:47:e6:b7:
                    9b:20:f3:30:65:3f:eb:1a:a5:a4:95:98:f4:55:bd:
                    6d:b5:cf:7d:95:85:79:06:68:85:4a:6a:11:f1:dd:
                    a9:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:CE:E4:1C:1A:AC:13:6F:2E:B4:31:6D:C2:23:C6:BB:8F:45:4E:DC
            X509v3 Authority Key Identifier:
                keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e203239383032.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:c2:24:73:6b:76:a4:63:2d:86:26:42:c9:83:65:9e:5c:26:
         34:92:52:95:67:e4:ce:b0:47:71:ec:ff:c7:f7:3b:f8:df:6e:
         3a:f8:a0:d3:db:0f:fe:7e:7f:31:84:61:e0:b3:8b:b5:24:69:
         e7:3d:b7:0b:d9:a1:9e:f4:12:45:bc:32:f1:07:0f:8c:a9:60:
         89:e0:6d:10:32:9c:71:4c:2c:85:4a:92:09:92:d7:5d:55:fc:
         d5:ec:3e:42:e3:09:02:8c:58:69:48:38:05:a9:0e:05:51:fd:
         a7:c4:d9:b0:4a:cd:d0:46:af:fb:02:72:46:7a:15:41:bf:de:
         88:b8:7e:f1:2c:9b:59:af:7d:fb:fd:10:8b:cd:de:73:fe:61:
         4c:0e:1a:a3:f9:be:f0:53:30:21:49:bc:52:a5:49:7c:9b:c3:
         09:cb:f4:77:7a:1f:e7:3b:c7:f3:c8:1b:4b:f3:2a:0e:7c:a0:
         c7:b3:14:73:f3:ba:bd:6f:52:0e:bb:c6:e0:b1:23:1a:e0:ac:
         0a:3d:87:fe:48:a0:94:15:0e:c1:1f:aa:8a:e8:93:9e:52:1d:
         96:dc:d2:11:39:51:ce:85:94:67:ec:c6:13:48:37:5d:56:a3:
         cd:0b:21:66:34:62:99:f1:84:84:84:98:7c:53:2d:55:6a:47:
         1c:29:24:cd
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUKwsjVcKQIfb9E9ZWrlKeQZmUXTgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzExMDgxMTI4MTlaFw0yNDExMDYxMTMzMTlaMDMxMTAvBgNV
BAMTKDAxQ0VFNDFDMUFBQzEzNkYyRUI0MzE2REMyMjNDNkJCOEY0NTRFREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOYAymikU/SIijabjFGjEQbqLt
URh2Qmu9A2WeBRg0sLlvcKWPAU6RDTYkiUpzSnj6LD7uoWI3ExkSGBZBhk9eaZW4
lLPzDOquO7vDpPpw5UY8cdWxuiOnukNgquW7z8mKMU9lgbFZGD/w33ZIKYO3jMUw
W2pQ9sh0NEarG9vzc9+PFED6B/4BbLvF/MzDTbn5yKerCYoP08WwP3l3XJUJzwSr
VntlojY3GTaBvb9xdsWJGHcQV93N0IzXazfl+PIio3rT+DJ4klgb4DpQkfH2UPyy
jGFH0/A4IFWLDUfmt5sg8zBlP+sapaSVmPRVvW21z32VhXkGaIVKahHx3anfAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUAc7kHBqsE28utDFtwiPGu49FTtwwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW1
uTANBgkqhkiG9w0BAQsFAAOCAQEAOcIkc2t2pGMthiZCyYNlnlwmNJJSlWfkzrBH
cez/x/c7+N9uOvig09sP/n5/MYRh4LOLtSRp5z23C9mhnvQSRbwy8QcPjKlgieBt
EDKccUwshUqSCZLXXVX81ew+QuMJAoxYaUg4BakOBVH9p8TZsErN0Eav+wJyRnoV
Qb/eiLh+8SybWa99+/0Qi83ec/5hTA4ao/m+8FMwIUm8UqVJfJvDCcv0d3of5zvH
88gbS/MqDnygx7MUc/O6vW9SDrvG4LEjGuCsCj2H/kiglBUOwR+qiuiTnlIdltzS
ETlRzoWUZ+zGE0g3XVajzQshZjRimfGEhISYfFMtVWpHHCkkzQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org