Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS35409.roa
File:                     AS35409.roa (raw, json)
Hash identifier:          QEDSSWuwa+OMCPDiGQy9oJ02HHyPm29oPWALYgRg8eM=
Subject key identifier:   DB:D5:53:0F:E1:0F:1C:1A:9D:BE:5E:C4:DE:B1:C3:AF:14:E3:6E:A7
Certificate issuer:       /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial:       3A0567BA6D3319B0098071AB9F151AF6758885DF
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS35409.roa
Signing time:             Tue 04 Jul 2023 10:32:31 +0000
ROA not before:           Tue 04 Jul 2023 10:27:31 +0000
ROA not after:            Tue 02 Jul 2024 10:32:31 +0000
asID:                     35409
IP address blocks:        141.11.190.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:05:67:ba:6d:33:19:b0:09:80:71:ab:9f:15:1a:f6:75:88:85:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
        Validity
            Not Before: Jul  4 10:27:31 2023 GMT
            Not After : Jul  2 10:32:31 2024 GMT
        Subject: CN=DBD5530FE10F1C1A9DBE5EC4DEB1C3AF14E36EA7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:b2:0c:db:29:e7:c7:1a:8a:11:72:45:66:09:
                    6d:d8:bf:1e:2f:f3:dc:46:3a:76:0b:75:ab:19:46:
                    cb:99:3f:ac:fd:e5:b8:3a:0e:33:7d:0f:81:c2:d9:
                    7e:02:37:02:30:16:ac:68:c3:7f:d4:65:c1:66:c8:
                    cd:12:9e:6f:b5:90:5a:0d:d2:0d:d0:10:37:7b:a3:
                    e2:85:fa:d0:3b:45:8a:80:9b:ff:b2:9c:7d:f8:99:
                    3c:f8:c7:be:1b:5a:87:d6:fc:fa:5d:65:f2:d9:15:
                    85:14:84:c4:51:b1:dd:75:b4:17:76:b8:5f:ec:9a:
                    ab:63:fa:a1:11:a2:df:8f:34:28:c6:06:f4:5b:53:
                    5a:3d:82:bb:ca:d0:a4:6a:ce:de:ed:f8:71:8e:37:
                    5c:07:e6:44:ba:60:45:f3:ca:c3:54:30:4e:be:dc:
                    b9:3b:aa:97:d5:17:32:ed:3a:59:6c:f5:60:99:1e:
                    02:ff:4a:76:6c:00:56:3a:df:da:49:77:f3:69:93:
                    2b:f4:d5:a6:bb:f5:15:e0:32:9b:d8:e2:8d:20:66:
                    51:aa:67:f9:f2:0a:c7:a6:b0:8c:60:6e:f1:df:2b:
                    2a:ca:04:8b:99:cc:7e:48:b2:11:df:a2:95:3d:63:
                    42:89:3b:a5:e8:8f:ec:65:5f:cf:84:96:38:18:e3:
                    3c:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:D5:53:0F:E1:0F:1C:1A:9D:BE:5E:C4:DE:B1:C3:AF:14:E3:6E:A7
            X509v3 Authority Key Identifier:
                keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS35409.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.11.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:a6:f5:05:f3:5e:ef:90:70:96:2e:48:bb:c4:c5:7a:c1:fa:
         7d:32:38:bd:22:80:b4:c6:13:23:b6:4c:3a:70:1a:33:a9:71:
         c8:80:25:28:ce:b2:bb:f8:39:cd:e5:42:82:a2:e3:22:bb:da:
         c7:a6:3f:2b:5d:93:e9:66:66:13:e0:4c:5e:3a:0b:fe:4c:d6:
         ff:c0:2c:8e:7d:f3:43:09:5c:f0:86:45:09:02:77:dc:7d:d4:
         a6:6b:21:35:bb:99:75:26:6a:d8:5d:e3:3b:05:2b:09:c9:69:
         42:31:97:1f:2a:6d:ce:6c:52:e0:20:5c:1b:4b:a5:0a:87:3b:
         49:64:06:6e:84:ad:35:66:5e:4f:63:83:2e:23:87:cb:96:72:
         ff:22:ed:72:65:b4:32:cd:3a:ce:e0:a6:88:4a:c3:51:34:e4:
         b8:02:62:5f:40:a4:c6:75:09:bc:df:20:bc:bb:4f:8a:da:2a:
         84:15:95:16:10:80:23:71:94:42:65:d9:4a:64:c3:8c:f9:96:
         75:c6:fb:4d:75:c2:64:86:45:6f:11:66:85:8b:a8:6e:ba:ba:
         31:93:25:81:e2:60:c8:5f:63:c1:91:64:e8:31:cb:fe:15:62:
         fa:8c:84:6d:d4:d9:3f:d7:52:10:22:ca:b5:e6:27:bd:be:63:
         6c:4f:bb:64
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUOgVnum0zGbAJgHGrnxUa9nWIhd8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzA3MDQxMDI3MzFaFw0yNDA3MDIxMDMyMzFaMDMxMTAvBgNV
BAMTKERCRDU1MzBGRTEwRjFDMUE5REJFNUVDNERFQjFDM0FGMTRFMzZFQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQsgzbKefHGooRckVmCW3Yvx4v
89xGOnYLdasZRsuZP6z95bg6DjN9D4HC2X4CNwIwFqxow3/UZcFmyM0Snm+1kFoN
0g3QEDd7o+KF+tA7RYqAm/+ynH34mTz4x74bWofW/PpdZfLZFYUUhMRRsd11tBd2
uF/smqtj+qERot+PNCjGBvRbU1o9grvK0KRqzt7t+HGON1wH5kS6YEXzysNUME6+
3Lk7qpfVFzLtOlls9WCZHgL/SnZsAFY639pJd/Npkyv01aa79RXgMpvY4o0gZlGq
Z/nyCsemsIxgbvHfKyrKBIuZzH5IshHfopU9Y0KJO6Xoj+xlX8+EljgY4zwPAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU29VTD+EPHBqdvl7E3rHDrxTjbqcwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzU0MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNC74w
DQYJKoZIhvcNAQELBQADggEBAGGm9QXzXu+QcJYuSLvExXrB+n0yOL0igLTGEyO2
TDpwGjOpcciAJSjOsrv4Oc3lQoKi4yK72semPytdk+lmZhPgTF46C/5M1v/ALI59
80MJXPCGRQkCd9x91KZrITW7mXUmathd4zsFKwnJaUIxlx8qbc5sUuAgXBtLpQqH
O0lkBm6ErTVmXk9jgy4jh8uWcv8i7XJltDLNOs7gpohKw1E05LgCYl9ApMZ1Cbzf
ILy7T4raKoQVlRYQgCNxlEJl2Upkw4z5lnXG+011wmSGRW8RZoWLqG66ujGTJYHi
YMhfY8GRZOgxy/4VYvqMhG3U2T/XUhAiyrXmJ72+Y2xPu2Q=
-----END CERTIFICATE-----
Generated at Fri Aug 4 00:27:25 2023 by rpki-client on console-ams.rpki-client.org