Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323030323339.roa
File:                     352e3138312e3137362e302f32342d3234203d3e20323030323339.roa (raw, json)
Hash identifier:          nD+JmnwJwCAIvuZeKc39Achoad/FS71khrgf2ZF1r7Q=
Subject key identifier:   5F:FB:7D:F6:1E:7A:5C:F4:3F:10:2D:23:47:BE:8E:C6:56:20:CE:ED
Certificate issuer:       /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial:       358ED4D3B679DFF49B1A8E031A9D4F8AE6D05433
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323030323339.roa
Signing time:             Sat 14 Oct 2023 12:14:47 +0000
ROA not before:           Sat 14 Oct 2023 12:09:47 +0000
ROA not after:            Sat 12 Oct 2024 12:14:47 +0000
asID:                     200239
IP address blocks:        5.181.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Mar 2024 00:03:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:8e:d4:d3:b6:79:df:f4:9b:1a:8e:03:1a:9d:4f:8a:e6:d0:54:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
        Validity
            Not Before: Oct 14 12:09:47 2023 GMT
            Not After : Oct 12 12:14:47 2024 GMT
        Subject: CN=5FFB7DF61E7A5CF43F102D2347BE8EC65620CEED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:18:e6:f9:2b:c5:1c:3f:14:43:81:59:81:bf:
                    99:ca:1b:6c:2f:12:99:a9:18:ea:51:f5:63:e0:c7:
                    df:a8:ae:a9:9d:0b:e0:49:00:63:9e:86:c5:14:20:
                    61:30:e9:e9:93:6d:54:6a:af:03:c4:73:df:0e:ca:
                    d4:7c:40:22:86:e9:6c:26:e9:d4:e2:79:a0:3a:93:
                    d8:a3:ad:43:7a:ce:d7:de:14:51:fd:a4:cc:e6:0d:
                    ea:33:4c:2a:24:74:d5:89:21:ef:9b:87:17:65:ce:
                    7e:a6:fd:15:76:ed:fb:f4:96:42:41:64:29:f4:05:
                    f6:87:08:fe:70:b3:f5:c1:d7:03:6c:b6:13:c6:ac:
                    37:ff:ec:b8:95:a4:75:bb:f2:82:5f:47:f0:bc:84:
                    06:c4:55:ff:12:79:a1:53:18:ff:f7:74:9c:83:a5:
                    ed:bd:fe:2a:1c:0a:12:b2:dd:a4:00:90:f9:0d:da:
                    67:f1:35:d9:46:77:04:e3:5f:73:f4:d9:05:86:00:
                    e4:2e:1f:e5:39:3b:8c:fa:58:5a:b9:e4:03:50:eb:
                    ed:2a:01:44:2c:63:d2:15:a6:0e:e5:36:fe:92:7c:
                    21:d2:8a:f5:59:02:fa:00:0b:34:95:3c:9f:c3:24:
                    5a:d4:35:01:7c:4b:33:6c:c9:39:2a:a7:3c:53:fc:
                    fa:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:FB:7D:F6:1E:7A:5C:F4:3F:10:2D:23:47:BE:8E:C6:56:20:CE:ED
            X509v3 Authority Key Identifier:
                keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137362e302f32342d3234203d3e20323030323339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:67:8c:fd:b1:c3:7c:f2:4d:70:34:ca:e2:0d:9a:17:7f:41:
         1f:46:07:1f:4d:9f:68:6a:b4:07:ca:7f:90:42:f8:bb:06:6c:
         8d:9c:96:65:2d:e9:09:8c:83:8d:a0:19:a2:39:f3:be:0e:f8:
         91:64:d9:ec:82:6a:db:8e:3f:1b:76:c5:b7:35:cc:9b:02:04:
         6a:56:d2:be:35:62:a3:51:b8:98:28:64:cb:c9:62:b0:18:45:
         e7:41:93:6f:1e:f1:aa:e5:d5:bb:d9:05:82:d9:c7:d4:73:e0:
         f6:b2:7e:ee:d6:91:12:67:23:7b:20:8d:be:d3:83:6d:e1:3b:
         54:44:8a:78:23:30:6e:50:80:20:75:46:bd:c1:14:aa:fa:53:
         db:2f:85:f2:c3:3a:0b:08:5a:22:6e:9b:75:7c:94:65:a6:c8:
         f5:79:f6:05:76:33:c1:85:6e:65:86:a7:29:cb:2e:37:18:a6:
         7d:6f:f7:1b:92:5f:46:08:6c:79:69:2e:6f:4a:61:ba:00:07:
         bc:b6:68:7e:00:43:4c:23:a0:f2:ea:83:4d:5f:5a:55:d3:be:
         42:1b:44:bf:24:4b:5b:9b:6e:5e:26:ac:ee:a2:dd:a5:79:17:
         26:4c:00:87:9c:9c:5e:72:cf:8e:f7:99:29:f8:ac:f0:42:d5:
         34:3c:24:b3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNY7U07Z53/SbGo4DGp1PiubQVDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEwMTQxMjA5NDdaFw0yNDEwMTIxMjE0NDdaMDMxMTAvBgNV
BAMTKDVGRkI3REY2MUU3QTVDRjQzRjEwMkQyMzQ3QkU4RUM2NTYyMENFRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCGOb5K8UcPxRDgVmBv5nKG2wv
EpmpGOpR9WPgx9+orqmdC+BJAGOehsUUIGEw6emTbVRqrwPEc98OytR8QCKG6Wwm
6dTieaA6k9ijrUN6ztfeFFH9pMzmDeozTCokdNWJIe+bhxdlzn6m/RV27fv0lkJB
ZCn0BfaHCP5ws/XB1wNsthPGrDf/7LiVpHW78oJfR/C8hAbEVf8SeaFTGP/3dJyD
pe29/iocChKy3aQAkPkN2mfxNdlGdwTjX3P02QWGAOQuH+U5O4z6WFq55ANQ6+0q
AUQsY9IVpg7lNv6SfCHSivVZAvoACzSVPJ/DJFrUNQF8SzNsyTkqpzxT/PpBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUX/t99h56XPQ/EC0jR76OxlYgzu0wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzUyZTMxMzgzMTJlMzEzNzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzIzMzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbWwMA0GCSqGSIb3DQEBCwUAA4IBAQCOZ4z9scN88k1wNMriDZoXf0EfRgcfTZ9o
arQHyn+QQvi7BmyNnJZlLekJjIONoBmiOfO+DviRZNnsgmrbjj8bdsW3NcybAgRq
VtK+NWKjUbiYKGTLyWKwGEXnQZNvHvGq5dW72QWC2cfUc+D2sn7u1pESZyN7II2+
04Nt4TtURIp4IzBuUIAgdUa9wRSq+lPbL4XywzoLCFoibpt1fJRlpsj1efYFdjPB
hW5lhqcpyy43GKZ9b/cbkl9GCGx5aS5vSmG6AAe8tmh+AENMI6Dy6oNNX1pV075C
G0S/JEtbm25eJqzuot2leRcmTACHnJxecs+O95kp+KzwQtU0PCSz
Generated at Fri Mar 1 02:46:30 2024 by rpki-client on console-ams.rpki-client.org