Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/326130623a346530373a6138303a3a2f34382d3438203d3e20323134333639.roa
File:                     326130623a346530373a6138303a3a2f34382d3438203d3e20323134333639.roa (raw, json)
Hash identifier:          EWGWi1yljQ96bjNOjVeynC4c/DgKrZuCKwxChfd0rvQ=
Subject key identifier:   8C:C6:98:D2:88:12:0C:04:B3:B3:15:46:FB:8A:CC:7F:1A:83:8E:CD
Certificate issuer:       /CN=966427869FCAD15ECBE4F1C77A3FB3C68BD1F917
Certificate serial:       1B38C8A0AFC2465E50E9DC89017D3BD7011E4F81
Authority key identifier: 96:64:27:86:9F:CA:D1:5E:CB:E4:F1:C7:7A:3F:B3:C6:8B:D1:F9:17
Authority info access:    rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/326130623a346530373a6138303a3a2f34382d3438203d3e20323134333639.roa
Signing time:             Wed 16 Jul 2025 14:11:06 +0000
ROA not before:           Wed 16 Jul 2025 14:06:06 +0000
ROA not after:            Wed 15 Jul 2026 14:11:06 +0000
asID:                     214369
IP address blocks:        2a0b:4e07:a80::/48 maxlen: 48
Validation:               Failed, certificate revoked on Fri 18 Jul 2025 17:38:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:38:c8:a0:af:c2:46:5e:50:e9:dc:89:01:7d:3b:d7:01:1e:4f:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=966427869FCAD15ECBE4F1C77A3FB3C68BD1F917
        Validity
            Not Before: Jul 16 14:06:06 2025 GMT
            Not After : Jul 15 14:11:06 2026 GMT
        Subject: CN=8CC698D288120C04B3B31546FB8ACC7F1A838ECD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:b2:d3:84:0c:b6:bb:3a:1d:55:27:0a:33:50:
                    94:f0:ab:46:e8:8d:11:85:5d:6b:28:d5:a7:82:01:
                    7b:e0:1e:ae:c1:9d:87:4c:66:86:6a:61:57:0f:95:
                    64:c8:07:e7:e2:53:74:77:66:4b:7b:c4:a4:42:9a:
                    2a:80:c2:d6:47:e2:c0:01:ed:39:19:09:c2:5d:c4:
                    9c:fc:61:b6:9d:05:0b:6c:c4:c2:75:39:36:06:12:
                    0b:7a:86:99:b7:ec:0a:3d:34:65:ed:80:c1:c7:b3:
                    bb:15:64:a8:67:5a:60:6a:e8:47:4a:92:42:92:01:
                    94:5f:a1:ed:bc:44:2a:05:f8:83:d0:e6:23:35:9f:
                    4b:15:88:39:43:d2:6f:05:6d:8a:ec:e2:4d:57:5b:
                    51:2e:a8:6d:d8:67:09:58:ce:39:6a:e4:76:af:d9:
                    8d:14:93:eb:3d:cd:d1:1f:7d:6b:73:73:14:72:a5:
                    a7:69:7a:61:f2:40:e4:da:c1:a3:2d:51:e7:5a:1d:
                    25:96:ae:4c:0b:4c:3a:7a:b3:ba:6b:a5:60:12:14:
                    0c:f1:35:fb:f3:8c:03:a9:63:65:37:ca:e1:1e:25:
                    87:1f:af:41:aa:63:7e:60:58:ae:14:43:4c:1b:0d:
                    7e:c5:42:f6:d3:fb:ae:72:36:16:b0:b0:a8:7f:49:
                    ac:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:C6:98:D2:88:12:0C:04:B3:B3:15:46:FB:8A:CC:7F:1A:83:8E:CD
            X509v3 Authority Key Identifier:
                keyid:96:64:27:86:9F:CA:D1:5E:CB:E4:F1:C7:7A:3F:B3:C6:8B:D1:F9:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/326130623a346530373a6138303a3a2f34382d3438203d3e20323134333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4e07:a80::/48

    Signature Algorithm: sha256WithRSAEncryption
         24:0e:24:82:38:ed:b5:1a:d6:a0:99:e4:ec:6e:50:f5:bd:0a:
         20:1a:ca:c7:9a:60:53:5f:60:dc:d9:1d:12:8e:ad:cd:19:d6:
         a1:5f:06:59:13:86:ce:16:2f:a5:66:76:83:42:93:54:91:94:
         05:70:71:a2:10:1b:7c:c3:45:a4:c2:54:2d:21:c6:8a:69:fb:
         8b:30:96:59:ef:c7:3d:77:3e:de:fb:b4:4c:45:4c:10:f9:0b:
         03:e4:4c:14:09:c6:3e:2e:a5:3e:3e:17:fc:90:a0:f3:d9:4c:
         2a:1f:c3:30:0a:e5:f2:85:6f:4f:5f:c0:3e:a0:58:92:82:25:
         60:14:18:9f:6b:e3:4d:6b:0c:88:fa:48:25:eb:6b:94:71:8d:
         f1:f3:e6:ef:a0:0f:09:03:02:a3:bb:12:a2:48:25:da:fa:52:
         7f:9d:c0:27:ee:87:b3:eb:b7:e9:94:23:15:7c:52:14:d7:e2:
         21:69:10:bc:ba:82:c7:19:63:8e:04:e1:15:b2:a7:d2:55:6f:
         97:a2:ca:25:43:fb:d1:0c:4f:6b:b3:d9:21:80:7b:0a:a6:f7:
         c2:6d:c4:16:e3:78:69:68:94:62:63:c2:88:25:70:a7:38:2c:
         aa:0a:f2:c5:02:2e:44:18:3e:ff:5f:e9:af:26:9d:8d:36:c0:
         4b:f9:0e:01
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIUGzjIoK/CRl5Q6dyJAX071wEeT4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTY2NDI3ODY5RkNBRDE1RUNCRTRGMUM3N0EzRkIzQzY4
QkQxRjkxNzAeFw0yNTA3MTYxNDA2MDZaFw0yNjA3MTUxNDExMDZaMDMxMTAvBgNV
BAMTKDhDQzY5OEQyODgxMjBDMDRCM0IzMTU0NkZCOEFDQzdGMUE4MzhFQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVstOEDLa7Oh1VJwozUJTwq0bo
jRGFXWso1aeCAXvgHq7BnYdMZoZqYVcPlWTIB+fiU3R3Zkt7xKRCmiqAwtZH4sAB
7TkZCcJdxJz8YbadBQtsxMJ1OTYGEgt6hpm37Ao9NGXtgMHHs7sVZKhnWmBq6EdK
kkKSAZRfoe28RCoF+IPQ5iM1n0sViDlD0m8FbYrs4k1XW1EuqG3YZwlYzjlq5Hav
2Y0Uk+s9zdEffWtzcxRypadpemHyQOTawaMtUedaHSWWrkwLTDp6s7prpWASFAzx
NfvzjAOpY2U3yuEeJYcfr0GqY35gWK4UQ0wbDX7FQvbT+65yNhawsKh/SazNAgMB
AAGjggJ4MIICdDAdBgNVHQ4EFgQUjMaY0ogSDASzsxVG+4rMfxqDjs0wHwYDVR0j
BBgwFoAUlmQnhp/K0V7L5PHHej+zxovR+RcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM3ZDI1MTItZTRiZi00MTFiLWIwMGEtZTc5ZTNhMzc4
YjQ2LzEvOTY2NDI3ODY5RkNBRDE1RUNCRTRGMUM3N0EzRkIzQzY4QkQxRjkxNy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzgxYTQ0NTY2NDU4ZTQ1NzhiNjdlZWQz
MDUzZjgyMGY1LzEvOTY2NDI3ODY5RkNBRDE1RUNCRTRGMUM3N0EzRkIzQzY4QkQx
RjkxNy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWM3ZDI1MTIt
ZTRiZi00MTFiLWIwMGEtZTc5ZTNhMzc4YjQ2LzEvMzI2MTMwNjIzYTM0NjUzMDM3
M2E2MTM4MzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzQzMzM2Mzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqC04HCoAwDQYJKoZIhvcNAQELBQADggEBACQOJII47bUa1qCZ5Oxu
UPW9CiAayseaYFNfYNzZHRKOrc0Z1qFfBlkThs4WL6VmdoNCk1SRlAVwcaIQG3zD
RaTCVC0hxopp+4swllnvxz13Pt77tExFTBD5CwPkTBQJxj4upT4+F/yQoPPZTCof
wzAK5fKFb09fwD6gWJKCJWAUGJ9r401rDIj6SCXra5RxjfHz5u+gDwkDAqO7EqJI
Jdr6Un+dwCfuh7Prt+mUIxV8UhTX4iFpELy6gscZY44E4RWyp9JVb5eiyiVD+9EM
T2uz2SGAewqm98JtxBbjeGlolGJjwoglcKc4LKoK8sUCLkQYPv9f6a8mnY02wEv5
DgE=
-----END CERTIFICATE-----
Generated at Wed Jul 23 01:45:15 2025 by rpki-client