Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/0/326130613a363034343a363430303a3a2f33382d3438203d3e20323134353433.roa
File:                     326130613a363034343a363430303a3a2f33382d3438203d3e20323134353433.roa (raw, json)
Hash identifier:          AH30JgFud5EgGQSxxDJM8jLcdk7lxLb6X28GpgQe5Js=
Subject key identifier:   5E:7E:9A:38:A8:E6:2D:05:33:6E:8F:E3:69:0A:B6:5D:5A:79:33:F8
Certificate issuer:       /CN=F8B2DD948C881B517A20B8566758AB4ABC7B72D0
Certificate serial:       224BAC2894BAB4E622E712F538A7E2EF877A0A90
Authority key identifier: F8:B2:DD:94:8C:88:1B:51:7A:20:B8:56:67:58:AB:4A:BC:7B:72:D0
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/F8B2DD948C881B517A20B8566758AB4ABC7B72D0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/0/326130613a363034343a363430303a3a2f33382d3438203d3e20323134353433.roa
Signing time:             Sun 21 Jul 2024 16:23:19 +0000
ROA not before:           Sun 21 Jul 2024 16:18:19 +0000
ROA not after:            Sun 20 Jul 2025 16:23:19 +0000
asID:                     214543
IP address blocks:        2a0a:6044:6400::/38 maxlen: 48

Validation:               Failed, certificate revoked on Mon 12 Aug 2024 10:56:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:4b:ac:28:94:ba:b4:e6:22:e7:12:f5:38:a7:e2:ef:87:7a:0a:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F8B2DD948C881B517A20B8566758AB4ABC7B72D0
        Validity
            Not Before: Jul 21 16:18:19 2024 GMT
            Not After : Jul 20 16:23:19 2025 GMT
        Subject: CN=5E7E9A38A8E62D05336E8FE3690AB65D5A7933F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a5:e1:3f:f9:16:4c:c7:c9:be:df:e7:2a:06:
                    8e:6d:bb:e4:23:23:69:cf:52:0a:d0:56:dd:01:af:
                    30:e7:14:53:bf:c9:8b:32:f6:83:68:3a:2d:0f:ae:
                    ad:e9:4c:5c:f7:e8:59:1a:a9:aa:95:51:b1:47:78:
                    d8:11:85:4c:4c:8c:c3:24:4c:a8:c4:14:15:b1:54:
                    9f:c5:02:79:80:f1:a4:7c:11:66:71:48:8f:a5:15:
                    b3:c3:07:8d:85:b2:7e:64:17:04:59:d7:57:09:bc:
                    41:39:d9:38:f3:92:37:3e:a7:9c:40:1b:0d:66:47:
                    61:c2:60:e2:e2:5a:f2:e3:59:02:40:93:8a:78:72:
                    cd:04:de:37:c0:4e:d8:62:1c:e3:6a:bf:ed:f8:9c:
                    49:df:49:40:0a:57:73:69:15:04:f1:b4:5c:10:56:
                    9b:2d:1f:94:d8:35:43:f8:38:db:28:8c:85:f2:19:
                    1a:f7:17:7e:e0:ee:21:cc:7e:93:e2:18:30:1d:08:
                    c0:1b:f7:86:21:6d:ce:5f:32:59:41:38:47:05:34:
                    4f:49:93:90:d9:a2:e2:ea:cb:53:fc:97:a4:e5:7f:
                    03:b2:c5:4e:d7:b1:a6:d6:dd:30:56:cb:5a:b7:e5:
                    d9:aa:bf:bf:71:44:96:b8:78:36:c3:56:bf:67:b5:
                    87:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:7E:9A:38:A8:E6:2D:05:33:6E:8F:E3:69:0A:B6:5D:5A:79:33:F8
            X509v3 Authority Key Identifier:
                keyid:F8:B2:DD:94:8C:88:1B:51:7A:20:B8:56:67:58:AB:4A:BC:7B:72:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/0/F8B2DD948C881B517A20B8566758AB4ABC7B72D0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/F8B2DD948C881B517A20B8566758AB4ABC7B72D0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/0/326130613a363034343a363430303a3a2f33382d3438203d3e20323134353433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:6400::/38

    Signature Algorithm: sha256WithRSAEncryption
         5c:27:9d:da:69:6d:da:de:12:7a:2a:c9:67:9a:2f:7c:82:8c:
         c8:98:c2:18:4c:73:64:de:f1:b1:ff:d2:16:53:e1:20:9f:ce:
         94:44:8d:d1:bd:b0:2e:e1:e7:11:0a:80:fc:df:cd:0e:26:7d:
         04:64:87:4b:dd:b8:59:a8:dc:d2:86:7e:89:62:94:1b:f3:06:
         f5:42:61:3a:be:be:86:a0:82:98:1c:e7:bf:5b:51:f8:ac:36:
         5d:d8:a0:07:11:bc:a5:c6:8c:53:15:14:fa:96:57:46:99:4d:
         58:0e:d8:61:46:97:e7:28:7d:0b:10:45:c1:3e:fe:98:cd:92:
         49:69:f6:c3:ae:fe:99:5b:f0:cb:d5:5f:0a:9f:f5:b3:6a:06:
         cc:19:03:97:c5:63:3d:1e:2c:c5:5f:25:1b:f0:6d:4a:b2:16:
         c7:cd:65:70:dd:97:a5:5a:39:8d:95:01:a6:04:b1:0d:74:88:
         b4:95:e6:dd:a0:b1:b8:09:4a:16:24:2d:fc:1a:82:8e:5f:0b:
         c1:e6:df:05:97:55:d4:66:e2:00:36:51:7c:81:4f:c6:bb:05:
         8d:31:02:c5:9f:96:1f:ad:f6:13:ee:ae:88:94:e5:fe:89:be:
         dd:a3:20:e7:ed:c8:b7:a7:0e:fa:40:b5:4d:51:f9:87:73:f9:
         6a:08:69:78
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUIkusKJS6tOYi5xL1OKfi74d6CpAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjhCMkREOTQ4Qzg4MUI1MTdBMjBCODU2Njc1OEFCNEFC
QzdCNzJEMDAeFw0yNDA3MjExNjE4MTlaFw0yNTA3MjAxNjIzMTlaMDMxMTAvBgNV
BAMTKDVFN0U5QTM4QThFNjJEMDUzMzZFOEZFMzY5MEFCNjVENUE3OTMzRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDApeE/+RZMx8m+3+cqBo5tu+Qj
I2nPUgrQVt0BrzDnFFO/yYsy9oNoOi0Prq3pTFz36FkaqaqVUbFHeNgRhUxMjMMk
TKjEFBWxVJ/FAnmA8aR8EWZxSI+lFbPDB42Fsn5kFwRZ11cJvEE52Tjzkjc+p5xA
Gw1mR2HCYOLiWvLjWQJAk4p4cs0E3jfATthiHONqv+34nEnfSUAKV3NpFQTxtFwQ
VpstH5TYNUP4ONsojIXyGRr3F37g7iHMfpPiGDAdCMAb94Yhbc5fMllBOEcFNE9J
k5DZouLqy1P8l6TlfwOyxU7XsabW3TBWy1q35dmqv79xRJa4eDbDVr9ntYdvAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUXn6aOKjmLQUzbo/jaQq2XVp5M/gwHwYDVR0j
BBgwFoAU+LLdlIyIG1F6ILhWZ1irSrx7ctAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzAvRjhCMkREOTQ4Qzg4MUI1MTdBMjBCODU2Njc1OEFCNEFCQzdCNzJEMC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC9GOEIyREQ5NDhDODgxQjUxN0EyMEI4NTY2
NzU4QUI0QUJDN0I3MkQwLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMC8zMjYxMzA2
MTNhMzYzMDM0MzQzYTM2MzQzMDMwM2EzYTJmMzMzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzUzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYCKgpgRGQwDQYJKoZIhvcNAQELBQADggEBAFwn
ndppbdreEnoqyWeaL3yCjMiYwhhMc2Te8bH/0hZT4SCfzpREjdG9sC7h5xEKgPzf
zQ4mfQRkh0vduFmo3NKGfolilBvzBvVCYTq+voaggpgc579bUfisNl3YoAcRvKXG
jFMVFPqWV0aZTVgO2GFGl+cofQsQRcE+/pjNkklp9sOu/plb8MvVXwqf9bNqBswZ
A5fFYz0eLMVfJRvwbUqyFsfNZXDdl6VaOY2VAaYEsQ10iLSV5t2gsbgJShYkLfwa
go5fC8Hm3wWXVdRm4gA2UXyBT8a7BY0xAsWflh+t9hPuroiU5f6Jvt2jIOftyLen
DvpAtU1R+Ydz+WoIaXg=
-----END CERTIFICATE-----