Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a64613a3a2f34382d3438203d3e20323136333131.roa
File:                     326130623a346530373a64613a3a2f34382d3438203d3e20323136333131.roa (raw, json)
Hash identifier:          xUQzhmWtMuVZWa0iEEGt45k2ZjIKqLfuwPCUCDzaCVA=
Subject key identifier:   03:32:F9:87:6A:80:3B:4D:DB:30:D2:89:BF:52:08:3F:03:04:24:E8
Certificate issuer:       /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Certificate serial:       70C5D402EAFFDEC3F544BEA45D8370505289BF4F
Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a64613a3a2f34382d3438203d3e20323136333131.roa
Signing time:             Thu 12 Sep 2024 13:20:07 +0000
ROA not before:           Thu 12 Sep 2024 13:15:07 +0000
ROA not after:            Thu 11 Sep 2025 13:20:07 +0000
asID:                     216311
IP address blocks:        2a0b:4e07:da::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 29 Oct 2024 14:47:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:c5:d4:02:ea:ff:de:c3:f5:44:be:a4:5d:83:70:50:52:89:bf:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
        Validity
            Not Before: Sep 12 13:15:07 2024 GMT
            Not After : Sep 11 13:20:07 2025 GMT
        Subject: CN=0332F9876A803B4DDB30D289BF52083F030424E8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:7d:4c:b1:72:14:b5:20:a9:12:0c:cd:e3:9e:
                    86:46:c6:20:bd:7c:27:86:a1:ae:ed:53:af:c9:82:
                    34:cf:77:64:97:ca:b5:3c:19:8a:26:22:51:e6:c9:
                    a6:59:dc:ee:83:1b:e0:4f:92:8b:e7:b6:02:09:58:
                    f0:2c:5e:7b:5d:5f:85:76:68:50:7a:34:54:e0:68:
                    8a:6e:ad:6c:b4:65:66:5c:81:53:5b:de:63:79:35:
                    c0:55:5e:3f:c6:e3:15:62:b8:8d:b6:4a:e4:48:53:
                    10:d4:65:c0:29:20:1d:ea:cc:25:06:45:86:93:55:
                    d2:ed:4b:a1:ed:6d:76:3e:df:5b:39:0b:d9:70:76:
                    35:7b:b1:9d:77:ff:42:94:23:a4:47:2d:8c:ff:be:
                    ca:95:86:f7:b6:bf:7c:f3:89:74:e5:35:66:1c:e5:
                    96:8f:51:fc:9f:8c:33:04:f1:a3:c0:be:3c:f2:65:
                    51:d4:df:29:4a:e1:3d:5a:db:ff:ef:b4:f9:0b:6c:
                    e8:d8:36:4a:85:bb:bd:88:47:12:d9:c3:ba:09:ab:
                    9f:0c:7e:89:9a:11:ea:ec:81:61:7b:28:86:2a:df:
                    5e:17:70:5c:7f:4b:b0:e8:5c:c9:40:92:31:43:c4:
                    5d:63:e4:eb:6b:dc:45:af:84:a7:d0:61:18:30:7a:
                    6a:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:32:F9:87:6A:80:3B:4D:DB:30:D2:89:BF:52:08:3F:03:04:24:E8
            X509v3 Authority Key Identifier:
                keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a64613a3a2f34382d3438203d3e20323136333131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4e07:da::/48

    Signature Algorithm: sha256WithRSAEncryption
         9a:a2:55:d6:07:2d:ec:2f:5f:24:b8:df:fd:03:44:85:e5:1a:
         5f:f4:1c:4c:f3:b9:95:33:77:d1:3a:5c:2f:30:28:ad:33:e5:
         3d:65:f3:75:8d:22:e1:13:8f:c0:3d:f0:b7:35:05:b7:19:eb:
         c9:87:65:81:b5:90:fc:ec:73:46:4a:05:9d:e2:86:09:64:b3:
         32:56:0d:05:22:3c:2e:06:dd:27:ad:c7:21:ee:aa:10:ee:1e:
         41:43:ba:75:ac:f5:dd:14:c9:fe:0c:46:8e:de:0f:cd:8f:1b:
         b5:4a:03:e0:8c:32:f8:78:b7:d3:d4:f7:0e:a9:c0:41:98:14:
         06:63:24:a0:5e:78:50:d1:78:a1:ae:c7:d5:63:0c:cc:6c:4a:
         95:0e:70:b6:99:82:12:a1:c0:bc:a8:73:34:b5:6a:41:4c:38:
         e5:f7:d0:44:98:98:5d:b7:1b:b4:00:aa:2c:a3:c8:e9:31:44:
         bb:f3:ad:5a:8b:d6:05:93:22:aa:b4:7f:eb:74:13:b1:cb:51:
         74:be:d4:30:a4:fb:e2:2f:c3:a0:1e:a3:06:cb:e9:d8:fd:2c:
         73:3d:99:ff:84:51:66:f8:70:0a:b0:c3:dd:81:84:3e:4b:f8:
         04:60:b4:70:bb:bd:12:72:95:65:5e:3d:33:87:06:9b:ed:7d:
         57:21:9a:0a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIUcMXUAur/3sP1RL6kXYNwUFKJv08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE
NTgzNDBCQzAeFw0yNDA5MTIxMzE1MDdaFw0yNTA5MTExMzIwMDdaMDMxMTAvBgNV
BAMTKDAzMzJGOTg3NkE4MDNCNEREQjMwRDI4OUJGNTIwODNGMDMwNDI0RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMfUyxchS1IKkSDM3jnoZGxiC9
fCeGoa7tU6/JgjTPd2SXyrU8GYomIlHmyaZZ3O6DG+BPkovntgIJWPAsXntdX4V2
aFB6NFTgaIpurWy0ZWZcgVNb3mN5NcBVXj/G4xViuI22SuRIUxDUZcApIB3qzCUG
RYaTVdLtS6HtbXY+31s5C9lwdjV7sZ13/0KUI6RHLYz/vsqVhve2v3zziXTlNWYc
5ZaPUfyfjDME8aPAvjzyZVHU3ylK4T1a2//vtPkLbOjYNkqFu72IRxLZw7oJq58M
fomaEersgWF7KIYq314XcFx/S7DoXMlAkjFDxF1j5Otr3EWvhKfQYRgwemotAgMB
AAGjggKBMIICfTAdBgNVHQ4EFgQUAzL5h2qAO03bMNKJv1IIPwMEJOgwHwYDVR0j
BBgwFoAU0YIHRmqwp9fR7zx80C6AvtWDQLwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzIvRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVENTgzNDBCQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3
OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE
MDJFODBCRUQ1ODM0MEJDLmNlcjCBswYIKwYBBQUHAQsEgaYwgaMwgaAGCCsGAQUF
BzALhoGTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMi8zMjYxMzA2
MjNhMzQ2NTMwMzczYTY0NjEzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzYz
MzMxMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwAqC04HANowDQYJKoZIhvcNAQELBQADggEBAJqiVdYH
LewvXyS43/0DRIXlGl/0HEzzuZUzd9E6XC8wKK0z5T1l83WNIuETj8A98Lc1BbcZ
68mHZYG1kPzsc0ZKBZ3ihglkszJWDQUiPC4G3SetxyHuqhDuHkFDunWs9d0Uyf4M
Ro7eD82PG7VKA+CMMvh4t9PU9w6pwEGYFAZjJKBeeFDReKGux9VjDMxsSpUOcLaZ
ghKhwLyoczS1akFMOOX30ESYmF23G7QAqiyjyOkxRLvzrVqL1gWTIqq0f+t0E7HL
UXS+1DCk++Ivw6AeowbL6dj9LHM9mf+EUWb4cAqww92BhD5L+ARgtHC7vRJylWVe
PTOHBpvtfVchmgo=
-----END CERTIFICATE-----
Generated at Tue Oct 29 17:50:19 2024 by rpki-client on console-ams.rpki-client.org