Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563303a313030303a3a2f33362d3336203d3e20323135333138.roa
File:                     326131343a316563303a313030303a3a2f33362d3336203d3e20323135333138.roa (raw, json)
Hash identifier:          uqYlyqWoLUTmty53wquOSmMpnoAGdKOsEDP8FbYQzWo=
Subject key identifier:   72:7D:81:46:A9:16:A0:D7:91:BA:B6:35:8D:97:7A:FE:80:01:AA:84
Certificate issuer:       /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial:       654795EA23BB6C04A7695E50651C2B39B7C1BE31
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563303a313030303a3a2f33362d3336203d3e20323135333138.roa
Signing time:             Thu 02 May 2024 17:54:01 +0000
ROA not before:           Thu 02 May 2024 17:49:01 +0000
ROA not after:            Thu 01 May 2025 17:54:01 +0000
asID:                     215318
IP address blocks:        2a14:1ec0:1000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Sat 22 Jun 2024 16:24:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:47:95:ea:23:bb:6c:04:a7:69:5e:50:65:1c:2b:39:b7:c1:be:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
        Validity
            Not Before: May  2 17:49:01 2024 GMT
            Not After : May  1 17:54:01 2025 GMT
        Subject: CN=727D8146A916A0D791BAB6358D977AFE8001AA84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:fc:f3:21:df:2c:a6:8c:b6:73:a0:5b:97:11:
                    c3:9c:60:53:6d:f3:58:73:4c:f5:99:93:f4:3c:c7:
                    b3:cc:da:1d:d2:2a:97:56:02:48:e8:7a:f8:7a:ef:
                    6f:f4:fb:22:d8:d0:ac:41:72:ad:c9:ca:d1:20:6c:
                    4e:fb:62:82:b4:c8:6b:a1:2d:7c:18:8a:bc:1e:26:
                    65:f2:b9:60:45:a6:9f:a5:97:f9:9f:cf:74:5c:50:
                    88:60:95:e3:4d:80:bd:7f:0f:95:9f:03:a7:84:30:
                    c2:de:9f:7a:14:e6:2a:c5:1d:ea:39:40:9c:19:3d:
                    db:54:9e:57:2f:68:53:75:75:19:b3:b5:36:7b:33:
                    97:a8:d4:bc:a1:24:77:24:72:73:7e:51:3c:8a:8b:
                    f2:62:67:82:d9:27:cd:35:19:54:a5:3e:89:6c:96:
                    6d:30:bf:3c:f8:b3:fd:be:75:d9:38:0c:01:3e:a3:
                    2a:b1:70:ef:23:f5:84:6e:26:1c:d6:4b:19:3f:8a:
                    88:a3:fe:73:5d:02:3b:a3:df:e4:3f:e2:cd:43:ae:
                    3f:64:f4:45:09:9e:23:74:33:af:6a:b2:81:eb:2a:
                    15:b4:4b:08:89:ae:31:b3:61:6b:fe:19:1e:a7:a5:
                    09:1d:90:f9:2b:2b:2a:c4:ab:4b:7b:dc:f6:44:09:
                    f1:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:7D:81:46:A9:16:A0:D7:91:BA:B6:35:8D:97:7A:FE:80:01:AA:84
            X509v3 Authority Key Identifier:
                keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563303a313030303a3a2f33362d3336203d3e20323135333138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:1ec0:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         61:18:71:79:f6:96:54:3f:fc:71:77:ab:16:04:cb:f2:e5:a5:
         8a:e1:e8:f3:3a:f9:3e:cf:0a:3d:85:d9:54:47:b0:5e:1d:c8:
         f4:52:56:08:db:82:24:03:50:78:31:3b:1c:1d:b2:35:c7:1c:
         6a:02:ca:0b:9c:b5:f1:fa:e6:e3:0f:ae:13:02:0a:6f:b5:7e:
         d3:28:8b:c1:c5:82:13:49:dc:fc:a9:de:b4:05:aa:54:1e:99:
         fa:b4:7f:56:62:aa:dc:05:93:65:5f:45:8e:f3:73:d0:81:a0:
         c4:a7:93:b6:a2:93:4e:f1:94:9f:bc:e6:ad:a2:7b:7c:2b:b5:
         d2:4d:ed:54:05:d5:dd:32:4d:89:c7:2c:47:8f:ab:de:b5:5b:
         0e:ec:38:58:8c:95:b9:e1:cb:04:ca:f1:db:54:b0:fc:27:24:
         b6:55:14:59:79:60:e6:67:98:ca:eb:0f:0a:97:b4:8d:30:34:
         80:ff:7f:01:be:c9:5b:10:d7:f5:d8:c3:76:3f:1e:03:d7:e0:
         81:1d:c7:d7:8a:25:1b:bd:87:49:b7:a7:21:f4:39:6a:41:2a:
         4a:09:21:8e:1e:f0:d7:14:36:a9:76:b7:38:35:14:6c:ab:6d:
         5a:ea:22:a7:6f:08:8e:83:a7:50:32:4a:fb:df:78:49:f5:1d:
         ec:47:9e:98
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUZUeV6iO7bASnaV5QZRwrObfBvjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNDA1MDIxNzQ5MDFaFw0yNTA1MDExNzU0MDFaMDMxMTAvBgNV
BAMTKDcyN0Q4MTQ2QTkxNkEwRDc5MUJBQjYzNThEOTc3QUZFODAwMUFBODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj/PMh3yymjLZzoFuXEcOcYFNt
81hzTPWZk/Q8x7PM2h3SKpdWAkjoevh672/0+yLY0KxBcq3JytEgbE77YoK0yGuh
LXwYirweJmXyuWBFpp+ll/mfz3RcUIhgleNNgL1/D5WfA6eEMMLen3oU5irFHeo5
QJwZPdtUnlcvaFN1dRmztTZ7M5eo1LyhJHckcnN+UTyKi/JiZ4LZJ801GVSlPols
lm0wvzz4s/2+ddk4DAE+oyqxcO8j9YRuJhzWSxk/ioij/nNdAjuj3+Q/4s1Drj9k
9EUJniN0M69qsoHrKhW0SwiJrjGzYWv+GR6npQkdkPkrKyrEq0t73PZECfGXAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUcn2BRqkWoNeRurY1jZd6/oABqoQwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzMw
M2EzMTMwMzAzMDNhM2EyZjMzMzYyZDMzMzYyMDNkM2UyMDMyMzEzNTMzMzEzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGBCoUHsAQMA0GCSqGSIb3DQEBCwUAA4IBAQBhGHF59pZUP/xxd6sW
BMvy5aWK4ejzOvk+zwo9hdlUR7BeHcj0UlYI24IkA1B4MTscHbI1xxxqAsoLnLXx
+ubjD64TAgpvtX7TKIvBxYITSdz8qd60BapUHpn6tH9WYqrcBZNlX0WO83PQgaDE
p5O2opNO8ZSfvOatont8K7XSTe1UBdXdMk2JxyxHj6vetVsO7DhYjJW54csEyvHb
VLD8JyS2VRRZeWDmZ5jK6w8Kl7SNMDSA/38BvslbENf12MN2Px4D1+CBHcfXiiUb
vYdJt6ch9DlqQSpKCSGOHvDXFDapdrc4NRRsq21a6iKnbwiOg6dQMkr733hJ9R3s
R56Y
-----END CERTIFICATE-----
Generated at Sat Jun 22 18:54:43 2024 by rpki-client on console-fra.rpki-client.org