Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562653a3a2f34372d3438203d3e203134363138.roa
File:                     326131313a323963303a396562653a3a2f34372d3438203d3e203134363138.roa (raw, json)
Hash identifier:          fycC0UeL6liXoK+7uZCbJcRap3WaS0JUMwnW8BsbcDk=
Subject key identifier:   C9:27:91:7E:BE:11:B4:30:68:8F:51:CD:B1:11:B5:3D:1C:B9:9C:9C
Certificate issuer:       /CN=32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4
Certificate serial:       0552AFF21C08CC623546A442523148DE5CC36BAA
Authority key identifier: 32:39:8A:14:06:A1:C1:D3:23:CA:63:CB:32:0F:FD:1E:B4:D1:B0:C4
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562653a3a2f34372d3438203d3e203134363138.roa
Signing time:             Tue 30 Jan 2024 06:33:20 +0000
ROA not before:           Tue 30 Jan 2024 06:28:19 +0000
ROA not after:            Tue 28 Jan 2025 06:33:19 +0000
asID:                     14618
IP address blocks:        2a11:29c0:9ebe::/47 maxlen: 48

Validation:               Failed, certificate revoked on Sat 22 Jun 2024 00:35:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:52:af:f2:1c:08:cc:62:35:46:a4:42:52:31:48:de:5c:c3:6b:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4
        Validity
            Not Before: Jan 30 06:28:19 2024 GMT
            Not After : Jan 28 06:33:19 2025 GMT
        Subject: CN=C927917EBE11B430688F51CDB111B53D1CB99C9C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:af:eb:17:22:7c:b1:9a:42:66:51:fe:cb:29:
                    4a:a0:17:07:61:19:72:fa:db:64:2a:bb:3e:d8:35:
                    d2:72:b6:7f:c2:49:20:c0:a0:a5:30:65:37:b6:7c:
                    9a:16:d7:49:16:21:72:10:bc:cd:f5:a2:1a:fd:35:
                    5d:63:0a:fe:2a:4c:eb:db:1a:15:3f:48:05:23:83:
                    57:fe:49:f3:06:7e:99:74:2a:e3:50:a1:53:0c:c0:
                    ea:13:51:01:ad:00:86:d7:31:bd:a4:1c:5a:fc:7a:
                    66:9e:2a:ca:9e:15:ed:29:b0:47:4a:cc:01:b6:14:
                    b5:c8:a2:76:56:98:ff:19:b0:8d:72:04:5d:1d:8b:
                    58:1d:68:3f:b4:f5:28:40:e9:51:62:57:d0:16:a2:
                    88:6e:92:f6:b2:ca:5e:c9:51:67:1a:e8:b4:dc:f8:
                    12:4b:8c:87:45:65:76:7d:f3:b8:89:d8:67:c5:cf:
                    5f:e3:42:a3:90:51:83:0f:8d:b7:f8:ac:0c:d6:e8:
                    a1:74:96:45:bc:6c:ed:14:84:bf:3e:49:7a:f6:98:
                    f1:11:5f:b6:b9:c0:57:f4:30:43:a1:d0:ce:cc:5c:
                    83:35:a0:ed:1c:d6:97:28:98:74:be:8f:63:9a:5c:
                    77:6a:7a:f9:6a:36:4b:2f:ec:7c:8f:71:b3:7b:a8:
                    58:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:27:91:7E:BE:11:B4:30:68:8F:51:CD:B1:11:B5:3D:1C:B9:9C:9C
            X509v3 Authority Key Identifier:
                keyid:32:39:8A:14:06:A1:C1:D3:23:CA:63:CB:32:0F:FD:1E:B4:D1:B0:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562653a3a2f34372d3438203d3e203134363138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:9ebe::/47

    Signature Algorithm: sha256WithRSAEncryption
         8e:20:04:78:8a:77:6f:dd:1d:83:0d:8a:62:d6:34:0d:57:44:
         26:55:8a:a9:b9:a3:63:6c:0f:6d:9c:cb:ec:4c:e5:ba:b6:41:
         37:6c:9a:a6:63:a5:94:63:08:14:a9:0d:f8:d1:bd:7f:e8:ef:
         db:62:b8:fa:13:e3:30:db:c9:6d:04:f5:dd:28:87:c6:aa:4e:
         8b:a5:0f:a8:69:82:f6:99:5c:81:41:d7:16:ad:97:83:7d:0f:
         d7:34:76:8d:f0:c4:ee:e5:47:c5:4e:8f:ca:87:b4:43:ab:92:
         45:d6:16:1c:eb:2f:03:17:ac:93:b9:22:7e:01:23:f1:b9:3e:
         5f:69:18:90:22:61:89:76:29:89:23:7c:e4:5a:f4:4b:d5:e3:
         b1:50:c9:18:9f:99:16:16:ee:85:f7:21:17:49:a9:f6:7c:5e:
         ad:92:6a:c6:a0:5f:e3:79:89:8c:e6:db:f7:18:67:ae:8f:70:
         60:59:ec:1f:d0:44:1b:7c:b1:90:4e:dc:94:f3:f6:32:fe:6c:
         f3:15:6e:75:0a:75:dd:46:94:2b:80:43:1b:dc:d0:4f:b0:99:
         39:d9:39:73:2d:a0:cb:54:05:42:ab:b6:23:52:b0:2c:ae:07:
         e3:26:04:0e:f6:d1:93:78:45:93:4f:09:94:cd:00:40:bc:6f:
         4b:6d:1e:ed
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUBVKv8hwIzGI1RqRCUjFI3lzDa6owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzIzOThBMTQwNkExQzFEMzIzQ0E2M0NCMzIwRkZEMUVC
NEQxQjBDNDAeFw0yNDAxMzAwNjI4MTlaFw0yNTAxMjgwNjMzMTlaMDMxMTAvBgNV
BAMTKEM5Mjc5MTdFQkUxMUI0MzA2ODhGNTFDREIxMTFCNTNEMUNCOTlDOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWr+sXInyxmkJmUf7LKUqgFwdh
GXL622Qquz7YNdJytn/CSSDAoKUwZTe2fJoW10kWIXIQvM31ohr9NV1jCv4qTOvb
GhU/SAUjg1f+SfMGfpl0KuNQoVMMwOoTUQGtAIbXMb2kHFr8emaeKsqeFe0psEdK
zAG2FLXIonZWmP8ZsI1yBF0di1gdaD+09ShA6VFiV9AWoohukvayyl7JUWca6LTc
+BJLjIdFZXZ987iJ2GfFz1/jQqOQUYMPjbf4rAzW6KF0lkW8bO0UhL8+SXr2mPER
X7a5wFf0MEOh0M7MXIM1oO0c1pcomHS+j2OaXHdqevlqNksv7HyPcbN7qFijAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUySeRfr4RtDBoj1HNsRG1PRy5nJwwHwYDVR0j
BBgwFoAUMjmKFAahwdMjymPLMg/9HrTRsMQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzgvMzIzOThBMTQwNkExQzFEMzIzQ0E2M0NCMzIwRkZEMUVCNEQxQjBDNC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMi8zMjM5OEExNDA2QTFDMUQzMjNDQTYzQ0Iz
MjBGRkQxRUI0RDFCMEM0LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8xYmY4ZTk3Ny03Mjc4LTQ2Y2YtYWJkMS05OWNkMWZkMmJlNGUvOC8zMjYxMzEz
MTNhMzIzOTYzMzAzYTM5NjU2MjY1M2EzYTJmMzQzNzJkMzQzODIwM2QzZTIwMzEz
NDM2MzEzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHASoRKcCevjANBgkqhkiG9w0BAQsFAAOCAQEAjiAE
eIp3b90dgw2KYtY0DVdEJlWKqbmjY2wPbZzL7EzlurZBN2yapmOllGMIFKkN+NG9
f+jv22K4+hPjMNvJbQT13SiHxqpOi6UPqGmC9plcgUHXFq2Xg30P1zR2jfDE7uVH
xU6Pyoe0Q6uSRdYWHOsvAxesk7kifgEj8bk+X2kYkCJhiXYpiSN85Fr0S9XjsVDJ
GJ+ZFhbuhfchF0mp9nxerZJqxqBf43mJjObb9xhnro9wYFnsH9BEG3yxkE7clPP2
Mv5s8xVudQp13UaUK4BDG9zQT7CZOdk5cy2gy1QFQqu2I1KwLK4H4yYEDvbRk3hF
k08JlM0AQLxvS20e7Q==
-----END CERTIFICATE-----