Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323030303a3a2f33362d3336203d3e20323135373239.roa
File:                     326131343a373538313a323030303a3a2f33362d3336203d3e20323135373239.roa (raw, json)
Hash identifier:          zaH9hht5jlMV1W6r8lxiLQJIQg0L7VVOSA6OEytpGSo=
Subject key identifier:   B7:58:9E:15:AD:DE:52:00:E0:6F:33:80:94:F9:42:5B:58:4B:87:B0
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       722A9AAD0684DCA176AB8B6224F1F92831A3CBE9
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323030303a3a2f33362d3336203d3e20323135373239.roa
Signing time:             Fri 13 Sep 2024 09:02:39 +0000
ROA not before:           Fri 13 Sep 2024 08:57:39 +0000
ROA not after:            Fri 12 Sep 2025 09:02:39 +0000
asID:                     215729
IP address blocks:        2a14:7581:2000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Sat 12 Oct 2024 16:27:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:2a:9a:ad:06:84:dc:a1:76:ab:8b:62:24:f1:f9:28:31:a3:cb:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Sep 13 08:57:39 2024 GMT
            Not After : Sep 12 09:02:39 2025 GMT
        Subject: CN=B7589E15ADDE5200E06F338094F9425B584B87B0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:94:ba:f3:95:03:a0:85:04:d9:4c:1c:9d:36:
                    b9:6b:1a:2b:d0:ad:f3:7f:a8:b6:91:ef:5d:c1:59:
                    7a:e2:11:50:1b:d2:d7:6c:68:e4:cd:8a:b9:68:13:
                    1b:84:d5:ec:61:0f:26:a4:b3:8b:92:fc:4d:d8:bd:
                    d4:67:fc:72:a6:80:b2:62:43:7e:42:14:02:eb:51:
                    49:b5:d7:73:1c:4d:4f:29:9c:37:c7:a4:8a:b9:5d:
                    3f:41:9e:d5:45:43:6e:10:57:a0:b4:60:71:bb:14:
                    5a:df:88:c1:39:52:69:73:a1:83:be:92:dc:13:c9:
                    77:9c:64:3c:d3:4c:40:b4:df:27:b0:26:30:51:0a:
                    14:ba:76:75:7a:2a:52:42:dc:e9:41:52:1d:35:54:
                    1e:03:a8:f5:a6:15:58:6d:49:ea:31:56:e0:31:60:
                    f4:be:61:e8:92:c2:b7:97:18:70:d2:5f:18:eb:8b:
                    c9:a2:f3:5b:7d:28:d3:3c:6e:54:20:cd:13:fa:12:
                    11:f9:d9:2a:e6:58:ce:11:5a:d2:ff:fb:6d:79:f8:
                    55:77:fa:2a:89:57:1e:8e:97:3e:20:2e:b9:90:d0:
                    d7:df:c6:4f:41:46:88:f9:52:ce:67:d8:11:dd:d6:
                    2d:c2:02:f0:8d:d9:87:d1:60:6d:9c:48:89:a6:26:
                    44:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:58:9E:15:AD:DE:52:00:E0:6F:33:80:94:F9:42:5B:58:4B:87:B0
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323030303a3a2f33362d3336203d3e20323135373239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2000::/36

    Signature Algorithm: sha256WithRSAEncryption
         9c:22:04:6c:2d:ab:a0:a0:25:0e:cb:4c:d1:02:e4:6f:fe:b1:
         1b:18:4f:97:61:7b:49:b0:b9:43:93:a1:47:92:14:08:96:c0:
         9b:34:74:10:4f:28:66:bd:1c:74:19:ed:6f:38:ea:5d:d9:e2:
         bf:c2:41:7f:b0:0b:62:1b:7a:e9:84:c1:9a:c3:cf:76:31:11:
         f9:58:3d:1c:e3:c0:7e:1c:df:17:10:48:99:17:59:bd:2f:fe:
         49:a5:3f:5e:2a:db:73:6d:b6:25:9c:30:0f:f6:ba:74:d3:17:
         9b:8b:4a:39:9a:44:3a:85:5e:af:6c:99:9b:59:b0:9c:01:49:
         26:08:ad:3a:87:42:ab:b3:98:24:7e:e0:9a:5d:8d:c2:cc:97:
         d0:1b:9c:d1:42:01:6c:c5:d1:48:59:2e:f1:98:b8:3c:63:2e:
         27:ca:66:5a:44:5a:c7:9b:bc:ec:0e:2f:d1:0c:b7:82:63:c9:
         ed:28:48:24:79:cd:08:3b:0a:b6:ba:30:97:2a:f4:f9:b4:67:
         60:8a:a7:e5:00:68:10:e1:3a:61:ca:a6:d3:34:8a:65:81:e5:
         94:86:0e:cb:3e:1b:bb:e1:16:fc:88:aa:06:27:6b:ba:34:13:
         32:38:5f:e1:0b:53:7b:da:5a:ab:ce:22:62:de:b1:94:c5:0e:
         17:bd:dc:da
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUciqarQaE3KF2q4tiJPH5KDGjy+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA5MTMwODU3MzlaFw0yNTA5MTIwOTAyMzlaMDMxMTAvBgNV
BAMTKEI3NTg5RTE1QURERTUyMDBFMDZGMzM4MDk0Rjk0MjVCNTg0Qjg3QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnlLrzlQOghQTZTBydNrlrGivQ
rfN/qLaR713BWXriEVAb0tdsaOTNirloExuE1exhDyaks4uS/E3YvdRn/HKmgLJi
Q35CFALrUUm113McTU8pnDfHpIq5XT9BntVFQ24QV6C0YHG7FFrfiME5UmlzoYO+
ktwTyXecZDzTTEC03yewJjBRChS6dnV6KlJC3OlBUh01VB4DqPWmFVhtSeoxVuAx
YPS+YeiSwreXGHDSXxjri8mi81t9KNM8blQgzRP6EhH52SrmWM4RWtL/+215+FV3
+iqJVx6Olz4gLrmQ0Nffxk9BRoj5Us5n2BHd1i3CAvCN2YfRYG2cSImmJkQJAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUt1ieFa3eUgDgbzOAlPlCW1hLh7AwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyMzAzMDMwM2EzYTJmMzMzNjJkMzMzNjIwM2QzZTIwMzIz
MTM1MzczMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1gSAwDQYJKoZIhvcNAQELBQADggEBAJwi
BGwtq6CgJQ7LTNEC5G/+sRsYT5dhe0mwuUOToUeSFAiWwJs0dBBPKGa9HHQZ7W84
6l3Z4r/CQX+wC2IbeumEwZrDz3YxEflYPRzjwH4c3xcQSJkXWb0v/kmlP14q23Nt
tiWcMA/2unTTF5uLSjmaRDqFXq9smZtZsJwBSSYIrTqHQquzmCR+4JpdjcLMl9Ab
nNFCAWzF0UhZLvGYuDxjLifKZlpEWsebvOwOL9EMt4Jjye0oSCR5zQg7Cra6MJcq
9Pm0Z2CKp+UAaBDhOmHKptM0imWB5ZSGDss+G7vhFvyIqgYna7o0EzI4X+ELU3va
WqvOImLesZTFDhe93No=
-----END CERTIFICATE-----