Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323031393a3a2f34382d3438203d3e20323135373239.roa
File:                     326131343a373538313a323031393a3a2f34382d3438203d3e20323135373239.roa (raw, json)
Hash identifier:          IYle3OdCYlArGSSeLMfBfhQ3eFIMhD+VF1bRKUr6E6U=
Subject key identifier:   6E:5D:C6:F8:E4:D2:22:05:4F:FB:3B:12:4B:D0:4C:56:09:65:13:D6
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       1672C7F9DBA17FF510C1541D8B5485781CBA4E93
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323031393a3a2f34382d3438203d3e20323135373239.roa
Signing time:             Fri 14 Jun 2024 16:14:00 +0000
ROA not before:           Fri 14 Jun 2024 16:09:00 +0000
ROA not after:            Fri 13 Jun 2025 16:14:00 +0000
asID:                     215729
IP address blocks:        2a14:7581:2019::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 12 Oct 2024 16:27:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:72:c7:f9:db:a1:7f:f5:10:c1:54:1d:8b:54:85:78:1c:ba:4e:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Jun 14 16:09:00 2024 GMT
            Not After : Jun 13 16:14:00 2025 GMT
        Subject: CN=6E5DC6F8E4D222054FFB3B124BD04C56096513D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:3e:ba:0e:da:fe:5d:ef:fa:23:d7:ed:85:14:
                    4b:99:55:c8:1d:0f:4d:bb:f3:22:d3:f7:af:1b:71:
                    f8:14:27:de:81:3e:a8:9a:35:0b:bf:7f:a9:c9:66:
                    2e:0d:04:a6:0a:44:19:bc:a0:ae:b3:fc:50:63:3e:
                    8b:08:18:42:42:7f:af:6c:45:be:ac:f7:92:38:75:
                    d8:aa:f3:93:16:7e:43:59:ae:5e:cd:c9:44:64:c0:
                    4b:71:d8:d9:16:06:90:6c:a9:7f:e3:a6:ce:63:70:
                    84:91:c4:47:20:1a:9c:0a:fe:90:dc:77:92:a3:6f:
                    0d:19:5a:7e:3e:14:c0:4a:0c:6c:80:88:85:e6:59:
                    4c:6e:71:df:3f:d0:a6:a8:00:a5:c6:9e:f2:ea:76:
                    74:d8:67:45:3c:88:3d:d7:aa:e5:f4:d8:0f:f4:8e:
                    a9:ba:b8:bd:4c:ea:8a:f4:2f:bf:3d:1c:ee:8a:3e:
                    09:68:b5:40:15:3e:05:0a:0d:14:57:6d:59:9c:15:
                    4a:b8:47:18:2b:7c:17:17:b5:f9:35:5a:31:11:e8:
                    a5:89:db:e3:d0:04:4d:8b:7f:23:9b:ad:f2:a5:82:
                    81:3d:5a:1c:3e:cb:46:55:13:7a:7f:9e:7a:df:01:
                    82:1b:c1:f0:80:25:63:48:ed:32:5c:01:e4:d1:f4:
                    99:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:5D:C6:F8:E4:D2:22:05:4F:FB:3B:12:4B:D0:4C:56:09:65:13:D6
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323031393a3a2f34382d3438203d3e20323135373239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2019::/48

    Signature Algorithm: sha256WithRSAEncryption
         47:14:af:c8:40:2c:2a:60:78:e5:bb:05:a7:59:d1:69:e9:cd:
         e6:e8:55:51:8f:91:a3:c5:43:3d:02:fe:4a:fd:66:fe:23:92:
         13:c4:6d:5d:2d:78:f8:61:f3:9d:b6:b3:81:3f:8a:dc:4e:8f:
         99:4a:2d:17:b1:99:a5:09:9b:74:95:0f:68:51:13:3f:b9:80:
         66:3e:9a:81:93:5b:8a:c9:34:26:7a:5a:f6:9b:9c:3c:ed:2a:
         c7:dc:64:68:1c:d0:2f:a4:b4:34:f3:d6:ba:47:dc:7e:03:35:
         f4:06:07:46:d2:16:d3:74:25:f6:d7:d4:0e:c2:12:3a:0f:3f:
         3b:ec:3d:e5:dc:4a:22:db:74:13:6c:b8:da:dc:9a:ee:53:d8:
         72:da:9e:31:6e:34:73:ff:49:5f:9d:65:74:b0:e1:bf:57:e3:
         22:bb:2d:f7:44:04:64:a5:d0:a1:76:14:28:62:4f:ce:77:bc:
         66:34:df:bd:1f:fe:ba:12:7e:e1:8b:13:86:20:a0:c7:ad:5e:
         1c:8b:e7:c3:d3:7c:18:ba:63:c4:ad:97:66:c9:da:b9:02:87:
         9c:86:ca:ea:cf:51:f6:19:a2:5b:cd:17:8e:2d:6d:96:e3:09:
         7b:30:d6:b7:d1:c9:8f:c7:e3:be:95:d6:81:6f:9d:67:f6:6e:
         60:db:c1:d4
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUFnLH+duhf/UQwVQdi1SFeBy6TpMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA2MTQxNjA5MDBaFw0yNTA2MTMxNjE0MDBaMDMxMTAvBgNV
BAMTKDZFNURDNkY4RTREMjIyMDU0RkZCM0IxMjRCRDA0QzU2MDk2NTEzRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4ProO2v5d7/oj1+2FFEuZVcgd
D0278yLT968bcfgUJ96BPqiaNQu/f6nJZi4NBKYKRBm8oK6z/FBjPosIGEJCf69s
Rb6s95I4ddiq85MWfkNZrl7NyURkwEtx2NkWBpBsqX/jps5jcISRxEcgGpwK/pDc
d5Kjbw0ZWn4+FMBKDGyAiIXmWUxucd8/0KaoAKXGnvLqdnTYZ0U8iD3XquX02A/0
jqm6uL1M6or0L789HO6KPglotUAVPgUKDRRXbVmcFUq4RxgrfBcXtfk1WjER6KWJ
2+PQBE2LfyObrfKlgoE9Whw+y0ZVE3p/nnrfAYIbwfCAJWNI7TJcAeTR9JmtAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUbl3G+OTSIgVP+zsSS9BMVgllE9YwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyMzAzMTM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzczMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSAZMA0GCSqGSIb3DQEBCwUAA4IBAQBH
FK/IQCwqYHjluwWnWdFp6c3m6FVRj5GjxUM9Av5K/Wb+I5ITxG1dLXj4YfOdtrOB
P4rcTo+ZSi0XsZmlCZt0lQ9oURM/uYBmPpqBk1uKyTQmelr2m5w87SrH3GRoHNAv
pLQ089a6R9x+AzX0BgdG0hbTdCX219QOwhI6Dz877D3l3Eoi23QTbLja3JruU9hy
2p4xbjRz/0lfnWV0sOG/V+Miuy33RARkpdChdhQoYk/Od7xmNN+9H/66En7hixOG
IKDHrV4ci+fD03wYumPErZdmydq5Aoechsrqz1H2GaJbzReOLW2W4wl7MNa30cmP
x+O+ldaBb51n9m5g28HU
-----END CERTIFICATE-----
Generated at Sat Oct 12 21:07:17 2024 by rpki-client on console-ams.rpki-client.org