Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323032343a3a2f34382d3438203d3e20323135373239.roa
File:                     326131343a373538313a323032343a3a2f34382d3438203d3e20323135373239.roa (raw, json)
Hash identifier:          YOtaquK4MtS+k5pFE7kyLaIR/b3GFNlOUBae+S1kakA=
Subject key identifier:   F0:10:CF:73:DD:9B:28:B4:36:F8:7B:CB:AB:78:E0:4E:ED:07:32:18
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       061A703356E23F98C1A3E049D08508EF442F5CB5
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323032343a3a2f34382d3438203d3e20323135373239.roa
Signing time:             Fri 14 Jun 2024 17:06:37 +0000
ROA not before:           Fri 14 Jun 2024 17:01:37 +0000
ROA not after:            Fri 13 Jun 2025 17:06:37 +0000
asID:                     215729
IP address blocks:        2a14:7581:2024::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 12 Oct 2024 16:28:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:1a:70:33:56:e2:3f:98:c1:a3:e0:49:d0:85:08:ef:44:2f:5c:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Jun 14 17:01:37 2024 GMT
            Not After : Jun 13 17:06:37 2025 GMT
        Subject: CN=F010CF73DD9B28B436F87BCBAB78E04EED073218
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:0b:d9:99:f5:51:28:c2:fe:db:c0:dd:dc:c5:
                    c0:dc:1c:ae:6d:87:a6:c9:4f:ba:87:b9:19:dc:8c:
                    72:d4:6e:bd:22:67:f5:40:b2:d5:70:93:b7:23:8b:
                    65:e6:15:d2:47:7e:96:46:9a:cf:8c:17:d6:bd:31:
                    a6:f6:e2:a2:10:da:56:d4:a8:47:c3:60:07:83:f5:
                    9d:59:f2:de:dc:83:3d:d2:87:70:21:ef:f7:2e:30:
                    70:15:13:48:65:01:f8:07:fd:91:f8:40:ac:a9:35:
                    69:27:20:ff:1e:28:57:9f:2e:27:41:20:b4:4a:ad:
                    90:b3:c4:f5:ba:7e:0e:8b:0c:ac:ec:1a:c0:ec:0e:
                    c0:48:97:14:c8:a6:93:da:1d:9e:c8:2f:c2:31:c6:
                    8b:01:9e:8a:e9:f8:67:b6:de:99:a8:70:0a:84:cb:
                    5a:c5:6f:7b:9f:73:c6:f8:73:43:26:6d:f3:30:fe:
                    32:b8:26:5d:a3:5a:b4:bd:38:d0:a4:97:22:7c:fa:
                    11:fd:8c:57:11:9d:2d:7d:50:8b:9a:01:f1:8b:15:
                    b7:86:4d:a8:a2:0b:2f:35:90:e6:ee:cf:8f:c6:89:
                    10:b0:d3:ae:ae:29:68:a5:3b:5f:39:0b:4a:57:fc:
                    7e:84:7b:ea:d0:bd:7c:82:cc:43:80:aa:a7:93:8e:
                    7b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:10:CF:73:DD:9B:28:B4:36:F8:7B:CB:AB:78:E0:4E:ED:07:32:18
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323032343a3a2f34382d3438203d3e20323135373239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2024::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:00:7f:52:08:4a:12:af:b1:ce:d3:31:43:b1:78:b3:14:69:
         e3:fc:4a:ef:86:12:14:6e:0a:93:3c:7e:a4:c5:85:19:e4:86:
         7a:db:5f:ee:d8:30:03:04:2f:b3:87:65:5e:e9:ec:91:5e:d0:
         59:0b:a0:90:30:cb:83:2a:17:33:50:f2:17:de:42:de:5b:03:
         d3:f0:4b:6a:13:6c:53:ca:87:a6:33:18:b7:5f:10:47:5e:f3:
         5f:e6:86:48:bd:df:77:94:d2:bb:38:e3:47:42:8e:0d:6f:2a:
         a8:1b:c7:98:05:98:cc:c9:fc:1a:7f:3e:b0:d8:a6:7a:c9:d5:
         98:97:52:e9:69:de:18:7f:e9:e9:03:43:90:1e:2b:70:23:cb:
         77:92:8e:f6:77:53:ad:38:65:e1:64:c6:3d:8a:36:d7:d4:8c:
         e2:99:5c:6f:fb:a7:c3:81:8c:cf:1b:71:5a:39:75:27:58:a8:
         45:b6:43:e4:8c:7e:64:6b:e9:85:d1:10:77:b1:cc:30:ce:e6:
         46:94:35:25:de:31:23:22:b4:cc:be:53:62:4f:41:dd:eb:ed:
         b6:9e:75:47:2f:5f:49:9f:11:5d:d8:43:fc:05:ff:a7:47:28:
         8d:a7:56:f7:95:2b:78:2d:dc:80:0f:1f:9a:d4:b9:ec:6f:64:
         70:4a:26:c2
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUBhpwM1biP5jBo+BJ0IUI70QvXLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA2MTQxNzAxMzdaFw0yNTA2MTMxNzA2MzdaMDMxMTAvBgNV
BAMTKEYwMTBDRjczREQ5QjI4QjQzNkY4N0JDQkFCNzhFMDRFRUQwNzMyMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEC9mZ9VEowv7bwN3cxcDcHK5t
h6bJT7qHuRncjHLUbr0iZ/VAstVwk7cji2XmFdJHfpZGms+MF9a9Mab24qIQ2lbU
qEfDYAeD9Z1Z8t7cgz3Sh3Ah7/cuMHAVE0hlAfgH/ZH4QKypNWknIP8eKFefLidB
ILRKrZCzxPW6fg6LDKzsGsDsDsBIlxTIppPaHZ7IL8IxxosBnorp+Ge23pmocAqE
y1rFb3ufc8b4c0MmbfMw/jK4Jl2jWrS9ONCklyJ8+hH9jFcRnS19UIuaAfGLFbeG
TaiiCy81kObuz4/GiRCw066uKWilO185C0pX/H6Ee+rQvXyCzEOAqqeTjnsZAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU8BDPc92bKLQ2+HvLq3jgTu0HMhgwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyMzAzMjM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzczMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSAkMA0GCSqGSIb3DQEBCwUAA4IBAQCR
AH9SCEoSr7HO0zFDsXizFGnj/ErvhhIUbgqTPH6kxYUZ5IZ621/u2DADBC+zh2Ve
6eyRXtBZC6CQMMuDKhczUPIX3kLeWwPT8EtqE2xTyoemMxi3XxBHXvNf5oZIvd93
lNK7OONHQo4NbyqoG8eYBZjMyfwafz6w2KZ6ydWYl1Lpad4Yf+npA0OQHitwI8t3
ko72d1OtOGXhZMY9ijbX1IzimVxv+6fDgYzPG3FaOXUnWKhFtkPkjH5ka+mF0RB3
scwwzuZGlDUl3jEjIrTMvlNiT0Hd6+22nnVHL19JnxFd2EP8Bf+nRyiNp1b3lSt4
LdyADx+a1Lnsb2RwSibC
-----END CERTIFICATE-----