Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323035333a3a2f34382d3438203d3e20323135373239.roa
File:                     326131343a373538313a323035333a3a2f34382d3438203d3e20323135373239.roa (raw, json)
Hash identifier:          8+Pa9THfZfnQKgmuhBDkhIFVFx+BhL3RGtly0Z3YBbg=
Subject key identifier:   4A:96:53:B2:7D:00:13:73:D3:64:1D:DF:6C:85:9B:C3:C1:56:52:88
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       264B63545E4D003C035C953BDED86D7B1E29E945
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323035333a3a2f34382d3438203d3e20323135373239.roa
Signing time:             Fri 14 Jun 2024 16:41:36 +0000
ROA not before:           Fri 14 Jun 2024 16:36:36 +0000
ROA not after:            Fri 13 Jun 2025 16:41:36 +0000
asID:                     215729
IP address blocks:        2a14:7581:2053::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 12 Oct 2024 16:28:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:4b:63:54:5e:4d:00:3c:03:5c:95:3b:de:d8:6d:7b:1e:29:e9:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Jun 14 16:36:36 2024 GMT
            Not After : Jun 13 16:41:36 2025 GMT
        Subject: CN=4A9653B27D001373D3641DDF6C859BC3C1565288
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:1a:56:3a:3d:02:f1:46:89:55:bd:41:29:76:
                    c2:f7:90:cc:34:3e:eb:c9:9e:e9:64:40:54:06:d9:
                    57:c4:14:2b:7f:e9:c3:72:1f:34:a8:a9:c9:6a:f7:
                    ad:a8:b5:29:a5:78:45:91:9c:4b:aa:07:ac:9c:22:
                    09:55:d2:02:ea:11:43:d1:a1:c9:48:00:ae:5c:d7:
                    e7:00:d4:06:6e:d3:fb:95:c8:5e:62:29:30:b7:07:
                    99:92:cb:3d:c6:60:23:bb:f3:bb:63:cb:6d:f2:72:
                    2d:fb:57:33:a9:5f:3d:6f:9e:41:cc:0e:c7:e8:9e:
                    2e:64:68:31:3d:52:e6:3c:23:2e:26:fb:ae:7e:2b:
                    12:ab:18:ce:6f:82:a5:5f:7e:2b:4d:bc:85:3b:13:
                    5e:15:3a:fe:e9:a5:b9:04:a1:ac:32:74:ef:0b:3b:
                    04:cb:29:e2:1a:f9:d9:33:07:a2:f4:0e:6b:4f:6d:
                    34:ca:ef:99:41:ae:62:08:b7:74:7c:c1:10:93:f8:
                    6f:a2:53:bc:0d:1e:5d:6e:23:ec:8b:9d:48:f9:e3:
                    96:ae:64:09:33:39:4d:0e:77:ce:0a:e1:1e:c9:4d:
                    da:51:5c:db:ce:b8:09:cb:80:a3:08:4d:88:17:59:
                    02:e1:4c:5d:3b:e1:d1:b7:4e:b4:7c:11:3a:4e:ee:
                    69:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:96:53:B2:7D:00:13:73:D3:64:1D:DF:6C:85:9B:C3:C1:56:52:88
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323035333a3a2f34382d3438203d3e20323135373239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2053::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:e6:88:e2:09:3c:3b:6c:42:38:d9:5e:11:57:b6:1e:5d:be:
         44:99:e5:bf:04:90:76:a5:72:9e:ce:44:b1:a1:f8:73:7f:ff:
         5f:a4:12:e0:ca:54:50:b1:34:ed:2d:ea:27:53:87:98:d8:a8:
         dc:37:cd:21:37:57:f3:87:c4:3d:a2:d0:ec:bd:23:49:a3:d0:
         67:7d:1a:00:0b:34:6b:92:9e:1d:73:3a:d5:05:48:b4:94:03:
         79:86:70:4f:0f:e3:d6:1e:7f:4d:d5:9a:37:44:e0:80:dc:2a:
         d5:d5:4a:ca:9e:ba:c5:11:6c:28:b7:30:aa:49:08:ee:18:0b:
         b2:b2:25:ac:27:57:fc:6b:02:e6:d5:96:2a:e2:db:d4:75:28:
         af:2a:d8:3b:ed:9d:9d:77:6a:4b:ea:70:84:fa:7f:7c:02:f2:
         8b:ef:54:b3:d7:6e:a9:9f:b4:2e:c1:95:66:9a:0d:f3:b5:45:
         25:5b:71:30:59:d5:63:df:5b:c2:99:5f:48:d6:76:e2:fc:ea:
         52:8c:3d:b4:61:59:9f:13:c6:73:e9:ac:f5:1e:2e:1f:4f:b5:
         64:20:32:7d:d4:d6:73:1d:56:c1:ce:45:ce:99:99:40:73:94:
         f1:86:aa:bb:b7:0b:3e:d8:53:32:34:09:35:78:fa:52:32:61:
         80:da:26:2f
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUJktjVF5NADwDXJU73thtex4p6UUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA2MTQxNjM2MzZaFw0yNTA2MTMxNjQxMzZaMDMxMTAvBgNV
BAMTKDRBOTY1M0IyN0QwMDEzNzNEMzY0MURERjZDODU5QkMzQzE1NjUyODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHGlY6PQLxRolVvUEpdsL3kMw0
PuvJnulkQFQG2VfEFCt/6cNyHzSoqclq962otSmleEWRnEuqB6ycIglV0gLqEUPR
oclIAK5c1+cA1AZu0/uVyF5iKTC3B5mSyz3GYCO787tjy23yci37VzOpXz1vnkHM
Dsfoni5kaDE9UuY8Iy4m+65+KxKrGM5vgqVffitNvIU7E14VOv7ppbkEoawydO8L
OwTLKeIa+dkzB6L0DmtPbTTK75lBrmIIt3R8wRCT+G+iU7wNHl1uI+yLnUj545au
ZAkzOU0Od84K4R7JTdpRXNvOuAnLgKMITYgXWQLhTF074dG3TrR8ETpO7mmXAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUSpZTsn0AE3PTZB3fbIWbw8FWUogwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyMzAzNTMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzczMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSBTMA0GCSqGSIb3DQEBCwUAA4IBAQA3
5ojiCTw7bEI42V4RV7YeXb5EmeW/BJB2pXKezkSxofhzf/9fpBLgylRQsTTtLeon
U4eY2KjcN80hN1fzh8Q9otDsvSNJo9BnfRoACzRrkp4dczrVBUi0lAN5hnBPD+PW
Hn9N1Zo3ROCA3CrV1UrKnrrFEWwotzCqSQjuGAuysiWsJ1f8awLm1ZYq4tvUdSiv
Ktg77Z2dd2pL6nCE+n98AvKL71Sz126pn7QuwZVmmg3ztUUlW3EwWdVj31vCmV9I
1nbi/OpSjD20YVmfE8Zz6az1Hi4fT7VkIDJ91NZzHVbBzkXOmZlAc5Txhqq7tws+
2FMyNAk1ePpSMmGA2iYv
-----END CERTIFICATE-----