Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323130303a3a2f34382d3438203d3e20323135373239.roa
File:                     326131343a373538313a323130303a3a2f34382d3438203d3e20323135373239.roa (raw, json)
Hash identifier:          GzsdJkzUvefO32YqFPqI/CDJBUQkpT0uMEP3kOGQEto=
Subject key identifier:   6B:DA:9C:E4:A8:5B:5D:49:F8:75:C4:C2:17:F1:B0:B0:A1:13:59:AB
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       3B66E29C60EE7FD2C219073135111B482D9CFA47
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323130303a3a2f34382d3438203d3e20323135373239.roa
Signing time:             Tue 05 Mar 2024 16:05:21 +0000
ROA not before:           Tue 05 Mar 2024 16:00:21 +0000
ROA not after:            Tue 04 Mar 2025 16:05:21 +0000
asID:                     215729
IP address blocks:        2a14:7581:2100::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 12 Oct 2024 16:28:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:66:e2:9c:60:ee:7f:d2:c2:19:07:31:35:11:1b:48:2d:9c:fa:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: Mar  5 16:00:21 2024 GMT
            Not After : Mar  4 16:05:21 2025 GMT
        Subject: CN=6BDA9CE4A85B5D49F875C4C217F1B0B0A11359AB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a6:a0:cc:d9:8d:6a:3e:b1:24:bd:eb:e5:34:
                    0b:2c:ff:a2:9e:f7:e7:35:6a:27:5e:80:f9:f5:a7:
                    18:00:54:c0:77:03:49:3b:13:0f:c6:75:7c:12:0f:
                    c0:bc:13:c9:96:77:69:8e:42:1f:0c:92:dd:79:ed:
                    fa:3d:c9:14:49:99:b8:dd:b1:4a:af:57:b5:06:6a:
                    03:31:ac:26:24:94:c1:f3:e7:85:7a:b0:d5:a6:c5:
                    8d:d3:72:17:46:e3:6f:9c:50:9d:5b:55:ec:9d:86:
                    82:6d:e1:5e:05:24:bd:13:bd:bf:8f:72:96:a3:a1:
                    43:c6:ac:53:d9:ff:7e:f9:88:55:72:61:06:fb:a2:
                    00:5b:10:5d:ea:4c:a3:f0:29:40:69:db:eb:06:01:
                    48:e8:d5:f9:93:30:ae:60:ff:19:75:99:10:7a:26:
                    38:d6:4c:fa:67:9f:03:b1:f5:6d:e6:b8:c8:c5:ab:
                    05:88:44:c4:47:0c:98:ed:5a:8b:be:63:0c:90:33:
                    99:f2:be:3f:5b:91:92:44:50:78:ab:d5:f3:84:62:
                    29:8a:af:6d:cc:3c:a0:67:75:cc:ed:31:ea:d4:82:
                    37:a1:7d:92:8a:5f:b9:3a:1d:de:2b:0c:18:cc:c5:
                    47:4d:ea:da:55:c6:9a:58:84:38:8c:9d:07:5c:99:
                    2e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:DA:9C:E4:A8:5B:5D:49:F8:75:C4:C2:17:F1:B0:B0:A1:13:59:AB
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323130303a3a2f34382d3438203d3e20323135373239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2100::/48

    Signature Algorithm: sha256WithRSAEncryption
         a0:2d:4e:20:2a:b9:58:c4:0a:17:24:d6:ce:c1:f0:03:5d:d2:
         7a:4a:2c:e5:f3:2e:91:11:4c:ba:ba:a0:0b:d8:f3:34:77:a7:
         9e:14:fa:56:0f:29:06:1c:e9:fa:09:eb:7e:3e:af:35:6d:5b:
         69:3c:f4:ba:00:9c:14:58:0e:1d:6a:85:78:ed:81:b2:e1:ba:
         64:6f:b5:c7:71:9e:a2:6c:94:89:fe:e6:d7:67:0b:34:6f:3a:
         7a:ba:5c:5d:8d:78:cb:8b:16:45:73:a9:35:c8:7c:14:c9:b0:
         60:c8:a7:35:6a:8c:f3:49:04:3d:c6:1f:8f:95:e6:54:5f:9a:
         36:4b:65:f4:7c:c3:3d:65:a4:12:1a:fc:af:b2:c2:fb:cf:ec:
         4c:1a:05:53:06:8a:45:b2:b3:a0:15:93:0d:37:c3:b6:07:bd:
         b6:3c:de:e5:8b:10:53:5f:8a:85:53:c0:7c:bb:0d:dc:04:8a:
         50:d0:56:62:72:9d:57:17:8d:16:fa:26:52:df:3d:17:b8:6b:
         ef:c1:2c:ab:bf:6a:06:f0:70:c3:ca:9c:b1:e3:9f:08:61:c3:
         3e:f2:da:58:02:70:29:b8:ed:c7:67:f6:cb:1c:60:56:19:de:
         68:3a:14:3b:a6:a1:8d:61:e9:a1:34:f8:d4:02:65:35:a5:bf:
         11:2f:a3:af
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUO2binGDuf9LCGQcxNREbSC2c+kcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDAzMDUxNjAwMjFaFw0yNTAzMDQxNjA1MjFaMDMxMTAvBgNV
BAMTKDZCREE5Q0U0QTg1QjVENDlGODc1QzRDMjE3RjFCMEIwQTExMzU5QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0pqDM2Y1qPrEkvevlNAss/6Ke
9+c1aidegPn1pxgAVMB3A0k7Ew/GdXwSD8C8E8mWd2mOQh8Mkt157fo9yRRJmbjd
sUqvV7UGagMxrCYklMHz54V6sNWmxY3TchdG42+cUJ1bVeydhoJt4V4FJL0Tvb+P
cpajoUPGrFPZ/375iFVyYQb7ogBbEF3qTKPwKUBp2+sGAUjo1fmTMK5g/xl1mRB6
JjjWTPpnnwOx9W3muMjFqwWIRMRHDJjtWou+YwyQM5nyvj9bkZJEUHir1fOEYimK
r23MPKBndcztMerUgjehfZKKX7k6Hd4rDBjMxUdN6tpVxppYhDiMnQdcmS7TAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUa9qc5KhbXUn4dcTCF/GwsKETWaswHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyMzEzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzczMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSEAMA0GCSqGSIb3DQEBCwUAA4IBAQCg
LU4gKrlYxAoXJNbOwfADXdJ6Sizl8y6REUy6uqAL2PM0d6eeFPpWDykGHOn6Cet+
Pq81bVtpPPS6AJwUWA4daoV47YGy4bpkb7XHcZ6ibJSJ/ubXZws0bzp6ulxdjXjL
ixZFc6k1yHwUybBgyKc1aozzSQQ9xh+PleZUX5o2S2X0fMM9ZaQSGvyvssL7z+xM
GgVTBopFsrOgFZMNN8O2B722PN7lixBTX4qFU8B8uw3cBIpQ0FZicp1XF40W+iZS
3z0XuGvvwSyrv2oG8HDDypyx458IYcM+8tpYAnApuO3HZ/bLHGBWGd5oOhQ7pqGN
YemhNPjUAmU1pb8RL6Ov
-----END CERTIFICATE-----
Generated at Sat Oct 12 21:07:17 2024 by rpki-client on console-ams.rpki-client.org