Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323334323a3a2f34382d3438203d3e20323135373239.roa
File:                     326131343a373538313a323334323a3a2f34382d3438203d3e20323135373239.roa (raw, json)
Hash identifier:          7/CMWsoPckKuSuCE/6ue/tcGRQmAdQWAvNSwl4mNI74=
Subject key identifier:   C2:9D:0C:E9:27:A5:55:FD:8B:D0:39:E4:1A:01:68:EE:3B:1A:B0:EB
Certificate issuer:       /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial:       10C085A54A1D41A2A9A946F561D38E7C4122FAB7
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323334323a3a2f34382d3438203d3e20323135373239.roa
Signing time:             Sat 25 May 2024 15:59:40 +0000
ROA not before:           Sat 25 May 2024 15:54:40 +0000
ROA not after:            Sat 24 May 2025 15:59:40 +0000
asID:                     215729
IP address blocks:        2a14:7581:2342::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 12 Oct 2024 16:29:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:c0:85:a5:4a:1d:41:a2:a9:a9:46:f5:61:d3:8e:7c:41:22:fa:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
        Validity
            Not Before: May 25 15:54:40 2024 GMT
            Not After : May 24 15:59:40 2025 GMT
        Subject: CN=C29D0CE927A555FD8BD039E41A0168EE3B1AB0EB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ca:8b:8d:d4:6b:7f:f1:0d:54:cd:5c:83:9f:
                    30:b4:3b:61:df:90:45:ad:b8:6a:b2:2c:d6:8f:69:
                    3a:d0:ce:89:af:8c:e2:a6:f1:b3:26:ac:1d:68:72:
                    e9:18:71:fc:c6:35:1e:e4:f9:c4:09:82:b7:04:62:
                    41:82:46:0b:60:4c:71:47:53:84:6c:34:c1:15:50:
                    11:01:2c:1a:a3:5c:60:f1:f1:46:e5:2e:e0:b1:45:
                    60:59:73:cc:ae:aa:f0:93:a3:84:28:ff:92:2e:55:
                    08:25:82:73:b6:67:7a:e7:e8:eb:0f:4c:9a:c5:1f:
                    c0:79:9b:17:93:bd:13:e4:0e:55:2c:7b:99:f7:0d:
                    a8:ac:92:d7:2e:ea:6a:a0:ef:20:6b:90:b3:31:0e:
                    7b:00:f4:be:f1:65:5f:c8:af:85:dd:98:c3:57:b9:
                    55:47:d2:95:64:72:13:d6:4b:d9:0e:36:d6:a4:af:
                    02:98:f9:1b:f7:b0:83:98:e6:2f:e1:78:d4:74:6a:
                    aa:12:03:9a:90:9a:e3:71:95:49:d4:5b:ad:50:18:
                    02:af:4b:85:d3:9b:d5:0d:87:39:b8:bb:3e:78:ee:
                    81:b6:ed:ec:d4:1b:67:07:5b:44:47:e0:03:89:d8:
                    0f:ec:de:7b:30:83:e5:4d:0c:c1:a2:77:a3:22:32:
                    89:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:9D:0C:E9:27:A5:55:FD:8B:D0:39:E4:1A:01:68:EE:3B:1A:B0:EB
            X509v3 Authority Key Identifier:
                keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a323334323a3a2f34382d3438203d3e20323135373239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:2342::/48

    Signature Algorithm: sha256WithRSAEncryption
         4a:cb:e8:f9:57:be:65:c3:83:bf:22:9c:5b:45:34:bf:45:68:
         16:97:80:6a:8c:14:25:28:61:50:fe:2f:0e:67:90:89:a3:48:
         e6:d8:5d:0b:07:cb:5e:f4:da:5d:21:c2:2e:e2:27:74:08:29:
         40:dd:d8:c5:57:71:9f:0a:06:3f:20:c1:6a:39:07:f3:24:13:
         6b:4b:4a:aa:5f:5c:95:42:b1:14:63:ac:09:0a:af:35:b1:a8:
         7a:50:f3:35:47:47:85:13:48:5e:a1:83:48:3a:ad:ac:cb:8b:
         a1:ea:bb:6e:ed:18:80:99:ae:5a:18:bd:e0:35:cb:2f:da:e3:
         56:31:dc:82:99:e5:b1:1e:00:59:be:3e:12:84:b4:dc:ae:73:
         ce:5b:ab:d9:ed:48:af:ef:f9:42:51:ff:66:f6:88:b2:f8:9f:
         61:b2:05:b3:e1:e9:56:e7:40:48:b3:f3:a1:d5:cc:d8:0c:49:
         aa:57:25:c4:58:bb:70:3f:f7:ff:a2:19:bf:72:72:2b:a3:f7:
         75:11:6f:4c:6d:ff:fa:71:5f:59:49:fc:44:01:b5:e7:9c:60:
         2a:4f:d6:68:66:cb:25:96:e9:01:f6:a5:23:28:72:de:bd:ed:
         36:6f:39:96:4f:b7:78:13:dc:f6:d7:05:27:ee:3f:2d:78:85:
         12:a1:55:0a
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUEMCFpUodQaKpqUb1YdOOfEEi+rcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA1MjUxNTU0NDBaFw0yNTA1MjQxNTU5NDBaMDMxMTAvBgNV
BAMTKEMyOUQwQ0U5MjdBNTU1RkQ4QkQwMzlFNDFBMDE2OEVFM0IxQUIwRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7youN1Gt/8Q1UzVyDnzC0O2Hf
kEWtuGqyLNaPaTrQzomvjOKm8bMmrB1ocukYcfzGNR7k+cQJgrcEYkGCRgtgTHFH
U4RsNMEVUBEBLBqjXGDx8UblLuCxRWBZc8yuqvCTo4Qo/5IuVQglgnO2Z3rn6OsP
TJrFH8B5mxeTvRPkDlUse5n3Daisktcu6mqg7yBrkLMxDnsA9L7xZV/Ir4XdmMNX
uVVH0pVkchPWS9kONtakrwKY+Rv3sIOY5i/heNR0aqoSA5qQmuNxlUnUW61QGAKv
S4XTm9UNhzm4uz547oG27ezUG2cHW0RH4AOJ2A/s3nswg+VNDMGid6MiMomdAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUwp0M6SelVf2L0DnkGgFo7jsasOswHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyMzMzNDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzczMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gSNCMA0GCSqGSIb3DQEBCwUAA4IBAQBK
y+j5V75lw4O/IpxbRTS/RWgWl4BqjBQlKGFQ/i8OZ5CJo0jm2F0LB8te9NpdIcIu
4id0CClA3djFV3GfCgY/IMFqOQfzJBNrS0qqX1yVQrEUY6wJCq81sah6UPM1R0eF
E0heoYNIOq2sy4uh6rtu7RiAma5aGL3gNcsv2uNWMdyCmeWxHgBZvj4ShLTcrnPO
W6vZ7Uiv7/lCUf9m9oiy+J9hsgWz4elW50BIs/Oh1czYDEmqVyXEWLtwP/f/ohm/
cnIro/d1EW9Mbf/6cV9ZSfxEAbXnnGAqT9ZoZssllukB9qUjKHLeve02bzmWT7d4
E9z21wUn7j8teIUSoVUK
-----END CERTIFICATE-----
Generated at Sat Oct 12 19:35:32 2024 by rpki-client on console-fra.rpki-client.org