Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630373a3a2f34382d3438203d3e20323136333234.roa
File:                     326130663a383563313a3630373a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier:          cE+7JpJn/OAN7LLOVGz2iBWNhQODPRhRkQNvXYMuWfM=
Subject key identifier:   C1:51:9E:8D:CD:FE:9D:23:E6:50:EB:C0:C4:11:CD:AC:A2:33:74:25
Certificate issuer:       /CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Certificate serial:       3AB8499EE2A3820EBB0512C2041E179EC07482B6
Authority key identifier: 06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630373a3a2f34382d3438203d3e20323136333234.roa
Signing time:             Tue 30 Apr 2024 07:02:51 +0000
ROA not before:           Tue 30 Apr 2024 06:57:51 +0000
ROA not after:            Tue 29 Apr 2025 07:02:51 +0000
asID:                     216324
IP address blocks:        2a0f:85c1:607::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 14 May 2024 05:23:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:b8:49:9e:e2:a3:82:0e:bb:05:12:c2:04:1e:17:9e:c0:74:82:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
        Validity
            Not Before: Apr 30 06:57:51 2024 GMT
            Not After : Apr 29 07:02:51 2025 GMT
        Subject: CN=C1519E8DCDFE9D23E650EBC0C411CDACA2337425
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:8e:4e:d1:f4:22:bc:68:47:94:98:97:92:8a:
                    39:51:b0:d3:e6:a8:16:b3:bc:44:42:cf:54:27:59:
                    aa:dd:34:4f:89:db:6e:31:df:c9:1b:8a:8a:be:02:
                    78:66:02:08:6f:a6:b5:0d:17:32:ba:a0:9f:72:03:
                    61:f3:2e:48:2c:1f:d2:a8:bf:21:7d:79:f7:db:33:
                    db:7f:86:3f:2b:41:78:ab:d3:0b:a2:63:5d:75:63:
                    3c:1e:6a:26:6d:4a:2c:1e:15:29:9f:59:d2:84:e8:
                    f3:72:f5:13:f3:33:f7:4d:dc:3e:9c:d1:10:74:b9:
                    c7:86:1d:55:88:94:6f:0f:be:e7:27:5e:d6:15:2a:
                    18:43:ad:4e:77:da:15:11:2a:f6:01:f2:25:d3:e5:
                    78:fc:46:61:0f:04:2c:a0:4d:e5:53:77:93:94:e8:
                    4c:bc:a2:c7:e6:5a:dd:58:eb:61:77:0b:62:9d:19:
                    c9:40:d7:8f:35:f5:b2:53:44:ae:21:02:28:a4:a0:
                    ed:d9:e3:7a:e5:37:3d:f1:3e:96:d9:96:b7:9c:ba:
                    07:33:34:1e:5f:60:d1:e1:68:82:47:86:d4:1d:11:
                    82:8b:6e:31:c4:b5:99:c7:64:6b:d2:3e:b4:89:b2:
                    bf:b9:bd:f3:54:fb:9f:ff:a4:82:b8:76:05:85:b9:
                    62:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:51:9E:8D:CD:FE:9D:23:E6:50:EB:C0:C4:11:CD:AC:A2:33:74:25
            X509v3 Authority Key Identifier:
                keyid:06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/069FAF47FF48AEF4C98F5097074530A74C111AB9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630373a3a2f34382d3438203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:607::/48

    Signature Algorithm: sha256WithRSAEncryption
         42:48:33:86:bd:0d:c1:0a:0d:1e:e3:aa:67:9b:1b:5e:17:9f:
         30:ae:b8:bd:ea:38:b9:37:fd:f8:7c:d1:68:f4:5a:a7:33:a8:
         71:0a:b1:de:fa:ef:58:91:61:56:13:c9:76:5d:38:2e:1b:1b:
         03:b4:c9:aa:2c:76:ad:4a:5e:81:fb:0f:28:ac:72:5b:31:8e:
         4d:2b:f9:c6:6b:81:66:06:7c:29:3a:39:29:fd:57:c8:e3:ea:
         27:84:e5:6b:ed:ea:c6:9f:fa:69:ec:25:d4:4d:ef:73:b7:14:
         2c:a4:0e:79:f1:69:6b:33:7e:45:6e:3d:95:20:d0:d0:58:d5:
         17:c8:76:1d:b9:7b:cb:62:3d:c5:05:b2:74:88:8a:be:cc:59:
         07:e0:78:e0:0d:2f:48:4c:6a:90:66:b2:2d:82:06:70:22:0a:
         1e:dd:51:3e:2a:53:44:f7:d2:2b:67:02:11:b5:97:8f:72:36:
         0c:1b:6b:85:82:ed:5c:ad:e4:1a:ed:78:4e:4f:cc:42:44:f6:
         fa:b4:32:d1:c8:cb:d3:90:37:c4:16:d6:71:e1:89:87:6e:da:
         aa:f4:ff:66:07:58:e1:4b:5e:68:1d:7a:0a:eb:4c:40:c9:8d:
         8d:23:06:3c:09:30:1c:44:13:84:ce:dc:42:05:2e:bf:6a:bd:
         ee:39:ce:ba
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUOrhJnuKjgg67BRLCBB4XnsB0grYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0
QzExMUFCOTAeFw0yNDA0MzAwNjU3NTFaFw0yNTA0MjkwNzAyNTFaMDMxMTAvBgNV
BAMTKEMxNTE5RThEQ0RGRTlEMjNFNjUwRUJDMEM0MTFDREFDQTIzMzc0MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCljk7R9CK8aEeUmJeSijlRsNPm
qBazvERCz1QnWardNE+J224x38kbioq+AnhmAghvprUNFzK6oJ9yA2HzLkgsH9Ko
vyF9effbM9t/hj8rQXir0wuiY111YzweaiZtSiweFSmfWdKE6PNy9RPzM/dN3D6c
0RB0uceGHVWIlG8PvucnXtYVKhhDrU532hURKvYB8iXT5Xj8RmEPBCygTeVTd5OU
6Ey8osfmWt1Y62F3C2KdGclA14819bJTRK4hAiikoO3Z43rlNz3xPpbZlrecugcz
NB5fYNHhaIJHhtQdEYKLbjHEtZnHZGvSPrSJsr+5vfNU+5//pIK4dgWFuWIxAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUwVGejc3+nSPmUOvAxBHNrKIzdCUwHwYDVR0j
BBgwFoAUBp+vR/9IrvTJj1CXB0Uwp0wRGrkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzIvMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0QzExMUFCOS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8wNjlGQUY0N0ZGNDhBRUY0Qzk4RjUwOTcw
NzQ1MzBBNzRDMTExQUI5LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMi8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM2MzAzNzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEGBzANBgkqhkiG9w0BAQsFAAOCAQEAQkgz
hr0NwQoNHuOqZ5sbXhefMK64veo4uTf9+HzRaPRapzOocQqx3vrvWJFhVhPJdl04
LhsbA7TJqix2rUpegfsPKKxyWzGOTSv5xmuBZgZ8KTo5Kf1XyOPqJ4Tla+3qxp/6
aewl1E3vc7cULKQOefFpazN+RW49lSDQ0FjVF8h2Hbl7y2I9xQWydIiKvsxZB+B4
4A0vSExqkGayLYIGcCIKHt1RPipTRPfSK2cCEbWXj3I2DBtrhYLtXK3kGu14Tk/M
QkT2+rQy0cjL05A3xBbWceGJh27aqvT/ZgdY4UteaB16CutMQMmNjSMGPAkwHEQT
hM7cQgUuv2q97jnOug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:57 2024 by rpki-client on console-ams.rpki-client.org