Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203134363138.roa
File:                     326131343a316563373a633030303a3a2f33362d3438203d3e203134363138.roa (raw, json)
Hash identifier:          EADKEnAgeOcwAXX/ewKyc0evibXYFmThqjk3G/8eRzo=
Subject key identifier:   98:49:32:22:48:7A:32:BC:0D:C1:09:BA:ED:40:13:13:8C:0A:8F:38
Certificate issuer:       /CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6
Certificate serial:       08452C1E4E589BAB6D868D5C34DACD47E4A5682C
Authority key identifier: 20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203134363138.roa
Signing time:             Sat 19 Oct 2024 08:14:28 +0000
ROA not before:           Sat 19 Oct 2024 08:09:28 +0000
ROA not after:            Sat 18 Oct 2025 08:14:28 +0000
asID:                     14618
IP address blocks:        2a14:1ec7:c000::/36 maxlen: 48

Validation:               Failed, certificate revoked on Wed 30 Oct 2024 18:59:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:45:2c:1e:4e:58:9b:ab:6d:86:8d:5c:34:da:cd:47:e4:a5:68:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6
        Validity
            Not Before: Oct 19 08:09:28 2024 GMT
            Not After : Oct 18 08:14:28 2025 GMT
        Subject: CN=98493222487A32BC0DC109BAED4013138C0A8F38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:83:27:a5:d8:87:43:68:38:65:cf:76:88:71:
                    e0:d4:36:34:62:e3:6a:7b:22:2b:fd:e8:59:f6:e8:
                    ff:a2:2f:2e:a8:9d:65:04:e5:1b:4a:e3:71:68:2f:
                    fb:e2:e9:2d:8a:39:10:d6:dc:b8:0e:6d:36:ba:72:
                    1a:df:4b:6d:e5:3b:eb:c8:80:39:74:4c:3a:3a:4e:
                    07:be:6e:1e:d4:5b:43:f9:e6:4d:c4:c5:f7:99:b8:
                    73:8c:bd:52:ff:10:28:c4:b5:cf:48:7a:72:16:56:
                    f1:c7:8c:e2:30:06:cd:90:dd:cc:f3:ca:21:dd:ae:
                    32:86:81:06:3c:3e:dc:00:12:b0:3e:25:e3:45:70:
                    25:39:a3:03:2e:00:7f:df:f1:7a:6f:60:81:a5:e0:
                    da:fc:fc:18:5d:4b:c5:2b:89:5c:9f:15:08:d9:93:
                    73:e4:cd:13:7a:13:8c:31:23:28:7b:30:4e:e5:d7:
                    e4:17:7c:0c:a9:8c:9c:6b:d3:78:0e:e2:41:6c:3b:
                    94:2c:c3:54:0e:4b:92:e1:1a:33:5e:f3:7a:0d:31:
                    3e:90:e7:90:91:65:57:3a:26:ac:20:65:f7:c1:fb:
                    74:30:39:50:a9:2b:f9:a3:ee:07:56:34:70:ee:73:
                    27:93:6d:94:7b:bf:e4:aa:fd:76:c3:9b:8d:67:45:
                    c2:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:49:32:22:48:7A:32:BC:0D:C1:09:BA:ED:40:13:13:8C:0A:8F:38
            X509v3 Authority Key Identifier:
                keyid:20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203134363138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:1ec7:c000::/36

    Signature Algorithm: sha256WithRSAEncryption
         89:f5:6a:0b:33:6c:36:4e:fe:29:52:ff:4e:50:51:24:8c:48:
         3c:6f:51:42:d8:6e:4c:0d:1f:fe:b9:e4:2b:08:27:a2:d4:ee:
         6c:f3:a4:69:2d:b8:d9:c1:f1:46:0d:d1:a3:95:a1:4b:86:6e:
         e8:01:c2:88:e7:e3:b7:3a:db:d8:10:83:15:02:88:56:cb:4a:
         12:e1:cf:ba:32:27:3a:fa:86:98:fc:80:0a:f9:da:ac:77:da:
         a0:31:10:23:41:ec:6b:25:0d:09:86:31:bd:47:89:33:5c:9e:
         07:dc:fd:98:7f:24:af:b2:f1:1e:bf:87:9a:84:b1:62:9e:51:
         b6:bf:42:f8:3d:cb:8d:50:a1:03:f6:d2:ab:2f:e9:00:ce:29:
         cf:e8:6e:cb:55:b2:87:af:70:f6:e2:e2:73:5f:fa:7f:98:83:
         c4:99:53:37:94:6f:5c:95:56:61:af:82:be:8b:35:98:36:c9:
         0c:4f:fa:43:71:e5:8c:2a:ca:01:e0:b0:50:71:3b:45:82:4e:
         29:6c:64:16:ac:b0:de:3c:af:14:ff:bb:aa:c5:91:d3:e8:62:
         39:83:fa:0d:b7:ed:89:66:3d:b2:24:7d:90:73:04:15:6c:24:
         e0:a0:df:35:45:8c:e3:ed:fb:69:23:23:e8:5c:38:75:ce:4b:
         8b:24:df:90
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUCEUsHk5Ym6ttho1cNNrNR+SlaCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZG
NEFCREVDNjAeFw0yNDEwMTkwODA5MjhaFw0yNTEwMTgwODE0MjhaMDMxMTAvBgNV
BAMTKDk4NDkzMjIyNDg3QTMyQkMwREMxMDlCQUVENDAxMzEzOEMwQThGMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGgyel2IdDaDhlz3aIceDUNjRi
42p7Iiv96Fn26P+iLy6onWUE5RtK43FoL/vi6S2KORDW3LgObTa6chrfS23lO+vI
gDl0TDo6Tge+bh7UW0P55k3ExfeZuHOMvVL/ECjEtc9IenIWVvHHjOIwBs2Q3czz
yiHdrjKGgQY8PtwAErA+JeNFcCU5owMuAH/f8XpvYIGl4Nr8/BhdS8UriVyfFQjZ
k3PkzRN6E4wxIyh7ME7l1+QXfAypjJxr03gO4kFsO5Qsw1QOS5LhGjNe83oNMT6Q
55CRZVc6JqwgZffB+3QwOVCpK/mj7gdWNHDucyeTbZR7v+Sq/XbDm41nRcJdAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUmEkyIkh6MrwNwQm67UATE4wKjzgwHwYDVR0j
BBgwFoAUIPacTBRhOMsBIcTEy7OYdvSr3sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm
NDA5LzAvMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZGNEFCREVDNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj
N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yMEY2OUM0QzE0NjEzOENCMDEyMUM0QzRD
QkIzOTg3NkY0QUJERUM2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yYWY3M2E5Yy0yMDU4LTQzYmItOWFjNi01YWI0MmRmYmY0MDkvMC8zMjYxMzEz
NDNhMzE2NTYzMzczYTYzMzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzEz
NDM2MzEzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGBCoUHsfAMA0GCSqGSIb3DQEBCwUAA4IBAQCJ9WoL
M2w2Tv4pUv9OUFEkjEg8b1FC2G5MDR/+ueQrCCei1O5s86RpLbjZwfFGDdGjlaFL
hm7oAcKI5+O3OtvYEIMVAohWy0oS4c+6Mic6+oaY/IAK+dqsd9qgMRAjQexrJQ0J
hjG9R4kzXJ4H3P2YfySvsvEev4eahLFinlG2v0L4PcuNUKED9tKrL+kAzinP6G7L
VbKHr3D24uJzX/p/mIPEmVM3lG9clVZhr4K+izWYNskMT/pDceWMKsoB4LBQcTtF
gk4pbGQWrLDePK8U/7uqxZHT6GI5g/oNt+2JZj2yJH2QcwQVbCTgoN81RYzj7ftp
IyPoXDh1zkuLJN+Q
-----END CERTIFICATE-----
Generated at Wed Oct 30 21:37:28 2024 by rpki-client on console-fra.rpki-client.org