Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a3230303a3a2f33392d3438203d3e203437323732.roa
File:                     326130613a363034343a3230303a3a2f33392d3438203d3e203437323732.roa (raw, json)
Hash identifier:          2g4VukO7ltqHrUjYSwGrE92tYJ2Au8oZPARRd6cUzVs=
Subject key identifier:   A9:5C:06:C5:06:DB:BB:0D:07:22:50:E3:A2:79:30:19:D3:6E:56:2B
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       21C1B37ECD20DBF563C37295FFB4A9CAD947F5CF
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a3230303a3a2f33392d3438203d3e203437323732.roa
Signing time:             Mon 18 Dec 2023 19:04:05 +0000
ROA not before:           Mon 18 Dec 2023 18:59:05 +0000
ROA not after:            Mon 16 Dec 2024 19:04:05 +0000
asID:                     47272
IP address blocks:        2a0a:6044:200::/39 maxlen: 48

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 20:13:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:c1:b3:7e:cd:20:db:f5:63:c3:72:95:ff:b4:a9:ca:d9:47:f5:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: Dec 18 18:59:05 2023 GMT
            Not After : Dec 16 19:04:05 2024 GMT
        Subject: CN=A95C06C506DBBB0D072250E3A2793019D36E562B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:68:4e:85:66:c2:aa:eb:87:1d:84:47:8e:16:
                    c3:f0:79:a3:c9:98:28:56:73:05:89:48:02:21:86:
                    3d:da:d6:69:51:b2:f0:d9:e2:b9:7e:34:9a:c0:e5:
                    64:5a:ec:48:bf:91:32:29:3e:a3:70:6e:5f:28:cc:
                    ce:20:21:ed:14:0b:1f:2c:03:24:c3:3f:4c:f4:62:
                    cd:67:01:a2:56:6c:47:1f:81:86:f2:67:e9:fd:15:
                    1f:a7:61:44:01:7b:6d:5a:69:3e:86:c2:29:fc:33:
                    5e:90:08:2e:50:a4:63:c9:19:cd:64:38:48:ca:5f:
                    ff:9c:1b:43:65:b8:e2:7b:25:e3:3a:4b:22:fb:3e:
                    1d:e7:ab:ac:d0:52:32:64:46:ea:c1:2c:95:2f:c2:
                    08:50:3b:5f:57:59:32:2a:0d:2f:80:be:06:18:72:
                    4a:25:41:ad:eb:d4:fd:96:61:de:3d:52:d5:ac:5a:
                    23:49:00:a0:18:e8:b5:bd:a4:ab:ff:6a:81:70:8e:
                    74:ba:85:a1:d1:96:68:49:26:f2:21:95:9c:06:73:
                    97:ca:72:2e:4c:4b:d5:cb:af:e6:ff:e8:8c:21:9d:
                    18:9c:4a:36:5d:3f:17:73:a1:cb:35:d9:a9:69:48:
                    62:f4:41:33:9b:20:93:89:20:e8:23:36:2d:6c:44:
                    42:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:5C:06:C5:06:DB:BB:0D:07:22:50:E3:A2:79:30:19:D3:6E:56:2B
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a3230303a3a2f33392d3438203d3e203437323732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:200::/39

    Signature Algorithm: sha256WithRSAEncryption
         8f:58:ca:8e:ec:e6:29:f2:63:d7:95:e7:14:a1:f3:f9:d2:08:
         7f:d7:94:a9:18:e2:3d:1f:f6:b3:da:e7:48:b2:37:dc:1d:4a:
         39:65:72:00:7c:b9:a0:0a:ba:4a:7b:21:b0:e3:b6:73:e1:ca:
         65:35:7a:84:c5:92:93:dd:98:be:53:b4:ee:f9:80:bc:9a:d2:
         ed:d9:0d:00:3a:38:88:f0:79:eb:3b:13:6f:ce:89:b3:ce:b9:
         c5:d9:18:b1:b3:7f:7c:de:d7:db:ae:0c:22:a5:23:f1:64:6b:
         5a:41:1d:88:a5:eb:01:3b:1b:e9:a9:be:42:86:2b:a7:91:ec:
         c3:09:b2:17:8d:e6:b1:84:aa:ac:a8:d3:07:f0:a4:d1:8f:66:
         22:39:65:36:51:af:83:20:75:0e:0d:c9:99:a7:e6:00:28:33:
         94:01:1b:b9:9d:7b:d8:fd:08:84:b0:1f:12:2b:ee:30:e7:10:
         62:07:18:f6:89:37:a0:25:9c:33:37:bc:85:c8:d8:76:fa:a2:
         62:19:ff:de:c9:24:20:10:0e:75:c1:75:c8:c9:a5:a8:62:f0:
         56:83:69:15:c7:30:11:04:86:07:3a:cf:43:aa:ca:5b:9d:f7:
         b8:5f:e9:d3:10:94:69:02:c6:7a:ec:ba:8a:ab:d9:1f:7b:02:
         f3:45:2d:5d
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIUIcGzfs0g2/Vjw3KV/7SpytlH9c8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yMzEyMTgxODU5MDVaFw0yNDEyMTYxOTA0MDVaMDMxMTAvBgNV
BAMTKEE5NUMwNkM1MDZEQkJCMEQwNzIyNTBFM0EyNzkzMDE5RDM2RTU2MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkaE6FZsKq64cdhEeOFsPweaPJ
mChWcwWJSAIhhj3a1mlRsvDZ4rl+NJrA5WRa7Ei/kTIpPqNwbl8ozM4gIe0UCx8s
AyTDP0z0Ys1nAaJWbEcfgYbyZ+n9FR+nYUQBe21aaT6Gwin8M16QCC5QpGPJGc1k
OEjKX/+cG0NluOJ7JeM6SyL7Ph3nq6zQUjJkRurBLJUvwghQO19XWTIqDS+AvgYY
ckolQa3r1P2WYd49UtWsWiNJAKAY6LW9pKv/aoFwjnS6haHRlmhJJvIhlZwGc5fK
ci5MS9XLr+b/6IwhnRicSjZdPxdzocs12alpSGL0QTObIJOJIOgjNi1sREIvAgMB
AAGjggJ1MIICcTAdBgNVHQ4EFgQUqVwGxQbbuw0HIlDjonkwGdNuViswHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2EzMjMwMzAzYTNhMmYzMzM5MmQzNDM4MjAzZDNlMjAzNDM3MzIzNzMyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIA
AjAIAwYBKgpgRAIwDQYJKoZIhvcNAQELBQADggEBAI9Yyo7s5inyY9eV5xSh8/nS
CH/XlKkY4j0f9rPa50iyN9wdSjllcgB8uaAKukp7IbDjtnPhymU1eoTFkpPdmL5T
tO75gLya0u3ZDQA6OIjwees7E2/OibPOucXZGLGzf3ze19uuDCKlI/Fka1pBHYil
6wE7G+mpvkKGK6eR7MMJsheN5rGEqqyo0wfwpNGPZiI5ZTZRr4MgdQ4NyZmn5gAo
M5QBG7mde9j9CISwHxIr7jDnEGIHGPaJN6AlnDM3vIXI2Hb6omIZ/97JJCAQDnXB
dcjJpahi8FaDaRXHMBEEhgc6z0Oqylud97hf6dMQlGkCxnrsuoqr2R97AvNFLV0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:11 2024 by rpki-client on console-fra.rpki-client.org