Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130383a3a2f34382d3438203d3e20323135333633.roa
File:                     326130613a363034343a616130383a3a2f34382d3438203d3e20323135333633.roa (raw, json)
Hash identifier:          Q7xmyqsO7xCxC5Tao+mlSiqK562KU2awrK3dE9Hlmv0=
Subject key identifier:   4D:A0:69:D0:D9:27:38:32:16:1D:1C:AA:32:71:30:E5:01:6E:36:CF
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       4D3767E1155B238A8AC494C2DE0F1A09DB8710D0
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130383a3a2f34382d3438203d3e20323135333633.roa
Signing time:             Sat 20 Jul 2024 13:26:13 +0000
ROA not before:           Sat 20 Jul 2024 13:21:13 +0000
ROA not after:            Sat 19 Jul 2025 13:26:13 +0000
asID:                     215363
IP address blocks:        2a0a:6044:aa08::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 29 Aug 2024 03:41:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:37:67:e1:15:5b:23:8a:8a:c4:94:c2:de:0f:1a:09:db:87:10:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: Jul 20 13:21:13 2024 GMT
            Not After : Jul 19 13:26:13 2025 GMT
        Subject: CN=4DA069D0D9273832161D1CAA327130E5016E36CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:d8:1d:fb:82:46:e2:e2:c6:91:3a:20:84:55:
                    ca:8f:d0:76:3a:1b:6c:43:bc:e5:ce:65:ad:d7:8b:
                    20:02:29:dc:cc:00:92:98:8c:27:33:ac:eb:d0:84:
                    54:94:11:80:c4:74:23:39:b4:e3:0e:aa:52:6c:4d:
                    cb:05:d7:91:1a:b7:33:45:64:36:6b:e4:3c:ea:30:
                    c3:bf:22:99:a6:3a:01:60:8d:05:a7:8c:d5:72:f8:
                    f8:d0:1e:5f:db:d5:b0:fa:52:34:0c:76:77:3c:70:
                    8c:ca:9a:5d:7e:95:e1:f5:27:72:8e:49:e6:4a:f6:
                    8e:86:ea:76:43:13:24:7b:43:22:58:cf:10:b8:33:
                    c1:07:dd:49:84:25:9d:fb:2c:91:ce:ff:04:10:23:
                    44:58:65:d9:f2:30:29:14:e2:cc:b6:71:2f:e6:83:
                    df:fb:51:9e:83:a1:d8:25:98:35:46:97:42:ee:b7:
                    55:21:40:7b:02:c5:be:81:d8:d1:c0:b8:c2:2d:6f:
                    41:b8:78:e2:58:41:22:a2:1a:1a:16:e5:6c:dd:07:
                    a3:e6:da:76:a8:7c:ab:ee:14:2c:b5:fb:20:ac:8a:
                    b7:4a:60:c4:e1:e6:13:5b:b5:c5:d6:63:b6:74:ef:
                    40:95:98:e2:a9:09:7e:fe:9e:02:3c:a8:6c:13:b0:
                    e9:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:A0:69:D0:D9:27:38:32:16:1D:1C:AA:32:71:30:E5:01:6E:36:CF
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130383a3a2f34382d3438203d3e20323135333633.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:aa08::/48

    Signature Algorithm: sha256WithRSAEncryption
         a0:04:79:7e:56:1e:cb:7c:22:9f:46:50:cd:e4:e4:f0:9a:7b:
         86:6b:13:33:44:b5:1c:67:53:8a:25:bb:d5:da:c7:a9:e5:18:
         1f:4a:32:e5:75:c2:1e:59:86:49:84:9f:ee:a5:d9:9d:64:6b:
         90:ab:46:c5:0d:72:3d:69:e7:86:a1:94:ea:ec:15:26:90:c7:
         b3:d7:0f:fa:65:90:0e:8c:18:ec:7c:b8:d0:09:66:46:30:44:
         24:41:a1:f6:fc:df:4a:92:93:01:0e:3d:f8:9b:85:e2:1b:fb:
         7d:62:5b:3a:de:11:f5:8b:48:3f:ea:77:1a:b7:2e:b7:c1:b3:
         77:90:16:86:46:c2:62:33:92:7b:86:90:52:62:ce:23:2e:a7:
         1f:f3:80:aa:3d:6a:fc:6c:c8:33:83:4b:47:0c:56:73:49:bf:
         95:9b:b4:0f:96:bd:e4:c4:a2:53:79:7e:e8:5f:92:64:a6:04:
         50:f3:a6:4c:d7:be:65:5d:ba:26:12:69:47:e4:9a:ea:21:c2:
         51:b4:bb:7f:34:45:2e:c7:50:88:83:65:25:75:7f:b4:40:78:
         b1:d1:d9:bc:86:d8:d6:e9:08:b3:63:ec:c0:83:f0:34:9c:71:
         12:1c:b2:48:5f:f9:b0:f4:24:43:4d:e4:8f:dc:e6:0d:d8:1e:
         73:d7:48:2b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUTTdn4RVbI4qKxJTC3g8aCduHENAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA3MjAxMzIxMTNaFw0yNTA3MTkxMzI2MTNaMDMxMTAvBgNV
BAMTKDREQTA2OUQwRDkyNzM4MzIxNjFEMUNBQTMyNzEzMEU1MDE2RTM2Q0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo2B37gkbi4saROiCEVcqP0HY6
G2xDvOXOZa3XiyACKdzMAJKYjCczrOvQhFSUEYDEdCM5tOMOqlJsTcsF15EatzNF
ZDZr5DzqMMO/IpmmOgFgjQWnjNVy+PjQHl/b1bD6UjQMdnc8cIzKml1+leH1J3KO
SeZK9o6G6nZDEyR7QyJYzxC4M8EH3UmEJZ37LJHO/wQQI0RYZdnyMCkU4sy2cS/m
g9/7UZ6DodglmDVGl0Lut1UhQHsCxb6B2NHAuMItb0G4eOJYQSKiGhoW5WzdB6Pm
2naofKvuFCy1+yCsirdKYMTh5hNbtcXWY7Z070CVmOKpCX7+ngI8qGwTsOkXAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUTaBp0NknODIWHRyqMnEw5QFuNs8wHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MTYxMzAzODNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNTMzMzYzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoKYESqCDANBgkqhkiG9w0BAQsFAAOCAQEAoAR5flYey3win0ZQ
zeTk8Jp7hmsTM0S1HGdTiiW71drHqeUYH0oy5XXCHlmGSYSf7qXZnWRrkKtGxQ1y
PWnnhqGU6uwVJpDHs9cP+mWQDowY7Hy40AlmRjBEJEGh9vzfSpKTAQ49+JuF4hv7
fWJbOt4R9YtIP+p3Grcut8Gzd5AWhkbCYjOSe4aQUmLOIy6nH/OAqj1q/GzIM4NL
RwxWc0m/lZu0D5a95MSiU3l+6F+SZKYEUPOmTNe+ZV26JhJpR+Sa6iHCUbS7fzRF
LsdQiINlJXV/tEB4sdHZvIbY1ukIs2PswIPwNJxxEhyySF/5sPQkQ03kj9zmDdge
c9dIKw==
-----END CERTIFICATE-----