Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130643a3a2f34382d3438203d3e20333933353737.roa
File:                     326130613a363034343a616130643a3a2f34382d3438203d3e20333933353737.roa (raw, json)
Hash identifier:          u1FYACkLOHhbWNfzgjzlu4ijxMkSGYgXYmMqhPo/qRk=
Subject key identifier:   5F:E4:AA:7D:E4:19:0D:05:60:41:AA:85:DD:62:97:F6:04:7A:A2:2B
Certificate issuer:       /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial:       489BD89F31CBC49C20A961AB6781C8DFCB35A7E5
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130643a3a2f34382d3438203d3e20333933353737.roa
Signing time:             Thu 22 Aug 2024 15:04:27 +0000
ROA not before:           Thu 22 Aug 2024 14:59:27 +0000
ROA not after:            Thu 21 Aug 2025 15:04:27 +0000
asID:                     393577
IP address blocks:        2a0a:6044:aa0d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 29 Aug 2024 03:41:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:9b:d8:9f:31:cb:c4:9c:20:a9:61:ab:67:81:c8:df:cb:35:a7:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
        Validity
            Not Before: Aug 22 14:59:27 2024 GMT
            Not After : Aug 21 15:04:27 2025 GMT
        Subject: CN=5FE4AA7DE4190D056041AA85DD6297F6047AA22B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:fe:c5:af:18:d9:7c:6e:9b:e5:22:a0:a1:ff:
                    06:17:d7:68:1a:6b:98:a9:bb:b2:f3:5b:a9:d0:65:
                    58:57:34:5a:99:ba:ff:52:e9:15:2f:ad:aa:30:f1:
                    12:2d:32:65:69:47:bf:e0:23:fc:33:6d:cc:6c:10:
                    cf:4a:71:58:a1:0c:7f:54:1d:34:38:63:dc:8d:0f:
                    5e:f7:e3:ab:6b:b7:8f:45:19:84:29:96:bb:cc:ca:
                    5d:57:ea:88:d9:d6:54:92:69:86:40:12:66:4b:ef:
                    9e:d3:22:f8:86:a7:6f:aa:b0:e6:19:91:29:ba:86:
                    e6:5c:9f:10:88:de:ec:cd:92:72:b1:6b:5a:8b:b3:
                    5e:c2:a0:6d:e2:bb:9a:75:47:13:c6:47:22:64:23:
                    db:c0:14:94:ac:09:34:3a:ca:7e:7c:22:2e:2f:ae:
                    2d:9a:d9:fa:10:81:ab:05:66:cb:d4:4f:60:fb:fc:
                    c7:83:a9:43:cc:50:15:9e:f0:33:3a:bc:97:6d:1b:
                    33:8b:72:78:a7:99:d7:52:0a:44:7a:ac:fa:76:72:
                    74:d5:41:bd:bd:b3:ae:ee:e6:1e:ab:a3:45:63:c2:
                    c0:5d:39:11:34:c0:c9:61:0d:20:30:f4:55:db:b3:
                    60:3d:43:d3:45:cc:5f:6b:84:2b:12:d1:a7:67:96:
                    15:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:E4:AA:7D:E4:19:0D:05:60:41:AA:85:DD:62:97:F6:04:7A:A2:2B
            X509v3 Authority Key Identifier:
                keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/326130613a363034343a616130643a3a2f34382d3438203d3e20333933353737.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:aa0d::/48

    Signature Algorithm: sha256WithRSAEncryption
         89:21:c4:1b:be:a3:0d:c4:33:63:08:74:86:bb:d2:87:45:4d:
         cd:b6:91:f9:6a:6f:ae:85:0d:41:69:4c:f2:c1:50:e5:05:4e:
         79:f2:5e:d3:65:33:42:a6:3a:e1:90:87:63:c1:c5:fe:c4:cb:
         03:40:91:2d:85:cd:64:2a:15:0a:23:ea:cb:48:54:21:06:29:
         82:82:e2:c7:2a:35:cb:17:cf:b5:40:ac:93:68:70:89:b7:5d:
         d1:cd:34:c3:9b:3e:2c:8c:bd:16:a5:90:e1:f4:29:e8:fb:fc:
         6a:1d:88:15:2d:ae:91:0d:e0:fe:66:b5:02:d8:e7:d9:f1:0d:
         18:ad:3e:57:3c:61:44:8e:52:b0:46:03:a2:fc:6e:d4:2f:78:
         7a:37:3c:ef:f1:e9:d5:38:3c:a2:1d:f6:91:09:99:02:d8:96:
         66:ff:0a:d6:ee:7d:fe:e5:6e:d5:90:46:c8:c4:9b:3a:5c:db:
         65:54:70:61:3e:99:64:bf:85:7a:95:4c:4a:d3:a4:10:cc:e7:
         2b:d2:4b:00:e1:64:70:eb:ec:2f:67:a0:ec:1d:35:d7:23:0b:
         a6:8d:c4:8b:90:47:47:8e:ab:86:64:22:8d:14:25:9f:af:18:
         fa:61:1c:79:ef:b7:81:7f:c0:43:35:a2:b0:4d:46:01:f4:65:
         66:33:a4:a6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUSJvYnzHLxJwgqWGrZ4HI38s1p+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA4MjIxNDU5MjdaFw0yNTA4MjExNTA0MjdaMDMxMTAvBgNV
BAMTKDVGRTRBQTdERTQxOTBEMDU2MDQxQUE4NURENjI5N0Y2MDQ3QUEyMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk/sWvGNl8bpvlIqCh/wYX12ga
a5ipu7LzW6nQZVhXNFqZuv9S6RUvraow8RItMmVpR7/gI/wzbcxsEM9KcVihDH9U
HTQ4Y9yND17346trt49FGYQplrvMyl1X6ojZ1lSSaYZAEmZL757TIviGp2+qsOYZ
kSm6huZcnxCI3uzNknKxa1qLs17CoG3iu5p1RxPGRyJkI9vAFJSsCTQ6yn58Ii4v
ri2a2foQgasFZsvUT2D7/MeDqUPMUBWe8DM6vJdtGzOLcninmddSCkR6rPp2cnTV
Qb29s67u5h6ro0VjwsBdORE0wMlhDSAw9FXbs2A9Q9NFzF9rhCsS0adnlhUdAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUX+SqfeQZDQVgQaqF3WKX9gR6oiswHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MTYxMzA2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMzMzkzMzM1MzczNy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoKYESqDTANBgkqhkiG9w0BAQsFAAOCAQEAiSHEG76jDcQzYwh0
hrvSh0VNzbaR+WpvroUNQWlM8sFQ5QVOefJe02UzQqY64ZCHY8HF/sTLA0CRLYXN
ZCoVCiPqy0hUIQYpgoLixyo1yxfPtUCsk2hwibdd0c00w5s+LIy9FqWQ4fQp6Pv8
ah2IFS2ukQ3g/ma1Atjn2fENGK0+VzxhRI5SsEYDovxu1C94ejc87/Hp1Tg8oh32
kQmZAtiWZv8K1u59/uVu1ZBGyMSbOlzbZVRwYT6ZZL+FepVMStOkEMznK9JLAOFk
cOvsL2eg7B011yMLpo3Ei5BHR46rhmQijRQln68Y+mEcee+3gX/AQzWisE1GAfRl
ZjOkpg==
-----END CERTIFICATE-----