Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6438383a3a2f34382d3438203d3e203437323732.roa
File:                     323030313a3637633a6438383a3a2f34382d3438203d3e203437323732.roa (raw, json)
Hash identifier:          MJns0xKpCpAOX8TSF6npnm0WKBJzkbnPlQCPLLPFedU=
Subject key identifier:   8A:02:E0:2C:32:37:BB:B5:B2:68:4B:DE:33:0F:F7:FE:9D:E0:17:D9
Certificate issuer:       /CN=1ec805e37c5b53351c6a182763530a50d9308c7e
Certificate serial:       24F30EAD07C1EE5CAFC284C5B228599E940C663B
Authority key identifier: 1E:C8:05:E3:7C:5B:53:35:1C:6A:18:27:63:53:0A:50:D9:30:8C:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6438383a3a2f34382d3438203d3e203437323732.roa
Signing time:             Wed 24 Jan 2024 10:59:17 +0000
ROA not before:           Wed 24 Jan 2024 10:54:17 +0000
ROA not after:            Wed 22 Jan 2025 10:59:17 +0000
asID:                     47272
IP address blocks:        2001:67c:d88::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 20:11:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:f3:0e:ad:07:c1:ee:5c:af:c2:84:c5:b2:28:59:9e:94:0c:66:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ec805e37c5b53351c6a182763530a50d9308c7e
        Validity
            Not Before: Jan 24 10:54:17 2024 GMT
            Not After : Jan 22 10:59:17 2025 GMT
        Subject: CN=8A02E02C3237BBB5B2684BDE330FF7FE9DE017D9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:e4:60:ee:7a:8f:0d:cf:bf:1a:de:3a:e1:df:
                    70:b2:58:0d:ca:4b:0a:63:7a:1a:eb:ea:b9:41:77:
                    6b:7d:15:f7:53:b1:58:bf:43:0c:de:92:96:f1:c7:
                    1e:87:25:ab:7d:ad:e9:89:f1:3b:f5:6f:e0:d2:c2:
                    3f:ae:30:06:25:75:07:e7:b3:c8:0b:7a:8c:93:74:
                    9e:8a:3c:02:49:68:c7:cb:7c:62:0b:c0:5d:73:fd:
                    cf:f2:cc:eb:6d:24:a0:b5:6a:7e:cb:6d:ed:dd:6f:
                    46:be:dc:40:6d:60:3a:e4:70:32:16:1f:41:e5:9a:
                    ba:f3:3e:49:a7:15:1e:06:53:85:3d:52:19:fe:9e:
                    ee:a5:16:72:3b:84:a2:df:b2:a4:f8:a5:b1:a7:ca:
                    72:22:d6:b6:ce:96:f2:10:7a:13:34:4e:11:58:92:
                    e7:cf:6b:ba:cc:79:d3:1a:42:02:e1:d9:3a:5e:c0:
                    92:76:20:0c:5a:50:6c:31:a6:3e:0e:9d:92:47:02:
                    5d:08:76:46:b8:0f:df:85:f3:e6:5b:99:dd:d0:8e:
                    5c:12:d6:69:81:09:9f:5a:03:f4:17:1d:ba:65:1f:
                    72:8c:6f:58:d2:39:6f:b6:48:37:89:a1:a5:64:25:
                    16:c3:04:95:02:5d:6d:3a:0d:32:1f:75:ee:1a:5d:
                    24:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:02:E0:2C:32:37:BB:B5:B2:68:4B:DE:33:0F:F7:FE:9D:E0:17:D9
            X509v3 Authority Key Identifier:
                keyid:1E:C8:05:E3:7C:5B:53:35:1C:6A:18:27:63:53:0A:50:D9:30:8C:7E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/1EC805E37C5B53351C6A182763530A50D9308C7E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6438383a3a2f34382d3438203d3e203437323732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:d88::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:79:e7:53:b1:ac:b0:72:b7:59:bb:15:ec:42:1e:f4:ca:69:
         13:77:e9:1a:42:03:a5:98:5a:09:aa:5e:95:fa:d4:8c:6c:28:
         d4:08:96:44:04:06:99:9e:28:77:00:2e:7d:f1:da:05:84:ae:
         50:db:40:d5:ff:38:f1:d5:59:fb:e2:16:0e:fb:8f:5f:f7:5d:
         41:7b:81:59:eb:cc:8d:48:54:c2:2b:bd:b7:09:c5:03:2a:97:
         4f:5f:ef:56:5d:58:69:01:bc:90:bd:bb:bf:8e:55:c6:af:77:
         d0:c4:41:84:bf:f6:36:a1:f2:92:a8:84:43:f3:d1:3e:c2:02:
         72:6c:71:f8:27:17:12:7b:6e:d0:98:3f:ff:2e:7c:ae:bf:37:
         66:97:d4:9e:54:7e:30:88:53:1a:7f:e2:41:7b:2b:75:95:6e:
         57:fc:59:d2:63:07:36:4d:56:2e:b6:27:50:3e:9e:52:3a:cf:
         b0:87:cc:5c:17:ac:1a:38:ec:a6:5e:1c:33:ce:ba:55:d0:e5:
         49:8e:d4:72:2f:63:65:aa:76:26:ea:05:99:65:90:cb:6d:a6:
         1d:9b:04:c4:b6:bb:d6:08:81:52:be:40:43:be:cf:df:7c:80:
         0f:40:85:61:73:41:7d:ea:f8:21:61:ac:d2:60:b5:38:c6:ef:
         3f:7a:53:10
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUJPMOrQfB7lyvwoTFsihZnpQMZjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWVjODA1ZTM3YzViNTMzNTFjNmExODI3NjM1MzBhNTBk
OTMwOGM3ZTAeFw0yNDAxMjQxMDU0MTdaFw0yNTAxMjIxMDU5MTdaMDMxMTAvBgNV
BAMTKDhBMDJFMDJDMzIzN0JCQjVCMjY4NEJERTMzMEZGN0ZFOURFMDE3RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDr5GDueo8Nz78a3jrh33CyWA3K
Swpjehrr6rlBd2t9FfdTsVi/Qwzekpbxxx6HJat9remJ8Tv1b+DSwj+uMAYldQfn
s8gLeoyTdJ6KPAJJaMfLfGILwF1z/c/yzOttJKC1an7Lbe3db0a+3EBtYDrkcDIW
H0HlmrrzPkmnFR4GU4U9Uhn+nu6lFnI7hKLfsqT4pbGnynIi1rbOlvIQehM0ThFY
kufPa7rMedMaQgLh2TpewJJ2IAxaUGwxpj4OnZJHAl0Idka4D9+F8+Zbmd3QjlwS
1mmBCZ9aA/QXHbplH3KMb1jSOW+2SDeJoaVkJRbDBJUCXW06DTIfde4aXSSvAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUigLgLDI3u7WyaEveMw/3/p3gF9kwHwYDVR0j
BBgwFoAUHsgF43xbUzUcahgnY1MKUNkwjH4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzMvMUVDODA1RTM3QzVCNTMzNTFDNkExODI3NjM1MzBBNTBEOTMwOEM3RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0hzZ0Y0M3hiVXpVY2FoZ25ZMU1LVU5r
d2pINC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzMvMzIzMDMwMzEzYTM2Mzc2MzNh
NjQzODM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzQzNzMyMzczMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACABBnwNiDANBgkqhkiG9w0BAQsFAAOCAQEAYXnnU7GssHK3WbsV7EIe9Mpp
E3fpGkIDpZhaCapelfrUjGwo1AiWRAQGmZ4odwAuffHaBYSuUNtA1f848dVZ++IW
DvuPX/ddQXuBWevMjUhUwiu9twnFAyqXT1/vVl1YaQG8kL27v45Vxq930MRBhL/2
NqHykqiEQ/PRPsICcmxx+CcXEntu0Jg//y58rr83ZpfUnlR+MIhTGn/iQXsrdZVu
V/xZ0mMHNk1WLrYnUD6eUjrPsIfMXBesGjjspl4cM866VdDlSY7Uci9jZap2JuoF
mWWQy22mHZsExLa71giBUr5AQ77P33yAD0CFYXNBfer4IWGs0mC1OMbvP3pTEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:59 2024 by rpki-client on console-ams.rpki-client.org