Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383830303a3a2f34302d3430203d3e203530333835.roa
File:                     326131343a373538313a383830303a3a2f34302d3430203d3e203530333835.roa (raw, json)
Hash identifier:          rQqsD7FWzklUtKrw76OEVsOLFCotrkLYIU378sc54Qg=
Subject key identifier:   2A:9C:C8:0D:EB:A5:33:BF:19:8D:38:5F:0D:61:AF:BC:D3:48:FA:E1
Certificate issuer:       /CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B
Certificate serial:       267DA97F88D94E405F45657A738B8246787D07E4
Authority key identifier: 08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383830303a3a2f34302d3430203d3e203530333835.roa
Signing time:             Fri 17 May 2024 16:14:32 +0000
ROA not before:           Fri 17 May 2024 16:09:32 +0000
ROA not after:            Fri 16 May 2025 16:14:32 +0000
asID:                     50385
IP address blocks:        2a14:7581:8800::/40 maxlen: 40

Validation:               Failed, certificate revoked on Sat 18 May 2024 12:28:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:7d:a9:7f:88:d9:4e:40:5f:45:65:7a:73:8b:82:46:78:7d:07:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B
        Validity
            Not Before: May 17 16:09:32 2024 GMT
            Not After : May 16 16:14:32 2025 GMT
        Subject: CN=2A9CC80DEBA533BF198D385F0D61AFBCD348FAE1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5f:5a:87:1d:06:ad:22:d7:0e:6e:33:41:ea:
                    c0:83:e6:be:74:d1:e1:54:fe:42:ac:6d:4f:df:e4:
                    65:de:e4:53:72:87:e8:01:0a:72:66:83:28:a9:45:
                    b4:89:56:dd:9e:a0:de:0c:be:f0:a9:3f:b3:93:e3:
                    8f:82:34:cf:c1:e3:ed:4a:a9:0d:8d:c9:b7:76:74:
                    dd:57:b3:9c:97:ca:13:bc:77:b0:d1:bc:76:bd:72:
                    7c:1d:50:bb:f7:c9:43:a1:a4:49:74:1d:02:25:1d:
                    e7:d3:8c:85:bb:0b:e3:d7:96:77:5e:ba:de:0e:78:
                    fe:b8:47:70:f8:24:58:8c:67:bd:6a:88:27:37:5c:
                    d9:9d:ba:05:aa:f1:b1:07:7f:da:9d:4e:ad:92:81:
                    11:c7:4e:a3:92:f1:81:b6:e5:3e:c4:01:ba:ab:89:
                    37:35:87:0c:4b:d5:94:62:2b:d5:10:06:c1:ff:ae:
                    dc:bc:da:cb:15:cf:c2:b9:8e:be:12:46:4f:c9:9e:
                    37:cc:d4:75:4f:e2:3a:e5:80:d6:0a:1e:80:e9:b3:
                    d9:b4:ec:8a:68:f8:68:35:29:60:93:0f:8f:43:54:
                    d6:c6:13:bd:f4:31:fd:aa:89:78:ce:0f:9f:f9:a6:
                    20:68:73:b6:0b:6a:6d:70:26:6e:58:a2:79:3a:fa:
                    f6:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:9C:C8:0D:EB:A5:33:BF:19:8D:38:5F:0D:61:AF:BC:D3:48:FA:E1
            X509v3 Authority Key Identifier:
                keyid:08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383830303a3a2f34302d3430203d3e203530333835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:8800::/40

    Signature Algorithm: sha256WithRSAEncryption
         1b:89:1d:ff:61:dc:9a:3a:7f:b0:de:21:b2:e9:65:97:c4:2b:
         3b:6d:ac:80:9b:f5:5f:92:fe:f7:13:27:6d:02:15:5a:1d:15:
         b9:94:85:6c:9c:0c:f4:b3:00:a5:ba:a7:82:bf:96:a4:cd:63:
         d8:13:99:21:e7:e7:99:64:09:be:99:7c:15:5e:49:22:fe:44:
         66:9a:ee:e2:63:47:c9:75:f8:10:1a:b0:76:ea:a4:b2:d6:81:
         d9:c7:36:f7:87:cb:39:96:6d:97:f7:de:ee:dd:40:22:bc:3c:
         4e:6e:22:d7:56:ee:58:f7:09:aa:32:11:ee:bf:e8:95:de:32:
         46:d3:57:ca:62:fd:a5:37:63:16:5f:f2:89:72:d7:e1:c4:bf:
         c6:40:82:d7:90:e8:26:7a:32:cb:47:32:98:3a:79:ac:06:6c:
         23:1d:3d:49:6e:cf:a4:64:7a:5b:1c:95:9a:28:b7:4c:9c:a3:
         13:45:85:ec:3e:07:24:81:4c:b4:48:78:80:72:38:fa:fd:80:
         48:0f:e6:00:22:b1:91:01:88:f8:b2:66:59:66:5c:5e:b0:b6:
         33:c7:0d:96:2f:66:d5:b8:d5:62:d4:e6:f6:87:f2:f6:5c:4d:
         ed:8c:f6:f6:72:d7:24:ad:7d:f9:21:91:61:09:08:83:40:bf:
         aa:61:9b:a9
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUJn2pf4jZTkBfRWV6c4uCRnh9B+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3
OEU5RjM5QjAeFw0yNDA1MTcxNjA5MzJaFw0yNTA1MTYxNjE0MzJaMDMxMTAvBgNV
BAMTKDJBOUNDODBERUJBNTMzQkYxOThEMzg1RjBENjFBRkJDRDM0OEZBRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7X1qHHQatItcObjNB6sCD5r50
0eFU/kKsbU/f5GXe5FNyh+gBCnJmgyipRbSJVt2eoN4MvvCpP7OT44+CNM/B4+1K
qQ2Nybd2dN1Xs5yXyhO8d7DRvHa9cnwdULv3yUOhpEl0HQIlHefTjIW7C+PXlnde
ut4OeP64R3D4JFiMZ71qiCc3XNmdugWq8bEHf9qdTq2SgRHHTqOS8YG25T7EAbqr
iTc1hwxL1ZRiK9UQBsH/rty82ssVz8K5jr4SRk/JnjfM1HVP4jrlgNYKHoDps9m0
7Ipo+Gg1KWCTD49DVNbGE730Mf2qiXjOD5/5piBoc7YLam1wJm5Yonk6+vYBAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUKpzIDeulM78ZjThfDWGvvNNI+uEwHwYDVR0j
BBgwFoAUCHSAEWTclfCrnM1L0wSj73jp85swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2M4ZTRlMTEtM2FjYS00MzA1LWFjZDQtZjA1ZTZjOTA5
MTE1LzEvMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3OEU5RjM5Qi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8wODc0ODAxMTY0REM5NUYwQUI5Q0NENEJE
MzA0QTNFRjc4RTlGMzlCLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zYzhlNGUxMS0zYWNhLTQzMDUtYWNkNC1mMDVlNmM5MDkxMTUvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTM4MzgzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzUz
MDMzMzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGACoUdYGIMA0GCSqGSIb3DQEBCwUAA4IBAQAbiR3/
YdyaOn+w3iGy6WWXxCs7bayAm/Vfkv73EydtAhVaHRW5lIVsnAz0swCluqeCv5ak
zWPYE5kh5+eZZAm+mXwVXkki/kRmmu7iY0fJdfgQGrB26qSy1oHZxzb3h8s5lm2X
997u3UAivDxObiLXVu5Y9wmqMhHuv+iV3jJG01fKYv2lN2MWX/KJctfhxL/GQILX
kOgmejLLRzKYOnmsBmwjHT1Jbs+kZHpbHJWaKLdMnKMTRYXsPgckgUy0SHiAcjj6
/YBID+YAIrGRAYj4smZZZlxesLYzxw2WL2bVuNVi1Ob2h/L2XE3tjPb2ctckrX35
IZFhCQiDQL+qYZup
-----END CERTIFICATE-----