Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a36303a3a2f34382d3438203d3e203135333533.roa
File:                     323630323a666131313a36303a3a2f34382d3438203d3e203135333533.roa (raw, json)
Hash identifier:          HxBkTkZ+ZjqMNm05hORx3hE3jA/huK712lOwBleBqdQ=
Subject key identifier:   BC:FA:F8:95:F8:E6:E3:D4:DF:9F:C7:E8:C4:EC:B8:8E:75:C0:80:28
Certificate issuer:       /CN=7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6
Certificate serial:       27223CC56DD818271E37E06A65088CC2B8B68425
Authority key identifier: BB:26:2D:2D:06:A5:BB:F4:FF:22:26:5C:7B:4F:55:1F:F0:37:43:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a36303a3a2f34382d3438203d3e203135333533.roa
Signing time:             Fri 22 Nov 2024 01:56:25 +0000
ROA not before:           Fri 22 Nov 2024 01:51:25 +0000
ROA not after:            Fri 21 Nov 2025 01:56:25 +0000
asID:                     15353
IP address blocks:        2602:fa11:60::/48 maxlen: 48
Validation:               Failed, certificate revoked on Tue 01 Apr 2025 21:22:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:22:3c:c5:6d:d8:18:27:1e:37:e0:6a:65:08:8c:c2:b8:b6:84:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6
        Validity
            Not Before: Nov 22 01:51:25 2024 GMT
            Not After : Nov 21 01:56:25 2025 GMT
        Subject: CN=BCFAF895F8E6E3D4DF9FC7E8C4ECB88E75C08028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:d2:e7:14:bb:bc:83:7d:6b:50:7a:e5:96:50:
                    54:88:7e:8f:d1:1f:c3:ed:ba:79:3d:f0:b0:5a:7a:
                    f7:d5:21:5b:97:bb:53:ee:9f:4f:76:1e:42:2c:f5:
                    bc:f6:53:2b:d8:df:16:51:cd:b9:c9:08:bc:73:a3:
                    b4:5b:26:f0:aa:4b:97:8a:c5:95:e5:62:3d:2a:84:
                    60:54:32:97:72:08:86:8d:5f:48:ad:96:86:3c:61:
                    c4:0a:c0:48:af:63:23:7a:2c:76:23:3a:1f:20:39:
                    17:62:61:76:c8:b7:e0:bc:c0:96:d6:32:e6:e0:e4:
                    6a:2b:76:1e:79:59:a3:c9:e8:a9:c7:9c:50:93:ce:
                    67:0b:13:f6:0c:9d:34:4c:ef:9d:4d:dd:51:ad:cb:
                    6d:ac:05:63:a5:14:9d:d0:20:fb:98:df:b1:c1:4b:
                    ee:39:4d:98:a0:9e:fb:1d:3d:bd:74:4a:7c:ba:17:
                    50:8d:8d:a2:6f:ba:33:89:f6:4a:3b:a1:1b:c9:f0:
                    42:41:ae:86:2b:50:2a:7b:ae:8a:4d:2d:60:57:8d:
                    50:79:dc:24:cd:25:d6:cb:ba:b3:b0:1d:f5:05:ed:
                    50:b5:a4:2c:30:df:d0:f7:fd:f8:b4:8e:ae:db:79:
                    0d:5b:35:7f:24:85:47:30:5f:41:0a:cc:5c:23:68:
                    2e:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:FA:F8:95:F8:E6:E3:D4:DF:9F:C7:E8:C4:EC:B8:8E:75:C0:80:28
            X509v3 Authority Key Identifier:
                keyid:BB:26:2D:2D:06:A5:BB:F4:FF:22:26:5C:7B:4F:55:1F:F0:37:43:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/BB262D2D06A5BBF4FF22265C7B4F551FF037433D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a36303a3a2f34382d3438203d3e203135333533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:fa11:60::/48

    Signature Algorithm: sha256WithRSAEncryption
         7a:a0:5a:14:c9:90:2b:4b:96:08:ca:50:aa:ba:38:94:24:6a:
         13:e2:9c:0d:2c:30:59:39:bf:47:18:f5:e9:5a:b2:bc:e4:a0:
         56:94:5b:4d:8a:53:4e:e9:8f:68:44:56:f0:d3:da:e3:26:7b:
         5d:8e:0f:19:5e:eb:eb:31:9c:67:7e:d1:50:6f:0f:4d:a2:80:
         cc:15:ce:fc:cb:94:6d:65:09:6e:a9:3a:55:a4:00:70:8c:2b:
         c4:43:2c:1a:4f:e1:7d:55:92:4c:10:11:a6:85:67:86:20:d5:
         cb:2e:eb:ca:63:a0:49:80:63:db:d9:a4:fd:f7:0a:18:11:24:
         d8:6c:fb:61:5a:61:47:9b:09:d6:c5:7e:7f:f4:a6:4f:d8:ec:
         10:96:04:1f:ec:3c:b2:c4:bd:00:5c:48:a9:29:76:c3:d8:6b:
         7d:5e:b1:c0:a4:3a:6c:84:91:a4:d4:e9:13:bf:15:1d:85:1b:
         61:7f:96:70:3d:90:ba:79:72:59:74:42:66:82:00:72:5f:42:
         1f:72:4c:d3:a4:68:cf:62:78:ec:41:a4:20:bb:0f:f4:44:e4:
         5d:b7:15:79:b7:02:22:9e:1e:7f:48:ef:b9:4c:66:80:f2:1c:
         3c:ce:2c:84:e1:61:0b:75:04:fb:39:cf:3e:74:0f:e4:f2:76:
         a9:ee:33:6b
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUJyI8xW3YGCceN+BqZQiMwri2hCUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyN2M0NDI0YjBlZjk0MGFlMjgzYTM5OWJmNDBiODg4YjQy
NGVkMDMyMmUwY2UwMmRhZDYwHhcNMjQxMTIyMDE1MTI1WhcNMjUxMTIxMDE1NjI1
WjAzMTEwLwYDVQQDEyhCQ0ZBRjg5NUY4RTZFM0Q0REY5RkM3RThDNEVDQjg4RTc1
QzA4MDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtLnFLu8g31r
UHrlllBUiH6P0R/D7bp5PfCwWnr31SFbl7tT7p9Pdh5CLPW89lMr2N8WUc25yQi8
c6O0WybwqkuXisWV5WI9KoRgVDKXcgiGjV9IrZaGPGHECsBIr2Mjeix2IzofIDkX
YmF2yLfgvMCW1jLm4ORqK3YeeVmjyeipx5xQk85nCxP2DJ00TO+dTd1RrcttrAVj
pRSd0CD7mN+xwUvuOU2YoJ77HT29dEp8uhdQjY2ib7ozifZKO6EbyfBCQa6GK1Aq
e66KTS1gV41QedwkzSXWy7qzsB31Be1QtaQsMN/Q9/34tI6u23kNWzV/JIVHMF9B
CsxcI2guywIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFLz6+JX45uPU35/H6MTsuI51
wIAoMB8GA1UdIwQYMBaAFLsmLS0Gpbv0/yImXHtPVR/wN0M9MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2
LWRiZmM0NTkzYzFhOC82L0JCMjYyRDJEMDZBNUJCRjRGRjIyMjY1QzdCNEY1NTFG
RjAzNzQzM0QuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYt
NGMwYy1iOTBkLTNiYzdhNWZlYjgyYi81MTM4ZGUyZC01MTJhLTQ2OTItOGM1My1k
MmQ5YTZjZWI1NDkvN2M0NDI0YjBlZjk0MGFlMjgzYTM5OWJmNDBiODg4YjQyNGVk
MDMyMmUwY2UwMmRhZDYuY2VyMIGxBggrBgEFBQcBCwSBpDCBoTCBngYIKwYBBQUH
MAuGgZFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2LWRiZmM0NTkzYzFhOC82LzMyMzYzMDMy
M2E2NjYxMzEzMTNhMzYzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzUzMzM1
MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAmAvoRAGAwDQYJKoZIhvcNAQELBQADggEBAHqgWhTJkCtL
lgjKUKq6OJQkahPinA0sMFk5v0cY9elasrzkoFaUW02KU07pj2hEVvDT2uMme12O
Dxle6+sxnGd+0VBvD02igMwVzvzLlG1lCW6pOlWkAHCMK8RDLBpP4X1VkkwQEaaF
Z4Yg1csu68pjoEmAY9vZpP33ChgRJNhs+2FaYUebCdbFfn/0pk/Y7BCWBB/sPLLE
vQBcSKkpdsPYa31escCkOmyEkaTU6RO/FR2FG2F/lnA9kLp5cll0QmaCAHJfQh9y
TNOkaM9ieOxBpCC7D/RE5F23FXm3AiKeHn9I77lMZoDyHDzOLIThYQt1BPs5zz50
D+TydqnuM2s=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:06 2025 by rpki-client