Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a38303a3a2f34342d3434203d3e203133363436.roa
File:                     323630323a666131313a38303a3a2f34342d3434203d3e203133363436.roa (raw, json)
Hash identifier:          b/eW5vVvv+eXRevAE9VmoMVEn15sz8vZ7Fdb4aTCqdI=
Subject key identifier:   31:86:DC:51:43:AA:1B:55:C5:00:6E:96:A1:5F:12:61:DC:BD:5B:17
Certificate issuer:       /CN=7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6
Certificate serial:       696169876C48315B6A780F472BB625F66A0A871A
Authority key identifier: BB:26:2D:2D:06:A5:BB:F4:FF:22:26:5C:7B:4F:55:1F:F0:37:43:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a38303a3a2f34342d3434203d3e203133363436.roa
Signing time:             Fri 03 Jan 2025 04:56:27 +0000
ROA not before:           Fri 03 Jan 2025 04:51:27 +0000
ROA not after:            Fri 02 Jan 2026 04:56:27 +0000
asID:                     13646
IP address blocks:        2602:fa11:80::/44 maxlen: 44
Validation:               Failed, certificate revoked on Tue 01 Apr 2025 21:19:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:61:69:87:6c:48:31:5b:6a:78:0f:47:2b:b6:25:f6:6a:0a:87:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6
        Validity
            Not Before: Jan  3 04:51:27 2025 GMT
            Not After : Jan  2 04:56:27 2026 GMT
        Subject: CN=3186DC5143AA1B55C5006E96A15F1261DCBD5B17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:a9:1c:c3:2f:39:1b:b0:7e:27:06:ea:e9:40:
                    33:ed:f4:ad:dd:77:85:7f:01:00:79:05:78:b9:5a:
                    0c:d5:ad:bc:51:db:ab:c2:95:bc:65:88:f1:d5:6c:
                    df:d7:01:00:e4:63:36:ab:3a:16:70:b9:7b:85:75:
                    07:c4:f6:c1:7e:78:55:86:ae:51:2b:15:a7:b5:20:
                    1e:fe:b4:87:d8:9c:08:3c:64:31:aa:ce:1a:49:29:
                    76:d5:da:fa:8f:74:3d:22:81:43:d7:e9:62:b3:a1:
                    02:e6:79:1a:68:dc:97:d3:24:d3:eb:49:0c:1b:73:
                    e9:d9:f5:f0:af:62:d6:93:6f:13:14:2f:17:8b:80:
                    7d:f3:f8:6c:70:33:1d:61:56:de:6d:10:2b:df:d6:
                    85:55:f1:eb:f2:84:7e:dd:90:f2:b9:26:ff:4f:10:
                    ec:ac:bf:8d:ab:b1:f1:4e:46:e1:b4:8d:f0:ad:63:
                    c5:68:7c:72:c8:62:11:f8:cd:e8:62:03:08:71:82:
                    10:e8:d7:b5:80:49:c6:75:b2:0b:56:44:dd:0d:a7:
                    b6:94:43:fe:6c:15:fd:b1:6f:81:f0:22:75:8a:b8:
                    e4:e8:9b:2e:d9:02:0b:34:32:14:80:19:25:ed:7e:
                    2e:6e:8e:3d:44:a4:3d:e1:85:26:0d:73:71:9c:19:
                    05:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:86:DC:51:43:AA:1B:55:C5:00:6E:96:A1:5F:12:61:DC:BD:5B:17
            X509v3 Authority Key Identifier:
                keyid:BB:26:2D:2D:06:A5:BB:F4:FF:22:26:5C:7B:4F:55:1F:F0:37:43:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/BB262D2D06A5BBF4FF22265C7B4F551FF037433D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/5138de2d-512a-4692-8c53-d2d9a6ceb549/7c4424b0ef940ae283a399bf40b888b424ed0322e0ce02dad6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/6/323630323a666131313a38303a3a2f34342d3434203d3e203133363436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:fa11:80::/44

    Signature Algorithm: sha256WithRSAEncryption
         33:30:58:4f:ac:f5:f3:2b:eb:78:96:80:6b:a6:aa:87:0e:8a:
         4e:04:27:b3:70:01:22:6b:ca:94:28:4f:69:d5:67:6e:08:c1:
         d1:14:41:e6:87:02:a3:cb:c6:22:62:b7:74:a6:56:d4:b4:3a:
         29:a5:d2:86:ed:fe:21:34:2c:1c:f1:1a:38:41:b6:b8:d0:49:
         84:d9:fa:5f:52:3e:94:a0:b0:cc:61:11:94:92:74:af:78:a9:
         42:76:14:c3:b2:4a:03:0b:cd:98:b5:2a:e7:ed:ff:58:bc:7b:
         26:ff:0a:d4:1b:6c:da:08:3d:58:53:6c:71:e6:c0:a6:47:d6:
         ab:ad:5f:f3:0a:fd:f4:ad:d7:de:d8:21:7c:f8:ad:8b:8f:de:
         aa:17:b9:05:c4:23:4f:ab:c6:da:0d:e5:a6:93:9c:85:84:cd:
         56:3b:08:e0:76:62:ac:fc:37:4e:9b:11:23:db:ff:a4:53:86:
         00:ff:46:b8:80:4e:92:84:80:1d:cf:17:08:f4:c7:ee:ee:6b:
         97:fd:4b:79:1e:09:13:83:eb:c8:34:c7:82:bc:6e:e9:98:35:
         a7:7d:c2:bb:de:3e:38:74:24:f5:ca:f0:aa:cc:b1:23:12:5d:
         d9:52:f6:89:b2:df:06:51:a9:ed:c8:e1:ab:81:7e:77:79:f4:
         37:ee:0e:4c
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUaWFph2xIMVtqeA9HK7Yl9moKhxowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyN2M0NDI0YjBlZjk0MGFlMjgzYTM5OWJmNDBiODg4YjQy
NGVkMDMyMmUwY2UwMmRhZDYwHhcNMjUwMTAzMDQ1MTI3WhcNMjYwMTAyMDQ1NjI3
WjAzMTEwLwYDVQQDEygzMTg2REM1MTQzQUExQjU1QzUwMDZFOTZBMTVGMTI2MURD
QkQ1QjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6kcwy85G7B+
Jwbq6UAz7fSt3XeFfwEAeQV4uVoM1a28UdurwpW8ZYjx1Wzf1wEA5GM2qzoWcLl7
hXUHxPbBfnhVhq5RKxWntSAe/rSH2JwIPGQxqs4aSSl21dr6j3Q9IoFD1+lis6EC
5nkaaNyX0yTT60kMG3Pp2fXwr2LWk28TFC8Xi4B98/hscDMdYVbebRAr39aFVfHr
8oR+3ZDyuSb/TxDsrL+Nq7HxTkbhtI3wrWPFaHxyyGIR+M3oYgMIcYIQ6Ne1gEnG
dbILVkTdDae2lEP+bBX9sW+B8CJ1irjk6Jsu2QILNDIUgBkl7X4ubo49RKQ94YUm
DXNxnBkFdwIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFDGG3FFDqhtVxQBulqFfEmHc
vVsXMB8GA1UdIwQYMBaAFLsmLS0Gpbv0/yImXHtPVR/wN0M9MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2
LWRiZmM0NTkzYzFhOC82L0JCMjYyRDJEMDZBNUJCRjRGRjIyMjY1QzdCNEY1NTFG
RjAzNzQzM0QuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYt
NGMwYy1iOTBkLTNiYzdhNWZlYjgyYi81MTM4ZGUyZC01MTJhLTQ2OTItOGM1My1k
MmQ5YTZjZWI1NDkvN2M0NDI0YjBlZjk0MGFlMjgzYTM5OWJmNDBiODg4YjQyNGVk
MDMyMmUwY2UwMmRhZDYuY2VyMIGxBggrBgEFBQcBCwSBpDCBoTCBngYIKwYBBQUH
MAuGgZFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2LWRiZmM0NTkzYzFhOC82LzMyMzYzMDMy
M2E2NjYxMzEzMTNhMzgzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDMxMzMzNjM0
MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQmAvoRAIAwDQYJKoZIhvcNAQELBQADggEBADMwWE+s9fMr
63iWgGumqocOik4EJ7NwASJrypQoT2nVZ24IwdEUQeaHAqPLxiJit3SmVtS0Oiml
0obt/iE0LBzxGjhBtrjQSYTZ+l9SPpSgsMxhEZSSdK94qUJ2FMOySgMLzZi1Kuft
/1i8eyb/CtQbbNoIPVhTbHHmwKZH1qutX/MK/fSt197YIXz4rYuP3qoXuQXEI0+r
xtoN5aaTnIWEzVY7COB2Yqz8N06bESPb/6RThgD/RriATpKEgB3PFwj0x+7ua5f9
S3keCROD68g0x4K8bumYNad9wrvePjh0JPXK8KrMsSMSXdlS9omy3wZRqe3I4auB
fnd59DfuDkw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:06:59 2025 by rpki-client