Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/323630323a666136653a3a2f34302d3430203d3e203530323234.roa
File:                     323630323a666136653a3a2f34302d3430203d3e203530323234.roa (raw, json)
Hash identifier:          GUVe+D4mRkwmuFOjJD/Xm4KP6Jx54ZXn2wCS/aZQiAA=
Subject key identifier:   2F:4A:96:FA:FE:63:5E:F1:E2:B0:B3:CE:0F:FF:DD:62:0D:4A:4F:B6
Certificate issuer:       /CN=43729997152fd84fcda6d190c3b3195b02679660112be9a2d7
Certificate serial:       7D39AEFC876E76D623AF4AA1FED81937403EB402
Authority key identifier: 6A:6F:6E:C2:72:A5:EB:DC:18:24:1C:2C:84:D1:D9:FE:94:C1:25:AA
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/43729997152fd84fcda6d190c3b3195b02679660112be9a2d7.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/323630323a666136653a3a2f34302d3430203d3e203530323234.roa
Signing time:             Fri 15 Mar 2024 15:15:12 +0000
ROA not before:           Fri 15 Mar 2024 15:10:12 +0000
ROA not after:            Fri 14 Mar 2025 15:15:12 +0000
asID:                     50224
IP address blocks:        2602:fa6e::/40 maxlen: 40

Validation:               Failed, certificate revoked on Wed 26 Jun 2024 10:59:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:39:ae:fc:87:6e:76:d6:23:af:4a:a1:fe:d8:19:37:40:3e:b4:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43729997152fd84fcda6d190c3b3195b02679660112be9a2d7
        Validity
            Not Before: Mar 15 15:10:12 2024 GMT
            Not After : Mar 14 15:15:12 2025 GMT
        Subject: CN=2F4A96FAFE635EF1E2B0B3CE0FFFDD620D4A4FB6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:67:0d:9f:3f:d9:cf:e8:dd:31:22:eb:c4:a5:
                    d3:c1:ce:08:db:15:ba:82:7f:d4:08:6e:7f:c9:18:
                    5a:f4:0f:77:3b:55:9e:16:bd:8c:30:a2:25:e2:44:
                    25:a8:5e:27:46:c7:3c:00:51:af:e2:cb:fa:60:57:
                    ed:cd:31:2e:13:bb:27:7b:e6:cc:ab:ab:5b:f6:9d:
                    96:3e:94:36:d9:e6:16:27:81:41:65:ae:5f:b5:3b:
                    51:b1:9f:aa:84:cf:59:a8:7a:82:ae:2b:01:9d:7b:
                    43:5b:5c:33:df:00:62:7b:aa:44:0d:62:72:f2:0c:
                    de:0e:f5:bb:4c:d8:bb:b7:14:19:5c:eb:14:4d:87:
                    bb:c2:6a:a0:78:5b:03:f0:be:41:57:58:22:a2:4d:
                    19:dd:d0:78:fa:79:9b:18:3a:13:a6:5a:6d:22:59:
                    23:53:71:f0:80:cc:6c:4e:ba:f2:eb:93:77:60:7b:
                    43:bb:56:eb:6e:63:11:5d:a0:4d:52:c4:c9:48:03:
                    cf:c3:a9:83:1d:78:07:76:e1:55:37:34:97:ee:e6:
                    cd:32:27:bb:38:65:6d:ea:4d:6a:57:44:ef:b8:1c:
                    94:c9:84:f4:79:9b:8b:a4:ab:dc:e2:9a:9d:cc:2f:
                    d4:4c:61:e3:ae:cc:76:a6:6f:58:89:15:18:82:33:
                    cb:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:4A:96:FA:FE:63:5E:F1:E2:B0:B3:CE:0F:FF:DD:62:0D:4A:4F:B6
            X509v3 Authority Key Identifier:
                keyid:6A:6F:6E:C2:72:A5:EB:DC:18:24:1C:2C:84:D1:D9:FE:94:C1:25:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/6A6F6EC272A5EBDC18241C2C84D1D9FE94C125AA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/43729997152fd84fcda6d190c3b3195b02679660112be9a2d7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/323630323a666136653a3a2f34302d3430203d3e203530323234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:fa6e::/40

    Signature Algorithm: sha256WithRSAEncryption
         30:a9:e7:a1:ca:5f:d0:9d:88:4d:ab:d6:91:d8:72:b3:ad:42:
         75:08:de:53:c5:41:f9:41:30:1b:9e:5d:a2:a0:d7:a5:f6:8a:
         6b:e8:f5:c1:ee:4c:8b:47:8c:ea:04:d8:38:43:e4:e2:84:6a:
         30:7c:f3:c2:73:a5:cc:bb:4c:12:5c:da:7e:7e:44:27:e9:9e:
         5b:5a:c9:84:72:6c:be:78:8f:57:b5:4b:31:c3:90:cf:8e:93:
         43:88:0c:e2:60:d8:ab:2a:4a:9b:a0:39:e3:40:33:d3:03:92:
         01:80:9f:73:1a:f3:08:af:be:47:ed:30:fd:8a:35:e3:52:6e:
         d8:f7:6a:cd:fd:e1:37:3f:06:34:61:7b:2e:d6:f3:8d:cf:63:
         f9:78:0a:86:f7:5b:60:07:b4:5b:5d:69:ff:22:cc:89:b9:3e:
         d6:50:b2:d0:50:36:55:f4:c7:6b:50:20:55:4b:bf:23:60:05:
         2f:52:be:63:80:a4:ca:85:c8:67:82:52:7e:4b:82:0e:bc:52:
         b8:00:c1:8b:70:03:34:b2:82:9e:28:f9:1e:e8:b4:8d:d5:8f:
         b2:61:b6:95:e1:62:3d:88:a9:72:c1:f6:c3:62:0a:7c:bf:30:
         e9:e2:df:1d:d3:8d:b6:9e:93:0d:42:b0:86:27:dc:18:11:29:
         4e:9f:a0:57
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUfTmu/IdudtYjr0qh/tgZN0A+tAIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNDM3Mjk5OTcxNTJmZDg0ZmNkYTZkMTkwYzNiMzE5NWIw
MjY3OTY2MDExMmJlOWEyZDcwHhcNMjQwMzE1MTUxMDEyWhcNMjUwMzE0MTUxNTEy
WjAzMTEwLwYDVQQDEygyRjRBOTZGQUZFNjM1RUYxRTJCMEIzQ0UwRkZGREQ2MjBE
NEE0RkI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mcNnz/Zz+jd
MSLrxKXTwc4I2xW6gn/UCG5/yRha9A93O1WeFr2MMKIl4kQlqF4nRsc8AFGv4sv6
YFftzTEuE7sne+bMq6tb9p2WPpQ22eYWJ4FBZa5ftTtRsZ+qhM9ZqHqCrisBnXtD
W1wz3wBie6pEDWJy8gzeDvW7TNi7txQZXOsUTYe7wmqgeFsD8L5BV1giok0Z3dB4
+nmbGDoTplptIlkjU3HwgMxsTrry65N3YHtDu1brbmMRXaBNUsTJSAPPw6mDHXgH
duFVNzSX7ubNMie7OGVt6k1qV0TvuByUyYT0eZuLpKvc4pqdzC/UTGHjrsx2pm9Y
iRUYgjPLywIDAQABo4ICzTCCAskwHQYDVR0OBBYEFC9Klvr+Y17x4rCzzg//3WIN
Sk+2MB8GA1UdIwQYMBaAFGpvbsJypevcGCQcLITR2f6UwSWqMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2
LWRiZmM0NTkzYzFhOC83LzZBNkY2RUMyNzJBNUVCREMxODI0MUMyQzg0RDFEOUZF
OTRDMTI1QUEuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTIt
NDk5NC04ZjZjLWQ2YzkxYjBiODQxNS84MjlmYjg3Mi0xNWJiLTRhNGUtOWVkOS0y
NTk5NjBiMDQ5YmQvNDM3Mjk5OTcxNTJmZDg0ZmNkYTZkMTkwYzNiMzE5NWIwMjY3
OTY2MDExMmJlOWEyZDcuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUH
MAuGgYtyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2LWRiZmM0NTkzYzFhOC83LzMyMzYzMDMy
M2E2NjYxMzY2NTNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDM1MzAzMjMyMzQucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAmAvpuADANBgkqhkiG9w0BAQsFAAOCAQEAMKnnocpf0J2ITavWkdhy
s61CdQjeU8VB+UEwG55doqDXpfaKa+j1we5Mi0eM6gTYOEPk4oRqMHzzwnOlzLtM
Elzafn5EJ+meW1rJhHJsvniPV7VLMcOQz46TQ4gM4mDYqypKm6A540Az0wOSAYCf
cxrzCK++R+0w/Yo141Ju2Pdqzf3hNz8GNGF7Ltbzjc9j+XgKhvdbYAe0W11p/yLM
ibk+1lCy0FA2VfTHa1AgVUu/I2AFL1K+Y4CkyoXIZ4JSfkuCDrxSuADBi3ADNLKC
nij5Hui0jdWPsmG2leFiPYipcsH2w2IKfL8w6eLfHdONtp6TDUKwhifcGBEpTp+g
Vw==
-----END CERTIFICATE-----