Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/2/326130363a313238333a383030333a3a2f34382d3438203d3e20323135313437.roa
File:                     326130363a313238333a383030333a3a2f34382d3438203d3e20323135313437.roa (raw, json)
Hash identifier:          ooNp1WlKn4kpPgiPasBlCN+vSMgVHC2ZzaWPxlXUcSk=
Subject key identifier:   23:28:8D:3A:EA:68:51:7D:31:89:25:15:77:64:FD:D1:EB:7E:CD:5F
Certificate issuer:       /CN=B6366F3DD14AC5399103961C30642E6779892C6C
Certificate serial:       41641A82138138E493E7C330F68A0656D0107857
Authority key identifier: B6:36:6F:3D:D1:4A:C5:39:91:03:96:1C:30:64:2E:67:79:89:2C:6C
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/B6366F3DD14AC5399103961C30642E6779892C6C.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/2/326130363a313238333a383030333a3a2f34382d3438203d3e20323135313437.roa
Signing time:             Mon 03 Feb 2025 20:07:18 +0000
ROA not before:           Mon 03 Feb 2025 20:02:18 +0000
ROA not after:            Mon 02 Feb 2026 20:07:18 +0000
asID:                     215147
IP address blocks:        2a06:1283:8003::/48 maxlen: 48
Validation:               Failed, certificate revoked on Sat 15 Feb 2025 19:49:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:64:1a:82:13:81:38:e4:93:e7:c3:30:f6:8a:06:56:d0:10:78:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B6366F3DD14AC5399103961C30642E6779892C6C
        Validity
            Not Before: Feb  3 20:02:18 2025 GMT
            Not After : Feb  2 20:07:18 2026 GMT
        Subject: CN=23288D3AEA68517D318925157764FDD1EB7ECD5F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:41:6e:24:9f:89:05:68:01:df:6a:6b:dd:28:
                    7c:c8:39:d7:17:1d:42:e8:90:0d:35:7c:a4:dc:71:
                    2c:32:3f:69:bb:f5:3a:b2:c2:2a:bc:63:5c:46:d2:
                    32:6a:7f:90:e9:17:3c:ed:51:f0:81:83:7f:02:c6:
                    89:91:9a:2b:a9:fb:e8:d2:69:f4:0e:89:ac:58:bc:
                    7f:a5:a1:5c:d4:8c:9c:0c:65:48:70:4d:01:d7:a6:
                    3f:07:c0:25:d7:44:9c:52:79:38:93:b0:53:f0:27:
                    8b:ec:8e:29:7f:1d:9a:8e:54:bd:82:ee:b0:18:e8:
                    09:c1:5e:8c:b1:c4:65:6c:b6:f1:8c:ad:da:63:e0:
                    91:dc:90:74:36:bd:97:26:18:d9:2e:d5:b2:7f:ec:
                    bd:06:6f:b4:07:12:1d:dd:1d:49:ca:e6:a6:73:fc:
                    ac:e2:e0:64:30:b9:21:90:4b:4a:9a:1a:e7:92:41:
                    58:e5:a1:bd:d2:e5:81:17:55:c3:b6:c9:02:4a:92:
                    cb:01:42:02:57:2f:c8:cc:7c:91:65:81:2d:cc:b4:
                    e3:10:ce:b4:b1:94:a7:2c:ec:27:a9:59:c4:b1:9c:
                    d9:1a:3b:43:9d:38:10:29:06:c8:58:dd:42:c6:97:
                    fd:f1:ae:66:95:58:f7:f3:96:98:04:6e:c8:f5:ae:
                    be:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:28:8D:3A:EA:68:51:7D:31:89:25:15:77:64:FD:D1:EB:7E:CD:5F
            X509v3 Authority Key Identifier:
                keyid:B6:36:6F:3D:D1:4A:C5:39:91:03:96:1C:30:64:2E:67:79:89:2C:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/2/B6366F3DD14AC5399103961C30642E6779892C6C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/B6366F3DD14AC5399103961C30642E6779892C6C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/2/326130363a313238333a383030333a3a2f34382d3438203d3e20323135313437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1283:8003::/48

    Signature Algorithm: sha256WithRSAEncryption
         9a:99:1c:18:7f:d0:27:c9:07:d9:55:b3:db:ed:4d:aa:ff:4c:
         11:38:48:e8:1f:e1:65:7f:94:26:b2:c7:87:a3:80:8e:03:86:
         87:9b:74:65:be:9f:eb:2a:d9:c9:e5:33:03:8f:c4:b8:a7:81:
         4b:cf:74:72:58:95:8a:ad:7b:04:3e:b6:61:fd:83:ec:5c:9e:
         81:d2:91:df:a7:72:04:5e:6e:54:07:f4:8a:ff:8d:1f:05:ff:
         e2:00:9f:ea:22:d1:77:a8:27:0d:84:89:df:6b:d2:ac:5a:8b:
         da:ef:cb:e0:64:b2:da:1c:38:42:93:f4:b5:14:cd:b7:98:26:
         84:7e:21:40:94:68:d2:eb:5c:2e:2a:1a:01:b6:5b:89:e6:21:
         b5:cf:c2:84:f7:43:53:f5:3f:fa:a2:e7:0d:2a:22:b7:0c:e7:
         7d:ab:3a:29:b1:a8:99:94:2f:95:76:0e:ab:10:73:87:8d:9f:
         5a:f8:9b:2d:b3:4f:75:9a:2b:c6:55:cf:ad:0b:18:8c:f1:64:
         0d:dc:c1:d4:89:84:2e:87:d4:3c:a2:cf:c5:cf:9e:6e:40:37:
         0b:2e:43:c3:6d:0b:8c:50:47:47:98:61:bb:0a:bb:0f:78:4d:
         33:ac:37:f5:6d:db:f7:92:64:79:00:53:a5:32:74:92:7f:71:
         a3:ef:6c:54
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUQWQaghOBOOST58Mw9ooGVtAQeFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjYzNjZGM0REMTRBQzUzOTkxMDM5NjFDMzA2NDJFNjc3
OTg5MkM2QzAeFw0yNTAyMDMyMDAyMThaFw0yNjAyMDIyMDA3MThaMDMxMTAvBgNV
BAMTKDIzMjg4RDNBRUE2ODUxN0QzMTg5MjUxNTc3NjRGREQxRUI3RUNENUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcQW4kn4kFaAHfamvdKHzIOdcX
HULokA01fKTccSwyP2m79Tqywiq8Y1xG0jJqf5DpFzztUfCBg38CxomRmiup++jS
afQOiaxYvH+loVzUjJwMZUhwTQHXpj8HwCXXRJxSeTiTsFPwJ4vsjil/HZqOVL2C
7rAY6AnBXoyxxGVstvGMrdpj4JHckHQ2vZcmGNku1bJ/7L0Gb7QHEh3dHUnK5qZz
/Kzi4GQwuSGQS0qaGueSQVjlob3S5YEXVcO2yQJKkssBQgJXL8jMfJFlgS3MtOMQ
zrSxlKcs7CepWcSxnNkaO0OdOBApBshY3ULGl/3xrmaVWPfzlpgEbsj1rr61AgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUIyiNOupoUX0xiSUVd2T90et+zV8wHwYDVR0j
BBgwFoAUtjZvPdFKxTmRA5YcMGQuZ3mJLGwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjhhYmFiYmItZjA0OC00ZGUxLTkyMDYtOGQ0MGYwNzE4
MDhiLzIvQjYzNjZGM0REMTRBQzUzOTkxMDM5NjFDMzA2NDJFNjc3OTg5MkM2Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yYWY3M2E5Yy0yMDU4LTQz
YmItOWFjNi01YWI0MmRmYmY0MDkvMS9CNjM2NkYzREQxNEFDNTM5OTEwMzk2MUMz
MDY0MkU2Nzc5ODkyQzZDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS82OGFiYWJiYi1mMDQ4LTRkZTEtOTIwNi04ZDQwZjA3MTgwOGIvMi8zMjYxMzAz
NjNhMzEzMjM4MzMzYTM4MzAzMDMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzEzNDM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgYSg4ADMA0GCSqGSIb3DQEBCwUAA4IBAQCa
mRwYf9AnyQfZVbPb7U2q/0wROEjoH+Flf5QmsseHo4COA4aHm3Rlvp/rKtnJ5TMD
j8S4p4FLz3RyWJWKrXsEPrZh/YPsXJ6B0pHfp3IEXm5UB/SK/40fBf/iAJ/qItF3
qCcNhInfa9KsWova78vgZLLaHDhCk/S1FM23mCaEfiFAlGjS61wuKhoBtluJ5iG1
z8KE90NT9T/6oucNKiK3DOd9qzopsaiZlC+Vdg6rEHOHjZ9a+Jsts091mivGVc+t
CxiM8WQN3MHUiYQuh9Q8os/Fz55uQDcLLkPDbQuMUEdHmGG7CrsPeE0zrDf1bdv3
kmR5AFOlMnSSf3Gj72xU
-----END CERTIFICATE-----