Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336465303a3a2f34342d3438203d3e20323136323636.roa
File:                     326131313a323963303a336465303a3a2f34342d3438203d3e20323136323636.roa (raw, json)
Hash identifier:          0YHxl+kpCBPZB3d5oNLEJi5hOa0Bmzil7/xM/ymdplo=
Subject key identifier:   FA:91:2E:E4:C6:A4:90:D4:98:87:94:38:AD:46:28:31:A5:7D:D7:07
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       6D663BCB93464AC12BA18961803CD356B3AA1A20
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336465303a3a2f34342d3438203d3e20323136323636.roa
Signing time:             Sat 15 Jun 2024 05:48:32 +0000
ROA not before:           Sat 15 Jun 2024 05:43:32 +0000
ROA not after:            Sat 14 Jun 2025 05:48:32 +0000
asID:                     216266
IP address blocks:        2a11:29c0:3de0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Mon 28 Oct 2024 16:07:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:66:3b:cb:93:46:4a:c1:2b:a1:89:61:80:3c:d3:56:b3:aa:1a:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jun 15 05:43:32 2024 GMT
            Not After : Jun 14 05:48:32 2025 GMT
        Subject: CN=FA912EE4C6A490D498879438AD462831A57DD707
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:2a:63:5b:84:f5:f8:c1:1b:f1:6f:f3:bd:ba:
                    b1:22:e9:9e:8a:e4:95:3e:c5:d4:b2:47:90:e8:52:
                    ff:fa:3d:44:dc:38:fa:2e:35:11:ed:1e:8c:50:d2:
                    e8:33:5e:55:9d:05:56:24:bf:a6:87:9e:57:ba:41:
                    93:a6:18:6b:fe:79:8f:cd:98:b7:ff:68:8d:98:13:
                    64:a6:fb:3c:10:b5:5a:22:fc:0d:a7:7a:ab:29:26:
                    85:2f:6d:06:db:e8:d2:4f:e3:82:d3:a0:f1:cc:d8:
                    16:9b:ad:95:ac:33:4c:32:e8:da:40:43:26:e8:46:
                    34:21:e2:f2:75:8c:3e:2d:ad:30:66:4e:3a:7a:83:
                    8b:26:c0:e6:96:fc:6b:15:5e:78:32:52:12:f3:5b:
                    76:14:95:29:da:4f:b9:d0:47:ad:12:7e:b1:52:b7:
                    7d:9b:fa:ee:dd:e3:36:6f:0e:a6:e6:07:cd:54:b3:
                    2f:7f:aa:25:f1:d7:f6:ff:6a:e1:2d:8d:71:fc:88:
                    e4:15:62:8c:18:1c:9f:17:63:41:55:e4:30:42:d3:
                    d2:9b:10:10:d9:7e:76:0d:10:61:ef:cc:be:29:ac:
                    15:de:4f:e3:92:2f:d4:6e:67:50:ab:5d:5a:86:3a:
                    8b:94:4a:0b:f7:9e:43:fb:6b:7b:1e:0a:28:a7:f2:
                    7f:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:91:2E:E4:C6:A4:90:D4:98:87:94:38:AD:46:28:31:A5:7D:D7:07
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336465303a3a2f34342d3438203d3e20323136323636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:3de0::/44

    Signature Algorithm: sha256WithRSAEncryption
         a8:fd:fa:8b:10:5e:e5:83:73:0a:09:64:8c:96:23:93:a1:2b:
         1a:8d:ab:e2:d2:1d:18:f8:e9:b7:df:0c:fa:c7:5d:21:f2:dd:
         13:5b:df:a7:99:ae:fb:0a:9d:47:12:52:ad:bd:0e:2c:04:cd:
         fb:1e:75:68:c2:9c:fd:46:c5:9f:5e:39:e6:b0:27:04:cd:8f:
         da:58:d8:40:92:4a:d0:ad:a2:93:ac:c2:89:45:d4:c2:18:14:
         d3:72:23:37:48:3d:fe:9f:fb:9c:22:ee:74:f9:f8:65:8a:32:
         3e:27:42:29:71:85:4f:8a:fc:b1:91:eb:c3:bd:be:c7:d8:11:
         f1:ab:ca:25:a3:f0:be:f9:c1:db:de:f0:69:92:6f:1f:c9:23:
         1a:8a:f9:ed:88:88:8d:9a:8e:7e:f6:2d:ba:07:29:92:98:3e:
         78:02:d8:9b:d1:af:c1:42:0d:0f:95:6e:8c:ca:8e:e8:f6:bd:
         00:25:04:0b:7f:67:60:c5:42:9f:90:81:28:83:0b:3d:27:12:
         f0:b6:e6:92:d0:23:6a:38:52:dc:66:9e:c8:9e:b7:a0:38:b0:
         c0:d6:1a:c5:55:99:cb:8b:21:7c:f8:64:f9:c1:ca:c4:8a:96:
         ee:38:de:cc:cf:2e:5d:de:d6:98:42:56:b6:7e:d7:6e:01:b6:
         27:68:bb:79
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUbWY7y5NGSsEroYlhgDzTVrOqGiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTUwNTQzMzJaFw0yNTA2MTQwNTQ4MzJaMDMxMTAvBgNV
BAMTKEZBOTEyRUU0QzZBNDkwRDQ5ODg3OTQzOEFENDYyODMxQTU3REQ3MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIKmNbhPX4wRvxb/O9urEi6Z6K
5JU+xdSyR5DoUv/6PUTcOPouNRHtHoxQ0ugzXlWdBVYkv6aHnle6QZOmGGv+eY/N
mLf/aI2YE2Sm+zwQtVoi/A2neqspJoUvbQbb6NJP44LToPHM2BabrZWsM0wy6NpA
QyboRjQh4vJ1jD4trTBmTjp6g4smwOaW/GsVXngyUhLzW3YUlSnaT7nQR60SfrFS
t32b+u7d4zZvDqbmB81Usy9/qiXx1/b/auEtjXH8iOQVYowYHJ8XY0FV5DBC09Kb
EBDZfnYNEGHvzL4prBXeT+OSL9RuZ1CrXVqGOouUSgv3nkP7a3seCiin8n8LAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU+pEu5MakkNSYh5Q4rUYoMaV91wcwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjUzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEzNjMyMzYzNi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoRKcA94DANBgkqhkiG9w0BAQsFAAOCAQEAqP36ixBe5YNzCglk
jJYjk6ErGo2r4tIdGPjpt98M+sddIfLdE1vfp5mu+wqdRxJSrb0OLATN+x51aMKc
/UbFn1455rAnBM2P2ljYQJJK0K2ik6zCiUXUwhgU03IjN0g9/p/7nCLudPn4ZYoy
PidCKXGFT4r8sZHrw72+x9gR8avKJaPwvvnB297waZJvH8kjGor57YiIjZqOfvYt
ugcpkpg+eALYm9GvwUIND5VujMqO6Pa9ACUEC39nYMVCn5CBKIMLPScS8LbmktAj
ajhS3GaeyJ63oDiwwNYaxVWZy4shfPhk+cHKxIqW7jjezM8uXd7WmEJWtn7XbgG2
J2i7eQ==
Generated at Mon Oct 28 18:24:31 2024 by rpki-client on console-fra.rpki-client.org