Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538323a3a2f33322d3332203d3e203231373338.roa
File:                     326131343a373538323a3a2f33322d3332203d3e203231373338.roa (raw, json)
Hash identifier:          q44KvUN/F7bKVxJWRjaZmAUxUI5fl/O1fDDF4lQl4a0=
Subject key identifier:   9E:42:2C:42:A5:06:3B:F3:A8:AF:CF:A3:E6:59:0B:F5:42:5A:31:65
Certificate issuer:       /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial:       2EC2BBF595F9CA9D933242ACFF5DAFF48F321E61
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538323a3a2f33322d3332203d3e203231373338.roa
Signing time:             Sun 24 Mar 2024 15:54:00 +0000
ROA not before:           Sun 24 Mar 2024 15:49:00 +0000
ROA not after:            Sun 23 Mar 2025 15:54:00 +0000
asID:                     21738
IP address blocks:        2a14:7582::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 28 Mar 2024 22:14:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:c2:bb:f5:95:f9:ca:9d:93:32:42:ac:ff:5d:af:f4:8f:32:1e:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
        Validity
            Not Before: Mar 24 15:49:00 2024 GMT
            Not After : Mar 23 15:54:00 2025 GMT
        Subject: CN=9E422C42A5063BF3A8AFCFA3E6590BF5425A3165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:94:a4:45:70:27:79:56:e1:71:46:f6:ae:e4:
                    82:a6:e9:cf:ef:74:16:2e:21:90:40:81:9d:68:ab:
                    09:c9:19:d1:57:2a:ba:f9:e7:1f:10:14:49:89:54:
                    1b:7d:0c:73:7e:6a:42:53:33:1a:37:86:bd:dc:38:
                    d8:a2:83:05:19:66:4d:42:dd:b5:36:51:26:0f:3c:
                    f5:ea:55:40:31:bd:22:a9:ae:97:30:4a:33:36:9b:
                    65:eb:2d:3e:2d:de:16:85:02:58:cf:c5:79:0e:1e:
                    71:ed:be:2b:00:1c:e2:40:3f:c5:91:dc:ff:06:1b:
                    73:d4:ca:b0:44:e4:cd:6e:c6:0c:24:57:76:15:c0:
                    63:f2:7b:d3:25:b8:ed:37:b2:c5:de:ec:f2:c8:18:
                    e9:3d:6a:ba:81:5f:d3:ce:36:79:7c:25:31:72:45:
                    2e:46:82:92:5e:e7:a6:a1:f2:c6:51:a3:ab:a3:01:
                    3f:36:e3:eb:0c:f5:0f:e6:a6:3e:44:e0:89:bf:f8:
                    ec:6e:0a:3f:76:1d:44:fe:ef:c2:b0:06:fb:02:64:
                    cc:ba:c2:f0:ae:b8:69:6b:12:a7:0a:79:ed:fa:8e:
                    c7:78:82:ba:68:1a:5e:ba:ea:cf:b8:24:8e:e6:b4:
                    70:86:1e:f3:f4:07:e9:ae:25:22:38:f7:7a:14:17:
                    03:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:42:2C:42:A5:06:3B:F3:A8:AF:CF:A3:E6:59:0B:F5:42:5A:31:65
            X509v3 Authority Key Identifier:
                keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538323a3a2f33322d3332203d3e203231373338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7582::/32

    Signature Algorithm: sha256WithRSAEncryption
         64:03:ea:36:14:12:8e:28:a6:55:39:75:c8:63:79:ee:a4:87:
         21:46:02:38:e2:a7:f1:e4:fe:17:e3:dc:01:32:cd:00:df:45:
         c1:b5:ec:2c:fd:ec:26:8f:91:d2:7d:c0:52:4f:c4:17:09:e9:
         1a:9d:ee:fb:d0:ef:25:e3:ec:34:f5:23:6a:53:ab:15:ea:fb:
         af:cf:44:df:7b:db:04:e5:64:bf:7b:f6:04:12:9e:95:bd:b1:
         0b:58:ab:86:64:e9:8f:32:dd:7a:19:ef:07:6b:3f:7d:1e:45:
         db:04:87:c4:64:36:40:bb:62:d7:80:45:f2:34:05:ba:0d:df:
         d2:bf:5c:76:2a:3f:f3:30:05:66:6e:5e:1c:a8:18:14:ba:e6:
         d7:ff:d6:be:c1:d7:21:a8:de:de:02:b9:6b:3b:75:a6:fa:c3:
         2d:bc:c5:ce:50:4b:81:36:45:36:1f:a8:6f:8f:49:82:1a:68:
         e9:17:d0:a1:ba:4f:79:3f:45:ab:37:f0:a4:13:e8:50:d6:a3:
         86:b5:b1:18:81:30:19:2f:35:fc:64:fa:60:76:9f:a4:be:53:
         bb:d6:1a:3b:6b:98:0a:52:e5:2d:30:c3:7f:d0:83:4b:3c:0e:
         f1:e0:43:35:8f:6e:00:2a:f7:1d:82:ba:88:a9:e4:b4:fa:16:
         bf:34:fb:14
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIULsK79ZX5yp2TMkKs/12v9I8yHmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDAzMjQxNTQ5MDBaFw0yNTAzMjMxNTU0MDBaMDMxMTAvBgNV
BAMTKDlFNDIyQzQyQTUwNjNCRjNBOEFGQ0ZBM0U2NTkwQkY1NDI1QTMxNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFlKRFcCd5VuFxRvau5IKm6c/v
dBYuIZBAgZ1oqwnJGdFXKrr55x8QFEmJVBt9DHN+akJTMxo3hr3cONiigwUZZk1C
3bU2USYPPPXqVUAxvSKprpcwSjM2m2XrLT4t3haFAljPxXkOHnHtvisAHOJAP8WR
3P8GG3PUyrBE5M1uxgwkV3YVwGPye9MluO03ssXe7PLIGOk9arqBX9PONnl8JTFy
RS5GgpJe56ah8sZRo6ujAT824+sM9Q/mpj5E4Im/+OxuCj92HUT+78KwBvsCZMy6
wvCuuGlrEqcKee36jsd4grpoGl666s+4JI7mtHCGHvP0B+muJSI493oUFwO1AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUnkIsQqUGO/Oor8+j5lkL9UJaMWUwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMy
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM3MzMzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoU
dYIwDQYJKoZIhvcNAQELBQADggEBAGQD6jYUEo4oplU5dchjee6khyFGAjjip/Hk
/hfj3AEyzQDfRcG17Cz97CaPkdJ9wFJPxBcJ6Rqd7vvQ7yXj7DT1I2pTqxXq+6/P
RN972wTlZL979gQSnpW9sQtYq4Zk6Y8y3XoZ7wdrP30eRdsEh8RkNkC7YteARfI0
BboN39K/XHYqP/MwBWZuXhyoGBS65tf/1r7B1yGo3t4CuWs7dab6wy28xc5QS4E2
RTYfqG+PSYIaaOkX0KG6T3k/Ras38KQT6FDWo4a1sRiBMBkvNfxk+mB2n6S+U7vW
GjtrmApS5S0ww3/Qg0s8DvHgQzWPbgAq9x2Cuoip5LT6Fr80+xQ=
Generated at Thu Mar 28 23:10:49 2024 by rpki-client on console-ams.rpki-client.org