Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/326130393a353463363a653032303a3a2f34342d3434203d3e20323134333132.roa
File:                     326130393a353463363a653032303a3a2f34342d3434203d3e20323134333132.roa (raw, json)
Hash identifier:          bOpJpMF9Je1vc8v8J0oCUhKgxcaWFcVaz/3zGGL8xoQ=
Subject key identifier:   CD:9B:F5:C6:2A:42:5F:7D:95:FE:5E:A3:D8:23:56:D7:4D:67:A6:1A
Certificate issuer:       /CN=1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40
Certificate serial:       4DEED1F0D694ED72B5E763FAEC9B879D243F2182
Authority key identifier: 1D:A3:1F:62:E9:7F:E6:A2:A3:8D:8F:39:84:FE:D6:E3:13:D1:BC:40
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/326130393a353463363a653032303a3a2f34342d3434203d3e20323134333132.roa
Signing time:             Wed 11 Sep 2024 15:04:37 +0000
ROA not before:           Wed 11 Sep 2024 14:59:37 +0000
ROA not after:            Wed 10 Sep 2025 15:04:37 +0000
asID:                     214312
IP address blocks:        2a09:54c6:e020::/44 maxlen: 44

Validation:               Failed, certificate revoked on Sun 27 Oct 2024 16:17:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:ee:d1:f0:d6:94:ed:72:b5:e7:63:fa:ec:9b:87:9d:24:3f:21:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40
        Validity
            Not Before: Sep 11 14:59:37 2024 GMT
            Not After : Sep 10 15:04:37 2025 GMT
        Subject: CN=CD9BF5C62A425F7D95FE5EA3D82356D74D67A61A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:06:69:fb:56:04:8b:21:d0:3a:45:70:23:ad:
                    d8:01:94:de:0a:d4:77:68:18:7f:29:d0:5c:82:bb:
                    21:8b:2c:8d:d4:b1:31:62:4e:58:d6:de:2d:3c:49:
                    45:42:fc:4f:67:4c:77:d4:61:9f:f0:1b:ec:4f:45:
                    7f:8d:71:ea:7b:db:d8:ff:63:ba:ca:11:a5:5b:d5:
                    bd:76:80:a1:cd:66:6d:07:49:34:68:41:fb:35:25:
                    99:59:fd:e8:7a:c5:4e:d2:80:df:68:52:69:de:4c:
                    c6:21:06:f5:d9:9e:11:76:23:4d:53:69:d1:fa:48:
                    97:a1:ee:9c:2b:17:75:47:7a:9b:c9:ed:09:57:0d:
                    d7:2a:c8:0a:55:9d:90:8a:ea:16:8b:56:fe:0b:cc:
                    40:7d:91:19:10:15:bc:28:d0:80:48:35:e8:8a:2f:
                    4e:4b:a4:6f:1b:30:67:7f:5e:34:35:14:83:83:de:
                    8c:7e:65:d5:59:4c:d8:f8:32:7b:bf:08:9d:fe:de:
                    9f:67:b3:b5:5c:16:c3:b2:2b:cf:fe:29:34:ea:0f:
                    42:88:ea:ec:57:ac:02:96:f0:16:53:b4:68:69:c7:
                    7a:14:44:64:47:b4:d2:e9:17:6d:ea:cd:66:62:5e:
                    25:41:55:de:1a:80:e9:ad:2f:21:1a:27:3e:b2:a6:
                    ba:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:9B:F5:C6:2A:42:5F:7D:95:FE:5E:A3:D8:23:56:D7:4D:67:A6:1A
            X509v3 Authority Key Identifier:
                keyid:1D:A3:1F:62:E9:7F:E6:A2:A3:8D:8F:39:84:FE:D6:E3:13:D1:BC:40

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/326130393a353463363a653032303a3a2f34342d3434203d3e20323134333132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a09:54c6:e020::/44

    Signature Algorithm: sha256WithRSAEncryption
         53:50:a8:09:9c:4e:b6:3e:d6:54:a4:06:f5:b9:14:04:b5:d8:
         cb:77:d0:0d:c3:58:09:f4:47:ca:52:b5:1a:62:5f:d3:8c:11:
         e3:0e:cd:d1:ca:f8:bd:a8:7e:e1:6a:67:b3:ab:63:6d:f8:d9:
         43:56:3c:7b:9c:75:29:0b:60:eb:3f:3f:4a:cf:d4:4f:51:e5:
         19:de:11:79:f4:3a:b7:6b:20:f9:ed:39:6c:16:a8:ec:cb:f8:
         d2:d2:34:1b:74:d5:f2:14:9d:13:ab:73:48:29:7c:8b:e5:36:
         e9:aa:64:80:a5:89:b4:b0:a5:bc:e0:87:66:40:19:30:95:71:
         15:8c:17:2e:ea:25:75:3b:8d:34:c1:14:fc:2b:ae:e4:df:e2:
         7c:5b:c7:52:35:a8:00:30:58:5d:f9:af:dd:8d:85:65:83:de:
         17:7f:ed:da:8f:34:30:a4:61:cd:fe:d0:d6:29:06:77:57:fb:
         21:62:35:27:53:8a:6a:54:76:90:15:18:b6:e2:70:6c:b0:7a:
         bd:1d:62:31:60:78:53:36:07:de:b6:97:dc:dc:a1:94:87:d2:
         10:49:2f:99:64:73:51:f8:fa:b5:64:e4:31:98:e2:06:8e:4d:
         27:cd:af:83:9f:4f:19:54:df:09:74:3c:ce:7c:d2:19:e8:00:
         9c:3a:8e:b8
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUTe7R8NaU7XK152P67JuHnSQ/IYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMURBMzFGNjJFOTdGRTZBMkEzOEQ4RjM5ODRGRUQ2RTMx
M0QxQkM0MDAeFw0yNDA5MTExNDU5MzdaFw0yNTA5MTAxNTA0MzdaMDMxMTAvBgNV
BAMTKENEOUJGNUM2MkE0MjVGN0Q5NUZFNUVBM0Q4MjM1NkQ3NEQ2N0E2MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuBmn7VgSLIdA6RXAjrdgBlN4K
1HdoGH8p0FyCuyGLLI3UsTFiTljW3i08SUVC/E9nTHfUYZ/wG+xPRX+Ncep729j/
Y7rKEaVb1b12gKHNZm0HSTRoQfs1JZlZ/eh6xU7SgN9oUmneTMYhBvXZnhF2I01T
adH6SJeh7pwrF3VHepvJ7QlXDdcqyApVnZCK6haLVv4LzEB9kRkQFbwo0IBINeiK
L05LpG8bMGd/XjQ1FIOD3ox+ZdVZTNj4Mnu/CJ3+3p9ns7VcFsOyK8/+KTTqD0KI
6uxXrAKW8BZTtGhpx3oURGRHtNLpF23qzWZiXiVBVd4agOmtLyEaJz6yproHAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUzZv1xipCX32V/l6j2CNW101nphowHwYDVR0j
BBgwFoAUHaMfYul/5qKjjY85hP7W4xPRvEAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTU2NjQ0M2ItZGZmNC00ZDEzLWJiODEtNzJjODYzMGQ2
ZGY2LzEvMURBMzFGNjJFOTdGRTZBMkEzOEQ4RjM5ODRGRUQ2RTMxM0QxQkM0MC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC8xREEzMUY2MkU5N0ZFNkEyQTM4RDhGMzk4
NEZFRDZFMzEzRDFCQzQwLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS85NTY2NDQzYi1kZmY0LTRkMTMtYmI4MS03MmM4NjMwZDZkZjYvMS8zMjYxMzAz
OTNhMzUzNDYzMzYzYTY1MzAzMjMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIz
MTM0MzMzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKglUxuAgMA0GCSqGSIb3DQEBCwUAA4IBAQBT
UKgJnE62PtZUpAb1uRQEtdjLd9ANw1gJ9EfKUrUaYl/TjBHjDs3Ryvi9qH7hamez
q2Nt+NlDVjx7nHUpC2DrPz9Kz9RPUeUZ3hF59Dq3ayD57TlsFqjsy/jS0jQbdNXy
FJ0Tq3NIKXyL5TbpqmSApYm0sKW84IdmQBkwlXEVjBcu6iV1O400wRT8K67k3+J8
W8dSNagAMFhd+a/djYVlg94Xf+3ajzQwpGHN/tDWKQZ3V/shYjUnU4pqVHaQFRi2
4nBssHq9HWIxYHhTNgfetpfc3KGUh9IQSS+ZZHNR+Pq1ZOQxmOIGjk0nza+Dn08Z
VN8JdDzOfNIZ6ACcOo64
-----END CERTIFICATE-----