Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/2/326130353a646663313a393162393a3a2f34382d3438203d3e20323030333531.roa
File:                     326130353a646663313a393162393a3a2f34382d3438203d3e20323030333531.roa (raw, json)
Hash identifier:          VoK6feHyCU3M2A1mz3iJ0QcUxOIK7johhUH8t71lJxM=
Subject key identifier:   B7:79:70:55:89:8E:69:A5:54:41:26:42:36:D6:57:3C:24:47:7E:39
Certificate issuer:       /CN=2699D31EA71B96E1A99C35B1F5626ACC517EE2E1
Certificate serial:       52B2EA41E5C5368E0E1B0BF7268D18ADA4772670
Authority key identifier: 26:99:D3:1E:A7:1B:96:E1:A9:9C:35:B1:F5:62:6A:CC:51:7E:E2:E1
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/2699D31EA71B96E1A99C35B1F5626ACC517EE2E1.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/2/326130353a646663313a393162393a3a2f34382d3438203d3e20323030333531.roa
Signing time:             Tue 30 Jan 2024 06:14:15 +0000
ROA not before:           Tue 30 Jan 2024 06:09:15 +0000
ROA not after:            Tue 28 Jan 2025 06:14:15 +0000
asID:                     200351
IP address blocks:        2a05:dfc1:91b9::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 23 Oct 2024 03:40:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:b2:ea:41:e5:c5:36:8e:0e:1b:0b:f7:26:8d:18:ad:a4:77:26:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2699D31EA71B96E1A99C35B1F5626ACC517EE2E1
        Validity
            Not Before: Jan 30 06:09:15 2024 GMT
            Not After : Jan 28 06:14:15 2025 GMT
        Subject: CN=B7797055898E69A55441264236D6573C24477E39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:e9:af:85:54:3c:93:a1:93:4e:f7:ba:2f:47:
                    e7:ad:56:e1:ce:e8:db:94:43:9d:77:35:0c:31:86:
                    f8:66:ba:c9:26:91:e7:db:7a:f5:db:83:d7:5b:6d:
                    b2:25:f6:d0:86:fe:60:5e:94:87:c2:3d:cc:55:e9:
                    b5:f8:5e:e0:27:11:a2:ed:56:29:36:dd:b4:b2:75:
                    13:19:59:55:95:60:21:45:3d:d7:4e:e4:de:d9:a7:
                    5f:63:88:5c:19:e9:bf:48:a6:e5:b7:ee:78:9a:99:
                    48:8f:f2:14:23:e2:9c:59:cb:c6:41:73:ff:22:90:
                    40:2f:b0:22:08:51:1f:16:16:48:1b:ce:0d:df:d6:
                    a7:19:10:f8:2a:20:f8:2f:cc:88:71:7e:96:f3:2a:
                    99:f4:a7:16:ea:5d:2c:4f:0f:b3:cb:df:d0:16:c3:
                    f3:b0:4b:6e:8d:07:8c:83:a9:85:29:cb:a8:c5:f7:
                    69:f8:ac:56:89:31:02:3d:05:aa:e8:ab:bc:68:17:
                    43:a6:0b:37:33:44:31:27:a1:2c:4a:06:16:f1:a2:
                    28:33:b9:03:cb:09:b1:58:d5:fd:4f:87:84:81:55:
                    be:55:05:59:95:ca:d5:3e:13:17:b9:65:5a:3b:82:
                    ff:f3:00:42:5d:1a:07:2c:cb:07:61:06:91:66:a2:
                    8d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:79:70:55:89:8E:69:A5:54:41:26:42:36:D6:57:3C:24:47:7E:39
            X509v3 Authority Key Identifier:
                keyid:26:99:D3:1E:A7:1B:96:E1:A9:9C:35:B1:F5:62:6A:CC:51:7E:E2:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/2/2699D31EA71B96E1A99C35B1F5626ACC517EE2E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/2699D31EA71B96E1A99C35B1F5626ACC517EE2E1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982f85bc-3d69-48a2-b9c3-7ef0a839ce19/2/326130353a646663313a393162393a3a2f34382d3438203d3e20323030333531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc1:91b9::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:a4:23:1f:b6:84:86:c5:3a:af:5b:75:25:d6:cd:5b:9f:cf:
         ac:e4:3c:c4:5c:b6:41:ce:cc:1f:50:76:03:42:82:47:c6:8a:
         75:f7:bb:5d:28:5d:08:22:a8:da:b3:d5:93:48:e3:92:5b:ca:
         b8:da:1a:aa:2b:1b:64:9f:c8:f9:9f:7b:ab:65:b0:c3:fd:8f:
         4f:19:ab:26:97:d7:73:8f:ff:6e:40:29:6c:73:ff:6e:e0:ff:
         11:54:f4:be:f5:c8:e8:90:fb:b1:b1:4d:18:e2:6b:1a:57:20:
         2d:ac:ce:ad:61:28:f8:8f:18:e7:a4:8f:49:3e:ae:eb:f8:e0:
         8d:30:30:fa:74:24:16:b5:00:98:bc:40:5a:25:08:3a:06:3a:
         f4:4b:f0:ea:24:9d:fe:88:b8:02:24:be:e8:3d:5d:84:90:07:
         dc:e1:9f:1c:d5:3e:2f:3d:06:01:b3:3c:0f:87:af:fd:86:ba:
         82:70:f9:c2:35:21:e2:99:ca:9d:11:3c:9c:82:e8:b0:44:46:
         56:6f:16:ef:5a:4a:c8:06:4b:fa:12:8b:84:40:6a:1a:14:bd:
         8c:2d:36:ea:48:2e:f0:e8:aa:4a:fc:87:6b:06:4e:60:4d:cf:
         80:d3:33:cb:ce:f6:89:25:64:08:2a:9d:76:e0:04:82:93:a2:
         f6:2e:d9:a1
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUUrLqQeXFNo4OGwv3Jo0YraR3JnAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjY5OUQzMUVBNzFCOTZFMUE5OUMzNUIxRjU2MjZBQ0M1
MTdFRTJFMTAeFw0yNDAxMzAwNjA5MTVaFw0yNTAxMjgwNjE0MTVaMDMxMTAvBgNV
BAMTKEI3Nzk3MDU1ODk4RTY5QTU1NDQxMjY0MjM2RDY1NzNDMjQ0NzdFMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu6a+FVDyToZNO97ovR+etVuHO
6NuUQ513NQwxhvhmuskmkefbevXbg9dbbbIl9tCG/mBelIfCPcxV6bX4XuAnEaLt
Vik23bSydRMZWVWVYCFFPddO5N7Zp19jiFwZ6b9IpuW37niamUiP8hQj4pxZy8ZB
c/8ikEAvsCIIUR8WFkgbzg3f1qcZEPgqIPgvzIhxfpbzKpn0pxbqXSxPD7PL39AW
w/OwS26NB4yDqYUpy6jF92n4rFaJMQI9Baroq7xoF0OmCzczRDEnoSxKBhbxoigz
uQPLCbFY1f1Ph4SBVb5VBVmVytU+Exe5ZVo7gv/zAEJdGgcsywdhBpFmoo1LAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUt3lwVYmOaaVUQSZCNtZXPCRHfjkwHwYDVR0j
BBgwFoAUJpnTHqcbluGpnDWx9WJqzFF+4uEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyZjg1YmMtM2Q2OS00OGEyLWI5YzMtN2VmMGE4Mzlj
ZTE5LzIvMjY5OUQzMUVBNzFCOTZFMUE5OUMzNUIxRjU2MjZBQ0M1MTdFRTJFMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMS8yNjk5RDMxRUE3MUI5NkUxQTk5QzM1QjFG
NTYyNkFDQzUxN0VFMkUxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS85ODJmODViYy0zZDY5LTQ4YTItYjljMy03ZWYwYTgzOWNlMTkvMi8zMjYxMzAz
NTNhNjQ2NjYzMzEzYTM5MzE2MjM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MDMwMzMzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgXfwZG5MA0GCSqGSIb3DQEBCwUAA4IBAQBS
pCMftoSGxTqvW3Ul1s1bn8+s5DzEXLZBzswfUHYDQoJHxop197tdKF0IIqjas9WT
SOOSW8q42hqqKxtkn8j5n3urZbDD/Y9PGasml9dzj/9uQClsc/9u4P8RVPS+9cjo
kPuxsU0Y4msaVyAtrM6tYSj4jxjnpI9JPq7r+OCNMDD6dCQWtQCYvEBaJQg6Bjr0
S/DqJJ3+iLgCJL7oPV2EkAfc4Z8c1T4vPQYBszwPh6/9hrqCcPnCNSHimcqdETyc
guiwREZWbxbvWkrIBkv6EouEQGoaFL2MLTbqSC7w6KpK/IdrBk5gTc+A0zPLzvaJ
JWQIKp124ASCk6L2Ltmh