Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS203635.roa
File:                     AS203635.roa (raw, json)
Hash identifier:          e0ETm+a9im9BSxJoERiHHXdlhPQ2o8uJOhg1qgdpcVQ=
Subject key identifier:   67:0F:A3:99:1E:ED:28:32:64:63:0C:64:4D:43:78:D8:F2:F3:A6:E2
Certificate issuer:       /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial:       2554497632C00CA91A77269AD46B63BACC159883
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS203635.roa
Signing time:             Tue 25 Jun 2024 20:57:12 +0000
ROA not before:           Tue 25 Jun 2024 20:52:12 +0000
ROA not after:            Tue 24 Jun 2025 20:57:12 +0000
asID:                     203635
IP address blocks:        2a07:54c4:3::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 26 Jun 2024 17:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:54:49:76:32:c0:0c:a9:1a:77:26:9a:d4:6b:63:ba:cc:15:98:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
        Validity
            Not Before: Jun 25 20:52:12 2024 GMT
            Not After : Jun 24 20:57:12 2025 GMT
        Subject: CN=670FA3991EED283264630C644D4378D8F2F3A6E2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:10:5b:dd:c0:ad:6c:be:d6:65:7b:83:16:32:
                    17:1b:ae:63:a3:a1:95:08:e6:9c:f1:32:85:50:61:
                    c2:fa:ba:e5:d4:97:e6:ab:eb:73:28:a2:93:ba:8d:
                    b4:5e:1b:ff:21:d0:68:30:8a:45:8c:6e:ae:72:b2:
                    f4:97:ff:d0:6c:d6:80:dc:ad:51:0b:2b:29:b7:0d:
                    c9:96:6a:7f:b4:e3:72:22:f7:1b:a6:5d:a0:34:c9:
                    8d:0d:40:ce:14:c4:ad:c5:c5:06:ed:b8:5f:95:1f:
                    1d:14:67:6f:87:73:f8:c6:46:0c:2b:99:61:20:c5:
                    2d:56:42:47:a7:ae:87:c9:08:0a:62:15:c7:c7:4a:
                    12:7f:d9:7f:27:ea:e3:70:d9:cb:5f:16:58:2c:b5:
                    5f:59:4e:7d:e2:03:cc:e7:ae:1b:2c:b7:d0:8f:44:
                    ef:09:6a:4a:47:ce:29:14:91:4a:f3:ba:8b:58:84:
                    84:88:35:15:98:0c:85:a0:a1:54:9d:ab:63:77:ea:
                    0e:6c:dc:93:b0:a0:41:a8:d2:ed:92:0a:db:c0:bc:
                    96:1a:f6:bc:7d:d3:b9:59:6f:22:53:77:fc:6d:eb:
                    98:b3:b8:10:fa:3b:6e:28:b7:43:14:05:e8:e8:5c:
                    52:4a:4f:03:ae:33:74:2d:63:46:84:43:f2:aa:f8:
                    6c:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:0F:A3:99:1E:ED:28:32:64:63:0C:64:4D:43:78:D8:F2:F3:A6:E2
            X509v3 Authority Key Identifier:
                keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS203635.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c4:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:7f:0b:95:ed:b9:a7:05:92:22:eb:da:04:90:8c:08:49:8f:
         cf:60:08:2f:d6:55:4a:be:a8:5c:f2:9f:8a:81:4f:06:37:34:
         c8:f0:7c:bb:a0:2c:74:ed:a8:e9:98:23:61:ba:43:8d:4f:cd:
         24:34:f8:ae:a1:b9:f4:55:b7:36:4c:5f:56:04:ea:0a:d1:bc:
         e2:2d:7d:de:a3:82:e9:f4:bd:89:92:7e:21:74:b8:aa:20:c8:
         cc:71:9a:42:b1:80:db:a5:55:8c:e4:de:a6:27:19:c1:78:c4:
         2a:2a:0e:c8:c7:09:0a:6f:f6:8a:4c:ea:71:38:b7:b3:25:e7:
         cd:01:99:cc:b4:50:25:62:08:25:92:c4:41:c0:16:8a:93:23:
         26:b7:c5:74:a0:49:76:39:0e:b6:41:16:62:a1:c2:df:28:63:
         5d:15:51:c6:22:db:86:88:12:0a:7f:69:f6:c3:26:f3:8c:d3:
         08:c6:8b:62:08:c8:b2:b4:31:8b:db:ec:e7:b2:a1:86:54:e1:
         0b:c7:92:23:7d:5f:e4:49:a0:af:f3:94:85:fc:41:06:6f:69:
         3f:db:d4:9f:30:ac:f6:8c:9a:43:ad:d7:79:9a:19:7e:5b:bb:
         73:61:25:f6:f2:06:29:e3:64:d6:5d:0b:80:2d:24:3d:b7:33:
         e4:44:71:e2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJVRJdjLADKkadyaa1GtjuswVmIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA2MjUyMDUyMTJaFw0yNTA2MjQyMDU3MTJaMDMxMTAvBgNV
BAMTKDY3MEZBMzk5MUVFRDI4MzI2NDYzMEM2NDRENDM3OEQ4RjJGM0E2RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4EFvdwK1svtZle4MWMhcbrmOj
oZUI5pzxMoVQYcL6uuXUl+ar63MoopO6jbReG/8h0GgwikWMbq5ysvSX/9Bs1oDc
rVELKym3DcmWan+043Ii9xumXaA0yY0NQM4UxK3FxQbtuF+VHx0UZ2+Hc/jGRgwr
mWEgxS1WQkenrofJCApiFcfHShJ/2X8n6uNw2ctfFlgstV9ZTn3iA8znrhsst9CP
RO8JakpHzikUkUrzuotYhISINRWYDIWgoVSdq2N36g5s3JOwoEGo0u2SCtvAvJYa
9rx907lZbyJTd/xt65izuBD6O24ot0MUBejoXFJKTwOuM3QtY0aEQ/Kq+GxLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZw+jmR7tKDJkYwxkTUN42PLzpuIwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjAzNjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
xAADMA0GCSqGSIb3DQEBCwUAA4IBAQADfwuV7bmnBZIi69oEkIwISY/PYAgv1lVK
vqhc8p+KgU8GNzTI8Hy7oCx07ajpmCNhukONT80kNPiuobn0Vbc2TF9WBOoK0bzi
LX3eo4Lp9L2Jkn4hdLiqIMjMcZpCsYDbpVWM5N6mJxnBeMQqKg7IxwkKb/aKTOpx
OLezJefNAZnMtFAlYgglksRBwBaKkyMmt8V0oEl2OQ62QRZiocLfKGNdFVHGItuG
iBIKf2n2wybzjNMIxotiCMiytDGL2+znsqGGVOELx5IjfV/kSaCv85SF/EEGb2k/
29SfMKz2jJpDrdd5mhl+W7tzYSX28gYp42TWXQuALSQ9tzPkRHHi
-----END CERTIFICATE-----
Generated at Wed Jun 26 22:04:36 2024 by rpki-client on console-ams.rpki-client.org