Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216304.roa
File:                     AS216304.roa (raw, json)
Hash identifier:          fSQN2jorHZ8J24oEbRAV+2f6+nHBhp9+HiTOuRDP3Lk=
Subject key identifier:   89:AD:8C:BA:1B:4F:24:3C:13:5C:AA:AD:79:1F:78:CD:7D:FF:2D:AF
Certificate issuer:       /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial:       15ACDBFA53E14E0A8298892F339AE127C372EADB
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216304.roa
Signing time:             Fri 22 Sep 2023 17:18:17 +0000
ROA not before:           Fri 22 Sep 2023 17:13:17 +0000
ROA not after:            Fri 20 Sep 2024 17:18:17 +0000
asID:                     216304
IP address blocks:        2a07:54c4:175f::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:ac:db:fa:53:e1:4e:0a:82:98:89:2f:33:9a:e1:27:c3:72:ea:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
        Validity
            Not Before: Sep 22 17:13:17 2023 GMT
            Not After : Sep 20 17:18:17 2024 GMT
        Subject: CN=89AD8CBA1B4F243C135CAAAD791F78CD7DFF2DAF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:ca:c1:e8:d3:88:f3:38:a9:2d:d3:96:3d:a3:
                    49:9c:94:d5:b5:37:10:c1:64:c3:57:ed:e0:d7:03:
                    b2:d7:83:32:91:ea:91:84:18:11:0f:6d:01:8c:44:
                    d3:ac:db:48:38:f7:2b:59:fa:05:07:89:9c:7e:b9:
                    bb:30:bf:7e:ab:cb:4d:cb:08:f0:13:4e:bf:ec:7f:
                    57:0c:93:0c:f6:ba:49:fb:24:41:4e:af:74:f5:62:
                    28:c9:7f:67:d4:5a:23:b0:d3:c3:40:05:b4:f2:f8:
                    86:b1:2a:22:71:c7:fc:3f:f4:0e:52:52:74:36:ad:
                    9b:ad:38:58:b8:97:b3:a2:d2:da:f1:21:26:de:ca:
                    26:4b:1e:52:2d:eb:c0:b9:95:b5:72:0c:fe:c3:b2:
                    07:22:15:5f:90:ac:50:12:78:c2:7c:7e:03:54:a9:
                    0c:41:fb:e0:4b:02:31:17:0a:ed:d4:32:ad:53:2a:
                    ae:83:29:d5:cc:c3:e7:9d:73:ba:ee:da:0d:66:62:
                    0a:92:04:a8:e9:03:b9:88:a0:05:bf:11:d6:39:60:
                    9d:25:36:bf:08:3a:5c:6d:a5:77:69:1c:3b:de:4f:
                    27:b3:2f:13:82:d6:a4:ba:c8:0a:fa:94:4a:ca:e1:
                    56:b1:2a:06:5a:6d:85:42:9c:70:2b:6a:93:ed:b3:
                    5a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:AD:8C:BA:1B:4F:24:3C:13:5C:AA:AD:79:1F:78:CD:7D:FF:2D:AF
            X509v3 Authority Key Identifier:
                keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216304.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c4:175f::/48

    Signature Algorithm: sha256WithRSAEncryption
         27:dc:84:9c:ec:3b:5f:9b:67:3d:5b:79:7f:cb:7d:1c:a0:d3:
         22:33:da:42:9e:f9:de:5d:67:a2:9f:da:44:40:a6:27:74:59:
         a9:03:c2:47:8d:a9:18:14:25:5f:d2:e2:52:e8:6b:d6:ac:cf:
         b3:f9:07:b4:c1:16:da:c5:d4:2a:ef:d9:a8:3b:c3:9b:ec:bb:
         6f:c8:e3:e1:00:82:1f:db:33:cc:de:d3:2a:17:2b:78:05:05:
         90:50:51:50:a6:32:cd:8c:0e:3b:54:95:1b:dc:c3:4b:02:42:
         ed:48:c3:85:60:fc:be:be:38:95:a5:6d:68:41:a0:dc:eb:48:
         d7:6c:cd:0e:83:c7:9f:15:b5:32:bc:9e:07:2e:b0:0f:55:29:
         37:80:58:37:bc:81:ae:9c:76:4d:15:21:ad:f1:f3:92:d3:91:
         bb:e9:d4:f7:02:7b:8a:c2:7b:58:d0:15:ed:a2:65:76:47:f4:
         86:57:24:e9:e3:27:c2:dc:36:5c:e2:66:12:b3:56:ce:3b:ab:
         f0:5e:de:dd:13:7e:8f:82:20:c7:e2:fe:a2:a7:d4:b2:b9:67:
         a7:40:a8:16:6b:92:ed:f6:e9:35:35:27:b3:70:5c:80:78:78:
         ea:6a:81:42:15:dc:8a:8d:6d:a2:55:4c:2e:08:23:fb:f2:04:
         88:8a:2f:e5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFazb+lPhTgqCmIkvM5rhJ8Ny6tswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yMzA5MjIxNzEzMTdaFw0yNDA5MjAxNzE4MTdaMDMxMTAvBgNV
BAMTKDg5QUQ4Q0JBMUI0RjI0M0MxMzVDQUFBRDc5MUY3OENEN0RGRjJEQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+ysHo04jzOKkt05Y9o0mclNW1
NxDBZMNX7eDXA7LXgzKR6pGEGBEPbQGMRNOs20g49ytZ+gUHiZx+ubswv36ry03L
CPATTr/sf1cMkwz2ukn7JEFOr3T1YijJf2fUWiOw08NABbTy+IaxKiJxx/w/9A5S
UnQ2rZutOFi4l7Oi0trxISbeyiZLHlIt68C5lbVyDP7DsgciFV+QrFASeMJ8fgNU
qQxB++BLAjEXCu3UMq1TKq6DKdXMw+edc7ru2g1mYgqSBKjpA7mIoAW/EdY5YJ0l
Nr8IOlxtpXdpHDveTyezLxOC1qS6yAr6lErK4VaxKgZabYVCnHArapPts1oPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUia2MuhtPJDwTXKqteR94zX3/La8wHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE2MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
xBdfMA0GCSqGSIb3DQEBCwUAA4IBAQAn3ISc7Dtfm2c9W3l/y30coNMiM9pCnvne
XWein9pEQKYndFmpA8JHjakYFCVf0uJS6GvWrM+z+Qe0wRbaxdQq79moO8Ob7Ltv
yOPhAIIf2zPM3tMqFyt4BQWQUFFQpjLNjA47VJUb3MNLAkLtSMOFYPy+vjiVpW1o
QaDc60jXbM0Og8efFbUyvJ4HLrAPVSk3gFg3vIGunHZNFSGt8fOS05G76dT3AnuK
wntY0BXtomV2R/SGVyTp4yfC3DZc4mYSs1bOO6vwXt7dE36PgiDH4v6ip9SyuWen
QKgWa5Lt9uk1NSezcFyAeHjqaoFCFdyKjW2iVUwuCCP78gSIii/l
Generated at Fri Sep 22 23:36:13 2023 by rpki-client on console-ams.rpki-client.org