Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530313a3a2f33332d3438203d3e20313937343737.roa
File:                     326131333a393530313a3a2f33332d3438203d3e20313937343737.roa (raw, json)
Hash identifier:          8/SexBJ/ITP/NQgQkKSZ4JNNI8Z4eyqUFTUPDmumzMc=
Subject key identifier:   B9:CD:2A:DB:1E:CE:EF:55:D8:88:26:AB:6E:DD:12:2C:1E:9A:87:3D
Certificate issuer:       /CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
Certificate serial:       4DD7823AE25CC530724F42EB260728D2E9AA7D5B
Authority key identifier: E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530313a3a2f33332d3438203d3e20313937343737.roa
Signing time:             Mon 06 May 2024 12:17:51 +0000
ROA not before:           Mon 06 May 2024 12:12:51 +0000
ROA not after:            Mon 05 May 2025 12:17:51 +0000
asID:                     197477
IP address blocks:        2a13:9501::/33 maxlen: 48

Validation:               Failed, certificate revoked on Wed 06 Nov 2024 12:06:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:d7:82:3a:e2:5c:c5:30:72:4f:42:eb:26:07:28:d2:e9:aa:7d:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8b29cf1b7e7b94f636eda75e229987364a40d4d
        Validity
            Not Before: May  6 12:12:51 2024 GMT
            Not After : May  5 12:17:51 2025 GMT
        Subject: CN=B9CD2ADB1ECEEF55D88826AB6EDD122C1E9A873D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:37:0b:9c:7d:53:dd:81:5d:90:74:0b:38:41:
                    4b:ff:bf:0b:f7:c6:d7:c7:09:21:7d:5d:64:29:e8:
                    06:5d:f0:b3:ab:64:f1:69:8f:03:e4:bb:1c:5a:84:
                    14:c8:9e:9e:f7:bb:e3:ec:73:3c:ce:70:23:9c:67:
                    f5:fb:08:32:70:13:a8:be:7c:99:8a:cd:bb:08:1c:
                    ad:0b:00:a1:3a:8a:4f:49:53:d1:67:e0:e2:3e:a9:
                    18:68:1a:ef:c2:3f:f7:70:cb:88:39:14:95:63:47:
                    1c:9f:29:7c:7f:7f:38:e6:09:e4:26:04:8e:a7:c7:
                    d2:32:2c:b0:25:f4:bb:ca:58:50:ea:e3:fe:fc:82:
                    75:81:95:62:4d:d8:d7:18:c5:9a:5f:ef:ec:14:df:
                    b8:da:e2:b7:c1:b2:6d:76:90:c4:8f:04:8c:b2:11:
                    55:81:14:15:96:37:56:e7:f0:50:1f:52:92:ef:2a:
                    9a:7a:ce:70:b7:a8:45:8e:f8:fd:e5:4a:d5:33:43:
                    c1:aa:9e:f6:cc:f7:1c:c6:94:21:73:81:4e:7c:4e:
                    d9:5b:27:81:5e:3d:6e:83:9d:72:2a:9e:e2:0e:7d:
                    a6:62:ec:32:a9:07:35:15:4d:ef:29:fa:c0:f7:7d:
                    68:1d:b9:1b:bf:15:28:f1:f3:67:30:56:61:c2:5d:
                    99:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:CD:2A:DB:1E:CE:EF:55:D8:88:26:AB:6E:DD:12:2C:1E:9A:87:3D
            X509v3 Authority Key Identifier:
                keyid:E8:B2:9C:F1:B7:E7:B9:4F:63:6E:DA:75:E2:29:98:73:64:A4:0D:4D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/E8B29CF1B7E7B94F636EDA75E229987364A40D4D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LKc8bfnuU9jbtp14imYc2SkDU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cc8ff7a9-54bb-42a5-b584-1c6684062d8a/0/326131333a393530313a3a2f33332d3438203d3e20313937343737.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:9501::/33

    Signature Algorithm: sha256WithRSAEncryption
         93:be:0e:49:40:62:fc:16:e1:bc:b6:8e:4c:86:7b:5e:f7:bc:
         87:54:3e:26:a5:d8:9f:a1:d3:b5:d5:1e:be:4d:db:a3:50:c3:
         9d:7b:f2:15:0e:a5:44:37:24:57:df:f0:f6:8e:94:7a:1d:c4:
         26:b9:a5:9d:c9:46:26:1c:4b:35:83:b1:1c:0e:7f:5e:07:94:
         e6:d2:90:17:72:3e:53:f0:d1:d9:2f:33:0b:45:60:5b:6e:bd:
         fb:f7:18:bb:12:09:a0:cb:9a:d8:83:09:6e:2f:cc:93:38:00:
         13:22:22:21:13:81:aa:20:b7:76:a2:fa:aa:c4:1b:cb:45:ef:
         5d:26:cd:b1:fd:72:15:13:97:c5:3d:a8:bd:63:f3:65:98:c6:
         fe:97:3d:77:4f:55:ce:84:70:93:75:f0:a8:b7:5b:15:d3:23:
         d6:7a:b7:b0:bb:94:d6:cd:0c:9b:f5:c5:0d:43:b9:ca:06:ee:
         d3:16:07:6d:cd:74:fa:fe:46:63:1e:32:a6:f0:d4:e0:1e:99:
         b0:fb:94:4a:19:19:08:49:81:1f:10:8f:bc:e2:de:d9:0f:67:
         2e:05:15:aa:09:28:14:0d:4d:e6:a5:70:54:64:19:51:7d:ff:
         25:ad:0a:ea:35:7a:de:3a:66:ad:9b:a0:2e:56:1e:8c:77:33:
         ba:6c:6c:45
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTdeCOuJcxTByT0LrJgco0umqfVswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZThiMjljZjFiN2U3Yjk0ZjYzNmVkYTc1ZTIyOTk4NzM2
NGE0MGQ0ZDAeFw0yNDA1MDYxMjEyNTFaFw0yNTA1MDUxMjE3NTFaMDMxMTAvBgNV
BAMTKEI5Q0QyQURCMUVDRUVGNTVEODg4MjZBQjZFREQxMjJDMUU5QTg3M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMNwucfVPdgV2QdAs4QUv/vwv3
xtfHCSF9XWQp6AZd8LOrZPFpjwPkuxxahBTInp73u+PsczzOcCOcZ/X7CDJwE6i+
fJmKzbsIHK0LAKE6ik9JU9Fn4OI+qRhoGu/CP/dwy4g5FJVjRxyfKXx/fzjmCeQm
BI6nx9IyLLAl9LvKWFDq4/78gnWBlWJN2NcYxZpf7+wU37ja4rfBsm12kMSPBIyy
EVWBFBWWN1bn8FAfUpLvKpp6znC3qEWO+P3lStUzQ8GqnvbM9xzGlCFzgU58Ttlb
J4FePW6DnXIqnuIOfaZi7DKpBzUVTe8p+sD3fWgduRu/FSjx82cwVmHCXZkfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUuc0q2x7O71XYiCarbt0SLB6ahz0wHwYDVR0j
BBgwFoAU6LKc8bfnuU9jbtp14imYc2SkDU0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTktNTRiYi00MmE1LWI1ODQtMWM2Njg0MDYy
ZDhhLzAvRThCMjlDRjFCN0U3Qjk0RjYzNkVEQTc1RTIyOTk4NzM2NEE0MEQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZMS2M4YmZudVU5amJ0cDE0aW1ZYzJT
a0RVMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2M4ZmY3YTkt
NTRiYi00MmE1LWI1ODQtMWM2Njg0MDYyZDhhLzAvMzI2MTMxMzMzYTM5MzUzMDMx
M2EzYTJmMzMzMzJkMzQzODIwM2QzZTIwMzEzOTM3MzQzNzM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYH
KhOVAQAwDQYJKoZIhvcNAQELBQADggEBAJO+DklAYvwW4by2jkyGe173vIdUPial
2J+h07XVHr5N26NQw5178hUOpUQ3JFff8PaOlHodxCa5pZ3JRiYcSzWDsRwOf14H
lObSkBdyPlPw0dkvMwtFYFtuvfv3GLsSCaDLmtiDCW4vzJM4ABMiIiETgaogt3ai
+qrEG8tF710mzbH9chUTl8U9qL1j82WYxv6XPXdPVc6EcJN18Ki3WxXTI9Z6t7C7
lNbNDJv1xQ1DucoG7tMWB23NdPr+RmMeMqbw1OAembD7lEoZGQhJgR8Qj7zi3tkP
Zy4FFaoJKBQNTealcFRkGVF9/yWtCuo1et46Zq2boC5WHox3M7psbEU=
Generated at Wed Nov 6 15:16:08 2024 by rpki-client on console-fra.rpki-client.org