Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653030313a3a2f34382d3438203d3e20323134363433.roa
File:                     326131343a373538313a653030313a3a2f34382d3438203d3e20323134363433.roa (raw, json)
Hash identifier:          PN+U25KqAoXx2IeJkX9VAo4F7tzij0gJHjIhuHn366s=
Subject key identifier:   8C:9C:01:C1:AE:FC:19:22:70:83:AA:69:2B:A3:46:16:CA:EA:CB:D6
Certificate issuer:       /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial:       20229781B4328D479524083891D75DAB59905062
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653030313a3a2f34382d3438203d3e20323134363433.roa
Signing time:             Thu 27 Jun 2024 09:09:17 +0000
ROA not before:           Thu 27 Jun 2024 09:04:17 +0000
ROA not after:            Thu 26 Jun 2025 09:09:17 +0000
asID:                     214643
IP address blocks:        2a14:7581:e001::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 10 Jul 2024 20:24:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:22:97:81:b4:32:8d:47:95:24:08:38:91:d7:5d:ab:59:90:50:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
        Validity
            Not Before: Jun 27 09:04:17 2024 GMT
            Not After : Jun 26 09:09:17 2025 GMT
        Subject: CN=8C9C01C1AEFC19227083AA692BA34616CAEACBD6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:65:af:d3:de:fc:80:c5:5c:97:18:b7:73:3a:
                    6c:16:69:d2:75:84:7e:9d:05:df:56:63:5e:00:60:
                    65:46:1d:1d:b7:c7:68:b5:41:c7:48:18:4f:7a:79:
                    c2:d7:61:4c:79:5e:a0:08:fb:50:5a:5c:08:18:c3:
                    b3:c4:da:56:31:68:0e:57:78:1c:dd:6c:29:96:ce:
                    0b:0b:0b:40:91:30:be:94:e5:90:00:17:37:b6:ad:
                    c7:82:ce:a5:1b:74:e7:3d:03:d4:2c:20:79:6d:98:
                    75:98:e2:b0:21:69:ab:c2:c0:a2:9c:9e:4a:77:84:
                    06:73:cf:55:e0:14:3d:68:8e:cb:42:be:fd:8e:b7:
                    5b:0d:88:12:2b:7f:e4:cf:4f:a4:d2:c6:46:7f:86:
                    ee:5a:b3:77:cd:c8:43:9b:a0:a7:d6:07:0c:6d:e7:
                    c2:26:48:cd:c7:67:bb:a1:72:0c:4d:b0:33:21:8b:
                    e5:0b:d8:cb:95:75:17:bf:02:b3:0a:1b:3c:58:68:
                    d4:69:ae:a4:66:14:b4:af:7d:c9:0c:3c:90:63:c9:
                    ae:c9:20:e5:ba:b5:80:47:7d:51:e3:68:de:4d:4d:
                    b8:68:8a:d1:5f:09:fb:17:8c:56:3e:fe:d6:81:92:
                    fc:f8:7a:34:ba:e0:7e:bd:64:73:b5:cf:f5:b9:a2:
                    79:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:9C:01:C1:AE:FC:19:22:70:83:AA:69:2B:A3:46:16:CA:EA:CB:D6
            X509v3 Authority Key Identifier:
                keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653030313a3a2f34382d3438203d3e20323134363433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:e001::/48

    Signature Algorithm: sha256WithRSAEncryption
         17:65:b7:42:47:1b:46:98:1f:9e:aa:6d:bd:48:4e:97:c5:40:
         e5:7d:bc:b0:08:36:2b:6d:ee:db:5d:83:35:b6:1c:82:ee:ff:
         6e:20:33:28:4c:de:eb:c3:fc:50:00:26:06:eb:b5:62:bd:56:
         49:b8:28:99:9c:3e:4e:15:a4:30:f1:94:ee:29:62:0c:b3:58:
         4f:60:be:31:b8:cd:c3:33:d8:d4:14:0e:33:86:f0:f5:93:0d:
         7d:53:62:c8:45:12:54:1e:fd:e1:02:e2:62:26:ec:65:66:f0:
         08:28:a1:c0:16:79:f7:56:f2:28:d4:49:ba:a9:e2:65:ce:0f:
         e3:46:95:9c:94:9a:08:d0:61:7f:cb:8b:93:ce:1f:95:ad:a3:
         a0:98:d7:41:50:60:c8:93:ea:3d:8d:06:a7:ac:7b:56:86:e4:
         f1:43:b7:8f:8a:e5:83:fc:c6:3d:b9:27:72:f6:ce:64:0a:27:
         1b:08:91:98:8f:59:b5:71:ec:9f:5c:cc:3d:b5:89:10:01:c2:
         84:78:b0:1b:5c:fe:5c:6a:21:db:c5:2e:35:78:dc:82:df:52:
         7d:68:23:b4:67:d5:c4:61:41:00:e3:7e:66:21:c1:79:ca:2f:
         fe:e5:4a:55:d3:a3:43:c0:01:c2:4a:2e:9f:fc:65:61:ff:87:
         1f:f6:17:0b
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUICKXgbQyjUeVJAg4kdddq1mQUGIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDA2MjcwOTA0MTdaFw0yNTA2MjYwOTA5MTdaMDMxMTAvBgNV
BAMTKDhDOUMwMUMxQUVGQzE5MjI3MDgzQUE2OTJCQTM0NjE2Q0FFQUNCRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbZa/T3vyAxVyXGLdzOmwWadJ1
hH6dBd9WY14AYGVGHR23x2i1QcdIGE96ecLXYUx5XqAI+1BaXAgYw7PE2lYxaA5X
eBzdbCmWzgsLC0CRML6U5ZAAFze2rceCzqUbdOc9A9QsIHltmHWY4rAhaavCwKKc
nkp3hAZzz1XgFD1ojstCvv2Ot1sNiBIrf+TPT6TSxkZ/hu5as3fNyEOboKfWBwxt
58ImSM3HZ7uhcgxNsDMhi+UL2MuVdRe/ArMKGzxYaNRprqRmFLSvfckMPJBjya7J
IOW6tYBHfVHjaN5NTbhoitFfCfsXjFY+/taBkvz4ejS64H69ZHO1z/W5onmLAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUjJwBwa78GSJwg6ppK6NGFsrqy9YwHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTY1MzAzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzYzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1geABMA0GCSqGSIb3DQEBCwUAA4IBAQAX
ZbdCRxtGmB+eqm29SE6XxUDlfbywCDYrbe7bXYM1thyC7v9uIDMoTN7rw/xQACYG
67VivVZJuCiZnD5OFaQw8ZTuKWIMs1hPYL4xuM3DM9jUFA4zhvD1kw19U2LIRRJU
Hv3hAuJiJuxlZvAIKKHAFnn3VvIo1Em6qeJlzg/jRpWclJoI0GF/y4uTzh+VraOg
mNdBUGDIk+o9jQanrHtWhuTxQ7ePiuWD/MY9uSdy9s5kCicbCJGYj1m1ceyfXMw9
tYkQAcKEeLAbXP5caiHbxS41eNyC31J9aCO0Z9XEYUEA435mIcF5yi/+5UpV06ND
wAHCSi6f/GVh/4cf9hcL
Generated at Wed Jul 10 21:22:00 2024 by rpki-client on console-fra.rpki-client.org