Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653030393a3a2f34382d3438203d3e20323134363433.roa
File:                     326131343a373538313a653030393a3a2f34382d3438203d3e20323134363433.roa (raw, json)
Hash identifier:          8Iwpk3/gIIJ8HsPjeWizOal7gN+1+2815m3hFqOwHCA=
Subject key identifier:   70:01:AE:86:C4:CD:B4:87:A9:37:0C:88:F6:9B:93:1B:81:4B:4D:F4
Certificate issuer:       /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial:       6EFAFAE041171538BC8E3E5B8616C5DB2A54419F
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653030393a3a2f34382d3438203d3e20323134363433.roa
Signing time:             Thu 27 Jun 2024 09:10:12 +0000
ROA not before:           Thu 27 Jun 2024 09:05:12 +0000
ROA not after:            Thu 26 Jun 2025 09:10:12 +0000
asID:                     214643
IP address blocks:        2a14:7581:e009::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 05 Jul 2024 15:07:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:fa:fa:e0:41:17:15:38:bc:8e:3e:5b:86:16:c5:db:2a:54:41:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
        Validity
            Not Before: Jun 27 09:05:12 2024 GMT
            Not After : Jun 26 09:10:12 2025 GMT
        Subject: CN=7001AE86C4CDB487A9370C88F69B931B814B4DF4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:36:7d:ad:e9:03:95:a7:38:d6:70:16:02:f0:
                    c3:0e:39:e0:77:a8:5d:0b:5e:fa:2c:60:df:cb:36:
                    a2:b5:fe:c5:84:0d:84:b4:87:0a:94:12:b6:6c:1d:
                    18:38:a3:c7:f7:fe:fd:8c:c6:c7:56:32:83:36:06:
                    b8:56:8a:e9:20:8e:a2:2c:6b:c0:18:15:4b:48:b0:
                    80:e4:9b:65:6a:3c:84:98:4f:c8:6b:48:08:6e:e3:
                    19:f6:c2:aa:1c:c5:68:d4:31:7b:64:33:27:50:82:
                    05:38:de:91:70:ad:35:19:93:33:a1:32:e5:07:22:
                    0d:db:53:fc:c5:67:c4:dc:51:af:63:3d:1c:40:33:
                    19:53:b8:c6:f0:27:24:5e:a8:db:c0:08:a3:f2:83:
                    e9:fb:a3:5f:09:c7:da:80:5b:6e:a9:65:94:da:73:
                    fc:ff:4d:93:b8:69:ee:83:17:27:8d:cc:69:a7:61:
                    d9:d7:b0:25:50:64:b1:70:b0:d6:74:3f:10:87:21:
                    3e:07:68:13:81:1c:53:70:62:44:44:ca:ff:60:74:
                    d7:ee:e7:51:23:1b:08:6f:cf:cf:ad:f7:70:60:03:
                    5b:44:2b:f2:e4:0a:63:0e:67:1f:dd:f7:e0:13:6d:
                    0b:e2:1a:19:34:b5:92:46:d0:62:be:dd:65:57:53:
                    fd:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:01:AE:86:C4:CD:B4:87:A9:37:0C:88:F6:9B:93:1B:81:4B:4D:F4
            X509v3 Authority Key Identifier:
                keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653030393a3a2f34382d3438203d3e20323134363433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:e009::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:b7:3a:a2:e8:73:95:63:47:ce:e3:d9:00:32:66:b9:c6:c8:
         f0:f8:5a:e8:e1:e9:46:e0:40:bc:cf:5d:64:5b:23:4a:e8:f7:
         25:c3:7d:d2:db:dc:98:37:1f:5f:b8:a2:8f:cb:6a:e4:b8:91:
         b4:a9:bd:8a:21:8c:45:44:42:05:54:9e:1a:4b:df:ee:59:bd:
         3c:e2:78:72:dc:f8:c8:ed:a9:20:9f:67:39:05:31:ac:88:99:
         b6:4f:63:51:db:a0:04:67:1d:7f:d2:b4:f3:2f:aa:3a:cf:4f:
         0a:a2:cc:a2:ad:47:f5:30:12:29:1d:c7:5b:c5:77:f8:02:93:
         9f:4d:11:e3:d9:da:b9:4b:8c:93:5d:9f:e7:44:69:2d:93:06:
         ad:a4:01:19:13:5b:74:b0:75:0f:2a:cf:79:01:41:30:0d:c3:
         c6:0a:e4:06:47:c1:b3:84:49:5e:1e:9e:01:8f:2b:4d:73:a5:
         d8:58:d0:b8:fe:9f:b6:4c:de:50:5c:7f:c7:ee:d4:a4:9d:52:
         88:43:58:57:8b:46:8d:a5:f7:77:33:dc:5b:0c:ed:20:42:b8:
         44:72:87:ca:a9:3d:55:f2:c7:33:9f:a4:38:58:7d:28:28:85:
         e8:2f:7b:6f:58:ec:c4:61:c6:d9:4f:a3:21:b6:d0:75:f8:e0:
         02:5c:2f:40
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUbvr64EEXFTi8jj5bhhbF2ypUQZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDA2MjcwOTA1MTJaFw0yNTA2MjYwOTEwMTJaMDMxMTAvBgNV
BAMTKDcwMDFBRTg2QzRDREI0ODdBOTM3MEM4OEY2OUI5MzFCODE0QjRERjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVNn2t6QOVpzjWcBYC8MMOOeB3
qF0LXvosYN/LNqK1/sWEDYS0hwqUErZsHRg4o8f3/v2MxsdWMoM2BrhWiukgjqIs
a8AYFUtIsIDkm2VqPISYT8hrSAhu4xn2wqocxWjUMXtkMydQggU43pFwrTUZkzOh
MuUHIg3bU/zFZ8TcUa9jPRxAMxlTuMbwJyReqNvACKPyg+n7o18Jx9qAW26pZZTa
c/z/TZO4ae6DFyeNzGmnYdnXsCVQZLFwsNZ0PxCHIT4HaBOBHFNwYkREyv9gdNfu
51EjGwhvz8+t93BgA1tEK/LkCmMOZx/d9+ATbQviGhk0tZJG0GK+3WVXU/3FAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUcAGuhsTNtIepNwyI9puTG4FLTfQwHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTY1MzAzMDM5M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzYzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1geAJMA0GCSqGSIb3DQEBCwUAA4IBAQBy
tzqi6HOVY0fO49kAMma5xsjw+Fro4elG4EC8z11kWyNK6Pclw33S29yYNx9fuKKP
y2rkuJG0qb2KIYxFREIFVJ4aS9/uWb084nhy3PjI7akgn2c5BTGsiJm2T2NR26AE
Zx1/0rTzL6o6z08KosyirUf1MBIpHcdbxXf4ApOfTRHj2dq5S4yTXZ/nRGktkwat
pAEZE1t0sHUPKs95AUEwDcPGCuQGR8GzhEleHp4BjytNc6XYWNC4/p+2TN5QXH/H
7tSknVKIQ1hXi0aNpfd3M9xbDO0gQrhEcofKqT1V8sczn6Q4WH0oKIXoL3tvWOzE
YcbZT6MhttB1+OACXC9A
-----END CERTIFICATE-----
Generated at Fri Jul 5 17:06:20 2024 by rpki-client on console-ams.rpki-client.org