Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653130333a3a2f34382d3438203d3e20323134363433.roa
File:                     326131343a373538313a653130333a3a2f34382d3438203d3e20323134363433.roa (raw, json)
Hash identifier:          ygMcyChLSLK+kpy1rflP/JqqIxBP7Dou63zFfPzpqyM=
Subject key identifier:   22:78:3C:3E:90:51:B6:21:9A:AC:1B:37:76:EB:62:EC:16:7C:5C:52
Certificate issuer:       /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial:       1659841F31B76120A0BFF3603F5200297D1389E1
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653130333a3a2f34382d3438203d3e20323134363433.roa
Signing time:             Fri 12 Jul 2024 16:54:18 +0000
ROA not before:           Fri 12 Jul 2024 16:49:18 +0000
ROA not after:            Fri 11 Jul 2025 16:54:18 +0000
asID:                     214643
IP address blocks:        2a14:7581:e103::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 17 Jul 2024 15:22:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:59:84:1f:31:b7:61:20:a0:bf:f3:60:3f:52:00:29:7d:13:89:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
        Validity
            Not Before: Jul 12 16:49:18 2024 GMT
            Not After : Jul 11 16:54:18 2025 GMT
        Subject: CN=22783C3E9051B6219AAC1B3776EB62EC167C5C52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:72:a1:a6:56:9d:a8:07:c5:28:36:55:39:3f:
                    45:03:81:07:7e:62:b4:5e:7c:f5:d9:b6:f6:fa:07:
                    9b:cc:0f:c1:65:e0:f6:c0:24:03:fc:66:39:9e:09:
                    03:79:84:21:f6:46:40:70:ec:5b:bd:40:31:cc:f9:
                    1f:20:8c:ab:7c:ef:5f:e9:a5:bf:fc:66:4d:02:85:
                    99:b8:1c:25:29:e2:c0:f8:83:49:d8:e2:29:87:4e:
                    a6:1a:7f:11:6e:7a:ed:24:00:54:63:0d:85:23:4c:
                    e5:a4:5e:85:48:78:47:5f:85:9b:ef:5c:d7:33:26:
                    df:46:35:27:5e:ab:53:49:50:21:89:bd:31:a0:df:
                    c4:b0:61:cc:0e:b5:15:85:ba:ec:dd:f1:36:2e:d0:
                    a4:0a:6a:a6:3d:c2:72:b0:ce:f4:49:3e:1e:13:04:
                    66:48:50:47:a2:f3:b4:3b:ea:22:3d:51:01:d3:31:
                    fa:1b:ba:ab:c2:1c:ab:6a:94:2d:a9:78:93:d4:b5:
                    2c:41:dc:bb:a8:e6:d3:e1:06:ee:c5:a4:81:70:ad:
                    8e:5c:34:07:c9:1b:b9:d4:99:e8:58:17:39:e6:66:
                    15:fd:8a:b2:d6:bd:76:7d:6c:b1:ac:54:09:9a:c5:
                    1b:ad:e7:07:ca:5c:4a:a1:1e:32:12:ad:be:49:ec:
                    e4:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:78:3C:3E:90:51:B6:21:9A:AC:1B:37:76:EB:62:EC:16:7C:5C:52
            X509v3 Authority Key Identifier:
                keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653130333a3a2f34382d3438203d3e20323134363433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:e103::/48

    Signature Algorithm: sha256WithRSAEncryption
         39:d4:3c:92:c8:ad:f1:30:df:c0:8e:b1:61:b1:eb:f2:73:44:
         db:54:6d:38:4d:64:83:cd:af:ba:3c:99:17:27:ea:e3:81:a8:
         ef:2a:2b:5a:e2:92:4a:d9:53:cf:55:82:27:1d:1a:5a:74:95:
         25:3e:6b:20:00:7f:81:9d:13:40:6e:c2:12:0a:55:05:c3:98:
         bd:a8:62:19:3a:fe:00:2e:48:3b:39:1c:af:6f:d0:62:5b:97:
         6c:71:4f:6a:c6:52:92:ee:81:e8:fe:40:0a:46:4e:6a:ee:9f:
         f9:59:a2:54:53:00:b8:54:e2:56:1d:97:f4:a0:13:57:66:96:
         c9:8c:83:a0:4d:a9:25:f1:8c:6b:69:c1:fe:c6:98:ae:a3:4a:
         cd:24:e6:87:cd:22:cf:89:2f:9a:5a:45:d7:4c:4f:f5:2a:6c:
         dd:83:77:db:22:c2:07:25:4d:08:e7:28:5e:7e:27:b1:ec:f5:
         c8:91:54:64:4e:54:7d:42:c8:cc:1e:7c:fc:d1:ca:0f:41:11:
         2b:61:e2:b7:33:92:43:6a:8e:42:f1:7e:3f:e6:6a:dd:c5:9d:
         68:b8:af:32:c4:fc:4d:0b:5c:5f:5a:61:00:78:71:6b:fd:f5:
         8e:ca:07:9b:4c:97:0e:37:8d:72:fc:cc:d6:d9:db:e3:dc:58:
         ae:38:1e:04
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUFlmEHzG3YSCgv/NgP1IAKX0TieEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDA3MTIxNjQ5MThaFw0yNTA3MTExNjU0MThaMDMxMTAvBgNV
BAMTKDIyNzgzQzNFOTA1MUI2MjE5QUFDMUIzNzc2RUI2MkVDMTY3QzVDNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCCcqGmVp2oB8UoNlU5P0UDgQd+
YrRefPXZtvb6B5vMD8Fl4PbAJAP8ZjmeCQN5hCH2RkBw7Fu9QDHM+R8gjKt871/p
pb/8Zk0ChZm4HCUp4sD4g0nY4imHTqYafxFueu0kAFRjDYUjTOWkXoVIeEdfhZvv
XNczJt9GNSdeq1NJUCGJvTGg38SwYcwOtRWFuuzd8TYu0KQKaqY9wnKwzvRJPh4T
BGZIUEei87Q76iI9UQHTMfobuqvCHKtqlC2peJPUtSxB3Luo5tPhBu7FpIFwrY5c
NAfJG7nUmehYFznmZhX9irLWvXZ9bLGsVAmaxRut5wfKXEqhHjISrb5J7OQvAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUIng8PpBRtiGarBs3duti7BZ8XFIwHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTY1MzEzMDMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzYzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1geEDMA0GCSqGSIb3DQEBCwUAA4IBAQA5
1DySyK3xMN/AjrFhsevyc0TbVG04TWSDza+6PJkXJ+rjgajvKita4pJK2VPPVYIn
HRpadJUlPmsgAH+BnRNAbsISClUFw5i9qGIZOv4ALkg7ORyvb9BiW5dscU9qxlKS
7oHo/kAKRk5q7p/5WaJUUwC4VOJWHZf0oBNXZpbJjIOgTakl8YxracH+xpiuo0rN
JOaHzSLPiS+aWkXXTE/1Kmzdg3fbIsIHJU0I5yhefiex7PXIkVRkTlR9QsjMHnz8
0coPQRErYeK3M5JDao5C8X4/5mrdxZ1ouK8yxPxNC1xfWmEAeHFr/fWOygebTJcO
N41y/MzW2dvj3FiuOB4E
-----END CERTIFICATE-----