Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653330303a3a2f34322d3438203d3e20323134363433.roa
File:                     326131343a373538313a653330303a3a2f34322d3438203d3e20323134363433.roa (raw, json)
Hash identifier:          rltNjpLzTQiBOiSatlO48hPqehNquRAoOf1ygYmhgIg=
Subject key identifier:   10:D6:CD:74:7A:E6:FE:9F:94:FC:F7:5D:7E:46:DC:10:7A:B9:12:13
Certificate issuer:       /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial:       4DD1F8042E1873B88E6696EF8E99AE83E18AD7C2
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653330303a3a2f34322d3438203d3e20323134363433.roa
Signing time:             Wed 17 Jul 2024 15:20:26 +0000
ROA not before:           Wed 17 Jul 2024 15:15:26 +0000
ROA not after:            Wed 16 Jul 2025 15:20:26 +0000
asID:                     214643
IP address blocks:        2a14:7581:e300::/42 maxlen: 48

Validation:               Failed, certificate revoked on Thu 01 Aug 2024 18:48:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:d1:f8:04:2e:18:73:b8:8e:66:96:ef:8e:99:ae:83:e1:8a:d7:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
        Validity
            Not Before: Jul 17 15:15:26 2024 GMT
            Not After : Jul 16 15:20:26 2025 GMT
        Subject: CN=10D6CD747AE6FE9F94FCF75D7E46DC107AB91213
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e5:15:68:30:a4:43:45:a4:0e:03:a2:8c:9c:
                    70:81:b5:cc:55:25:f5:39:4d:a9:e0:80:0b:80:cb:
                    a0:27:f8:06:6e:64:90:78:86:88:3a:9d:fb:03:d4:
                    2f:5d:3e:97:e1:ae:52:56:f2:77:e1:51:a2:e1:b5:
                    19:4f:26:cd:20:65:e7:4c:e3:13:a9:52:24:f5:1d:
                    5f:9c:03:11:e2:6f:85:4c:ed:09:54:38:7d:f2:a4:
                    1f:ab:f2:3d:e8:e6:e2:59:26:64:7a:73:38:00:17:
                    3e:19:12:bd:f6:0a:ce:fb:97:73:70:e2:1d:46:fa:
                    ef:d4:dc:32:ce:38:a6:c2:e0:78:c8:f3:fd:ef:1b:
                    ff:18:e4:0c:a9:82:ee:40:5f:fe:15:6c:34:00:8f:
                    23:60:b9:d2:d5:31:6e:04:cc:a7:f8:7a:84:bd:76:
                    82:49:3c:1b:52:53:ed:eb:64:80:9f:78:7b:72:80:
                    d2:ab:3c:88:82:97:65:19:0b:07:97:54:4d:79:9b:
                    e2:93:4b:f0:8b:2b:8d:6f:58:cf:a9:aa:ef:fe:dc:
                    0b:30:cc:5e:9d:92:cb:ac:50:95:4a:66:d1:8c:5a:
                    17:fc:bf:94:48:24:be:7e:aa:9e:e0:3f:1f:ec:42:
                    2f:fd:76:13:38:1d:12:85:b1:35:33:c2:4c:29:93:
                    d5:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:D6:CD:74:7A:E6:FE:9F:94:FC:F7:5D:7E:46:DC:10:7A:B9:12:13
            X509v3 Authority Key Identifier:
                keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653330303a3a2f34322d3438203d3e20323134363433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:e300::/42

    Signature Algorithm: sha256WithRSAEncryption
         b0:49:d3:c4:d6:fa:eb:ff:31:8d:be:9b:a9:e6:48:b9:34:97:
         a1:40:a9:50:1e:07:3b:43:a7:52:7f:83:3d:56:75:47:8f:18:
         b4:04:c2:42:e6:da:03:4b:22:75:09:ee:0c:90:02:61:56:7b:
         96:b5:d0:0f:ab:d0:78:da:5f:08:4b:f9:ad:34:ad:b5:f5:2c:
         e4:41:5e:b2:0c:b0:70:fa:40:aa:36:53:b4:07:c8:3d:f4:26:
         bf:18:b8:d2:3f:73:8a:57:4d:c3:d2:28:da:f5:f3:fe:5b:9e:
         1f:de:4d:f5:57:c8:32:36:11:59:3f:e2:fd:5c:19:fa:b3:33:
         00:b4:77:ed:d8:db:31:f7:e0:34:7f:8e:b6:d7:b4:29:46:93:
         ac:b1:17:02:f9:cd:58:a8:6f:11:1a:d5:15:69:75:d3:d0:8f:
         95:4d:27:1d:13:e5:08:b0:7c:77:8b:ab:b6:7b:a4:92:9c:71:
         86:9b:6a:4e:fa:6e:aa:e1:72:6b:a3:2a:9c:26:69:35:76:3f:
         fa:6c:ae:5e:ee:2b:ae:d4:97:ce:26:b7:8f:97:93:fe:90:82:
         98:43:c9:e9:c4:63:b7:6e:f7:15:18:75:dd:ee:76:18:2b:a6:
         5b:0d:33:02:40:30:8d:c5:b5:b1:9e:8c:97:e3:db:15:e7:e3:
         5b:4e:ae:c2
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUTdH4BC4Yc7iOZpbvjpmug+GK18IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDA3MTcxNTE1MjZaFw0yNTA3MTYxNTIwMjZaMDMxMTAvBgNV
BAMTKDEwRDZDRDc0N0FFNkZFOUY5NEZDRjc1RDdFNDZEQzEwN0FCOTEyMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk5RVoMKRDRaQOA6KMnHCBtcxV
JfU5TanggAuAy6An+AZuZJB4hog6nfsD1C9dPpfhrlJW8nfhUaLhtRlPJs0gZedM
4xOpUiT1HV+cAxHib4VM7QlUOH3ypB+r8j3o5uJZJmR6czgAFz4ZEr32Cs77l3Nw
4h1G+u/U3DLOOKbC4HjI8/3vG/8Y5Aypgu5AX/4VbDQAjyNgudLVMW4EzKf4eoS9
doJJPBtSU+3rZICfeHtygNKrPIiCl2UZCweXVE15m+KTS/CLK41vWM+pqu/+3Asw
zF6dksusUJVKZtGMWhf8v5RIJL5+qp7gPx/sQi/9dhM4HRKFsTUzwkwpk9WpAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUENbNdHrm/p+U/PddfkbcEHq5EhMwHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTY1MzMzMDMwM2EzYTJmMzQzMjJkMzQzODIwM2QzZTIwMzIz
MTM0MzYzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcGKhR1geMAMA0GCSqGSIb3DQEBCwUAA4IBAQCw
SdPE1vrr/zGNvpup5ki5NJehQKlQHgc7Q6dSf4M9VnVHjxi0BMJC5toDSyJ1Ce4M
kAJhVnuWtdAPq9B42l8IS/mtNK219SzkQV6yDLBw+kCqNlO0B8g99Ca/GLjSP3OK
V03D0ija9fP+W54f3k31V8gyNhFZP+L9XBn6szMAtHft2Nsx9+A0f46217QpRpOs
sRcC+c1YqG8RGtUVaXXT0I+VTScdE+UIsHx3i6u2e6SSnHGGm2pO+m6q4XJroyqc
Jmk1dj/6bK5e7iuu1JfOJrePl5P+kIKYQ8npxGO3bvcVGHXd7nYYK6ZbDTMCQDCN
xbWxnoyX49sV5+NbTq7C
-----END CERTIFICATE-----
Generated at Thu Aug 1 20:34:01 2024 by rpki-client on console-ams.rpki-client.org