Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634323a3a2f34382d3438203d3e20323134363433.roa
File:                     326131343a373538313a6634323a3a2f34382d3438203d3e20323134363433.roa (raw, json)
Hash identifier:          rASWIAucanNPt+H+VXoi/Z55c8ESZfhP9LZXYGGjIrM=
Subject key identifier:   FC:D0:EA:57:05:A3:0D:91:0A:44:72:3C:5D:EE:7C:4E:CF:2E:FE:97
Certificate issuer:       /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial:       46978643E7CBF5BE72D7CEA1DE519EF793C20DBA
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634323a3a2f34382d3438203d3e20323134363433.roa
Signing time:             Tue 25 Jun 2024 09:36:01 +0000
ROA not before:           Tue 25 Jun 2024 09:31:01 +0000
ROA not after:            Tue 24 Jun 2025 09:36:01 +0000
asID:                     214643
IP address blocks:        2a14:7581:f42::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 27 Jun 2024 06:20:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:97:86:43:e7:cb:f5:be:72:d7:ce:a1:de:51:9e:f7:93:c2:0d:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
        Validity
            Not Before: Jun 25 09:31:01 2024 GMT
            Not After : Jun 24 09:36:01 2025 GMT
        Subject: CN=FCD0EA5705A30D910A44723C5DEE7C4ECF2EFE97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:37:0b:3e:88:a8:32:30:ef:ee:c5:61:c8:70:
                    39:8d:d2:0b:bb:37:94:25:00:9a:98:0b:af:0e:50:
                    f1:da:23:b9:e5:88:cc:47:cb:99:b8:26:fa:61:a3:
                    aa:ad:f6:cf:a4:ab:3d:3a:0c:dc:46:fc:ad:0c:30:
                    5e:b0:88:00:e2:cd:72:e9:20:e1:fb:bb:bd:e1:39:
                    72:33:b8:b5:f6:0f:8f:f7:b1:c7:fd:50:64:99:32:
                    b7:8c:7d:f6:ca:a3:1b:24:2c:1c:57:28:5e:56:c6:
                    d1:fa:8a:bb:c0:fb:d9:f2:16:77:77:31:f6:a3:6d:
                    98:2f:ec:90:d5:d9:8c:0c:c4:7a:4a:58:2c:7e:85:
                    f9:23:7f:78:10:44:7d:84:d0:c5:da:67:77:0b:f3:
                    f9:80:c2:1b:97:98:cb:58:c5:d8:e1:f6:27:77:1d:
                    0c:50:be:5b:c0:36:99:69:87:00:3f:56:94:b0:b3:
                    91:58:52:c0:3b:05:1b:09:4c:ea:84:53:e8:e4:18:
                    82:9a:8c:ce:51:31:9b:5c:17:88:ee:f8:88:59:10:
                    ae:2d:a5:6c:f0:08:fd:b9:55:06:7f:43:07:7e:e3:
                    90:96:16:ee:aa:cc:ed:29:ae:ee:62:08:66:05:46:
                    68:78:27:68:3f:fc:68:e9:67:2d:fd:9a:6a:cd:f4:
                    32:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:D0:EA:57:05:A3:0D:91:0A:44:72:3C:5D:EE:7C:4E:CF:2E:FE:97
            X509v3 Authority Key Identifier:
                keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634323a3a2f34382d3438203d3e20323134363433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:f42::/48

    Signature Algorithm: sha256WithRSAEncryption
         8d:5a:73:57:db:d9:c8:d3:3f:f1:bf:15:47:4a:f8:e2:cc:91:
         60:f6:d1:26:26:af:c6:92:d0:43:1d:90:26:74:47:07:09:aa:
         06:72:60:8b:92:e4:ea:28:1e:96:f5:20:8f:ec:3f:a3:63:a0:
         1b:0f:b5:68:88:03:09:4f:6c:42:23:df:a4:7f:3b:57:e9:b3:
         2d:0d:1c:ad:28:e0:8c:5a:88:47:d1:ab:2d:1d:c1:b6:27:09:
         c0:ad:9b:b7:7b:94:bd:b9:86:5b:8b:cb:da:cd:ad:00:16:95:
         a3:96:f4:c7:cb:ee:63:82:82:9e:9f:c0:91:5d:95:f2:79:c1:
         78:6d:1a:9a:66:f9:6c:0c:3d:79:a2:b3:8d:ce:2c:c9:17:e6:
         c3:b6:65:4f:ab:59:3d:58:2b:82:ff:e5:b6:0c:01:84:e2:51:
         6e:34:f4:6b:42:de:24:55:a2:36:4c:8b:7c:a9:cc:70:8e:7a:
         fc:86:2c:03:ac:b2:5c:5f:80:75:70:f3:cf:06:13:ee:ad:e4:
         b2:a2:d2:97:5b:10:57:ad:68:47:ba:8e:6f:94:82:93:f4:65:
         12:8f:bf:dc:93:a0:98:ef:dd:33:13:39:5c:33:2e:9f:f5:93:
         2b:27:cb:d8:69:b1:f9:cf:c9:25:2f:c8:56:36:eb:f2:25:3e:
         3c:db:b6:3b
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIURpeGQ+fL9b5y186h3lGe95PCDbowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDA2MjUwOTMxMDFaFw0yNTA2MjQwOTM2MDFaMDMxMTAvBgNV
BAMTKEZDRDBFQTU3MDVBMzBEOTEwQTQ0NzIzQzVERUU3QzRFQ0YyRUZFOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLNws+iKgyMO/uxWHIcDmN0gu7
N5QlAJqYC68OUPHaI7nliMxHy5m4Jvpho6qt9s+kqz06DNxG/K0MMF6wiADizXLp
IOH7u73hOXIzuLX2D4/3scf9UGSZMreMffbKoxskLBxXKF5WxtH6irvA+9nyFnd3
MfajbZgv7JDV2YwMxHpKWCx+hfkjf3gQRH2E0MXaZ3cL8/mAwhuXmMtYxdjh9id3
HQxQvlvANplphwA/VpSws5FYUsA7BRsJTOqEU+jkGIKajM5RMZtcF4ju+IhZEK4t
pWzwCP25VQZ/Qwd+45CWFu6qzO0pru5iCGYFRmh4J2g//GjpZy39mmrN9DI1AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQU/NDqVwWjDZEKRHI8Xe58Ts8u/pcwHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTY2MzQzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NDM2MzQzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEPQjANBgkqhkiG9w0BAQsFAAOCAQEAjVpz
V9vZyNM/8b8VR0r44syRYPbRJiavxpLQQx2QJnRHBwmqBnJgi5Lk6igelvUgj+w/
o2OgGw+1aIgDCU9sQiPfpH87V+mzLQ0crSjgjFqIR9GrLR3BticJwK2bt3uUvbmG
W4vL2s2tABaVo5b0x8vuY4KCnp/AkV2V8nnBeG0ammb5bAw9eaKzjc4syRfmw7Zl
T6tZPVgrgv/ltgwBhOJRbjT0a0LeJFWiNkyLfKnMcI56/IYsA6yyXF+AdXDzzwYT
7q3ksqLSl1sQV61oR7qOb5SCk/RlEo+/3JOgmO/dMxM5XDMun/WTKyfL2Gmx+c/J
JS/IVjbr8iU+PNu2Ow==
-----END CERTIFICATE-----
Generated at Thu Jun 27 10:23:53 2024 by rpki-client on console-fra.rpki-client.org