Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634373a3a2f34382d3438203d3e20323134363433.roa
File:                     326131343a373538313a6634373a3a2f34382d3438203d3e20323134363433.roa (raw, json)
Hash identifier:          zmIuzNIJVXwDxmM14dIBEpEYWxj/r4mDrkSBSavSdGU=
Subject key identifier:   BB:39:A8:76:5D:41:49:10:C7:34:77:05:00:43:0B:38:8F:C9:B5:43
Certificate issuer:       /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial:       0CB886B021E2EF88FB9171F59B00AFD34245AA40
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634373a3a2f34382d3438203d3e20323134363433.roa
Signing time:             Wed 26 Jun 2024 15:08:36 +0000
ROA not before:           Wed 26 Jun 2024 15:03:36 +0000
ROA not after:            Wed 25 Jun 2025 15:08:36 +0000
asID:                     214643
IP address blocks:        2a14:7581:f47::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 27 Jun 2024 06:20:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:b8:86:b0:21:e2:ef:88:fb:91:71:f5:9b:00:af:d3:42:45:aa:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
        Validity
            Not Before: Jun 26 15:03:36 2024 GMT
            Not After : Jun 25 15:08:36 2025 GMT
        Subject: CN=BB39A8765D414910C734770500430B388FC9B543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:32:03:91:e4:1e:62:41:78:f5:79:36:dc:e2:
                    02:83:c0:bb:7e:cb:4c:f7:80:19:37:e6:4f:4c:e1:
                    ae:99:91:18:21:8b:82:ab:c3:c5:64:9b:e9:62:3e:
                    29:30:25:9c:f2:bb:2c:b4:08:39:91:72:99:7c:24:
                    88:59:d6:9b:50:f4:7a:f1:c0:d4:15:7d:7d:0a:28:
                    27:e2:9d:c4:6d:16:17:ec:53:60:8b:27:33:08:6a:
                    e8:98:01:0d:6e:6a:cb:8c:9a:61:6c:9d:8e:67:e7:
                    d1:3a:9a:c1:7d:76:c2:52:94:cb:62:c7:0f:0b:c5:
                    04:b6:a5:d9:f6:9b:3b:fc:3d:9d:fd:99:b3:48:5f:
                    cd:71:b0:e6:b3:7c:d2:af:46:89:6b:6e:64:3b:97:
                    0e:63:ef:76:b3:e6:cb:36:25:65:63:68:bf:cf:f0:
                    e5:9c:04:fb:50:06:84:0a:ec:6f:bb:9b:9f:88:ce:
                    21:c8:2a:56:2c:0c:99:0d:b7:f9:3c:b2:f9:9d:2b:
                    3b:02:10:87:ec:8f:ea:23:d8:33:53:c6:f3:54:1c:
                    13:1f:c3:05:98:05:e5:ec:00:f6:04:ad:75:d4:ca:
                    91:e3:2e:0c:ab:26:ef:66:1e:9d:ad:7b:5a:17:25:
                    85:b9:7a:c2:7c:39:17:32:a3:1b:23:15:3b:18:20:
                    e1:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:39:A8:76:5D:41:49:10:C7:34:77:05:00:43:0B:38:8F:C9:B5:43
            X509v3 Authority Key Identifier:
                keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634373a3a2f34382d3438203d3e20323134363433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:f47::/48

    Signature Algorithm: sha256WithRSAEncryption
         9b:53:1a:71:63:bb:a5:f1:b9:ca:23:26:49:28:29:43:6f:85:
         a3:53:aa:68:58:5e:fa:f9:f1:b2:67:ae:96:3f:45:70:e9:3c:
         eb:cd:a0:e6:13:37:d8:b8:d1:09:c3:9d:1f:ee:88:52:b0:df:
         04:d4:fa:a0:6d:3e:6b:34:59:2c:a5:97:49:8c:12:aa:ce:6a:
         0d:f3:ef:ba:0b:2d:c5:f7:48:44:92:b4:2d:34:39:4b:c3:ee:
         76:ce:a9:ba:2b:3d:77:66:c6:76:14:fb:4c:7a:e5:bc:50:60:
         aa:36:c8:0b:c8:76:6c:5d:03:62:60:6f:4a:be:45:2f:8f:77:
         a5:a8:06:5a:fa:34:d6:a6:09:99:51:42:81:9e:b8:b0:41:7e:
         d1:ce:25:dd:c2:0c:b7:1b:8f:cc:2d:0c:5e:4e:ac:31:55:cb:
         a9:b0:22:8b:09:3b:f9:b5:a8:1f:01:51:bd:22:52:8d:ae:cf:
         f8:ba:48:7f:d9:49:10:e6:52:65:59:fa:8f:9a:c4:9f:29:21:
         e4:50:f2:a7:95:b8:96:46:af:ba:05:8f:38:af:8b:62:47:90:
         12:b6:6a:1e:56:74:ae:67:7f:6d:f6:28:bc:d4:77:55:56:91:
         04:94:5a:9a:52:21:0b:0c:10:1b:73:1c:e0:b8:ef:01:45:aa:
         f1:0e:0f:4d
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUDLiGsCHi74j7kXH1mwCv00JFqkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDA2MjYxNTAzMzZaFw0yNTA2MjUxNTA4MzZaMDMxMTAvBgNV
BAMTKEJCMzlBODc2NUQ0MTQ5MTBDNzM0NzcwNTAwNDMwQjM4OEZDOUI1NDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbMgOR5B5iQXj1eTbc4gKDwLt+
y0z3gBk35k9M4a6ZkRghi4Krw8Vkm+liPikwJZzyuyy0CDmRcpl8JIhZ1ptQ9Hrx
wNQVfX0KKCfincRtFhfsU2CLJzMIauiYAQ1uasuMmmFsnY5n59E6msF9dsJSlMti
xw8LxQS2pdn2mzv8PZ39mbNIX81xsOazfNKvRolrbmQ7lw5j73az5ss2JWVjaL/P
8OWcBPtQBoQK7G+7m5+IziHIKlYsDJkNt/k8svmdKzsCEIfsj+oj2DNTxvNUHBMf
wwWYBeXsAPYErXXUypHjLgyrJu9mHp2te1oXJYW5esJ8ORcyoxsjFTsYIOFHAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUuzmodl1BSRDHNHcFAEMLOI/JtUMwHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTY2MzQzNzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NDM2MzQzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEPRzANBgkqhkiG9w0BAQsFAAOCAQEAm1Ma
cWO7pfG5yiMmSSgpQ2+Fo1OqaFhe+vnxsmeulj9FcOk8682g5hM32LjRCcOdH+6I
UrDfBNT6oG0+azRZLKWXSYwSqs5qDfPvugstxfdIRJK0LTQ5S8Puds6puis9d2bG
dhT7THrlvFBgqjbIC8h2bF0DYmBvSr5FL493pagGWvo01qYJmVFCgZ64sEF+0c4l
3cIMtxuPzC0MXk6sMVXLqbAiiwk7+bWoHwFRvSJSja7P+LpIf9lJEOZSZVn6j5rE
nykh5FDyp5W4lkavugWPOK+LYkeQErZqHlZ0rmd/bfYovNR3VVaRBJRamlIhCwwQ
G3Mc4LjvAUWq8Q4PTQ==
-----END CERTIFICATE-----