Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634653a3a2f34382d3438203d3e20323134363433.roa
File:                     326131343a373538313a6634653a3a2f34382d3438203d3e20323134363433.roa (raw, json)
Hash identifier:          Fxko+Vabhhzi5SnNKMVD1LDgS6HUoP0q9kF+UAhrsfA=
Subject key identifier:   A6:4A:B3:59:3D:59:F1:CA:6F:8C:34:01:BB:23:53:15:C8:E6:C9:BB
Certificate issuer:       /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial:       11F2ECE12368B237F59A139B789AE903A80A5C8F
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634653a3a2f34382d3438203d3e20323134363433.roa
Signing time:             Tue 25 Jun 2024 09:39:08 +0000
ROA not before:           Tue 25 Jun 2024 09:34:08 +0000
ROA not after:            Tue 24 Jun 2025 09:39:08 +0000
asID:                     214643
IP address blocks:        2a14:7581:f4e::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 27 Jun 2024 06:20:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:f2:ec:e1:23:68:b2:37:f5:9a:13:9b:78:9a:e9:03:a8:0a:5c:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
        Validity
            Not Before: Jun 25 09:34:08 2024 GMT
            Not After : Jun 24 09:39:08 2025 GMT
        Subject: CN=A64AB3593D59F1CA6F8C3401BB235315C8E6C9BB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d3:32:fc:96:2e:3c:44:12:86:42:9d:04:e1:
                    ca:bb:e4:37:51:9a:04:19:48:ad:31:d0:3a:36:c5:
                    1f:a8:d3:40:e9:a3:13:da:c6:7f:7a:e4:a5:07:9f:
                    36:b7:a7:5e:20:86:d2:e2:c9:8f:de:54:38:54:89:
                    aa:ab:6a:c4:75:c4:55:de:d5:58:85:0f:93:a9:52:
                    6e:e9:a6:09:4c:61:22:f5:e4:62:12:3c:15:2c:d0:
                    b3:6d:bd:7e:c1:b7:16:c2:0b:b1:9d:4a:96:11:65:
                    9d:73:b3:6d:1c:7d:3d:e7:ce:06:86:33:ee:eb:08:
                    71:03:a5:31:af:11:b2:fc:2d:67:8a:8b:34:9d:fd:
                    c1:15:43:0e:74:ff:64:bd:82:5d:f8:52:29:ca:5a:
                    00:9c:e9:80:6e:26:7b:65:0a:a1:72:e3:06:82:32:
                    ba:2e:49:16:fa:65:8b:f1:f1:8e:31:33:03:70:b4:
                    b9:f8:04:8c:4b:ab:98:1d:c6:a0:ac:a2:14:ee:92:
                    c3:6a:e3:cb:7c:5a:8b:2d:7f:1c:4f:c0:2a:9f:73:
                    93:33:8b:3a:58:fe:77:80:89:fd:32:ba:5c:1e:cb:
                    88:87:19:9d:76:27:0b:eb:d1:ae:a2:a5:17:8a:45:
                    b7:4d:cb:26:11:fd:4c:02:c8:d8:b8:44:d3:68:10:
                    11:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:4A:B3:59:3D:59:F1:CA:6F:8C:34:01:BB:23:53:15:C8:E6:C9:BB
            X509v3 Authority Key Identifier:
                keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634653a3a2f34382d3438203d3e20323134363433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7581:f4e::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:4a:36:fe:64:f7:e8:3f:30:ed:df:20:9d:ef:2f:cb:f8:7f:
         78:87:c0:90:75:b2:80:19:e4:26:a0:d2:7f:19:f0:83:ee:57:
         9d:dc:09:37:8f:c0:f7:2b:2e:ed:71:c0:80:6e:20:90:73:9b:
         ff:27:02:e1:dd:3a:d9:52:59:42:74:d1:0a:58:68:48:6e:c5:
         a1:9d:d8:b5:c7:0a:e2:3c:18:ef:f0:d5:d4:91:18:df:b7:ea:
         0a:f5:88:5a:4b:b3:8d:f5:05:22:ba:f3:ef:d0:c2:10:dd:7e:
         b7:67:dc:c2:af:de:80:d6:9a:14:2c:49:0d:48:05:3e:8b:de:
         f5:96:90:01:69:e9:45:ed:be:28:16:39:ef:d9:00:92:b0:f4:
         2d:88:5a:b6:5b:1e:1b:67:4c:74:6e:59:47:8b:94:a2:b1:78:
         25:51:56:a5:a1:51:34:ec:cd:93:c9:26:8e:81:c7:46:6a:f3:
         0d:fe:65:7f:b3:e5:97:b3:f8:00:5b:f2:a8:44:50:f3:76:ae:
         0c:bd:4a:6a:ed:f6:41:c0:62:96:e4:1b:a7:5f:a5:13:48:e3:
         da:c6:c3:a4:ef:eb:d6:c1:bb:c4:72:93:b2:12:14:ad:7d:99:
         12:dd:6e:90:c8:cb:e1:34:d3:46:86:bc:d5:78:db:26:77:38:
         74:87:0b:82
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUEfLs4SNosjf1mhObeJrpA6gKXI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDA2MjUwOTM0MDhaFw0yNTA2MjQwOTM5MDhaMDMxMTAvBgNV
BAMTKEE2NEFCMzU5M0Q1OUYxQ0E2RjhDMzQwMUJCMjM1MzE1QzhFNkM5QkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCU0zL8li48RBKGQp0E4cq75DdR
mgQZSK0x0Do2xR+o00DpoxPaxn965KUHnza3p14ghtLiyY/eVDhUiaqrasR1xFXe
1ViFD5OpUm7ppglMYSL15GISPBUs0LNtvX7BtxbCC7GdSpYRZZ1zs20cfT3nzgaG
M+7rCHEDpTGvEbL8LWeKizSd/cEVQw50/2S9gl34UinKWgCc6YBuJntlCqFy4waC
MrouSRb6ZYvx8Y4xMwNwtLn4BIxLq5gdxqCsohTuksNq48t8WostfxxPwCqfc5Mz
izpY/neAif0yulwey4iHGZ12Jwvr0a6ipReKRbdNyyYR/UwCyNi4RNNoEBG/AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUpkqzWT1Z8cpvjDQBuyNTFcjmybswHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTY2MzQ2NTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NDM2MzQzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEPTjANBgkqhkiG9w0BAQsFAAOCAQEAkUo2
/mT36D8w7d8gne8vy/h/eIfAkHWygBnkJqDSfxnwg+5XndwJN4/A9ysu7XHAgG4g
kHOb/ycC4d062VJZQnTRClhoSG7FoZ3YtccK4jwY7/DV1JEY37fqCvWIWkuzjfUF
Irrz79DCEN1+t2fcwq/egNaaFCxJDUgFPove9ZaQAWnpRe2+KBY579kAkrD0LYha
tlseG2dMdG5ZR4uUorF4JVFWpaFRNOzNk8kmjoHHRmrzDf5lf7Pll7P4AFvyqERQ
83auDL1Kau32QcBiluQbp1+lE0jj2sbDpO/r1sG7xHKTshIUrX2ZEt1ukMjL4TTT
Roa81XjbJnc4dIcLgg==
-----END CERTIFICATE-----