Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e92ebc83-d76c-4ae2-84eb-e6bff3d342b1/1/323630323a663732653a31303a3a2f34342d3434203d3e203633323836.roa
File:                     323630323a663732653a31303a3a2f34342d3434203d3e203633323836.roa (raw, json)
Hash identifier:          tzrGt1A9oHVNgMDLPQRmzQkDnOOIgzJYIfIo3NtleQQ=
Subject key identifier:   B7:F6:CE:9A:58:E6:3D:C0:60:80:17:E4:89:1A:5E:0C:50:E5:DA:98
Certificate issuer:       /CN=369dbc2ec136eca64fd2a4969f15c99306c2d11e368f5e1c12
Certificate serial:       4B534B2C3F09B9E80A92ED1297BBDC5D98910FE7
Authority key identifier: EB:4B:C0:6D:40:65:7A:9B:F4:3E:CE:83:09:AD:AD:76:DF:24:A6:3B
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/c576633f-343d-4ac3-a936-98958e5630e6/369dbc2ec136eca64fd2a4969f15c99306c2d11e368f5e1c12.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/e92ebc83-d76c-4ae2-84eb-e6bff3d342b1/1/323630323a663732653a31303a3a2f34342d3434203d3e203633323836.roa
Signing time:             Wed 29 Jan 2025 07:34:57 +0000
ROA not before:           Wed 29 Jan 2025 07:29:57 +0000
ROA not after:            Wed 28 Jan 2026 07:34:57 +0000
asID:                     63286
IP address blocks:        2602:f72e:10::/44 maxlen: 44
Validation:               Failed, certificate revoked on Thu 03 Apr 2025 10:35:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:53:4b:2c:3f:09:b9:e8:0a:92:ed:12:97:bb:dc:5d:98:91:0f:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=369dbc2ec136eca64fd2a4969f15c99306c2d11e368f5e1c12
        Validity
            Not Before: Jan 29 07:29:57 2025 GMT
            Not After : Jan 28 07:34:57 2026 GMT
        Subject: CN=B7F6CE9A58E63DC0608017E4891A5E0C50E5DA98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e7:3e:3b:7a:8b:27:57:27:19:73:cc:5c:79:
                    cc:33:7a:29:ac:70:c5:f3:4a:03:95:34:60:93:06:
                    ef:5a:19:a7:56:d7:1e:1e:c7:c1:8e:bc:c6:bc:0c:
                    59:6e:6e:33:a0:40:2f:b3:e0:99:3e:0f:da:72:bd:
                    56:bd:96:5a:1f:8b:3d:23:0f:dc:bc:02:68:58:ca:
                    46:b4:b1:b9:c0:4a:0f:7d:b9:ac:02:cd:f1:3e:92:
                    29:b5:5e:ff:73:b1:b3:38:9f:3c:07:16:79:c5:f0:
                    b6:bc:68:1c:fb:cb:bf:9f:a8:0b:24:78:cb:1f:47:
                    54:20:6d:3a:34:dc:1d:f2:46:b0:1c:b4:70:9b:16:
                    40:61:b6:d7:40:56:d6:b7:7b:c7:c0:8a:55:ec:94:
                    10:0c:8d:b1:cf:c2:52:b5:8a:ce:a4:25:70:1c:28:
                    0d:30:13:aa:0f:dd:cd:06:02:7c:cc:0d:57:76:bb:
                    2a:cc:9f:d8:eb:79:66:17:a1:4b:42:36:70:a8:84:
                    da:4c:05:05:8e:f7:3f:bc:ef:44:29:4e:de:f4:1d:
                    76:be:ad:4b:82:43:3e:0a:15:15:0e:ec:1d:dc:4e:
                    9d:b7:b7:52:11:a7:27:ca:fa:21:94:21:a4:ca:fc:
                    14:06:ee:1b:b3:c2:69:22:df:8a:90:04:13:00:06:
                    b7:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:F6:CE:9A:58:E6:3D:C0:60:80:17:E4:89:1A:5E:0C:50:E5:DA:98
            X509v3 Authority Key Identifier:
                keyid:EB:4B:C0:6D:40:65:7A:9B:F4:3E:CE:83:09:AD:AD:76:DF:24:A6:3B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/e92ebc83-d76c-4ae2-84eb-e6bff3d342b1/1/EB4BC06D40657A9BF43ECE8309ADAD76DF24A63B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/c576633f-343d-4ac3-a936-98958e5630e6/369dbc2ec136eca64fd2a4969f15c99306c2d11e368f5e1c12.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e92ebc83-d76c-4ae2-84eb-e6bff3d342b1/1/323630323a663732653a31303a3a2f34342d3434203d3e203633323836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:f72e:10::/44

    Signature Algorithm: sha256WithRSAEncryption
         00:5e:87:6e:3c:f1:8e:d8:a8:0f:ab:3b:e7:73:b3:8d:ff:9e:
         aa:ad:34:a0:8d:e9:83:2d:08:9d:62:91:e0:ba:4f:32:1e:12:
         7d:4c:86:77:7d:82:41:a6:c5:27:6e:56:f8:c0:3c:20:ec:be:
         52:36:05:fe:e4:9a:ac:1f:5e:21:fb:d6:36:70:19:bc:12:40:
         bb:35:8b:fc:b3:87:c5:3a:92:9e:13:8e:10:fa:c6:22:99:9c:
         da:55:02:ae:c4:14:1c:fc:22:fe:e7:59:0e:5d:16:66:72:62:
         01:1b:af:4a:63:1f:c0:f9:45:f1:5e:e1:35:8a:3f:99:10:1b:
         5c:5b:cb:c3:c3:71:37:95:41:60:84:f1:21:2f:3a:28:b9:ba:
         b8:87:cd:51:9d:bd:01:b0:27:55:7b:01:d8:c1:35:97:84:56:
         5e:bb:52:4a:eb:69:a3:c9:83:72:47:cd:5c:25:d7:9a:69:66:
         53:b2:af:8e:d3:80:21:c0:5d:3f:ea:48:63:ff:30:c5:08:fe:
         c8:e6:3a:4b:31:82:64:f3:d4:c7:be:cd:bc:d9:05:38:9d:0d:
         10:69:99:46:d5:24:66:69:64:50:05:01:eb:af:f6:9f:e8:bd:
         7e:f4:a9:f7:b7:d9:bd:36:d0:c9:52:e4:b4:51:7c:a8:1b:42:
         f5:a3:31:2f
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUS1NLLD8JuegKku0Sl7vcXZiRD+cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMzY5ZGJjMmVjMTM2ZWNhNjRmZDJhNDk2OWYxNWM5OTMw
NmMyZDExZTM2OGY1ZTFjMTIwHhcNMjUwMTI5MDcyOTU3WhcNMjYwMTI4MDczNDU3
WjAzMTEwLwYDVQQDEyhCN0Y2Q0U5QTU4RTYzREMwNjA4MDE3RTQ4OTFBNUUwQzUw
RTVEQTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsec+O3qLJ1cn
GXPMXHnMM3oprHDF80oDlTRgkwbvWhmnVtceHsfBjrzGvAxZbm4zoEAvs+CZPg/a
cr1WvZZaH4s9Iw/cvAJoWMpGtLG5wEoPfbmsAs3xPpIptV7/c7GzOJ88BxZ5xfC2
vGgc+8u/n6gLJHjLH0dUIG06NNwd8kawHLRwmxZAYbbXQFbWt3vHwIpV7JQQDI2x
z8JStYrOpCVwHCgNMBOqD93NBgJ8zA1XdrsqzJ/Y63lmF6FLQjZwqITaTAUFjvc/
vO9EKU7e9B12vq1LgkM+ChUVDuwd3E6dt7dSEacnyvohlCGkyvwUBu4bs8JpIt+K
kAQTAAa38QIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFLf2zppY5j3AYIAX5IkaXgxQ
5dqYMB8GA1UdIwQYMBaAFOtLwG1AZXqb9D7OgwmtrXbfJKY7MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2U5MmViYzgzLWQ3NmMtNGFlMi04NGVi
LWU2YmZmM2QzNDJiMS8xL0VCNEJDMDZENDA2NTdBOUJGNDNFQ0U4MzA5QURBRDc2
REYyNEE2M0IuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Q5ZDE1NzJmLTZjYmIt
NGNmNy1iNTk5LWU5ZDBlOTgxZDliZi9jNTc2NjMzZi0zNDNkLTRhYzMtYTkzNi05
ODk1OGU1NjMwZTYvMzY5ZGJjMmVjMTM2ZWNhNjRmZDJhNDk2OWYxNWM5OTMwNmMy
ZDExZTM2OGY1ZTFjMTIuY2VyMIGxBggrBgEFBQcBCwSBpDCBoTCBngYIKwYBBQUH
MAuGgZFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L2U5MmViYzgzLWQ3NmMtNGFlMi04NGViLWU2YmZmM2QzNDJiMS8xLzMyMzYzMDMy
M2E2NjM3MzI2NTNhMzEzMDNhM2EyZjM0MzQyZDM0MzQyMDNkM2UyMDM2MzMzMjM4
MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQmAvcuABAwDQYJKoZIhvcNAQELBQADggEBAABeh2488Y7Y
qA+rO+dzs43/nqqtNKCN6YMtCJ1ikeC6TzIeEn1Mhnd9gkGmxSduVvjAPCDsvlI2
Bf7kmqwfXiH71jZwGbwSQLs1i/yzh8U6kp4TjhD6xiKZnNpVAq7EFBz8Iv7nWQ5d
FmZyYgEbr0pjH8D5RfFe4TWKP5kQG1xby8PDcTeVQWCE8SEvOii5uriHzVGdvQGw
J1V7AdjBNZeEVl67UkrraaPJg3JHzVwl15ppZlOyr47TgCHAXT/qSGP/MMUI/sjm
OksxgmTz1Me+zbzZBTidDRBpmUbVJGZpZFAFAeuv9p/ovX70qfe32b020MlS5LRR
fKgbQvWjMS8=
-----END CERTIFICATE-----