Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393033303a3a2f34342d3434203d3e2038373732.roa
File:                     326130613a363034343a393033303a3a2f34342d3434203d3e2038373732.roa (raw, json)
Hash identifier:          92qpHT0MuFEE1iyV8h1/4QM2HD797hwHEuNZAyfUwBI=
Subject key identifier:   3A:FB:8D:94:A6:09:46:E9:55:D1:EA:35:BB:8C:EF:89:13:B0:70:34
Certificate issuer:       /CN=488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF
Certificate serial:       21B76A2F430DA2A7638A699B66718D245B2FA436
Authority key identifier: 48:8B:D8:6A:FD:B1:BE:23:8E:1E:3E:AD:E8:5A:05:20:B2:AF:66:DF
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393033303a3a2f34342d3434203d3e2038373732.roa
Signing time:             Thu 22 Feb 2024 07:14:28 +0000
ROA not before:           Thu 22 Feb 2024 07:09:28 +0000
ROA not after:            Thu 20 Feb 2025 07:14:28 +0000
asID:                     8772
IP address blocks:        2a0a:6044:9030::/44 maxlen: 44

Validation:               Failed, certificate revoked on Fri 02 Aug 2024 09:25:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:b7:6a:2f:43:0d:a2:a7:63:8a:69:9b:66:71:8d:24:5b:2f:a4:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF
        Validity
            Not Before: Feb 22 07:09:28 2024 GMT
            Not After : Feb 20 07:14:28 2025 GMT
        Subject: CN=3AFB8D94A60946E955D1EA35BB8CEF8913B07034
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:97:74:4b:86:19:60:14:11:e9:e4:32:35:b4:
                    f4:54:55:b1:ab:88:e5:a3:9f:c7:68:76:6c:c0:58:
                    95:9a:a6:a1:df:de:aa:ec:6f:05:fe:31:b2:b5:cb:
                    a6:93:c7:0f:9b:2d:69:3f:80:b6:84:65:c6:be:89:
                    29:24:22:a2:18:84:c0:10:9b:36:f7:0a:d8:9b:f1:
                    48:2b:4c:ed:6c:c3:1a:06:e9:79:51:5f:76:a6:5b:
                    da:3b:58:0f:98:47:cc:e6:45:d4:bc:0b:10:fa:70:
                    4c:52:a6:00:ac:51:e7:47:cd:7f:33:da:ba:c0:76:
                    a4:19:8e:b7:2a:f6:e8:02:f3:ef:da:cb:e0:20:3d:
                    12:fa:56:dd:c3:05:bd:59:33:13:d4:e3:10:0a:1d:
                    62:bd:cc:d6:c0:1c:5b:a6:28:2e:60:79:ed:69:50:
                    f4:11:b4:d0:d8:32:71:46:79:a3:8f:17:47:04:db:
                    bc:7f:8e:d5:24:89:f9:7d:87:e4:fe:d3:a5:84:2f:
                    13:60:9f:e3:9a:e1:aa:af:95:5b:5b:26:8a:ce:55:
                    bf:22:17:be:57:a6:10:9f:a4:85:03:7a:b3:84:cc:
                    d1:b1:90:44:45:0b:f6:dd:f2:88:14:31:dd:6c:de:
                    57:bc:ed:3c:d4:84:7c:47:d6:0b:18:69:6f:61:c4:
                    dd:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:FB:8D:94:A6:09:46:E9:55:D1:EA:35:BB:8C:EF:89:13:B0:70:34
            X509v3 Authority Key Identifier:
                keyid:48:8B:D8:6A:FD:B1:BE:23:8E:1E:3E:AD:E8:5A:05:20:B2:AF:66:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393033303a3a2f34342d3434203d3e2038373732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:9030::/44

    Signature Algorithm: sha256WithRSAEncryption
         6a:07:ed:12:e4:f7:c4:1b:3c:46:27:73:f4:0f:ae:45:4b:37:
         a9:29:1a:a1:5d:34:5f:7a:48:44:b9:4e:79:03:29:89:dc:d0:
         7a:22:29:43:0d:b7:eb:76:83:88:ac:8f:42:c1:51:ca:b7:ea:
         fd:96:4c:ee:f5:a2:34:62:4b:10:19:69:cf:73:4b:01:7b:75:
         e1:00:35:3b:3d:d0:1b:7e:84:95:84:00:9d:44:e7:c5:f9:7e:
         d7:23:62:f6:0f:79:28:ac:f3:88:77:24:b3:5d:81:30:e3:76:
         ec:28:a3:fd:08:3e:d5:75:2c:3e:b7:e3:8a:32:ea:be:e4:b4:
         91:24:ae:04:21:93:33:ab:c1:05:dc:10:b5:04:f0:da:7d:49:
         ba:97:25:6e:49:e9:da:2e:96:4b:b3:02:cb:1e:0a:3f:1a:08:
         d2:33:c5:45:fc:6e:5a:a9:80:e7:f5:0b:6c:1c:1d:b2:4a:26:
         ed:55:a4:b0:3b:47:aa:f1:32:0d:13:e1:e4:e0:01:99:91:40:
         64:b6:8c:c8:ac:ff:e3:55:00:c5:78:61:6a:a8:c7:48:34:31:
         3e:e6:6a:21:77:f0:35:25:6d:f8:de:8a:03:50:4a:9f:52:58:
         4f:5b:89:3d:05:78:db:e4:57:72:30:25:e3:d5:08:0a:d7:b0:
         92:c3:f1:01
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIUIbdqL0MNoqdjimmbZnGNJFsvpDYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDg4QkQ4NkFGREIxQkUyMzhFMUUzRUFERTg1QTA1MjBC
MkFGNjZERjAeFw0yNDAyMjIwNzA5MjhaFw0yNTAyMjAwNzE0MjhaMDMxMTAvBgNV
BAMTKDNBRkI4RDk0QTYwOTQ2RTk1NUQxRUEzNUJCOENFRjg5MTNCMDcwMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAl3RLhhlgFBHp5DI1tPRUVbGr
iOWjn8dodmzAWJWapqHf3qrsbwX+MbK1y6aTxw+bLWk/gLaEZca+iSkkIqIYhMAQ
mzb3Ctib8UgrTO1swxoG6XlRX3amW9o7WA+YR8zmRdS8CxD6cExSpgCsUedHzX8z
2rrAdqQZjrcq9ugC8+/ay+AgPRL6Vt3DBb1ZMxPU4xAKHWK9zNbAHFumKC5gee1p
UPQRtNDYMnFGeaOPF0cE27x/jtUkifl9h+T+06WELxNgn+Oa4aqvlVtbJorOVb8i
F75XphCfpIUDerOEzNGxkERFC/bd8ogUMd1s3le87TzUhHxH1gsYaW9hxN1NAgMB
AAGjggKBMIICfTAdBgNVHQ4EFgQUOvuNlKYJRulV0eo1u4zviROwcDQwHwYDVR0j
BBgwFoAUSIvYav2xviOOHj6t6FoFILKvZt8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWNiMzAzMjItOTRmNy00ZTYxLTg2OTEtNWMxYjYxMWIw
YTk1LzEvNDg4QkQ4NkFGREIxQkUyMzhFMUUzRUFERTg1QTA1MjBCMkFGNjZERi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC80ODhCRDg2QUZEQjFCRTIzOEUxRTNFQURF
ODVBMDUyMEIyQUY2NkRGLmNlcjCBswYIKwYBBQUHAQsEgaYwgaMwgaAGCCsGAQUF
BzALhoGTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9lY2IzMDMyMi05NGY3LTRlNjEtODY5MS01YzFiNjExYjBhOTUvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTM5MzAzMzMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzgz
NzM3MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqCmBEkDAwDQYJKoZIhvcNAQELBQADggEBAGoH7RLk
98QbPEYnc/QPrkVLN6kpGqFdNF96SES5TnkDKYnc0HoiKUMNt+t2g4isj0LBUcq3
6v2WTO71ojRiSxAZac9zSwF7deEANTs90Bt+hJWEAJ1E58X5ftcjYvYPeSis84h3
JLNdgTDjduwoo/0IPtV1LD6344oy6r7ktJEkrgQhkzOrwQXcELUE8Np9SbqXJW5J
6doulkuzAsseCj8aCNIzxUX8blqpgOf1C2wcHbJKJu1VpLA7R6rxMg0T4eTgAZmR
QGS2jMis/+NVAMV4YWqox0g0MT7maiF38DUlbfjeigNQSp9SWE9biT0FeNvkV3Iw
JePVCArXsJLD8QE=
Generated at Fri Aug 2 12:06:49 2024 by rpki-client on console-fra.rpki-client.org