Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3336313a3a2f34382d3438203d3e20323135363035.roa
File:                     326130663a383563313a3336313a3a2f34382d3438203d3e20323135363035.roa (raw, json)
Hash identifier:          dJKV23eo7e1LxSVu+38FOqtEmoSlqskKCcCJIKiKl2o=
Subject key identifier:   19:C8:DA:AD:F6:55:01:91:56:5A:69:23:A8:A8:15:E8:CC:52:CA:E3
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       F83C550BA4B47264FC68AA8623090CE0CD09BC
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3336313a3a2f34382d3438203d3e20323135363035.roa
Signing time:             Sun 14 Apr 2024 19:03:37 +0000
ROA not before:           Sun 14 Apr 2024 18:58:37 +0000
ROA not after:            Sun 13 Apr 2025 19:03:37 +0000
asID:                     215605
IP address blocks:        2a0f:85c1:361::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 23 May 2024 16:49:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            f8:3c:55:0b:a4:b4:72:64:fc:68:aa:86:23:09:0c:e0:cd:09:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: Apr 14 18:58:37 2024 GMT
            Not After : Apr 13 19:03:37 2025 GMT
        Subject: CN=19C8DAADF6550191565A6923A8A815E8CC52CAE3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:66:a8:ea:3b:68:6d:c3:37:72:cd:c1:e6:f5:
                    42:12:c9:e4:21:4a:e0:da:f0:c0:20:75:c0:f0:10:
                    8f:d7:96:05:e1:3b:6c:86:e5:99:a7:b3:93:4c:b0:
                    c6:2b:e6:d4:15:09:ff:77:29:41:8a:4b:09:5d:62:
                    71:04:51:3a:2b:fe:af:09:6c:2e:80:4e:b4:54:91:
                    93:22:56:9b:c1:85:e3:1f:b2:7d:0e:d8:47:cb:d4:
                    b1:33:bf:37:10:99:bc:62:2e:f2:fb:78:97:e5:c0:
                    7f:44:4b:d6:91:5b:0c:83:26:c0:a2:24:15:9d:26:
                    40:a6:51:e6:9a:bf:c8:3f:47:af:c2:fd:41:8d:5e:
                    9f:53:b1:a5:58:38:00:d5:23:ce:ca:7f:2e:c4:c0:
                    a5:f9:61:9c:f4:41:17:0d:6b:24:1d:49:ef:a2:7d:
                    39:42:9d:77:c9:ee:71:10:10:a6:2e:88:93:65:a6:
                    61:9e:11:6d:6a:2e:d3:2d:fd:04:24:46:0e:73:ef:
                    49:0e:40:42:38:c1:b0:ed:0d:3a:5f:b7:96:45:4b:
                    4b:fa:1a:78:ca:b6:24:5d:0b:41:e3:3e:4a:e6:27:
                    27:fe:3c:04:64:0e:5e:f1:23:e8:3b:40:ff:a8:aa:
                    59:7f:06:b6:67:ae:c5:ba:66:11:bc:3b:70:5b:dd:
                    78:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:C8:DA:AD:F6:55:01:91:56:5A:69:23:A8:A8:15:E8:CC:52:CA:E3
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3336313a3a2f34382d3438203d3e20323135363035.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:361::/48

    Signature Algorithm: sha256WithRSAEncryption
         60:b0:eb:4b:32:a8:f7:8c:15:f6:e7:18:01:fd:36:fb:0c:19:
         14:a1:dc:89:18:f8:23:ee:89:df:6e:b1:43:f3:ff:78:64:23:
         33:fc:d5:48:a5:8b:1b:05:e9:ed:42:22:a2:e0:86:da:c0:5b:
         7d:7d:fe:28:53:1a:06:02:34:d0:cc:35:3d:16:0f:02:c8:2c:
         56:0b:cc:1d:2a:ca:53:0b:be:7f:92:7c:ee:3e:28:76:b7:4d:
         0b:9d:5e:48:1f:08:c1:ca:11:4c:67:27:19:ba:ad:24:6f:2d:
         bb:20:17:bd:c0:e7:da:ce:33:00:22:ad:1b:6b:36:a8:30:01:
         95:17:31:17:aa:3a:57:5b:3e:f1:98:44:1b:f4:5a:2e:c7:3e:
         f6:e2:59:8b:ca:0b:08:5c:8d:85:28:fc:aa:25:e0:d7:70:63:
         50:2e:e2:03:6b:86:2e:07:18:68:2c:3d:d9:98:c1:1e:e1:6e:
         f6:c9:33:43:b1:05:67:ad:c4:a9:76:f1:b0:44:cc:7a:60:90:
         07:43:65:55:a0:bb:9b:12:5e:b1:95:61:62:30:3f:5d:a2:f3:
         d7:c8:66:42:a6:3c:45:ec:cc:cf:85:f9:40:04:77:97:2a:91:
         01:9a:0f:9b:a7:4e:de:bc:cf:4b:5a:5d:5f:72:88:6d:3a:e3:
         02:9c:8c:a6
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUAPg8VQuktHJk/GiqhiMJDODNCbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA0MTQxODU4MzdaFw0yNTA0MTMxOTAzMzdaMDMxMTAvBgNV
BAMTKDE5QzhEQUFERjY1NTAxOTE1NjVBNjkyM0E4QTgxNUU4Q0M1MkNBRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBZqjqO2htwzdyzcHm9UISyeQh
SuDa8MAgdcDwEI/XlgXhO2yG5Zmns5NMsMYr5tQVCf93KUGKSwldYnEEUTor/q8J
bC6ATrRUkZMiVpvBheMfsn0O2EfL1LEzvzcQmbxiLvL7eJflwH9ES9aRWwyDJsCi
JBWdJkCmUeaav8g/R6/C/UGNXp9TsaVYOADVI87Kfy7EwKX5YZz0QRcNayQdSe+i
fTlCnXfJ7nEQEKYuiJNlpmGeEW1qLtMt/QQkRg5z70kOQEI4wbDtDTpft5ZFS0v6
GnjKtiRdC0HjPkrmJyf+PARkDl7xI+g7QP+oqll/BrZnrsW6ZhG8O3Bb3XgnAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUGcjarfZVAZFWWmkjqKgV6MxSyuMwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMt
YTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvMzI2MTMwNjYzYTM4MzU2MzMx
M2EzMzM2MzEzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzUzNjMwMzUucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqD4XBA2EwDQYJKoZIhvcNAQELBQADggEBAGCw60syqPeMFfbnGAH9
NvsMGRSh3IkY+CPuid9usUPz/3hkIzP81UilixsF6e1CIqLghtrAW319/ihTGgYC
NNDMNT0WDwLILFYLzB0qylMLvn+SfO4+KHa3TQudXkgfCMHKEUxnJxm6rSRvLbsg
F73A59rOMwAirRtrNqgwAZUXMReqOldbPvGYRBv0Wi7HPvbiWYvKCwhcjYUo/Kol
4NdwY1Au4gNrhi4HGGgsPdmYwR7hbvbJM0OxBWetxKl28bBEzHpgkAdDZVWgu5sS
XrGVYWIwP12i89fIZkKmPEXszM+F+UAEd5cqkQGaD5unTt68z0taXV9yiG064wKc
jKY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org