Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361373a3a2f34382d3438203d3e20323135323231.roa
File:                     326130663a383563313a3361373a3a2f34382d3438203d3e20323135323231.roa (raw, json)
Hash identifier:          H9SleJHwcuf0TcLhLDLK0EFudhMDT0azcF4zpYlS+6g=
Subject key identifier:   B2:CB:24:FB:7C:CF:0E:B2:D2:BB:03:FE:2E:FC:F0:BE:37:26:9C:DE
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       654248DDD0C430C6561D4BCF4F35FE297106ABD8
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361373a3a2f34382d3438203d3e20323135323231.roa
Signing time:             Tue 02 Apr 2024 23:43:47 +0000
ROA not before:           Tue 02 Apr 2024 23:38:47 +0000
ROA not after:            Tue 01 Apr 2025 23:43:47 +0000
asID:                     215221
IP address blocks:        2a0f:85c1:3a7::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 23 May 2024 16:49:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:42:48:dd:d0:c4:30:c6:56:1d:4b:cf:4f:35:fe:29:71:06:ab:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: Apr  2 23:38:47 2024 GMT
            Not After : Apr  1 23:43:47 2025 GMT
        Subject: CN=B2CB24FB7CCF0EB2D2BB03FE2EFCF0BE37269CDE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:d3:e3:2a:60:ae:64:ec:b9:e3:3c:5e:7f:3e:
                    74:c7:ce:5a:4d:d3:da:72:54:27:b9:0e:03:c8:50:
                    1c:0a:80:d6:8f:aa:3c:e9:2c:af:32:bb:7d:51:69:
                    12:94:94:f8:24:2c:13:b0:59:6c:08:2e:08:71:e7:
                    16:54:45:ee:16:60:fc:fe:48:aa:86:da:c2:90:0a:
                    ef:ae:37:54:2b:4e:4a:e2:de:31:ea:d1:7a:e1:52:
                    77:d6:16:69:90:38:24:e8:c5:b4:f7:d7:eb:23:13:
                    13:b5:f4:09:76:88:27:c2:3b:3c:24:09:06:de:13:
                    75:b1:eb:cc:69:f5:62:94:fe:71:b8:a7:86:59:6e:
                    09:29:5a:95:98:1a:b5:bf:37:be:14:a4:91:95:84:
                    24:1d:a5:1e:1f:fe:51:3d:d3:ae:0e:ff:af:c0:7b:
                    01:99:7c:b2:ae:96:3d:e9:70:7e:b5:81:aa:b8:41:
                    2a:3f:73:58:63:38:cf:b3:74:24:8b:fb:df:a1:3c:
                    b0:01:e1:11:4f:e6:c2:d8:89:c2:b3:14:5e:10:4d:
                    6b:8f:2e:11:1d:f0:6f:c9:4e:63:34:14:1c:77:b4:
                    52:32:f3:f5:ad:53:48:29:b3:67:a7:ed:7a:db:eb:
                    4a:aa:9d:66:62:9a:fd:45:fb:c1:00:a8:e1:d7:a2:
                    f2:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:CB:24:FB:7C:CF:0E:B2:D2:BB:03:FE:2E:FC:F0:BE:37:26:9C:DE
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361373a3a2f34382d3438203d3e20323135323231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:3a7::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:b8:e8:e0:78:27:73:32:35:93:7c:ca:9f:40:b6:a8:73:e1:
         28:72:09:bd:a1:c1:b4:e8:10:10:d3:70:c6:1d:43:7b:08:61:
         72:e2:2c:5e:7a:61:7c:ab:41:e8:a8:9b:00:c0:b0:2a:ad:2e:
         b4:ad:db:e9:c0:f5:c4:25:8e:e3:06:83:ee:87:69:47:a3:5c:
         be:aa:5d:45:a1:18:1c:d5:50:53:fd:bd:71:ba:93:7b:7a:57:
         77:09:e8:18:59:b5:a7:74:88:cc:bd:37:73:f6:56:ca:73:f4:
         07:bf:7c:41:45:03:32:09:fb:0d:dc:79:27:30:33:ff:b0:de:
         9c:02:72:d3:3a:e4:5d:9b:0d:06:99:36:f7:03:35:61:0b:fa:
         75:c5:34:e2:7f:1f:5c:5c:09:b1:28:c2:21:4a:28:53:2d:cd:
         01:de:38:3d:8d:1f:a6:c6:68:9f:86:54:b1:63:74:2f:18:f4:
         fa:ea:13:4d:d9:67:b7:36:7e:a2:a6:c9:7f:b3:eb:62:e6:81:
         e4:7c:19:b4:c3:cb:91:7e:1d:44:0b:be:ca:f3:9e:66:c5:5a:
         30:aa:5c:30:8d:bd:c5:b2:f0:d4:01:16:97:2d:56:46:04:4d:
         7a:8a:68:2e:7c:00:06:7f:ce:ab:1d:c4:f3:09:14:0a:ae:0e:
         84:10:c0:12
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUZUJI3dDEMMZWHUvPTzX+KXEGq9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA0MDIyMzM4NDdaFw0yNTA0MDEyMzQzNDdaMDMxMTAvBgNV
BAMTKEIyQ0IyNEZCN0NDRjBFQjJEMkJCMDNGRTJFRkNGMEJFMzcyNjlDREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC50+MqYK5k7LnjPF5/PnTHzlpN
09pyVCe5DgPIUBwKgNaPqjzpLK8yu31RaRKUlPgkLBOwWWwILghx5xZURe4WYPz+
SKqG2sKQCu+uN1QrTkri3jHq0XrhUnfWFmmQOCToxbT31+sjExO19Al2iCfCOzwk
CQbeE3Wx68xp9WKU/nG4p4ZZbgkpWpWYGrW/N74UpJGVhCQdpR4f/lE9064O/6/A
ewGZfLKulj3pcH61gaq4QSo/c1hjOM+zdCSL+9+hPLAB4RFP5sLYicKzFF4QTWuP
LhEd8G/JTmM0FBx3tFIy8/WtU0gps2en7Xrb60qqnWZimv1F+8EAqOHXovIbAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUsssk+3zPDrLSuwP+LvzwvjcmnN4wHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMt
YTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvMzI2MTMwNjYzYTM4MzU2MzMx
M2EzMzYxMzczYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzUzMjMyMzEucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqD4XBA6cwDQYJKoZIhvcNAQELBQADggEBAAu46OB4J3MyNZN8yp9A
tqhz4ShyCb2hwbToEBDTcMYdQ3sIYXLiLF56YXyrQeiomwDAsCqtLrSt2+nA9cQl
juMGg+6HaUejXL6qXUWhGBzVUFP9vXG6k3t6V3cJ6BhZtad0iMy9N3P2Vspz9Ae/
fEFFAzIJ+w3ceScwM/+w3pwCctM65F2bDQaZNvcDNWEL+nXFNOJ/H1xcCbEowiFK
KFMtzQHeOD2NH6bGaJ+GVLFjdC8Y9PrqE03ZZ7c2fqKmyX+z62LmgeR8GbTDy5F+
HUQLvsrznmbFWjCqXDCNvcWy8NQBFpctVkYETXqKaC58AAZ/zqsdxPMJFAquDoQQ
wBI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org