Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361383a3a2f34382d3438203d3e20323135323136.roa
File:                     326130663a383563313a3361383a3a2f34382d3438203d3e20323135323136.roa (raw, json)
Hash identifier:          3MzrVE5zGoqtqL1LVondY7kJQmrcd4PAqVdQawNsg4A=
Subject key identifier:   2A:97:5B:21:6F:B8:69:34:27:C6:25:6B:C2:30:A8:2F:D9:F1:9C:89
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       3DF800FA22629856FF2021EEA7902E138BDEA3D1
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361383a3a2f34382d3438203d3e20323135323136.roa
Signing time:             Thu 28 Mar 2024 01:28:48 +0000
ROA not before:           Thu 28 Mar 2024 01:23:48 +0000
ROA not after:            Thu 27 Mar 2025 01:28:48 +0000
asID:                     215216
IP address blocks:        2a0f:85c1:3a8::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 23 May 2024 16:49:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:f8:00:fa:22:62:98:56:ff:20:21:ee:a7:90:2e:13:8b:de:a3:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: Mar 28 01:23:48 2024 GMT
            Not After : Mar 27 01:28:48 2025 GMT
        Subject: CN=2A975B216FB8693427C6256BC230A82FD9F19C89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:10:29:77:75:9f:72:38:a1:b1:1b:0a:f0:27:
                    85:d3:b1:b5:ef:64:de:e0:08:a8:00:d2:e6:67:d3:
                    e5:53:65:3c:b3:5a:21:d7:c7:b2:be:1f:c0:0b:e8:
                    5d:54:49:a1:0c:4b:e8:59:e1:d4:8e:f3:0b:f9:c0:
                    9d:bc:de:8c:03:6e:61:d0:17:3e:60:21:a9:86:f3:
                    6c:0a:67:53:21:5c:02:2e:40:1a:fd:cd:f9:12:db:
                    5f:09:67:13:00:01:96:30:b7:c0:00:56:db:3a:cd:
                    aa:60:bd:e9:e4:e9:65:16:48:a1:02:1d:20:e6:7a:
                    91:1c:b2:e8:6c:45:35:2c:28:43:d6:7b:a1:6e:cb:
                    8b:d3:75:d8:48:94:04:22:40:16:60:c4:79:70:30:
                    4d:86:49:90:c5:cc:26:79:5f:e2:c3:e6:26:ab:cd:
                    ba:da:f8:9c:a1:a6:80:9f:67:73:0e:2b:3d:89:86:
                    45:ef:2c:79:38:b8:f8:a1:8a:ab:1d:b8:09:90:97:
                    2e:e4:4f:f0:41:b5:80:0c:db:c3:2c:76:94:14:00:
                    6a:7a:39:5b:4a:80:5f:43:e9:7f:f9:fb:f8:56:87:
                    70:ee:d7:7f:a3:cb:03:c2:96:b8:fe:35:ca:5a:46:
                    80:25:48:60:96:da:88:5d:f3:e3:8f:20:33:1f:a3:
                    8c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:97:5B:21:6F:B8:69:34:27:C6:25:6B:C2:30:A8:2F:D9:F1:9C:89
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3361383a3a2f34382d3438203d3e20323135323136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:3a8::/48

    Signature Algorithm: sha256WithRSAEncryption
         5c:aa:7a:5b:0b:c9:64:4d:dc:50:95:99:34:b4:e1:0b:80:dc:
         87:40:07:19:dd:10:2d:50:f5:59:e3:0f:ca:c6:c1:c2:0f:aa:
         ce:fe:a2:ff:e4:97:44:18:56:36:b2:38:d5:78:96:a2:15:aa:
         a0:0f:58:fa:c1:62:28:fa:21:95:1c:7a:cb:35:42:b4:57:8f:
         12:23:0b:47:9b:eb:e7:ac:aa:e9:d9:8e:f0:bf:e4:eb:d3:37:
         49:98:18:62:e0:2e:14:00:86:74:8a:a2:f2:1b:81:cc:5c:24:
         8d:64:92:c3:9d:0d:5d:77:a5:f2:65:79:88:0c:e6:4c:ab:5e:
         12:41:b4:81:4b:b5:25:4c:51:82:f2:4c:81:f6:60:05:11:26:
         6c:a5:dd:72:6b:12:9f:96:85:53:bb:00:ec:4b:e6:cd:ce:df:
         95:b5:b1:41:3c:24:f4:cd:1d:c4:da:77:f9:be:dd:f7:2b:11:
         18:56:7a:8f:fa:1f:99:a5:21:45:84:58:77:a8:3a:b6:5d:89:
         18:c5:20:54:1f:3d:80:ca:ab:4d:1d:1f:84:c5:1e:da:f3:fd:
         05:a9:2c:c5:af:f8:94:61:12:c9:39:29:27:91:2f:69:77:3f:
         e5:e5:96:71:a4:32:7e:70:0e:14:fe:08:36:b5:85:41:e4:15:
         e7:f7:5d:ea
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUPfgA+iJimFb/ICHup5AuE4veo9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDAzMjgwMTIzNDhaFw0yNTAzMjcwMTI4NDhaMDMxMTAvBgNV
BAMTKDJBOTc1QjIxNkZCODY5MzQyN0M2MjU2QkMyMzBBODJGRDlGMTlDODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmECl3dZ9yOKGxGwrwJ4XTsbXv
ZN7gCKgA0uZn0+VTZTyzWiHXx7K+H8AL6F1USaEMS+hZ4dSO8wv5wJ283owDbmHQ
Fz5gIamG82wKZ1MhXAIuQBr9zfkS218JZxMAAZYwt8AAVts6zapgvenk6WUWSKEC
HSDmepEcsuhsRTUsKEPWe6Fuy4vTddhIlAQiQBZgxHlwME2GSZDFzCZ5X+LD5iar
zbra+JyhpoCfZ3MOKz2JhkXvLHk4uPihiqsduAmQly7kT/BBtYAM28MsdpQUAGp6
OVtKgF9D6X/5+/hWh3Du13+jywPClrj+NcpaRoAlSGCW2ohd8+OPIDMfo4wNAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUKpdbIW+4aTQnxiVrwjCoL9nxnIkwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMt
YTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvMzI2MTMwNjYzYTM4MzU2MzMx
M2EzMzYxMzgzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzUzMjMxMzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqD4XBA6gwDQYJKoZIhvcNAQELBQADggEBAFyqelsLyWRN3FCVmTS0
4QuA3IdABxndEC1Q9VnjD8rGwcIPqs7+ov/kl0QYVjayONV4lqIVqqAPWPrBYij6
IZUcess1QrRXjxIjC0eb6+esqunZjvC/5OvTN0mYGGLgLhQAhnSKovIbgcxcJI1k
ksOdDV13pfJleYgM5kyrXhJBtIFLtSVMUYLyTIH2YAURJmyl3XJrEp+WhVO7AOxL
5s3O35W1sUE8JPTNHcTad/m+3fcrERhWeo/6H5mlIUWEWHeoOrZdiRjFIFQfPYDK
q00dH4TFHtrz/QWpLMWv+JRhEsk5KSeRL2l3P+XllnGkMn5wDhT+CDa1hUHkFef3
Xeo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org