Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3630303a3a2f34302d3430203d3e20323136333234.roa
File:                     326130663a383563313a3630303a3a2f34302d3430203d3e20323136333234.roa (raw, json)
Hash identifier:          J+4JdjKE5AU4ieK1Hb/NpPigOTkGqq9McEtX9v39SlI=
Subject key identifier:   0A:12:AD:04:4E:5B:FD:5C:24:F5:7A:5F:C0:15:E4:5D:23:D1:78:BA
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       0F5D349EEC62CC92336819372DBAD4FB952347C7
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3630303a3a2f34302d3430203d3e20323136333234.roa
Signing time:             Thu 15 Feb 2024 21:58:22 +0000
ROA not before:           Thu 15 Feb 2024 21:53:22 +0000
ROA not after:            Thu 13 Feb 2025 21:58:22 +0000
asID:                     216324
IP address blocks:        2a0f:85c1:600::/40 maxlen: 40

Validation:               Failed, certificate revoked on Thu 23 May 2024 16:49:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:5d:34:9e:ec:62:cc:92:33:68:19:37:2d:ba:d4:fb:95:23:47:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: Feb 15 21:53:22 2024 GMT
            Not After : Feb 13 21:58:22 2025 GMT
        Subject: CN=0A12AD044E5BFD5C24F57A5FC015E45D23D178BA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c2:bd:e6:5f:9f:11:02:17:52:cf:5c:97:df:
                    a6:a4:72:99:7b:e1:53:02:67:ec:36:b1:c7:64:1d:
                    cb:fa:ff:87:86:11:3d:bf:60:3e:aa:bd:ea:14:96:
                    a7:89:c9:68:e6:9c:6a:04:e8:b9:16:01:4d:eb:42:
                    4f:9c:35:b7:06:22:3f:89:17:c1:bb:c2:9f:7c:fc:
                    49:5b:73:35:1f:0b:5a:bb:b8:7c:15:e2:69:e2:ab:
                    be:f0:40:40:c8:38:a7:d5:f3:75:92:3a:dd:4e:11:
                    7e:bf:ab:35:47:3d:38:e9:eb:1c:6a:60:5a:e2:e0:
                    7d:e9:da:b6:75:e7:56:f1:80:4e:85:fc:88:f5:48:
                    2a:be:a7:0c:0c:88:60:06:b4:fe:81:c2:ad:71:49:
                    4f:de:72:68:23:6f:11:ed:df:c9:2c:d6:64:d6:54:
                    a1:50:fa:2b:ad:20:f8:d0:91:a5:b7:f7:3a:4f:d4:
                    2e:d3:5b:fe:97:57:71:32:ae:2a:d2:a8:4f:ac:bd:
                    a9:57:17:1d:e4:a5:b5:97:ab:db:3b:11:16:1e:bb:
                    ab:9c:2a:a2:62:84:2e:42:0e:9e:1a:c5:8a:77:6a:
                    59:b5:18:da:8f:cd:95:2c:37:e0:4e:c3:7a:66:d7:
                    e2:9f:fa:12:d5:d5:2d:d9:ef:0a:5c:0e:08:ae:21:
                    21:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:12:AD:04:4E:5B:FD:5C:24:F5:7A:5F:C0:15:E4:5D:23:D1:78:BA
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3630303a3a2f34302d3430203d3e20323136333234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:600::/40

    Signature Algorithm: sha256WithRSAEncryption
         23:76:21:dd:d4:74:ca:a1:65:fa:20:d7:53:e7:56:ca:90:74:
         43:ba:c2:0a:b8:df:03:fc:da:d1:3c:b0:f0:42:9d:58:ab:6d:
         14:ea:29:e3:93:b1:f5:5c:66:ea:fc:ba:16:32:8d:36:f7:d6:
         aa:0e:95:c8:8e:99:a5:22:51:68:fb:96:be:8b:d8:f5:4c:33:
         40:82:e6:c8:2f:f1:75:64:fa:df:b6:24:aa:05:30:2d:12:1e:
         4c:7f:a9:df:6b:69:69:f4:b0:30:9a:13:ac:80:38:f7:10:0d:
         d3:86:b7:38:9f:1a:1a:7b:ba:41:2d:1b:9d:19:de:f2:7e:81:
         2a:97:b1:01:bd:22:45:04:25:61:f5:99:53:46:af:13:d6:d6:
         c0:fc:e5:e1:6b:de:83:eb:bb:c5:8f:f9:a6:44:2d:65:ec:08:
         e2:90:6c:9a:ce:5d:85:68:65:f3:5e:1a:16:5c:90:e6:5b:f0:
         da:a2:dd:97:39:72:c7:6c:5e:e9:d0:6e:c0:c2:f8:65:a8:fc:
         03:13:38:7a:4d:b3:af:83:80:11:9c:c3:d3:77:dc:05:fc:3a:
         3f:f3:66:2d:6e:36:f5:2e:67:8c:f7:71:db:2d:58:b4:e9:89:
         13:a4:f3:3c:66:6c:27:a5:2a:8e:08:6a:1d:e9:6b:40:b2:8c:
         27:c8:10:63
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUD100nuxizJIzaBk3LbrU+5UjR8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDAyMTUyMTUzMjJaFw0yNTAyMTMyMTU4MjJaMDMxMTAvBgNV
BAMTKDBBMTJBRDA0NEU1QkZENUMyNEY1N0E1RkMwMTVFNDVEMjNEMTc4QkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4wr3mX58RAhdSz1yX36akcpl7
4VMCZ+w2scdkHcv6/4eGET2/YD6qveoUlqeJyWjmnGoE6LkWAU3rQk+cNbcGIj+J
F8G7wp98/ElbczUfC1q7uHwV4mniq77wQEDIOKfV83WSOt1OEX6/qzVHPTjp6xxq
YFri4H3p2rZ151bxgE6F/Ij1SCq+pwwMiGAGtP6Bwq1xSU/ecmgjbxHt38ks1mTW
VKFQ+iutIPjQkaW39zpP1C7TW/6XV3EyrirSqE+svalXFx3kpbWXq9s7ERYeu6uc
KqJihC5CDp4axYp3alm1GNqPzZUsN+BOw3pm1+Kf+hLV1S3Z7wpcDgiuISH1AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUChKtBE5b/Vwk9XpfwBXkXSPReLowHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMt
YTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvMzI2MTMwNjYzYTM4MzU2MzMx
M2EzNjMwMzAzYTNhMmYzNDMwMmQzNDMwMjAzZDNlMjAzMjMxMzYzMzMyMzQucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqD4XBBjANBgkqhkiG9w0BAQsFAAOCAQEAI3Yh3dR0yqFl+iDXU+dW
ypB0Q7rCCrjfA/za0Tyw8EKdWKttFOop45Ox9Vxm6vy6FjKNNvfWqg6VyI6ZpSJR
aPuWvovY9UwzQILmyC/xdWT637YkqgUwLRIeTH+p32tpafSwMJoTrIA49xAN04a3
OJ8aGnu6QS0bnRne8n6BKpexAb0iRQQlYfWZU0avE9bWwPzl4Wveg+u7xY/5pkQt
ZewI4pBsms5dhWhl814aFlyQ5lvw2qLdlzlyx2xe6dBuwML4Zaj8AxM4ek2zr4OA
EZzD03fcBfw6P/NmLW429S5njPdx2y1YtOmJE6TzPGZsJ6UqjghqHelrQLKMJ8gQ
Yw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org