Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a636166653a3a2f34382d3438203d3e20323037373831.roa
File:                     326130663a383563313a636166653a3a2f34382d3438203d3e20323037373831.roa (raw, json)
Hash identifier:          INc4FM92OQKpgkgtHLiZy9XH77BYaDstW7jD1Ebzi2U=
Subject key identifier:   C8:08:A5:47:1A:E6:C7:E0:42:2B:88:4F:57:6E:D5:CF:21:6A:A2:0F
Certificate issuer:       /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial:       4C2AD7EBB732481AD92CBE7E609128B7644E22E3
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a636166653a3a2f34382d3438203d3e20323037373831.roa
Signing time:             Tue 10 Oct 2023 15:16:29 +0000
ROA not before:           Tue 10 Oct 2023 15:11:29 +0000
ROA not after:            Tue 08 Oct 2024 15:16:29 +0000
asID:                     207781
IP address blocks:        2a0f:85c1:cafe::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 23 May 2024 16:49:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:2a:d7:eb:b7:32:48:1a:d9:2c:be:7e:60:91:28:b7:64:4e:22:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
        Validity
            Not Before: Oct 10 15:11:29 2023 GMT
            Not After : Oct  8 15:16:29 2024 GMT
        Subject: CN=C808A5471AE6C7E0422B884F576ED5CF216AA20F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:01:00:65:b2:44:d3:32:48:93:27:43:0a:ff:
                    b2:2c:34:b5:50:ce:14:c6:8d:50:35:9b:16:48:bf:
                    22:29:a3:af:dd:f3:e1:ec:3a:f1:3e:b4:51:be:5a:
                    9a:9f:b2:fc:81:f8:25:d8:c3:51:66:11:42:28:2b:
                    4f:d4:3b:2a:a6:39:66:63:90:b0:1a:03:7c:db:c3:
                    83:a9:d6:cb:f8:c3:0e:e3:a8:e5:02:fe:0d:15:4d:
                    27:dc:60:76:12:b2:d2:6a:e3:df:3f:cf:e7:72:72:
                    d3:ec:ea:bb:51:fd:13:fe:a3:9d:f3:8b:44:09:02:
                    c1:00:4d:a4:00:07:2f:ff:39:01:82:59:13:4a:21:
                    21:03:98:59:0f:59:b9:39:82:65:dc:dc:94:36:01:
                    55:61:da:7b:38:80:59:df:00:62:5a:ac:9c:2e:8e:
                    81:c5:6c:ac:fe:ae:3e:29:80:a1:66:86:41:61:cc:
                    47:3a:c3:21:7d:d4:20:23:2a:3b:49:3c:c2:93:19:
                    6a:91:79:23:8a:b8:2c:02:3b:f8:01:40:bd:6a:0a:
                    02:31:9e:ac:8f:3b:66:84:3d:b0:c1:04:77:4c:48:
                    ee:34:eb:ec:c4:ce:fa:66:d3:cb:6f:91:14:17:4c:
                    26:23:2b:5a:a9:ea:8a:df:e2:97:d3:79:6c:19:eb:
                    be:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:08:A5:47:1A:E6:C7:E0:42:2B:88:4F:57:6E:D5:CF:21:6A:A2:0F
            X509v3 Authority Key Identifier:
                keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a636166653a3a2f34382d3438203d3e20323037373831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:85c1:cafe::/48

    Signature Algorithm: sha256WithRSAEncryption
         a5:df:d9:86:a1:63:60:d3:12:70:5e:38:7d:17:10:fa:de:eb:
         a0:88:6c:f4:c4:79:1a:38:2a:b2:32:75:87:73:4c:0e:c6:a9:
         2b:48:eb:0f:cd:fd:d3:3f:b5:46:65:69:94:0b:2a:01:0f:0c:
         64:74:5d:c0:0a:61:46:5c:31:a7:7a:f1:ec:a2:ff:79:7f:c5:
         a3:66:7f:5b:54:d0:62:06:ce:f2:6f:fc:12:ca:2e:06:6f:9f:
         52:ec:34:8e:8d:d6:65:3c:ae:36:94:bc:e9:40:a4:ce:b8:a0:
         0f:5a:90:33:99:32:1f:db:ff:1d:60:f6:95:53:1d:a4:11:25:
         e6:bd:56:c5:9d:2e:49:8d:c8:2c:b8:7d:93:6d:26:3d:c1:23:
         b9:6b:6d:c6:aa:08:15:6e:24:b0:db:fc:d6:cf:10:91:91:f3:
         b3:d7:7e:1e:d7:f2:49:ed:d2:44:e9:16:a5:51:34:ae:b5:3d:
         52:32:34:71:58:0d:ac:cf:e7:94:50:a3:9f:86:79:de:24:77:
         50:c0:d0:70:d7:0f:e0:86:29:9f:6d:7d:17:6e:62:5c:1f:a8:
         00:c3:7b:e0:3e:7a:46:0b:8c:3c:dc:05:88:39:69:37:cd:c0:
         d6:32:34:ac:bb:81:17:66:58:d6:b9:83:33:9f:58:ac:8b:4e:
         82:fd:c4:92
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUTCrX67cySBrZLL5+YJEot2ROIuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yMzEwMTAxNTExMjlaFw0yNDEwMDgxNTE2MjlaMDMxMTAvBgNV
BAMTKEM4MDhBNTQ3MUFFNkM3RTA0MjJCODg0RjU3NkVENUNGMjE2QUEyMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7AQBlskTTMkiTJ0MK/7IsNLVQ
zhTGjVA1mxZIvyIpo6/d8+HsOvE+tFG+WpqfsvyB+CXYw1FmEUIoK0/UOyqmOWZj
kLAaA3zbw4Op1sv4ww7jqOUC/g0VTSfcYHYSstJq498/z+dyctPs6rtR/RP+o53z
i0QJAsEATaQABy//OQGCWRNKISEDmFkPWbk5gmXc3JQ2AVVh2ns4gFnfAGJarJwu
joHFbKz+rj4pgKFmhkFhzEc6wyF91CAjKjtJPMKTGWqReSOKuCwCO/gBQL1qCgIx
nqyPO2aEPbDBBHdMSO406+zEzvpm08tvkRQXTCYjK1qp6orf4pfTeWwZ677PAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUyAilRxrmx+BCK4hPV27VzyFqog8wHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMt
YTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvMzI2MTMwNjYzYTM4MzU2MzMx
M2E2MzYxNjY2NTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNzM3MzgzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoPhcHK/jANBgkqhkiG9w0BAQsFAAOCAQEApd/ZhqFjYNMScF44
fRcQ+t7roIhs9MR5GjgqsjJ1h3NMDsapK0jrD8390z+1RmVplAsqAQ8MZHRdwAph
Rlwxp3rx7KL/eX/Fo2Z/W1TQYgbO8m/8EsouBm+fUuw0jo3WZTyuNpS86UCkzrig
D1qQM5kyH9v/HWD2lVMdpBEl5r1WxZ0uSY3ILLh9k20mPcEjuWttxqoIFW4ksNv8
1s8QkZHzs9d+HtfySe3SROkWpVE0rrU9UjI0cVgNrM/nlFCjn4Z53iR3UMDQcNcP
4IYpn219F25iXB+oAMN74D56RguMPNwFiDlpN83A1jI0rLuBF2ZY1rmDM59YrItO
gv3Ekg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org