Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/5a24de-44f0-4a54-9137-ecd9faff262c/1/xmZ7tsRbNejhJ5QXy4oDfewQXXw.roa
File:                     xmZ7tsRbNejhJ5QXy4oDfewQXXw.roa (raw, json)
Hash identifier:          9OAwyILLkRcLg5F/EgVrMmVVA4CeH/1pUKAntMZ8Abc=
Subject key identifier:   C6:66:7B:B6:C4:5B:35:E8:E1:27:94:17:CB:8A:03:7D:EC:10:5D:7C
Certificate issuer:       /CN=82f2455dcf45ae65a6fdccf8f7821ce3c524011d
Certificate serial:       018BAE1B78FD2BEC1E3C62C5743FEA1F94FE
Authority key identifier: 82:F2:45:5D:CF:45:AE:65:A6:FD:CC:F8:F7:82:1C:E3:C5:24:01:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gvJFXc9FrmWm_cz494Ic48UkAR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/5a24de-44f0-4a54-9137-ecd9faff262c/1/xmZ7tsRbNejhJ5QXy4oDfewQXXw.roa
Signing time:             Wed 08 Nov 2023 08:45:17 +0000
ROA not before:           Wed 08 Nov 2023 08:45:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42067
IP address blocks:        212.93.176.0/24 maxlen: 24
                          212.93.177.0/24 maxlen: 24
                          212.93.178.0/24 maxlen: 24
                          212.93.179.0/24 maxlen: 24
                          212.93.180.0/24 maxlen: 24
                          212.93.181.0/24 maxlen: 24
                          212.93.182.0/24 maxlen: 24
                          212.93.183.0/24 maxlen: 24
                          212.93.186.0/24 maxlen: 24
                          212.93.187.0/24 maxlen: 24
                          212.93.188.0/24 maxlen: 24
                          212.93.189.0/24 maxlen: 24
                          212.93.190.0/24 maxlen: 24
                          212.93.191.0/24 maxlen: 24
                          212.93.160.0/19 maxlen: 19
                          212.93.160.0/24 maxlen: 24
                          212.93.161.0/24 maxlen: 24
                          212.93.162.0/24 maxlen: 24
                          212.93.163.0/24 maxlen: 24
                          212.93.164.0/24 maxlen: 24
                          212.93.165.0/24 maxlen: 24
                          212.93.170.0/24 maxlen: 24
                          91.151.160.0/24 maxlen: 24
                          91.151.161.0/24 maxlen: 24
                          91.151.162.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ae:1b:78:fd:2b:ec:1e:3c:62:c5:74:3f:ea:1f:94:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82f2455dcf45ae65a6fdccf8f7821ce3c524011d
        Validity
            Not Before: Nov  8 08:45:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c6667bb6c45b35e8e1279417cb8a037dec105d7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:a5:35:a9:b6:87:bd:5f:05:33:39:3d:f8:ce:
                    b0:40:d6:e7:12:ef:a9:40:00:ce:cd:fe:47:5f:52:
                    c0:ae:c2:a8:a0:8e:db:dd:7d:d3:d7:9b:7a:78:e5:
                    d7:44:d4:81:c6:24:60:84:77:1a:17:8b:e7:30:52:
                    20:b0:ad:88:c2:b5:af:ce:2e:f8:5b:65:8e:a6:47:
                    d1:0f:b3:14:1a:28:ce:62:e2:1d:aa:4b:20:64:56:
                    10:88:47:38:86:32:d4:87:c5:b0:8e:67:45:fd:c3:
                    75:2b:5b:cc:8e:7d:b9:55:5c:2e:67:fd:02:36:e7:
                    d4:e2:96:ca:25:92:a1:af:ff:d6:ef:1e:8d:fc:b8:
                    9d:b0:57:54:47:ab:3a:58:cb:f8:e0:7b:0f:8b:9a:
                    49:8b:91:49:8d:31:43:71:ca:cc:2d:4e:79:86:d8:
                    9c:91:b0:82:f2:03:5d:fb:30:84:c9:d4:29:76:6f:
                    45:ce:1b:7b:c8:9e:94:57:a4:a5:30:9a:39:85:7d:
                    ee:d4:ff:0e:5e:c5:eb:df:37:c7:16:99:29:b6:95:
                    23:6f:85:b3:81:49:cf:83:b1:1c:60:0d:2e:6f:54:
                    2f:a2:3e:ca:98:d7:bb:42:8d:51:62:09:c0:dd:38:
                    e5:a1:07:0c:7d:42:7a:87:55:e4:dd:9d:ca:5a:9f:
                    8f:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:66:7B:B6:C4:5B:35:E8:E1:27:94:17:CB:8A:03:7D:EC:10:5D:7C
            X509v3 Authority Key Identifier:
                keyid:82:F2:45:5D:CF:45:AE:65:A6:FD:CC:F8:F7:82:1C:E3:C5:24:01:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gvJFXc9FrmWm_cz494Ic48UkAR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5a24de-44f0-4a54-9137-ecd9faff262c/1/xmZ7tsRbNejhJ5QXy4oDfewQXXw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5a24de-44f0-4a54-9137-ecd9faff262c/1/gvJFXc9FrmWm_cz494Ic48UkAR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.151.160.0-91.151.162.255
                  212.93.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         76:d6:6e:39:7a:78:e5:f9:c0:78:a1:d6:e0:a8:43:5d:4b:44:
         a4:7c:0f:bf:41:9a:85:73:80:59:f8:fe:df:e0:66:ae:2d:69:
         bc:8b:a2:79:d6:e0:5c:66:f9:41:52:b9:3f:6b:d6:d4:11:d0:
         80:e0:de:87:22:b1:37:11:b1:a6:1e:ce:5b:71:17:a1:40:0d:
         2a:8e:2e:cc:07:c1:6b:6f:fd:ba:67:0f:e6:11:88:88:5f:32:
         c2:1b:52:8d:e6:29:9f:06:d1:07:00:e8:90:09:e6:60:91:89:
         32:6f:88:37:d3:b8:74:23:10:a2:c7:11:80:31:3d:5c:f6:7f:
         d9:7a:e3:42:08:b6:95:9a:16:87:18:5e:02:da:b6:6b:46:20:
         3e:ca:33:67:95:d3:99:e7:d8:e3:2d:86:0e:c6:85:12:3e:6f:
         67:de:93:4e:4f:39:95:78:c1:78:86:1d:59:46:7f:06:4b:1d:
         4c:82:9b:19:09:ce:9c:06:df:e3:d4:d2:c5:38:e5:c1:db:1f:
         f0:4e:62:58:63:46:c6:54:fd:82:3b:2b:27:51:76:f5:61:69:
         d5:27:e1:68:6a:cc:b4:74:65:ee:0d:ca:ff:74:23:86:60:ba:
         9f:53:61:85:10:8f:5a:78:91:0c:8f:38:2b:c8:4e:b5:ab:6f:
         1d:d3:b5:1f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYuuG3j9K+wePGLFdD/qH5T+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZjI0NTVkY2Y0NWFlNjVhNmZkY2NmOGY3ODIxY2UzYzUy
NDAxMWQwHhcNMjMxMTA4MDg0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjY2N2JiNmM0NWIzNWU4ZTEyNzk0MTdjYjhhMDM3ZGVjMTA1ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16U1qbaHvV8FMzk9+M6wQNbnEu+p
QADOzf5HX1LArsKooI7b3X3T15t6eOXXRNSBxiRghHcaF4vnMFIgsK2IwrWvzi74
W2WOpkfRD7MUGijOYuIdqksgZFYQiEc4hjLUh8WwjmdF/cN1K1vMjn25VVwuZ/0C
NufU4pbKJZKhr//W7x6N/LidsFdUR6s6WMv44HsPi5pJi5FJjTFDccrMLU55htic
kbCC8gNd+zCEydQpdm9Fzht7yJ6UV6SlMJo5hX3u1P8OXsXr3zfHFpkptpUjb4Wz
gUnPg7EcYA0ub1Qvoj7KmNe7Qo1RYgnA3TjloQcMfUJ6h1Xk3Z3KWp+P+wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMZme7bEWzXo4SeUF8uKA33sEF18MB8GA1UdIwQY
MBaAFILyRV3PRa5lpv3M+PeCHOPFJAEdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3ZKRlhjOUZybVdtX2N6NDk0SWM0OFVrQVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81YTI0ZGUtNDRmMC00YTU0LTkxMzct
ZWNkOWZhZmYyNjJjLzEveG1aN3RzUmJOZWpoSjVRWHk0b0RmZXdRWFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81YTI0ZGUtNDRmMC00YTU0LTkxMzctZWNkOWZhZmYyNjJj
LzEvZ3ZKRlhjOUZybVdtX2N6NDk0SWM0OFVrQVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVbl6AD
BABbl6IDBAXUXaAwDQYJKoZIhvcNAQELBQADggEBAHbWbjl6eOX5wHih1uCoQ11L
RKR8D79BmoVzgFn4/t/gZq4tabyLonnW4Fxm+UFSuT9r1tQR0IDg3ocisTcRsaYe
zltxF6FADSqOLswHwWtv/bpnD+YRiIhfMsIbUo3mKZ8G0QcA6JAJ5mCRiTJviDfT
uHQjEKLHEYAxPVz2f9l640IItpWaFocYXgLatmtGID7KM2eV05nn2OMthg7GhRI+
b2fek05POZV4wXiGHVlGfwZLHUyCmxkJzpwG3+PU0sU45cHbH/BOYlhjRsZU/YI7
KydRdvVhadUn4WhqzLR0Ze4Nyv90I4Zgup9TYYUQj1p4kQyPOCvITrWrbx3TtR8=
-----END CERTIFICATE-----