Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/wmiGcm01a7QcsB61chH9vIv2JIc.roa
File:                     wmiGcm01a7QcsB61chH9vIv2JIc.roa (raw, json)
Hash identifier:          xfhFtlGyFpRHlAnbJK8nlilwhVEbkrJVP5gG3iMZPdM=
Subject key identifier:   C2:68:86:72:6D:35:6B:B4:1C:B0:1E:B5:72:11:FD:BC:8B:F6:24:87
Certificate issuer:       /CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
Certificate serial:       0188DA1401A8C0D489AEDD2E92FC1F155259
Authority key identifier: E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/wmiGcm01a7QcsB61chH9vIv2JIc.roa
Signing time:             Tue 20 Jun 2023 18:32:04 +0000
ROA not before:           Tue 20 Jun 2023 18:32:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        151.186.192.0/24 maxlen: 24
                          151.186.193.0/24 maxlen: 24
                          151.186.196.0/24 maxlen: 24
                          151.186.194.0/24 maxlen: 24
                          151.186.195.0/24 maxlen: 24
                          151.186.199.0/24 maxlen: 24
                          151.186.197.0/24 maxlen: 24
                          151.186.198.0/24 maxlen: 24
                          151.186.203.0/24 maxlen: 24
                          151.186.201.0/24 maxlen: 24
                          151.186.202.0/24 maxlen: 24
                          151.186.206.0/24 maxlen: 24
                          151.186.204.0/24 maxlen: 24
                          151.186.205.0/24 maxlen: 24
                          151.186.200.0/24 maxlen: 24
                          151.186.207.0/24 maxlen: 24
                          2a04:e4c4:5::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 21 Jun 2023 14:30:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:da:14:01:a8:c0:d4:89:ae:dd:2e:92:fc:1f:15:52:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
        Validity
            Not Before: Jun 20 18:32:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c26886726d356bb41cb01eb57211fdbc8bf62487
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:9d:1f:23:7f:dd:0f:37:8d:25:6d:67:43:d7:
                    b7:4d:64:90:14:51:14:dd:1c:82:a9:cd:b0:7c:b2:
                    72:0a:6c:a0:f0:b0:e2:78:b2:e8:8b:c4:07:78:f9:
                    ae:c5:cf:0b:db:db:33:d8:24:87:17:df:c2:d2:47:
                    98:00:02:13:8d:0e:bf:a3:36:3d:5b:6a:71:16:71:
                    b2:44:07:14:86:35:06:58:59:b3:e4:87:11:c7:c1:
                    f2:76:f3:b2:2c:a4:62:e1:1e:bb:64:71:d4:3d:22:
                    5d:d7:ce:79:42:1b:63:7c:a8:06:6c:d3:3b:7c:0d:
                    fb:37:77:33:1e:dd:32:5a:c7:a8:30:bc:a2:95:95:
                    28:d7:85:82:cd:26:2a:0c:e5:20:29:95:ed:b3:74:
                    a8:0b:49:e1:ee:b6:a1:4b:6b:03:a5:22:84:64:fe:
                    4f:17:ba:02:8e:1b:e8:06:ec:d0:ea:4b:ff:df:9c:
                    04:11:c2:c4:d8:9c:84:47:71:1a:6a:7a:13:ae:62:
                    de:fe:83:02:94:b6:f5:b7:54:88:98:99:11:05:06:
                    69:d5:68:ca:00:e6:ef:d2:cb:e5:81:02:fb:1a:c9:
                    3f:b0:3c:6b:e5:4b:cc:40:50:be:01:c9:31:ee:c1:
                    77:92:cf:04:75:4c:ea:9b:ef:23:fd:3f:18:0e:07:
                    a7:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:68:86:72:6D:35:6B:B4:1C:B0:1E:B5:72:11:FD:BC:8B:F6:24:87
            X509v3 Authority Key Identifier:
                keyid:E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/wmiGcm01a7QcsB61chH9vIv2JIc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.186.192.0/20
                IPv6:
                  2a04:e4c4:5::/48

    Signature Algorithm: sha256WithRSAEncryption
         39:e6:10:25:fc:36:dd:de:ee:34:32:77:9c:f0:f7:ec:c2:d9:
         e9:40:56:aa:18:75:2d:41:33:85:8e:e8:f8:20:12:d2:55:bd:
         7b:9a:83:37:bb:7d:08:cd:02:e2:2b:ff:d2:e6:ed:af:73:d8:
         0c:b6:88:f0:3e:0b:ac:f3:b6:7c:9f:26:92:73:1d:19:25:ac:
         0d:4e:4f:67:97:9a:45:ef:f7:9f:57:de:42:06:c6:21:30:61:
         92:90:4b:6e:4e:ed:0d:3f:fe:db:2b:79:dc:8f:bc:e8:57:99:
         aa:96:77:63:d6:61:db:43:1f:3e:df:49:fe:79:0b:3c:ab:bc:
         c1:4e:07:39:02:d0:3e:b8:c0:e9:38:e2:04:e8:3b:6d:08:dc:
         f6:81:14:1b:2e:94:a2:f9:4a:fe:ea:bb:01:cf:f1:39:2f:a6:
         aa:8e:21:6e:01:f8:c3:e1:a0:89:bf:ce:fc:ca:a7:88:56:64:
         65:92:b8:d1:38:a4:6d:ca:c2:a3:82:e9:7e:5c:33:b4:36:23:
         b6:3a:10:ef:95:26:97:15:9e:46:60:3c:5d:d0:47:39:05:4f:
         e9:c1:f8:54:64:e8:a8:69:b1:33:eb:5e:26:a1:eb:d6:d3:a5:
         46:52:6c:ef:36:f9:bd:db:ed:7d:6d:9e:4c:16:6c:68:45:b7:
         37:32:ce:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYjaFAGowNSJrt0ukvwfFVJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTMzZGNhZjJiMWViZjVkYWRlNWEzM2FhMWIyZmI5OWQy
Njg5YmEwHhcNMjMwNjIwMTgzMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjY4ODY3MjZkMzU2YmI0MWNiMDFlYjU3MjExZmRiYzhiZjYyNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZ0fI3/dDzeNJW1nQ9e3TWSQFFEU
3RyCqc2wfLJyCmyg8LDieLLoi8QHePmuxc8L29sz2CSHF9/C0keYAAITjQ6/ozY9
W2pxFnGyRAcUhjUGWFmz5IcRx8HydvOyLKRi4R67ZHHUPSJd1855QhtjfKgGbNM7
fA37N3czHt0yWseoMLyilZUo14WCzSYqDOUgKZXts3SoC0nh7rahS2sDpSKEZP5P
F7oCjhvoBuzQ6kv/35wEEcLE2JyER3EaanoTrmLe/oMClLb1t1SImJkRBQZp1WjK
AObv0svlgQL7Gsk/sDxr5UvMQFC+Ackx7sF3ks8EdUzqm+8j/T8YDgencQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMJohnJtNWu0HLAetXIR/byL9iSHMB8GA1UdIwQY
MBaAFOcTPcrysev12t5aM6obL7mdJom6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUt
MTljZTQ2YTQyZmE0LzEvd21pR2NtMDFhN1Fjc0I2MWNoSDl2SXYySkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUtMTljZTQ2YTQyZmE0
LzEvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEl7rAMA8E
AgACMAkDBwAqBOTEAAUwDQYJKoZIhvcNAQELBQADggEBADnmECX8Nt3e7jQyd5zw
9+zC2elAVqoYdS1BM4WO6PggEtJVvXuagze7fQjNAuIr/9Lm7a9z2Ay2iPA+C6zz
tnyfJpJzHRklrA1OT2eXmkXv959X3kIGxiEwYZKQS25O7Q0//tsredyPvOhXmaqW
d2PWYdtDHz7fSf55CzyrvMFOBzkC0D64wOk44gToO20I3PaBFBsulKL5Sv7quwHP
8TkvpqqOIW4B+MPhoIm/zvzKp4hWZGWSuNE4pG3KwqOC6X5cM7Q2I7Y6EO+VJpcV
nkZgPF3QRzkFT+nB+FRk6KhpsTPrXiah69bTpUZSbO82+b3b7X1tnkwWbGhFtzcy
zv0=
-----END CERTIFICATE-----