Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/8WU0gNlEl-gBrDdYn2nMsG5wxYk.roa
File:                     8WU0gNlEl-gBrDdYn2nMsG5wxYk.roa (raw, json)
Hash identifier:          eGS0MBuyVJc5ETLpFS7MxgMBtGS2ytGoy/szwz4Gqdk=
Subject key identifier:   F1:65:34:80:D9:44:97:E8:01:AC:37:58:9F:69:CC:B0:6E:70:C5:89
Certificate issuer:       /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial:       0194CBF34977C6666EDA64482C6513CE4155
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/8WU0gNlEl-gBrDdYn2nMsG5wxYk.roa
Signing time:             Mon 03 Feb 2025 13:15:06 +0000
ROA not before:           Mon 03 Feb 2025 13:15:06 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     834
IP address blocks:        144.56.0.0/24 maxlen: 24
                          144.56.1.0/24 maxlen: 24
                          144.56.2.0/24 maxlen: 24
                          144.56.3.0/24 maxlen: 24
                          144.56.4.0/24 maxlen: 24
                          144.56.5.0/24 maxlen: 24
                          144.56.6.0/24 maxlen: 24
                          144.56.7.0/24 maxlen: 24
                          144.56.8.0/24 maxlen: 24
                          144.56.9.0/24 maxlen: 24
                          144.56.10.0/24 maxlen: 24
                          144.56.11.0/24 maxlen: 24
                          144.56.12.0/24 maxlen: 24
                          144.56.13.0/24 maxlen: 24
                          144.56.14.0/24 maxlen: 24
                          144.56.15.0/24 maxlen: 24
                          144.56.16.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 05 Feb 2025 11:49:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:cb:f3:49:77:c6:66:6e:da:64:48:2c:65:13:ce:41:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
        Validity
            Not Before: Feb  3 13:15:06 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=f1653480d94497e801ac37589f69ccb06e70c589
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b3:44:52:ab:62:71:e9:7e:4d:78:6c:9a:8a:
                    6d:b4:8b:0b:d3:84:4f:a4:23:ed:03:22:b8:a6:e3:
                    a8:3b:9c:a9:d3:17:94:68:9e:4e:d7:a0:d4:b2:da:
                    68:2e:2b:22:85:42:71:bf:d4:a7:ec:d7:68:33:0a:
                    43:87:45:01:3f:f6:54:27:ce:e7:49:92:66:ea:34:
                    cb:3d:27:82:d7:34:64:27:e4:cc:4e:ed:b6:b3:ac:
                    c3:af:4d:a0:a8:b9:7e:2e:c2:0e:39:20:6e:94:f6:
                    38:b4:2a:01:25:ea:c2:2b:bb:28:fb:bf:75:80:58:
                    88:95:a1:82:3d:9b:ee:a0:ce:dc:3d:c9:1b:61:7b:
                    23:ad:04:a6:33:a6:af:14:5a:8b:6d:01:23:33:a1:
                    8e:2d:ec:b7:87:bd:e8:9d:d6:8f:b2:6c:98:16:23:
                    33:1b:76:d0:c5:1a:23:a9:29:e0:a6:d5:88:93:9b:
                    6e:0d:92:d6:f6:d2:12:3c:62:84:66:1a:13:58:85:
                    04:68:d8:ae:d6:02:1c:19:81:33:0b:04:90:97:bd:
                    73:4b:12:54:69:be:da:0a:7f:9b:25:c3:11:c8:65:
                    1d:ea:58:6f:0d:55:92:6a:e7:52:c8:5f:b7:9d:93:
                    3e:b7:1c:69:44:3e:e1:bd:5d:c1:bd:e2:1e:86:b1:
                    54:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:65:34:80:D9:44:97:E8:01:AC:37:58:9F:69:CC:B0:6E:70:C5:89
            X509v3 Authority Key Identifier:
                keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/8WU0gNlEl-gBrDdYn2nMsG5wxYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.56.0.0-144.56.16.255

    Signature Algorithm: sha256WithRSAEncryption
         9f:39:9c:3c:49:3b:ea:90:14:a9:28:6f:0d:08:c0:93:a3:f9:
         90:3b:7a:39:6f:7d:4d:a2:99:66:9d:36:2d:99:ce:a0:7d:d3:
         78:bb:eb:d5:1f:cb:11:4a:46:ba:25:5b:90:de:7e:ae:03:36:
         da:f4:04:19:19:88:a9:8e:20:ef:37:e1:75:f3:34:89:00:42:
         96:18:20:9d:35:49:06:2a:a4:71:4e:32:f2:d0:e0:c7:ba:59:
         75:81:c2:0c:88:6f:df:31:3d:d2:9c:65:38:5b:b6:ae:e2:4b:
         1c:68:d5:54:5a:26:20:bf:ef:39:f7:03:e7:46:a7:2a:91:10:
         09:44:16:85:c0:2c:e2:85:d3:98:bb:74:86:56:58:48:b3:76:
         66:86:2b:e5:b8:6c:91:ed:82:d4:87:c2:2e:98:9b:d4:2f:df:
         83:18:5b:e0:53:cc:15:64:ff:8a:76:21:30:d2:a7:a2:06:11:
         bc:39:f5:29:ff:8c:52:c3:df:74:02:89:91:de:51:06:d3:9c:
         03:72:fe:14:c1:9e:43:35:a3:33:be:5f:57:7b:9b:b7:e2:a3:
         1e:a8:51:d0:ae:0e:fc:b5:79:05:83:ee:8d:ab:54:ae:65:c0:
         35:e2:d2:1d:a3:24:24:7b:a5:25:f5:49:3f:e2:87:9b:ce:9e:
         dc:b8:2c:00
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZTL80l3xmZu2mRILGUTzkFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwMjAzMTMxNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTY1MzQ4MGQ5NDQ5N2U4MDFhYzM3NTg5ZjY5Y2NiMDZlNzBjNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbNEUqticel+TXhsmopttIsL04RP
pCPtAyK4puOoO5yp0xeUaJ5O16DUstpoLisihUJxv9Sn7NdoMwpDh0UBP/ZUJ87n
SZJm6jTLPSeC1zRkJ+TMTu22s6zDr02gqLl+LsIOOSBulPY4tCoBJerCK7so+791
gFiIlaGCPZvuoM7cPckbYXsjrQSmM6avFFqLbQEjM6GOLey3h73ondaPsmyYFiMz
G3bQxRojqSngptWIk5tuDZLW9tISPGKEZhoTWIUEaNiu1gIcGYEzCwSQl71zSxJU
ab7aCn+bJcMRyGUd6lhvDVWSaudSyF+3nZM+txxpRD7hvV3BveIehrFUAwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPFlNIDZRJfoAaw3WJ9pzLBucMWJMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvOFdVMGdObEVsLWdCckRkWW4ybk1zRzV3eFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwOQOAME
AJA4EDANBgkqhkiG9w0BAQsFAAOCAQEAnzmcPEk76pAUqShvDQjAk6P5kDt6OW99
TaKZZp02LZnOoH3TeLvr1R/LEUpGuiVbkN5+rgM22vQEGRmIqY4g7zfhdfM0iQBC
lhggnTVJBiqkcU4y8tDgx7pZdYHCDIhv3zE90pxlOFu2ruJLHGjVVFomIL/vOfcD
50anKpEQCUQWhcAs4oXTmLt0hlZYSLN2ZoYr5bhske2C1IfCLpib1C/fgxhb4FPM
FWT/inYhMNKnogYRvDn1Kf+MUsPfdAKJkd5RBtOcA3L+FMGeQzWjM75fV3ubt+Kj
HqhR0K4O/LV5BYPujatUrmXANeLSHaMkJHulJfVJP+KHm86e3LgsAA==
-----END CERTIFICATE-----