Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/5Hx6IFuresqizGYk2fjXS0tfPeo.roa
File:                     5Hx6IFuresqizGYk2fjXS0tfPeo.roa (raw, json)
Hash identifier:          u/7SEnWy3TVP32W5m7DgReb+92ccXd8K+2FP+sH6JLw=
Subject key identifier:   E4:7C:7A:20:5B:AB:7A:CA:A2:CC:66:24:D9:F8:D7:4B:4B:5F:3D:EA
Certificate issuer:       /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial:       018AA73FCAD691A907757E274BD021C366F3
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/5Hx6IFuresqizGYk2fjXS0tfPeo.roa
Signing time:             Mon 18 Sep 2023 07:44:50 +0000
ROA not before:           Mon 18 Sep 2023 07:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48448
IP address blocks:        45.85.73.0/24 maxlen: 24
                          2a0e:bb81:2a02::/48 maxlen: 48
                          2a0e:bb81:1000::/48 maxlen: 48
                          2a0e:bb81::/48 maxlen: 48
                          2a0e:bb81:3a01::/48 maxlen: 48
                          2a0e:bb81:2a01::/48 maxlen: 48
                          2a0e:bb81:1a01::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a7:3f:ca:d6:91:a9:07:75:7e:27:4b:d0:21:c3:66:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
        Validity
            Not Before: Sep 18 07:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e47c7a205bab7acaa2cc6624d9f8d74b4b5f3dea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:e8:08:d6:2c:db:3b:79:8e:fa:e5:31:3d:3d:
                    bd:d8:87:54:32:b7:cf:ee:fc:2b:d1:57:4f:4f:c8:
                    78:fd:15:33:03:3a:cf:9e:75:7e:7c:13:7c:3e:29:
                    e1:64:d7:ae:80:ca:6d:fe:8f:24:e6:43:eb:a8:e8:
                    3c:a7:39:1b:c9:c8:e3:73:d0:7d:b9:96:ee:d1:c0:
                    de:83:e1:fd:13:c0:98:d5:96:bb:8b:a8:86:32:1e:
                    98:2e:a3:f1:4f:8c:0a:be:3c:cc:c1:c3:f6:58:8a:
                    e5:d4:d5:a3:f7:d1:c5:c4:df:6e:ad:eb:d0:cc:fc:
                    1e:85:4e:c6:6c:f8:0d:a4:c4:1b:c0:d7:e4:52:07:
                    6e:05:9e:a7:58:90:a1:a0:15:64:62:5f:56:4e:ba:
                    08:84:21:4b:c3:ea:1a:53:82:82:f0:93:89:f3:c3:
                    37:4c:b8:03:af:cb:51:66:a7:ef:34:a7:fa:88:10:
                    90:6d:5e:af:61:17:e7:d9:df:9f:c4:20:0b:51:79:
                    28:7f:ff:ec:08:85:b6:2e:0e:05:1a:d4:f6:92:78:
                    55:5b:97:b3:a1:9f:cc:80:51:a3:37:47:1e:22:d3:
                    78:1d:f4:5c:b5:9a:a1:1a:12:83:8c:a0:51:5a:6a:
                    9c:9d:a1:61:e9:d1:74:a2:b9:34:a2:b2:0a:72:dc:
                    99:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:7C:7A:20:5B:AB:7A:CA:A2:CC:66:24:D9:F8:D7:4B:4B:5F:3D:EA
            X509v3 Authority Key Identifier:
                keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/5Hx6IFuresqizGYk2fjXS0tfPeo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.85.73.0/24
                IPv6:
                  2a0e:bb81::/48
                  2a0e:bb81:1000::/48
                  2a0e:bb81:1a01::/48
                  2a0e:bb81:2a01::-2a0e:bb81:2a02:ffff:ffff:ffff:ffff:ffff
                  2a0e:bb81:3a01::/48

    Signature Algorithm: sha256WithRSAEncryption
         6d:45:4c:1c:dd:87:45:cc:2d:4b:bd:60:ab:bf:63:bb:81:c5:
         96:5b:b6:ce:51:74:d6:b0:df:43:0f:68:79:25:67:8c:27:ec:
         5f:72:1e:1a:15:d1:b6:23:30:63:6a:2b:16:52:50:e5:10:63:
         d5:91:f7:e5:02:2b:c3:45:95:83:3d:93:5d:b2:ad:47:2c:2c:
         72:32:2a:b1:88:e1:6e:f3:33:4a:06:34:d8:6f:ce:0a:2a:6b:
         91:2e:ee:8a:4e:39:41:3a:32:9e:50:1f:89:8f:9f:36:07:9d:
         cb:17:f1:f7:71:62:ba:2f:99:22:10:3d:01:f8:fc:fc:b1:b4:
         af:ea:07:9c:a4:fa:2a:f8:60:12:bf:bd:eb:cb:e6:a8:6d:8a:
         91:ef:eb:d3:9f:2f:68:c5:08:22:59:05:b4:a6:b4:ba:60:ad:
         88:df:1d:4b:0b:cd:07:37:10:4e:cd:8c:4b:d8:d8:25:ee:37:
         fd:f5:df:7d:b0:66:cf:27:0f:e0:e1:f8:8b:8c:ae:9f:44:1b:
         bb:8f:b1:20:29:f7:84:69:58:2c:64:43:2f:88:ee:97:50:0a:
         8d:6e:d8:a3:05:67:91:37:96:2f:62:65:1f:05:f0:d5:9f:d8:
         25:8a:12:52:1e:e0:ce:10:f6:1c:50:90:f4:af:bd:4b:73:54:
         e0:97:00:96
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYqnP8rWkakHdX4nS9Ahw2bzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzY5ZDZlNGEwZmMyYzk4MDEzYjcyMmViMmJlYjllNmU4
NzFmYzYwHhcNMjMwOTE4MDc0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDdjN2EyMDViYWI3YWNhYTJjYzY2MjRkOWY4ZDc0YjRiNWYzZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOgI1izbO3mO+uUxPT292IdUMrfP
7vwr0VdPT8h4/RUzAzrPnnV+fBN8PinhZNeugMpt/o8k5kPrqOg8pzkbycjjc9B9
uZbu0cDeg+H9E8CY1Za7i6iGMh6YLqPxT4wKvjzMwcP2WIrl1NWj99HFxN9urevQ
zPwehU7GbPgNpMQbwNfkUgduBZ6nWJChoBVkYl9WTroIhCFLw+oaU4KC8JOJ88M3
TLgDr8tRZqfvNKf6iBCQbV6vYRfn2d+fxCALUXkof//sCIW2Lg4FGtT2knhVW5ez
oZ/MgFGjN0ceItN4HfRctZqhGhKDjKBRWmqcnaFh6dF0ork0orIKctyZQwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOR8eiBbq3rKosxmJNn410tLXz3qMB8GA1UdIwQY
MBaAFHJ2nW5KD8LJgBO3Iusr655uhx/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGIt
NjkzM2E5MGM1M2ZhLzEvNUh4NklGdXJlc3FpekdZazJmalhTMHRmUGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGItNjkzM2E5MGM1M2Zh
LzEvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAMBAIAATAGAwQALVVJMD4E
AgACMDgDBwAqDruBAAADBwAqDruBEAADBwAqDruBGgEwEgMHACoOu4EqAQMHACoO
u4EqAgMHACoOu4E6ATANBgkqhkiG9w0BAQsFAAOCAQEAbUVMHN2HRcwtS71gq79j
u4HFllu2zlF01rDfQw9oeSVnjCfsX3IeGhXRtiMwY2orFlJQ5RBj1ZH35QIrw0WV
gz2TXbKtRywscjIqsYjhbvMzSgY02G/OCiprkS7uik45QToynlAfiY+fNgedyxfx
93Fiui+ZIhA9Afj8/LG0r+oHnKT6KvhgEr+968vmqG2Kke/r058vaMUIIlkFtKa0
umCtiN8dSwvNBzcQTs2MS9jYJe43/fXffbBmzycP4OH4i4yun0Qbu4+xICn3hGlY
LGRDL4jul1AKjW7YowVnkTeWL2JlHwXw1Z/YJYoSUh7gzhD2HFCQ9K+9S3NU4JcA
lg==
-----END CERTIFICATE-----