Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/eugIcqj22DfX7Dlhm6P2dVfW-0o.roa
File:                     eugIcqj22DfX7Dlhm6P2dVfW-0o.roa (raw, json)
Hash identifier:          WPPTetZxpjW2jt5U7gz7VaoKzbrjJMfy2XwWuPjMgXI=
Subject key identifier:   7A:E8:08:72:A8:F6:D8:37:D7:EC:39:61:9B:A3:F6:75:57:D6:FB:4A
Certificate issuer:       /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial:       0186267F68DB4D8C8CDDF5BB93A450E49834
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/eugIcqj22DfX7Dlhm6P2dVfW-0o.roa
Signing time:             Mon 06 Feb 2023 11:32:09 +0000
ROA not before:           Mon 06 Feb 2023 11:32:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57758
IP address blocks:        185.167.204.0/22 maxlen: 24
                          185.167.207.0/24 maxlen: 24
                          2a0b:b600:3804::/48 maxlen: 48
                          2a0b:b600:3802::/48 maxlen: 48
                          2a0b:b602::/32 maxlen: 48
                          2a0b:b600:3803::/48 maxlen: 48
                          2a0b:b600:2000::/38 maxlen: 48
                          2a0b:b600:3400::/38 maxlen: 48
                          2a0b:b600:400::/38 maxlen: 48
                          2a0b:b600::/36 maxlen: 36
                          2a0b:b600:2400::/38 maxlen: 38
                          2a0b:b600:800::/38 maxlen: 38
                          2a0b:b600:1800::/38 maxlen: 38
                          2a0b:b600:1400::/38 maxlen: 38
                          2a0b:b600:3800::/38 maxlen: 38
                          2a0b:b600:3400::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 09 Feb 2023 16:21:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:26:7f:68:db:4d:8c:8c:dd:f5:bb:93:a4:50:e4:98:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
        Validity
            Not Before: Feb  6 11:32:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7ae80872a8f6d837d7ec39619ba3f67557d6fb4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:9d:66:89:c0:b0:86:fd:ad:5e:2d:61:86:1b:
                    6a:39:2f:0a:91:86:8f:d0:7c:bd:ef:9f:8d:c7:09:
                    a7:10:11:4d:ab:2c:2d:8c:2b:ac:2f:d9:aa:5a:5e:
                    69:f3:4b:27:6f:69:68:94:89:0e:4c:3f:0d:c5:9a:
                    f1:4c:cc:59:65:c1:7c:67:1b:49:39:e5:28:ec:62:
                    f5:e3:c0:e9:91:20:b4:7a:12:e0:1d:6d:0a:a3:79:
                    5f:ea:ea:97:4d:5a:b3:3a:65:01:8f:2b:ed:7b:37:
                    96:d1:a7:fb:ff:28:eb:74:ee:39:43:4c:33:aa:2b:
                    6a:4c:2f:49:3f:7c:88:91:c9:38:e4:76:cf:33:15:
                    bc:da:e3:d7:a5:5a:ac:63:8a:70:3e:be:7c:7d:b8:
                    4a:86:48:8f:6d:23:60:0a:5a:78:78:ec:32:23:9a:
                    dc:b3:bd:b6:62:12:bb:cf:fb:21:c8:fb:be:36:59:
                    76:f0:37:85:9c:ae:33:d6:0d:9f:59:3c:ee:97:ac:
                    17:8a:2d:da:bd:70:00:aa:eb:e2:95:95:64:4f:4f:
                    fe:42:78:b4:fb:35:13:42:d6:b0:da:65:c5:4e:2c:
                    b5:c1:05:3e:f3:83:ec:2d:38:3b:42:e6:3a:e7:1f:
                    17:78:40:4a:f0:4a:15:d7:9b:a7:bc:fa:4e:e2:61:
                    76:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:E8:08:72:A8:F6:D8:37:D7:EC:39:61:9B:A3:F6:75:57:D6:FB:4A
            X509v3 Authority Key Identifier:
                keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/eugIcqj22DfX7Dlhm6P2dVfW-0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.204.0/22
                IPv6:
                  2a0b:b600::/36
                  2a0b:b600:1400::-2a0b:b600:1bff:ffff:ffff:ffff:ffff:ffff
                  2a0b:b600:2000::/37
                  2a0b:b600:3400::-2a0b:b600:3bff:ffff:ffff:ffff:ffff:ffff
                  2a0b:b602::/32

    Signature Algorithm: sha256WithRSAEncryption
         80:ef:74:2e:60:3a:33:da:f6:91:aa:f6:01:b7:ae:f2:95:c5:
         b6:1a:82:79:1b:b5:c5:cc:20:7e:67:44:58:1f:ca:58:cf:a2:
         e7:f0:07:02:5c:af:08:66:1b:59:bc:9a:d3:14:70:58:92:4f:
         7c:dc:a3:5f:96:88:a4:a7:c9:52:8b:ee:ee:8b:83:10:fa:8e:
         c4:e1:bc:59:3e:18:62:97:70:36:d0:8b:16:cc:44:11:55:b1:
         14:8e:ff:1c:9a:19:b4:a3:d7:c3:69:76:8f:de:80:de:2c:6b:
         ef:94:55:7f:cc:d8:26:e4:c3:17:ff:6b:c9:36:5c:0e:e3:89:
         91:92:56:c1:52:fe:c1:bc:3f:a5:bf:d9:48:b5:9c:da:e3:15:
         58:14:88:1a:f6:f7:8a:75:62:13:04:64:c1:4e:06:b1:4a:ec:
         ae:e7:81:e4:df:f6:c5:76:50:41:20:8d:ea:07:1c:0e:da:50:
         8f:43:c0:f7:ca:8a:70:4d:90:d8:b6:ea:1f:cb:a8:42:08:4a:
         a2:af:4a:8d:65:aa:6a:b8:50:75:17:9f:ba:6f:2a:da:10:0c:
         6b:6b:38:88:a0:a1:aa:76:ed:ed:41:18:b7:99:b5:dc:1e:49:
         a9:c1:40:d4:c5:92:91:ee:f4:85:69:48:ab:70:12:25:f0:78:
         60:84:24:b4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYYmf2jbTYyM3fW7k6RQ5Jg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjk4NmM3NzA1YmQ4MDhjMWIwMmViZDc1NGZiZmE5MTgw
N2U5YjYwHhcNMjMwMjA2MTEzMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWU4MDg3MmE4ZjZkODM3ZDdlYzM5NjE5YmEzZjY3NTU3ZDZmYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop1micCwhv2tXi1hhhtqOS8KkYaP
0Hy975+NxwmnEBFNqywtjCusL9mqWl5p80snb2lolIkOTD8NxZrxTMxZZcF8ZxtJ
OeUo7GL148DpkSC0ehLgHW0Ko3lf6uqXTVqzOmUBjyvtezeW0af7/yjrdO45Q0wz
qitqTC9JP3yIkck45HbPMxW82uPXpVqsY4pwPr58fbhKhkiPbSNgClp4eOwyI5rc
s722YhK7z/shyPu+Nll28DeFnK4z1g2fWTzul6wXii3avXAAquvilZVkT0/+Qni0
+zUTQtaw2mXFTiy1wQU+84PsLTg7QuY65x8XeEBK8EoV15unvPpO4mF2/QIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFHroCHKo9tg31+w5YZuj9nVX1vtKMB8GA1UdIwQY
MBaAFHP5hsdwW9gIwbAuvXVPv6kYB+m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEt
OWExMjk1ZjAyZjJlLzEvZXVnSWNxajIyRGZYN0RsaG02UDJkVmZXLTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEtOWExMjk1ZjAyZjJl
LzEvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAMBAIAATAGAwQCuafMMEEE
AgACMDsDBgQqC7YAADAQAwYCKgu2ABQDBgIqC7YAGAMGAyoLtgAgMBADBgIqC7YA
NAMGAioLtgA4AwUAKgu2AjANBgkqhkiG9w0BAQsFAAOCAQEAgO90LmA6M9r2kar2
Abeu8pXFthqCeRu1xcwgfmdEWB/KWM+i5/AHAlyvCGYbWbya0xRwWJJPfNyjX5aI
pKfJUovu7ouDEPqOxOG8WT4YYpdwNtCLFsxEEVWxFI7/HJoZtKPXw2l2j96A3ixr
75RVf8zYJuTDF/9ryTZcDuOJkZJWwVL+wbw/pb/ZSLWc2uMVWBSIGvb3inViEwRk
wU4GsUrsrueB5N/2xXZQQSCN6gccDtpQj0PA98qKcE2Q2LbqH8uoQghKoq9KjWWq
arhQdRefum8q2hAMa2s4iKChqnbt7UEYt5m13B5JqcFA1MWSke70hWlIq3ASJfB4
YIQktA==
-----END CERTIFICATE-----