Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/jnUiuTwh310EjKZt1ApzzytaWNw.roa
File:                     jnUiuTwh310EjKZt1ApzzytaWNw.roa (raw, json)
Hash identifier:          wwRTsMMm0RrUglHFW1AuwYWigyPgMSxGflhTv0LuGlc=
Subject key identifier:   8E:75:22:B9:3C:21:DF:5D:04:8C:A6:6D:D4:0A:73:CF:2B:5A:58:DC
Certificate issuer:       /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial:       01856D8ABD15F1BC0D2084F9A4D1C7B3EBD4
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/jnUiuTwh310EjKZt1ApzzytaWNw.roa
Signing time:             Sun 01 Jan 2023 13:34:46 +0000
ROA not before:           Sun 01 Jan 2023 13:34:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57758
IP address blocks:        185.167.204.0/24 maxlen: 24
                          185.167.207.0/24 maxlen: 24
                          2a0b:b600:3804::/48 maxlen: 48
                          2a0b:b600:3802::/48 maxlen: 48
                          2a0b:b602::/32 maxlen: 48
                          2a0b:b600:3803::/48 maxlen: 48
                          2a0b:b600:400::/38 maxlen: 48
                          2a0b:b600:3400::/38 maxlen: 48
                          2a0b:b600:2000::/38 maxlen: 48
                          2a0b:b600::/36 maxlen: 36
                          2a0b:b600:3800::/38 maxlen: 38
                          2a0b:b600:2400::/38 maxlen: 38
                          2a0b:b600:1400::/38 maxlen: 38
                          2a0b:b600:1800::/38 maxlen: 38
                          2a0b:b600:800::/38 maxlen: 38
                          2a0b:b600:3400::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 06 Feb 2023 11:32:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:8a:bd:15:f1:bc:0d:20:84:f9:a4:d1:c7:b3:eb:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
        Validity
            Not Before: Jan  1 13:34:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8e7522b93c21df5d048ca66dd40a73cf2b5a58dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:31:45:a0:26:49:fb:3e:68:ae:e7:7b:43:f1:
                    63:97:9e:cb:3c:cb:8a:8d:a9:53:a0:21:ff:d6:8d:
                    f8:e2:38:18:f0:17:84:81:33:db:69:b9:ff:86:45:
                    17:d6:14:e9:bd:e7:45:b3:6d:87:c3:61:e5:f6:43:
                    bd:15:a0:ee:02:9c:92:c1:90:bc:6d:cb:70:44:e6:
                    03:c0:99:0b:aa:c6:5d:6b:24:c5:53:b0:eb:99:48:
                    e1:ca:4b:15:d9:73:25:c2:24:8f:5b:d4:ca:d3:53:
                    4c:d4:f5:0c:56:5a:65:f6:99:2a:cf:df:84:6c:b8:
                    fe:c0:16:a7:f8:e0:2d:f2:5f:ca:75:05:ff:a2:83:
                    bf:79:d6:89:98:94:92:e2:30:80:24:88:aa:a7:5c:
                    9e:cb:ac:fd:70:87:ff:e1:1b:87:21:71:2b:fa:77:
                    c1:6c:9e:a2:e8:64:26:dc:aa:c7:20:73:c8:b2:f0:
                    4a:0f:17:d1:cd:ac:ce:90:d7:4d:26:9d:ff:50:d9:
                    08:90:f3:24:5e:46:23:45:08:36:1e:43:ef:07:de:
                    23:e0:69:8a:8e:c9:3e:29:c0:c3:ba:64:08:72:f9:
                    9d:48:0e:2d:1f:62:38:86:c7:dc:5e:9b:79:10:12:
                    82:5c:18:9e:00:b2:60:24:6b:4b:ed:0e:78:6b:b4:
                    c6:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:75:22:B9:3C:21:DF:5D:04:8C:A6:6D:D4:0A:73:CF:2B:5A:58:DC
            X509v3 Authority Key Identifier:
                keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/jnUiuTwh310EjKZt1ApzzytaWNw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.204.0/24
                  185.167.207.0/24
                IPv6:
                  2a0b:b600::/36
                  2a0b:b600:1400::-2a0b:b600:1bff:ffff:ffff:ffff:ffff:ffff
                  2a0b:b600:2000::/37
                  2a0b:b600:3400::-2a0b:b600:3bff:ffff:ffff:ffff:ffff:ffff
                  2a0b:b602::/32

    Signature Algorithm: sha256WithRSAEncryption
         a5:4f:60:b7:13:73:ac:d1:60:b2:28:11:f7:af:84:06:1f:9d:
         ef:ea:61:16:0e:be:25:80:8e:d5:f8:b4:25:8a:f6:54:4d:0f:
         a5:6b:93:1e:c6:2c:91:4c:da:f1:a7:fe:fc:37:e8:80:4c:de:
         7d:4e:37:4d:97:5a:d8:b9:9d:87:d7:1c:61:60:74:68:61:64:
         0d:2e:ff:cd:04:56:00:19:97:68:f6:a1:a8:0e:8b:b0:d4:6c:
         60:53:75:24:88:a8:a2:d4:16:99:80:bb:f0:e6:2c:62:cf:52:
         ba:00:9b:1f:b3:7a:dc:2e:ae:9f:73:4d:a1:ad:f3:8b:c4:a0:
         34:bb:9d:59:d6:ab:a8:ed:d7:9c:87:46:b9:dc:27:18:c4:60:
         98:30:7c:88:6b:a4:17:0e:9f:a1:9d:6e:a3:5a:38:96:fa:2a:
         b8:08:68:57:39:d9:bc:a3:79:08:f2:0e:20:76:8d:19:c1:a5:
         c9:84:c6:15:09:4a:b8:c1:82:85:37:d8:11:ee:dc:2b:93:97:
         14:d5:4e:ef:c4:f8:24:98:aa:70:68:d2:c7:5a:34:8a:7a:45:
         27:8e:d8:de:7b:64:6a:f3:40:7d:54:2f:96:fa:f6:c8:65:33:
         3d:12:4e:76:1c:5d:31:89:32:31:a9:60:92:f2:a3:f7:33:7b:
         f6:47:1c:9e
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYVtir0V8bwNIIT5pNHHs+vUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjk4NmM3NzA1YmQ4MDhjMWIwMmViZDc1NGZiZmE5MTgw
N2U5YjYwHhcNMjMwMTAxMTMzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTc1MjJiOTNjMjFkZjVkMDQ4Y2E2NmRkNDBhNzNjZjJiNWE1OGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTFFoCZJ+z5orud7Q/Fjl57LPMuK
jalToCH/1o344jgY8BeEgTPbabn/hkUX1hTpvedFs22Hw2Hl9kO9FaDuApySwZC8
bctwROYDwJkLqsZdayTFU7DrmUjhyksV2XMlwiSPW9TK01NM1PUMVlpl9pkqz9+E
bLj+wBan+OAt8l/KdQX/ooO/edaJmJSS4jCAJIiqp1yey6z9cIf/4RuHIXEr+nfB
bJ6i6GQm3KrHIHPIsvBKDxfRzazOkNdNJp3/UNkIkPMkXkYjRQg2HkPvB94j4GmK
jsk+KcDDumQIcvmdSA4tH2I4hsfcXpt5EBKCXBieALJgJGtL7Q54a7TG6wIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFI51Irk8Id9dBIymbdQKc88rWljcMB8GA1UdIwQY
MBaAFHP5hsdwW9gIwbAuvXVPv6kYB+m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEt
OWExMjk1ZjAyZjJlLzEvam5VaXVUd2gzMTBFaktadDFBcHp6eXRhV053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEtOWExMjk1ZjAyZjJl
LzEvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzASBAIAATAMAwQAuafMAwQA
uafPMEEEAgACMDsDBgQqC7YAADAQAwYCKgu2ABQDBgIqC7YAGAMGAyoLtgAgMBAD
BgIqC7YANAMGAioLtgA4AwUAKgu2AjANBgkqhkiG9w0BAQsFAAOCAQEApU9gtxNz
rNFgsigR96+EBh+d7+phFg6+JYCO1fi0JYr2VE0PpWuTHsYskUza8af+/DfogEze
fU43TZda2Lmdh9ccYWB0aGFkDS7/zQRWABmXaPahqA6LsNRsYFN1JIiootQWmYC7
8OYsYs9SugCbH7N63C6un3NNoa3zi8SgNLudWdarqO3XnIdGudwnGMRgmDB8iGuk
Fw6foZ1uo1o4lvoquAhoVznZvKN5CPIOIHaNGcGlyYTGFQlKuMGChTfYEe7cK5OX
FNVO78T4JJiqcGjSx1o0inpFJ47Y3ntkavNAfVQvlvr2yGUzPRJOdhxdMYkyMalg
kvKj9zN79kccng==
-----END CERTIFICATE-----