Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/t7ANkpOQUCbTQlLegdr5NkEwl_M.roa
File:                     t7ANkpOQUCbTQlLegdr5NkEwl_M.roa (raw, json)
Hash identifier:          xyHgRggm2VGQTdPU4alpoS2hRgczQwb0vGSTJ/p5cEg=
Subject key identifier:   B7:B0:0D:92:93:90:50:26:D3:42:52:DE:81:DA:F9:36:41:30:97:F3
Certificate issuer:       /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial:       018E413EE6471F81E2C3F32C2039E60D93B6
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/t7ANkpOQUCbTQlLegdr5NkEwl_M.roa
Signing time:             Fri 15 Mar 2024 08:33:44 +0000
ROA not before:           Fri 15 Mar 2024 08:33:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2914
IP address blocks:        46.3.64.0/20 maxlen: 20
                          46.3.80.0/20 maxlen: 20
                          46.3.80.0/22 maxlen: 22
                          46.3.96.0/19 maxlen: 19
                          46.3.128.0/23 maxlen: 23
                          46.3.160.0/20 maxlen: 20
                          46.3.176.0/20 maxlen: 20
                          46.3.216.0/21 maxlen: 21
                          46.232.0.0/24 maxlen: 24
                          46.232.16.0/22 maxlen: 22
                          46.232.32.0/19 maxlen: 19
                          46.232.64.0/18 maxlen: 18
                          46.232.64.0/19 maxlen: 19
                          46.232.96.0/19 maxlen: 19
Validation:               Failed, certificate revoked on Tue 19 Nov 2024 21:11:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:41:3e:e6:47:1f:81:e2:c3:f3:2c:20:39:e6:0d:93:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
        Validity
            Not Before: Mar 15 08:33:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b7b00d9293905026d34252de81daf936413097f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:fb:8d:6f:11:b6:2c:9d:b4:51:02:cc:0a:da:
                    ea:e9:93:4d:fc:f1:c1:ab:92:1e:36:2e:6b:5d:5d:
                    1b:d8:12:4e:36:94:ad:ff:62:43:b9:bf:fb:7c:e5:
                    62:26:84:15:28:68:17:5f:3b:5b:fb:ec:7b:74:31:
                    b0:e3:87:2e:f4:da:24:a0:ed:14:41:3c:89:74:a3:
                    86:8c:81:25:c1:19:2c:3e:a0:94:6c:70:8b:c0:9a:
                    64:ac:40:e3:19:b1:9f:16:b6:72:84:38:9a:67:de:
                    55:f8:df:b6:e8:2d:d5:81:6e:f2:06:4f:5a:a8:bc:
                    ea:b8:ed:e3:1d:98:3c:2b:a8:99:82:d0:e6:bf:96:
                    0f:ad:5e:9f:22:e1:4c:19:95:2f:f2:f7:bd:d8:4f:
                    72:48:0d:77:c7:f4:90:cb:86:b5:4f:3f:8a:28:5d:
                    fb:8b:8a:ef:98:78:67:da:49:45:ed:80:1b:dc:95:
                    8f:7f:f8:c7:3a:06:cf:b4:ac:2d:c4:d4:d4:0a:ea:
                    69:08:f7:39:d7:98:32:31:d7:fc:4e:9c:81:fa:50:
                    11:67:38:98:ae:82:c4:af:2d:87:68:c6:9f:3e:07:
                    37:ef:34:b6:75:50:55:cf:f4:ba:6b:e1:39:73:ca:
                    d6:bd:c9:d0:37:01:7c:62:e9:61:14:94:a6:ec:37:
                    ff:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:B0:0D:92:93:90:50:26:D3:42:52:DE:81:DA:F9:36:41:30:97:F3
            X509v3 Authority Key Identifier:
                keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/t7ANkpOQUCbTQlLegdr5NkEwl_M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.3.64.0-46.3.129.255
                  46.3.160.0/19
                  46.3.216.0/21
                  46.232.0.0/24
                  46.232.16.0/22
                  46.232.32.0-46.232.127.255

    Signature Algorithm: sha256WithRSAEncryption
         92:29:b4:73:f2:ee:0a:5e:1d:5f:dd:6d:8f:41:51:f0:8e:19:
         b1:53:be:1d:89:7a:aa:42:eb:4a:a3:0a:c2:81:24:95:9c:bd:
         ac:ac:00:39:17:7e:83:c2:cc:8c:b4:4d:ab:07:04:d6:46:4b:
         83:5d:c4:75:f1:c2:23:db:b2:b9:8b:a1:0a:06:3e:3b:6c:03:
         7c:ff:4c:41:22:0d:3b:4e:54:3c:ff:2f:ec:d1:2b:e0:c5:98:
         b5:59:9b:9c:91:a6:45:9b:dd:55:1e:99:9e:7c:05:cc:f6:67:
         70:ab:9f:43:0e:b7:3d:d1:21:ec:b1:2a:d6:74:0f:7e:3a:cd:
         b6:8e:45:a5:67:c6:a9:08:bd:36:f9:b7:a7:55:1f:f2:17:68:
         8b:47:99:d6:6e:51:00:5d:09:a2:c7:49:46:fd:0f:bb:38:39:
         35:5f:ca:22:35:a5:f2:e7:5f:61:c9:69:57:32:3d:41:1b:1c:
         44:89:4d:d1:39:ff:ed:20:9d:74:8b:a6:15:68:90:2d:84:81:
         94:1b:97:ba:1e:7f:84:8d:6e:c1:1a:f8:2a:65:06:76:a5:b4:
         78:9b:c3:cd:cb:f3:aa:dc:3f:c0:14:2c:bf:6a:a3:2a:39:1f:
         b3:7b:ac:6b:2e:61:39:d6:8d:1d:de:dc:2b:43:39:86:59:26:
         c3:0d:50:22
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY5BPuZHH4Hiw/MsIDnmDZO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwMzE1MDgzMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2IwMGQ5MjkzOTA1MDI2ZDM0MjUyZGU4MWRhZjkzNjQxMzA5N2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPuNbxG2LJ20UQLMCtrq6ZNN/PHB
q5IeNi5rXV0b2BJONpSt/2JDub/7fOViJoQVKGgXXztb++x7dDGw44cu9NokoO0U
QTyJdKOGjIElwRksPqCUbHCLwJpkrEDjGbGfFrZyhDiaZ95V+N+26C3VgW7yBk9a
qLzquO3jHZg8K6iZgtDmv5YPrV6fIuFMGZUv8ve92E9ySA13x/SQy4a1Tz+KKF37
i4rvmHhn2klF7YAb3JWPf/jHOgbPtKwtxNTUCuppCPc515gyMdf8TpyB+lARZziY
roLEry2HaMafPgc37zS2dVBVz/S6a+E5c8rWvcnQNwF8YulhFJSm7Df/vwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFLewDZKTkFAm00JS3oHa+TZBMJfzMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvdDdBTmtwT1FVQ2JUUWxMZWdkcjVOa0V3bF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAYuA0AD
BAEuA4ADBAUuA6ADBAMuA9gDBAAu6AADBAIu6BAwDAMEBS7oIAMEBy7oADANBgkq
hkiG9w0BAQsFAAOCAQEAkim0c/LuCl4dX91tj0FR8I4ZsVO+HYl6qkLrSqMKwoEk
lZy9rKwAORd+g8LMjLRNqwcE1kZLg13EdfHCI9uyuYuhCgY+O2wDfP9MQSINO05U
PP8v7NEr4MWYtVmbnJGmRZvdVR6ZnnwFzPZncKufQw63PdEh7LEq1nQPfjrNto5F
pWfGqQi9Nvm3p1Uf8hdoi0eZ1m5RAF0JosdJRv0Puzg5NV/KIjWl8udfYclpVzI9
QRscRIlN0Tn/7SCddIumFWiQLYSBlBuXuh5/hI1uwRr4KmUGdqW0eJvDzcvzqtw/
wBQsv2qjKjkfs3usay5hOdaNHd7cK0M5hlkmww1QIg==
-----END CERTIFICATE-----