Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A732yNHOV1rNQhDbuyY6ZsN2HPI.roa
File:                     A732yNHOV1rNQhDbuyY6ZsN2HPI.roa (raw, json)
Hash identifier:          Jz4iLfdmnbIuhVQditJmfa3fWKISAJ52eXZFvMGAsKk=
Subject key identifier:   03:BD:F6:C8:D1:CE:57:5A:CD:42:10:DB:BB:26:3A:66:C3:76:1C:F2
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01907CC058B4C46ABBAB7798FCD728B6AD5D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A732yNHOV1rNQhDbuyY6ZsN2HPI.roa
Signing time:             Thu 04 Jul 2024 07:58:18 +0000
ROA not before:           Thu 04 Jul 2024 07:58:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15731
IP address blocks:        194.87.21.0/24 maxlen: 24
                          194.87.30.0/24 maxlen: 24
                          194.87.114.0/23 maxlen: 23
                          194.87.134.0/23 maxlen: 23
                          194.87.134.0/24 maxlen: 24
                          195.58.58.0/23 maxlen: 23
                          195.58.62.0/23 maxlen: 23
                          195.133.0.0/24 maxlen: 24
                          195.133.84.0/23 maxlen: 23
                          212.192.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 26 Jul 2024 11:48:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:7c:c0:58:b4:c4:6a:bb:ab:77:98:fc:d7:28:b6:ad:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jul  4 07:58:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=03bdf6c8d1ce575acd4210dbbb263a66c3761cf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:bc:15:be:06:a9:85:43:9f:fb:e5:c1:93:15:
                    d6:dc:ca:b3:28:57:a3:77:71:01:91:df:51:1d:2d:
                    22:d6:a4:b2:77:2f:aa:e4:fb:95:a1:01:e2:d8:67:
                    da:59:7c:ea:c5:87:bf:47:36:e6:13:30:0e:48:10:
                    2d:91:ba:66:03:85:92:dd:fa:40:39:07:09:50:56:
                    10:6d:4b:be:f2:71:8c:48:77:69:aa:a2:64:91:cb:
                    46:8e:ed:cd:e6:c0:57:66:0f:5f:e3:42:d9:09:b0:
                    ce:28:90:4c:e4:8b:94:85:93:37:cc:99:5e:8e:64:
                    43:3e:71:03:71:26:ab:c2:e8:32:b5:2e:fa:3e:69:
                    31:ed:38:be:c3:03:0f:46:e2:43:cc:fa:79:06:db:
                    49:34:bb:05:b9:b5:db:2d:c0:98:54:f7:d3:1d:05:
                    05:1a:eb:0b:d9:e7:c3:d4:f9:d0:e2:8f:ce:f5:c7:
                    f0:57:43:81:5e:eb:e3:f3:1d:3c:44:6c:0a:8d:cf:
                    88:5d:7c:ab:e5:45:39:22:4c:5b:1e:13:bb:06:cb:
                    14:4f:e6:7a:1c:76:66:7c:d2:57:1c:ac:a3:20:5f:
                    ec:50:18:04:11:ce:d5:14:4c:17:5b:18:a3:ee:8f:
                    d7:3e:c7:44:a7:48:32:8a:3a:e1:92:bf:d3:6d:f3:
                    c4:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:BD:F6:C8:D1:CE:57:5A:CD:42:10:DB:BB:26:3A:66:C3:76:1C:F2
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/A732yNHOV1rNQhDbuyY6ZsN2HPI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.87.21.0/24
                  194.87.30.0/24
                  194.87.114.0/23
                  194.87.134.0/23
                  195.58.58.0/23
                  195.58.62.0/23
                  195.133.0.0/24
                  195.133.84.0/23
                  212.192.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:fb:ac:fa:38:0c:cf:93:c1:24:75:70:54:d4:6b:36:6d:ca:
         b8:46:14:c3:be:4c:89:9a:0f:c1:13:67:fa:0c:26:55:13:a9:
         92:ff:3e:d7:78:ba:86:31:c8:eb:69:63:83:f0:72:ce:c2:3c:
         5d:6e:44:f3:2b:eb:f9:2b:24:ea:e6:b0:cc:2d:52:d4:e0:19:
         6f:27:f0:be:57:fe:28:45:e4:f1:e6:bf:c8:7f:5a:f9:f5:35:
         ae:5a:71:f9:fd:0a:3c:9c:11:26:45:2c:b0:04:ae:94:9b:f0:
         20:7f:54:13:67:a6:09:42:1d:33:dd:03:80:ee:82:b9:8d:b4:
         7a:87:3f:ac:3b:80:83:fc:fd:c7:77:08:6c:bb:d5:7e:84:e8:
         f1:a2:41:4f:1a:ca:ec:45:94:a5:54:c8:75:35:d9:c2:ec:f9:
         e9:58:73:42:4f:a3:c3:02:ca:7b:dd:d4:f4:b2:e0:77:a7:4b:
         75:49:d2:04:80:d3:7b:31:03:3e:6a:5d:98:bb:17:2c:09:b2:
         f7:e9:52:e1:30:47:12:45:c8:a5:5b:b1:6f:34:59:2a:f5:37:
         26:7c:0f:b6:10:58:fa:36:ab:8e:92:47:24:a8:f5:a4:cc:8a:
         23:26:42:8e:de:a4:c3:bb:25:92:3a:65:e8:60:3a:be:51:f3:
         58:08:cc:48
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZB8wFi0xGq7q3eY/Ncotq1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzA0MDc1ODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2JkZjZjOGQxY2U1NzVhY2Q0MjEwZGJiYjI2M2E2NmMzNzYxY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rwVvgaphUOf++XBkxXW3MqzKFej
d3EBkd9RHS0i1qSydy+q5PuVoQHi2GfaWXzqxYe/RzbmEzAOSBAtkbpmA4WS3fpA
OQcJUFYQbUu+8nGMSHdpqqJkkctGju3N5sBXZg9f40LZCbDOKJBM5IuUhZM3zJle
jmRDPnEDcSarwugytS76Pmkx7Ti+wwMPRuJDzPp5BttJNLsFubXbLcCYVPfTHQUF
GusL2efD1PnQ4o/O9cfwV0OBXuvj8x08RGwKjc+IXXyr5UU5IkxbHhO7BssUT+Z6
HHZmfNJXHKyjIF/sUBgEEc7VFEwXWxij7o/XPsdEp0gyijrhkr/TbfPEUQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAO99sjRzldazUIQ27smOmbDdhzyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQTczMnlOSE9WMXJOUWhEYnV5WTZac04ySFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwlcVAwQA
wlceAwQBwldyAwQBwleGAwQBwzo6AwQBwzo+AwQAw4UAAwQBw4VUAwQA1MDeMA0G
CSqGSIb3DQEBCwUAA4IBAQCW+6z6OAzPk8EkdXBU1Gs2bcq4RhTDvkyJmg/BE2f6
DCZVE6mS/z7XeLqGMcjraWOD8HLOwjxdbkTzK+v5KyTq5rDMLVLU4BlvJ/C+V/4o
ReTx5r/If1r59TWuWnH5/Qo8nBEmRSywBK6Um/Agf1QTZ6YJQh0z3QOA7oK5jbR6
hz+sO4CD/P3Hdwhsu9V+hOjxokFPGsrsRZSlVMh1NdnC7PnpWHNCT6PDAsp73dT0
suB3p0t1SdIEgNN7MQM+al2YuxcsCbL36VLhMEcSRcilW7FvNFkq9TcmfA+2EFj6
NquOkkckqPWkzIojJkKO3qTDuyWSOmXoYDq+UfNYCMxI
-----END CERTIFICATE-----