Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k93B-31RelPvoEiZZzvcElPatC8.roa
File:                     k93B-31RelPvoEiZZzvcElPatC8.roa (raw, json)
Hash identifier:          il/UEUDhxQkLVHhMyr06h9ARUujbTnOjzfhSjpUEKPc=
Subject key identifier:   93:DD:C1:FB:7D:51:7A:53:EF:A0:48:99:67:3B:DC:12:53:DA:B4:2F
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       018A9864B0C5B651429B7C1C893EC4DC74C3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k93B-31RelPvoEiZZzvcElPatC8.roa
Signing time:             Fri 15 Sep 2023 10:30:50 +0000
ROA not before:           Fri 15 Sep 2023 10:30:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36113
IP address blocks:        62.76.230.0/24 maxlen: 24
                          195.133.81.0/24 maxlen: 24
                          195.133.194.0/24 maxlen: 24
                          194.87.228.0/24 maxlen: 24
                          194.135.30.0/24 maxlen: 24
                          194.87.141.0/24 maxlen: 24
                          194.87.140.0/24 maxlen: 24
                          194.58.41.0/24 maxlen: 24
                          212.192.244.0/24 maxlen: 24
                          212.192.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 17 Sep 2023 08:09:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:98:64:b0:c5:b6:51:42:9b:7c:1c:89:3e:c4:dc:74:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Sep 15 10:30:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=93ddc1fb7d517a53efa04899673bdc1253dab42f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3d:fe:9f:0d:6d:1b:65:ff:c8:db:48:ea:69:
                    a6:43:37:de:95:61:66:7e:15:97:f7:45:d2:c5:7f:
                    44:5d:b7:94:26:9f:19:09:7d:2e:5c:a3:df:c9:d8:
                    8d:29:48:5c:bc:39:9a:e5:e7:c1:94:25:71:32:36:
                    7c:b5:12:5c:ea:37:76:40:d3:b4:24:9e:04:32:0b:
                    0a:6c:9e:07:8e:13:f9:64:13:0a:99:ec:de:29:4e:
                    da:51:f6:bd:3e:ac:79:08:71:ea:0d:52:63:d1:d3:
                    81:3b:5e:ac:f4:3f:ac:ac:91:3a:91:6f:15:21:bd:
                    93:69:bb:ea:4f:ae:a4:ee:84:5b:fb:c1:3e:15:42:
                    a3:ab:b6:ca:21:a1:ed:bc:48:1b:6b:da:c5:7f:70:
                    f1:54:df:71:cd:12:0b:70:fa:83:70:93:f9:60:c6:
                    9d:71:cf:24:25:2e:aa:3e:04:c1:84:ed:da:b0:69:
                    20:07:98:35:48:90:14:ae:57:60:45:f5:8e:c0:22:
                    c6:7f:33:e7:db:ad:99:e0:1f:07:0c:12:8a:54:66:
                    d9:03:4c:1d:c3:fb:33:89:bf:80:4d:3a:a9:6f:c7:
                    6f:b4:cf:f5:af:20:56:51:58:ec:37:18:c8:a0:34:
                    95:ca:7a:58:1b:03:a6:b6:76:48:7d:4d:bb:83:50:
                    df:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:DD:C1:FB:7D:51:7A:53:EF:A0:48:99:67:3B:DC:12:53:DA:B4:2F
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/k93B-31RelPvoEiZZzvcElPatC8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.76.230.0/24
                  194.58.41.0/24
                  194.87.140.0/23
                  194.87.228.0/24
                  194.135.30.0/24
                  195.133.81.0/24
                  195.133.194.0/24
                  212.192.244.0/24
                  212.192.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:cd:9f:24:da:ca:2f:c8:8e:95:66:2f:10:1b:fc:3e:d2:9d:
         b2:b4:ee:62:ad:3c:cb:d6:13:94:2d:7a:aa:2e:52:bc:b0:9d:
         de:27:c1:72:ff:9f:58:cb:76:fd:5e:e8:15:19:67:0a:79:b9:
         3b:a3:b1:56:3e:c3:c7:c3:a6:b1:4f:76:83:22:40:ce:9f:4c:
         80:20:c9:02:99:7a:29:05:e6:05:e3:c1:a1:d1:b6:84:dc:6b:
         51:64:a6:b7:b0:e3:fb:ba:13:69:f3:db:3d:40:5c:0b:2e:42:
         80:11:53:0e:c9:a8:eb:42:bd:e3:4f:21:c2:27:bb:b9:8b:e2:
         bd:03:83:66:94:67:ea:bf:50:72:2d:2e:57:e4:49:f1:01:a9:
         21:a8:e5:d8:29:46:1d:af:e1:c3:ba:d5:44:21:fe:d9:16:0b:
         5a:f5:e1:d6:c7:38:50:d7:57:fd:ff:12:b3:b3:ae:10:9d:99:
         2a:0d:24:fe:8b:f5:65:d3:f7:d0:73:5b:31:b9:34:f6:68:1e:
         24:b2:47:17:ab:61:08:84:ad:53:d3:54:2d:02:8f:44:8a:db:
         d4:7d:81:85:4a:60:b8:e0:71:a7:33:29:6f:f1:1d:09:f9:6c:
         a3:fa:00:eb:ec:2e:30:e6:73:6f:d5:fe:5b:e2:ea:f5:28:34:
         8a:0b:7d:a2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYqYZLDFtlFCm3wciT7E3HTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTE1MTAzMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RkYzFmYjdkNTE3YTUzZWZhMDQ4OTk2NzNiZGMxMjUzZGFiNDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT3+nw1tG2X/yNtI6mmmQzfelWFm
fhWX90XSxX9EXbeUJp8ZCX0uXKPfydiNKUhcvDma5efBlCVxMjZ8tRJc6jd2QNO0
JJ4EMgsKbJ4HjhP5ZBMKmezeKU7aUfa9Pqx5CHHqDVJj0dOBO16s9D+srJE6kW8V
Ib2TabvqT66k7oRb+8E+FUKjq7bKIaHtvEgba9rFf3DxVN9xzRILcPqDcJP5YMad
cc8kJS6qPgTBhO3asGkgB5g1SJAUrldgRfWOwCLGfzPn262Z4B8HDBKKVGbZA0wd
w/szib+ATTqpb8dvtM/1ryBWUVjsNxjIoDSVynpYGwOmtnZIfU27g1DfhwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJPdwft9UXpT76BImWc73BJT2rQvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvazkzQi0zMVJlbFB2b0VpWlp6dmNFbFBhdEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAPkzmAwQA
wjopAwQBwleMAwQAwlfkAwQAwoceAwQAw4VRAwQAw4XCAwQA1MD0AwQA1MD/MA0G
CSqGSIb3DQEBCwUAA4IBAQAZzZ8k2sovyI6VZi8QG/w+0p2ytO5irTzL1hOULXqq
LlK8sJ3eJ8Fy/59Yy3b9XugVGWcKebk7o7FWPsPHw6axT3aDIkDOn0yAIMkCmXop
BeYF48Gh0baE3GtRZKa3sOP7uhNp89s9QFwLLkKAEVMOyajrQr3jTyHCJ7u5i+K9
A4NmlGfqv1ByLS5X5EnxAakhqOXYKUYdr+HDutVEIf7ZFgta9eHWxzhQ11f9/xKz
s64QnZkqDST+i/Vl0/fQc1sxuTT2aB4kskcXq2EIhK1T01QtAo9EitvUfYGFSmC4
4HGnMylv8R0J+Wyj+gDr7C4w5nNv1f5b4ur1KDSKC32i
-----END CERTIFICATE-----