Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v6aE3rX9u-_bvrx57bN3mqTnGHI.roa
File:                     v6aE3rX9u-_bvrx57bN3mqTnGHI.roa (raw, json)
Hash identifier:          Qx+UiEhqlNeU69KRRlvpjGoUSvz1BWWhGL4wQhrjJKQ=
Subject key identifier:   BF:A6:84:DE:B5:FD:BB:EF:DB:BE:BC:79:ED:B3:77:9A:A4:E7:18:72
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0189E0614847D605B9ADA4DCD6E5C5D1C0FF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v6aE3rX9u-_bvrx57bN3mqTnGHI.roa
Signing time:             Thu 10 Aug 2023 16:56:59 +0000
ROA not before:           Thu 10 Aug 2023 16:56:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51722
IP address blocks:        194.135.18.0/24 maxlen: 24
                          194.87.33.0/24 maxlen: 24
                          194.87.166.0/24 maxlen: 24
                          212.192.251.0/24 maxlen: 24
                          194.87.181.0/24 maxlen: 24
                          212.192.250.0/24 maxlen: 24
                          195.58.59.0/24 maxlen: 24
                          212.192.248.0/24 maxlen: 24
                          193.124.201.0/24 maxlen: 24
                          194.87.187.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e0:61:48:47:d6:05:b9:ad:a4:dc:d6:e5:c5:d1:c0:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Aug 10 16:56:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bfa684deb5fdbbefdbbebc79edb3779aa4e71872
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ff:54:1f:64:42:2b:93:94:36:cf:c4:00:2f:
                    8d:31:e5:fc:0b:68:d9:ec:f3:92:63:53:8e:6d:9c:
                    99:b5:5f:6e:a8:c3:48:b4:a5:7b:cc:db:a8:57:ab:
                    44:a8:8f:30:18:c3:9c:ce:ab:e4:24:b7:45:41:14:
                    af:7e:b5:0c:a3:cc:c8:d8:36:78:8b:c6:a5:a9:f5:
                    c5:e5:b2:dc:d0:a7:73:01:2c:98:57:8a:b1:b4:6c:
                    66:2e:14:65:db:d2:39:cc:64:6d:b5:17:f0:77:db:
                    ed:a6:25:57:18:53:0e:4b:e7:c4:44:41:14:e4:2b:
                    a4:8d:db:56:b6:59:75:a3:22:cb:ec:b1:4f:4f:de:
                    d7:6b:f1:7d:c0:b7:0d:29:df:de:91:d2:32:e6:42:
                    86:4d:b5:3e:26:23:c5:ed:6e:e3:8b:87:2d:8e:bc:
                    b4:84:33:f9:68:57:f2:0e:11:a1:a4:3a:7a:9c:33:
                    da:29:a4:d3:3b:8f:c1:4e:6a:89:7c:53:d7:52:04:
                    e5:5b:30:a7:00:90:2b:8d:79:e6:d8:7c:5d:34:7e:
                    db:a2:e1:e5:94:0f:26:6c:5c:43:dd:65:d4:82:74:
                    8a:8f:c2:5e:be:45:47:19:23:71:90:14:73:37:9a:
                    7a:f5:5f:75:06:d8:06:f3:d4:c8:54:f9:13:58:a2:
                    5f:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:A6:84:DE:B5:FD:BB:EF:DB:BE:BC:79:ED:B3:77:9A:A4:E7:18:72
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/v6aE3rX9u-_bvrx57bN3mqTnGHI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.124.201.0/24
                  194.87.33.0/24
                  194.87.166.0/24
                  194.87.181.0/24
                  194.87.187.0/24
                  194.135.18.0/24
                  195.58.59.0/24
                  212.192.248.0/24
                  212.192.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         04:8f:97:0f:a1:dd:01:dc:7a:a8:bc:23:ac:1c:4f:d8:73:9d:
         a5:22:0c:0e:aa:0c:37:2a:70:15:e0:bf:dc:0b:f6:28:59:33:
         26:b8:63:99:c8:8e:d1:41:ba:a6:d7:50:a9:de:23:2b:fe:29:
         cf:44:ed:e1:3c:e2:bf:53:36:6c:6f:2c:3d:9a:01:36:8f:69:
         6d:86:3d:1b:89:42:33:ce:3f:e5:6a:39:da:22:0b:bd:f5:9b:
         c4:db:9b:de:b7:fd:c4:54:be:d7:3a:8c:9c:da:03:4b:81:d7:
         f2:b7:6e:b9:be:71:3a:09:43:8b:ad:05:61:7b:5b:2e:8c:be:
         c5:1d:bc:2f:01:6b:df:84:37:11:6e:57:df:87:58:92:ba:23:
         20:d9:5b:38:2e:f8:44:c8:56:ee:ef:b6:31:ca:5b:44:5d:9c:
         22:14:ee:29:d1:f4:fa:4d:3b:8b:6d:c3:90:b1:9a:06:1e:38:
         78:d2:26:ec:cc:63:04:61:8d:ff:6d:2a:e0:41:2e:6f:16:44:
         a5:08:02:94:fc:d5:ba:a0:26:53:50:04:64:2d:c9:08:5c:ae:
         c3:75:15:a2:c9:82:01:77:1a:70:8e:73:fd:ef:d6:68:68:63:
         25:43:4c:cf:d9:c5:2f:39:10:c8:60:c1:aa:bd:43:b7:cd:7c:
         c7:7b:79:08
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYngYUhH1gW5raTc1uXF0cD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODEwMTY1NjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmE2ODRkZWI1ZmRiYmVmZGJiZWJjNzllZGIzNzc5YWE0ZTcxODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnP9UH2RCK5OUNs/EAC+NMeX8C2jZ
7POSY1OObZyZtV9uqMNItKV7zNuoV6tEqI8wGMOczqvkJLdFQRSvfrUMo8zI2DZ4
i8alqfXF5bLc0KdzASyYV4qxtGxmLhRl29I5zGRttRfwd9vtpiVXGFMOS+fEREEU
5CukjdtWtll1oyLL7LFPT97Xa/F9wLcNKd/ekdIy5kKGTbU+JiPF7W7ji4ctjry0
hDP5aFfyDhGhpDp6nDPaKaTTO4/BTmqJfFPXUgTlWzCnAJArjXnm2HxdNH7bouHl
lA8mbFxD3WXUgnSKj8JevkVHGSNxkBRzN5p69V91BtgG89TIVPkTWKJfiwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFL+mhN61/bvv2768ee2zd5qk5xhyMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdjZhRTNyWDl1LV9idnJ4NTdiTjNtcVRuR0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwXzJAwQA
wlchAwQAwlemAwQAwle1AwQAwle7AwQAwocSAwQAwzo7AwQA1MD4AwQB1MD6MA0G
CSqGSIb3DQEBCwUAA4IBAQAEj5cPod0B3HqovCOsHE/Yc52lIgwOqgw3KnAV4L/c
C/YoWTMmuGOZyI7RQbqm11Cp3iMr/inPRO3hPOK/UzZsbyw9mgE2j2lthj0biUIz
zj/lajnaIgu99ZvE25vet/3EVL7XOoyc2gNLgdfyt265vnE6CUOLrQVhe1sujL7F
HbwvAWvfhDcRblffh1iSuiMg2Vs4LvhEyFbu77YxyltEXZwiFO4p0fT6TTuLbcOQ
sZoGHjh40ibszGMEYY3/bSrgQS5vFkSlCAKU/NW6oCZTUARkLckIXK7DdRWiyYIB
dxpwjnP979ZoaGMlQ0zP2cUvORDIYMGqvUO3zXzHe3kI
-----END CERTIFICATE-----