Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ProQYKGDQ8OAjJ1DlGyEQcJMuU.roa
File:                     1-ProQYKGDQ8OAjJ1DlGyEQcJMuU.roa (raw, json)
Hash identifier:          PVKAPRVh+3pI2lYnW0iiSlRC9Ef8AUh7Mgap6OmigXc=
Subject key identifier:   F8:FA:E8:41:82:86:0D:0F:0E:02:32:75:0E:51:B2:11:07:09:32:E5
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018832BB94FE4782815C4C0DEAB924DDD75C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ProQYKGDQ8OAjJ1DlGyEQcJMuU.roa
Signing time:             Fri 19 May 2023 06:38:54 +0000
ROA not before:           Fri 19 May 2023 06:38:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50225
IP address blocks:        85.209.132.0/24 maxlen: 24
                          83.143.112.0/24 maxlen: 24
                          83.143.113.0/24 maxlen: 24
                          87.121.69.0/24 maxlen: 24
                          193.42.34.0/24 maxlen: 24
                          193.47.63.0/24 maxlen: 24
                          94.156.78.0/24 maxlen: 24
                          176.125.252.0/24 maxlen: 24
                          193.47.60.0/24 maxlen: 24
                          87.121.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:32:bb:94:fe:47:82:81:5c:4c:0d:ea:b9:24:dd:d7:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May 19 06:38:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f8fae84182860d0f0e0232750e51b211070932e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:6a:af:bc:71:80:40:ea:ee:11:4c:c5:2f:05:
                    2d:9e:a1:80:ad:53:d2:5d:10:3c:7d:82:06:f5:ac:
                    37:6d:73:cc:6a:16:46:e2:a3:12:f5:f3:37:5f:3b:
                    a9:81:27:ba:9f:d4:4a:70:98:83:f8:91:ec:bb:46:
                    3b:db:17:47:a5:5b:3f:88:6f:63:cf:c0:9b:2c:15:
                    fc:41:a8:b5:6a:5e:6b:38:50:ca:31:28:39:33:09:
                    6d:e1:85:2f:ea:ce:c5:84:d2:a2:82:9f:10:71:2c:
                    eb:1f:97:e5:3e:1f:6c:8b:13:ba:0c:a1:76:34:05:
                    f2:8d:b3:1d:18:a5:02:a2:6a:dd:98:55:d5:ba:08:
                    3d:3e:7c:0c:ca:60:6e:19:1c:4b:9c:91:87:92:e4:
                    07:67:28:0e:a5:77:75:76:eb:0d:a7:93:6f:97:13:
                    e4:26:6e:99:75:3f:90:36:7c:f1:a0:18:e1:38:b2:
                    2a:0a:0b:df:70:72:9a:6a:bb:01:09:73:9c:5b:13:
                    fa:c6:b0:5c:08:f4:1f:dc:40:9d:45:65:09:ac:7b:
                    ad:0a:cc:86:69:02:ad:2b:2e:5c:11:61:46:59:23:
                    90:d1:5e:fc:18:14:d1:ea:a9:7d:e5:94:38:b7:b3:
                    35:ec:8f:17:50:a0:b8:dc:a1:48:ee:40:47:73:3c:
                    1d:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:FA:E8:41:82:86:0D:0F:0E:02:32:75:0E:51:B2:11:07:09:32:E5
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-ProQYKGDQ8OAjJ1DlGyEQcJMuU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.143.112.0/23
                  85.209.132.0/24
                  87.121.69.0/24
                  87.121.105.0/24
                  94.156.78.0/24
                  176.125.252.0/24
                  193.42.34.0/24
                  193.47.60.0/24
                  193.47.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:31:3e:5a:ab:37:48:11:90:52:3d:7d:8a:8a:3b:8d:06:64:
         a5:54:aa:ae:33:6e:42:ed:d4:b6:20:51:2a:89:f9:84:47:5b:
         9c:44:4f:76:e0:97:67:54:53:04:1f:dd:b3:d8:f4:0c:70:7e:
         26:e4:e7:5d:57:14:ea:c9:2b:6a:cc:ae:84:4a:40:65:da:95:
         98:ab:4e:06:5d:7f:83:1c:65:a2:6c:d2:54:92:c9:3b:83:11:
         14:dd:73:f9:80:17:09:cc:7c:87:a6:45:4b:7c:99:94:63:8a:
         24:0f:d5:f4:62:08:95:0a:2c:d5:80:a9:58:47:57:81:d7:a5:
         3e:3c:2a:36:7d:8e:6e:ba:18:ba:e0:68:d5:1d:ed:f4:b0:5c:
         41:9f:b8:79:ff:76:ae:dc:a7:f5:70:27:66:8d:80:bb:4a:4c:
         06:fc:b1:b2:da:a5:7f:12:5f:d4:d3:74:df:5f:a4:eb:1d:d5:
         29:72:71:0a:e7:13:47:c8:48:b4:e2:69:a2:26:b3:1b:fb:a4:
         68:6b:ae:50:6e:b3:63:2c:5e:3b:77:49:3b:e4:a5:e1:9a:92:
         f6:f9:f3:ea:a1:8b:7a:86:d0:19:02:ce:71:7b:e8:8d:ad:6d:
         0e:b0:00:1c:49:87:97:11:0e:6e:18:50:cd:91:23:5a:ae:ac:
         94:46:6a:c0
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYgyu5T+R4KBXEwN6rkk3ddcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MDYzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGZhZTg0MTgyODYwZDBmMGUwMjMyNzUwZTUxYjIxMTA3MDkzMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWqvvHGAQOruEUzFLwUtnqGArVPS
XRA8fYIG9aw3bXPMahZG4qMS9fM3XzupgSe6n9RKcJiD+JHsu0Y72xdHpVs/iG9j
z8CbLBX8Qai1al5rOFDKMSg5Mwlt4YUv6s7FhNKigp8QcSzrH5flPh9sixO6DKF2
NAXyjbMdGKUComrdmFXVugg9PnwMymBuGRxLnJGHkuQHZygOpXd1dusNp5NvlxPk
Jm6ZdT+QNnzxoBjhOLIqCgvfcHKaarsBCXOcWxP6xrBcCPQf3ECdRWUJrHutCsyG
aQKtKy5cEWFGWSOQ0V78GBTR6ql95ZQ4t7M17I8XUKC43KFI7kBHczwdcQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPj66EGChg0PDgIydQ5RshEHCTLlMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1Qcm9RWUtHRFE4T0FqSjFEbEd5RVFjSk11VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAVOPcAME
AFXRhAMEAFd5RQMEAFd5aQMEAF6cTgMEALB9/AMEAMEqIgMEAMEvPAMEAMEvPzAN
BgkqhkiG9w0BAQsFAAOCAQEAhzE+Wqs3SBGQUj19ioo7jQZkpVSqrjNuQu3UtiBR
Kon5hEdbnERPduCXZ1RTBB/ds9j0DHB+JuTnXVcU6skrasyuhEpAZdqVmKtOBl1/
gxxlomzSVJLJO4MRFN1z+YAXCcx8h6ZFS3yZlGOKJA/V9GIIlQos1YCpWEdXgdel
PjwqNn2ObroYuuBo1R3t9LBcQZ+4ef92rtyn9XAnZo2Au0pMBvyxstqlfxJf1NN0
31+k6x3VKXJxCucTR8hItOJpoiazG/ukaGuuUG6zYyxeO3dJO+Sl4ZqS9vnz6qGL
eobQGQLOcXvoja1tDrAAHEmHlxEObhhQzZEjWq6slEZqwA==
-----END CERTIFICATE-----