Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_bH6VOuxkkZWuA4EhlslLB_KODQ.roa
File:                     _bH6VOuxkkZWuA4EhlslLB_KODQ.roa (raw, json)
Hash identifier:          bEa5dvCJfEGzjXON2KJ+b269yYUsILSo/7W5CIDHvlo=
Subject key identifier:   FD:B1:FA:54:EB:B1:92:46:56:B8:0E:04:86:5B:25:2C:1F:CA:38:34
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0186503717436B3EC4EBF0D2372D53CABB00
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_bH6VOuxkkZWuA4EhlslLB_KODQ.roa
Signing time:             Tue 14 Feb 2023 13:57:13 +0000
ROA not before:           Tue 14 Feb 2023 13:57:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20454
IP address blocks:        81.161.237.0/24 maxlen: 24
                          87.121.58.0/24 maxlen: 24
                          93.123.81.0/24 maxlen: 24
                          87.120.5.0/24 maxlen: 24
                          94.156.182.0/23 maxlen: 24
                          94.154.174.0/23 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:50:37:17:43:6b:3e:c4:eb:f0:d2:37:2d:53:ca:bb:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Feb 14 13:57:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fdb1fa54ebb1924656b80e04865b252c1fca3834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:74:23:06:c9:a6:16:b5:b8:30:00:b1:da:a5:
                    30:12:3e:cc:e6:20:bf:f3:f9:0b:96:d7:6f:4e:0f:
                    18:65:e7:81:69:8b:f0:d3:cc:b4:09:37:81:4d:97:
                    07:6e:52:6e:ce:44:ca:fd:80:29:78:d5:40:b2:c8:
                    4b:c2:35:9d:03:25:46:94:66:82:ac:6d:2e:de:49:
                    c0:c9:51:9d:c4:fa:5b:f8:21:bd:f7:45:dd:69:36:
                    3f:d4:15:c1:b3:57:c0:28:9d:07:79:d0:b3:03:d5:
                    90:b0:7c:47:76:06:bc:25:49:9b:4e:62:dc:0f:b3:
                    b2:e5:29:f2:1b:d9:4c:43:37:67:7d:4d:9a:48:86:
                    c2:4f:c4:e1:8e:b8:af:4b:c0:94:b5:cb:90:e4:c7:
                    96:62:1e:84:2d:bc:65:ff:3a:47:1f:e8:d8:33:8c:
                    b6:7d:f5:cc:0b:74:65:76:d6:c4:30:b1:81:f3:d1:
                    21:c4:89:56:f6:54:dc:27:14:7a:8c:ba:b6:e9:31:
                    ee:da:43:ad:a7:88:1e:92:a4:d4:b8:18:e4:e3:48:
                    18:6b:b9:fe:13:d1:97:70:65:ca:8f:3e:3d:20:47:
                    e2:b0:cd:05:00:3f:f2:6f:fa:d5:7b:cf:24:56:43:
                    74:93:41:b1:09:93:e4:0f:49:b2:eb:d6:0d:4e:cd:
                    d8:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:B1:FA:54:EB:B1:92:46:56:B8:0E:04:86:5B:25:2C:1F:CA:38:34
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_bH6VOuxkkZWuA4EhlslLB_KODQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.161.237.0/24
                  87.120.5.0/24
                  87.121.58.0/24
                  93.123.81.0/24
                  94.154.174.0/23
                  94.156.182.0/23

    Signature Algorithm: sha256WithRSAEncryption
         36:a3:7c:96:4b:32:c0:90:3e:b4:f2:d2:79:99:88:2f:2a:de:
         4a:47:49:0c:d8:5f:c4:0a:ff:a4:74:48:92:d7:6c:0a:46:67:
         65:8b:86:8a:71:71:67:9f:8a:2c:18:f1:91:f4:bc:ff:cf:b3:
         fc:b6:d8:c9:0a:ca:ae:52:b5:21:ae:b8:bf:a2:4b:ea:e3:f4:
         7c:e3:c8:6e:f2:ed:fe:99:60:67:7b:b4:a6:7c:5c:0e:c5:e9:
         bc:96:0f:09:a4:a7:06:34:0a:33:b5:4d:11:54:65:da:46:04:
         90:3d:40:7f:88:85:81:79:cf:39:96:ef:68:00:ca:2f:79:57:
         bf:ec:bb:48:57:46:05:c8:8f:f1:dc:a1:58:81:f3:b9:c5:3f:
         a0:06:8e:30:9c:46:5e:6a:91:c6:70:71:a9:2f:9c:e9:43:46:
         c9:38:c7:87:d3:a8:1e:2a:4e:cd:01:78:5d:62:ba:ad:8e:ad:
         d2:3d:00:2b:bb:a7:00:40:c3:8b:6a:d4:6b:a6:72:ff:02:b2:
         9c:57:02:7a:82:9b:96:fe:d6:30:4e:c3:37:51:19:8e:e4:2b:
         38:ca:22:dc:25:88:38:8f:55:07:48:a7:6e:3d:70:6c:19:71:
         d9:c2:36:4e:69:23:5c:ad:23:5d:65:55:f5:3e:01:5a:48:8d:
         c2:a6:ce:fb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZQNxdDaz7E6/DSNy1TyrsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjE0MTM1NzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIxZmE1NGViYjE5MjQ2NTZiODBlMDQ4NjViMjUyYzFmY2EzODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHQjBsmmFrW4MACx2qUwEj7M5iC/
8/kLltdvTg8YZeeBaYvw08y0CTeBTZcHblJuzkTK/YApeNVAsshLwjWdAyVGlGaC
rG0u3knAyVGdxPpb+CG990XdaTY/1BXBs1fAKJ0HedCzA9WQsHxHdga8JUmbTmLc
D7Oy5SnyG9lMQzdnfU2aSIbCT8ThjrivS8CUtcuQ5MeWYh6ELbxl/zpHH+jYM4y2
ffXMC3RldtbEMLGB89EhxIlW9lTcJxR6jLq26THu2kOtp4gekqTUuBjk40gYa7n+
E9GXcGXKjz49IEfisM0FAD/yb/rVe88kVkN0k0GxCZPkD0my69YNTs3Y+QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP2x+lTrsZJGVrgOBIZbJSwfyjg0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX2JINlZPdXhra1pXdUE0RWhsc2xMQl9LT0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUaHtAwQA
V3gFAwQAV3k6AwQAXXtRAwQBXpquAwQBXpy2MA0GCSqGSIb3DQEBCwUAA4IBAQA2
o3yWSzLAkD608tJ5mYgvKt5KR0kM2F/ECv+kdEiS12wKRmdli4aKcXFnn4osGPGR
9Lz/z7P8ttjJCsquUrUhrri/okvq4/R848hu8u3+mWBne7SmfFwOxem8lg8JpKcG
NAoztU0RVGXaRgSQPUB/iIWBec85lu9oAMoveVe/7LtIV0YFyI/x3KFYgfO5xT+g
Bo4wnEZeapHGcHGpL5zpQ0bJOMeH06geKk7NAXhdYrqtjq3SPQAru6cAQMOLatRr
pnL/ArKcVwJ6gpuW/tYwTsM3URmO5Cs4yiLcJYg4j1UHSKduPXBsGXHZwjZOaSNc
rSNdZVX1PgFaSI3Cps77
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-ams.rpki-client.org