Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/LMUeB51V91YUAXCuK_Ziy0G5vKE.roa
File:                     LMUeB51V91YUAXCuK_Ziy0G5vKE.roa (raw, json)
Hash identifier:          l4YurAB68/fCSr3udx9cLGJVCcE1R6Y6Y6Plbj5F94U=
Subject key identifier:   2C:C5:1E:07:9D:55:F7:56:14:01:70:AE:2B:F6:62:CB:41:B9:BC:A1
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       0185708CD2BCDBBA8542736D151AF6FEBC0D
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/LMUeB51V91YUAXCuK_Ziy0G5vKE.roa
Signing time:             Mon 02 Jan 2023 03:35:54 +0000
ROA not before:           Mon 02 Jan 2023 03:35:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        171.22.60.0/23 maxlen: 23
                          5.183.240.0/23 maxlen: 23
                          92.119.24.0/23 maxlen: 23
                          171.22.62.0/23 maxlen: 23
                          5.183.242.0/23 maxlen: 23
                          92.119.26.0/23 maxlen: 23
                          45.14.80.0/24 maxlen: 24
                          45.14.81.0/24 maxlen: 24
                          45.86.24.0/22 maxlen: 22
                          185.45.94.0/24 maxlen: 24
                          185.45.92.0/23 maxlen: 23
                          185.45.95.0/24 maxlen: 24
                          45.158.192.0/22 maxlen: 22

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:d2:bc:db:ba:85:42:73:6d:15:1a:f6:fe:bc:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Jan  2 03:35:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2cc51e079d55f756140170ae2bf662cb41b9bca1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:fe:da:e6:fa:ef:66:8c:95:71:5d:a5:65:6d:
                    7e:ae:39:76:76:79:e6:5a:4a:16:41:a7:12:ec:b6:
                    c2:52:3b:7c:e8:43:71:60:d3:31:95:2a:39:35:1d:
                    f6:02:3b:a1:ba:d1:42:bd:d5:2d:cc:b5:c4:ae:e9:
                    4f:d5:bf:b4:02:bc:b4:98:49:4c:b4:ea:96:a1:79:
                    c4:ba:bb:cc:1c:1f:ea:77:7f:30:70:80:1d:57:f0:
                    34:c2:23:5e:e9:b1:35:7a:7b:8c:d5:2f:4b:a7:9b:
                    f1:b3:e3:fd:cb:01:31:9f:bf:9b:9a:48:ad:73:ef:
                    da:f6:57:c9:43:7a:0f:43:82:09:73:f2:ed:bd:cd:
                    bb:29:d8:58:df:d4:78:12:cf:1d:55:48:7f:22:da:
                    79:ff:8c:1c:9b:15:88:13:e5:3f:a4:9c:6a:54:67:
                    5b:84:36:fd:d0:0c:1a:43:6a:0c:72:b8:7a:6a:c5:
                    92:a6:db:71:f3:7f:94:01:a9:73:f0:52:b2:8b:92:
                    08:29:46:a6:63:28:e0:e4:73:d0:09:3f:d6:ac:72:
                    cc:d6:53:9b:56:4e:c6:88:c2:4b:cb:8f:68:9f:33:
                    e4:56:5c:43:ee:b5:bb:5e:67:c2:3c:3a:56:1a:cb:
                    2d:f6:50:40:d1:c9:0b:da:93:59:81:09:79:ea:13:
                    6d:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:C5:1E:07:9D:55:F7:56:14:01:70:AE:2B:F6:62:CB:41:B9:BC:A1
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/LMUeB51V91YUAXCuK_Ziy0G5vKE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.183.240.0/22
                  45.14.80.0/23
                  45.86.24.0/22
                  45.158.192.0/22
                  92.119.24.0/22
                  171.22.60.0/22
                  185.45.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5d:46:8b:94:e1:dd:50:a7:20:f0:00:da:6b:9a:80:43:9e:09:
         31:0d:19:9a:42:5b:c5:f8:bb:a7:cb:40:56:91:bb:d7:85:48:
         6c:3b:1a:f5:04:b0:cd:21:60:4d:44:08:13:37:08:38:db:c8:
         1b:7a:4a:b2:2f:ae:c7:90:dc:f6:30:7d:15:fd:e0:0b:ec:eb:
         3b:21:7f:6b:83:de:94:d1:fa:82:fb:1c:b7:5e:2e:5f:4c:51:
         a2:4a:cd:76:59:ba:00:26:98:c4:73:4e:0e:2c:27:4e:66:4c:
         5a:e9:91:65:4e:eb:8f:24:a4:0e:a5:ed:f6:13:f1:1a:6b:90:
         ca:f1:04:b8:07:27:d9:d4:69:9e:1b:ef:b3:1a:1e:b4:d3:c8:
         e1:42:1b:3e:00:01:2a:cd:4a:5b:a2:2c:7c:23:89:34:a7:f3:
         6e:d5:f9:d9:7b:8c:46:9a:d2:ac:4a:5d:55:8e:8e:9d:13:7d:
         cb:93:49:6f:a8:be:34:f8:1c:75:78:56:d3:4e:15:0a:67:b9:
         0a:ed:a8:74:91:8b:d2:bf:19:8e:64:be:24:8f:31:f5:41:fd:
         a3:8f:20:e1:f4:a6:e5:2e:30:d5:24:87:29:a2:cb:6f:b3:b0:
         af:46:f6:55:0d:95:e1:0a:54:7d:ea:1a:5c:95:84:ec:f9:37:
         6b:71:7a:6b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVwjNK827qFQnNtFRr2/rwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjMwMTAyMDMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2M1MWUwNzlkNTVmNzU2MTQwMTcwYWUyYmY2NjJjYjQxYjliY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgf7a5vrvZoyVcV2lZW1+rjl2dnnm
WkoWQacS7LbCUjt86ENxYNMxlSo5NR32AjuhutFCvdUtzLXErulP1b+0Ary0mElM
tOqWoXnEurvMHB/qd38wcIAdV/A0wiNe6bE1enuM1S9Lp5vxs+P9ywExn7+bmkit
c+/a9lfJQ3oPQ4IJc/Ltvc27KdhY39R4Es8dVUh/Itp5/4wcmxWIE+U/pJxqVGdb
hDb90AwaQ2oMcrh6asWSpttx83+UAalz8FKyi5IIKUamYyjg5HPQCT/WrHLM1lOb
Vk7GiMJLy49onzPkVlxD7rW7XmfCPDpWGsst9lBA0ckL2pNZgQl56hNtLwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCzFHgedVfdWFAFwriv2YstBubyhMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvTE1VZUI1MVY5MVlVQVhDdUtfWml5MEc1dktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBbfwAwQB
LQ5QAwQCLVYYAwQCLZ7AAwQCXHcYAwQCqxY8AwQCuS1cMA0GCSqGSIb3DQEBCwUA
A4IBAQBdRouU4d1QpyDwANprmoBDngkxDRmaQlvF+Luny0BWkbvXhUhsOxr1BLDN
IWBNRAgTNwg428gbekqyL67HkNz2MH0V/eAL7Os7IX9rg96U0fqC+xy3Xi5fTFGi
Ss12WboAJpjEc04OLCdOZkxa6ZFlTuuPJKQOpe32E/Eaa5DK8QS4ByfZ1GmeG++z
Gh6008jhQhs+AAEqzUpboix8I4k0p/Nu1fnZe4xGmtKsSl1Vjo6dE33Lk0lvqL40
+Bx1eFbTThUKZ7kK7ah0kYvSvxmOZL4kjzH1Qf2jjyDh9KblLjDVJIcpostvs7Cv
RvZVDZXhClR96hpclYTs+TdrcXpr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:45 2023 by rpki-client on console-ams.rpki-client.org