Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/A0iZCT95SiejA4Sxvetry_EFUHU.roa
File:                     A0iZCT95SiejA4Sxvetry_EFUHU.roa (raw, json)
Hash identifier:          MKP6IzzvAbaAl0HvDeRuAT2bBx2ReRpeyCekRkf3vhk=
Subject key identifier:   03:48:99:09:3F:79:4A:27:A3:03:84:B1:BD:EB:6B:CB:F1:05:50:75
Certificate issuer:       /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial:       018E2D728A752108A32AAEB3C4EC15E19B31
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/A0iZCT95SiejA4Sxvetry_EFUHU.roa
Signing time:             Mon 11 Mar 2024 12:17:44 +0000
ROA not before:           Mon 11 Mar 2024 12:17:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57910
IP address blocks:        37.10.72.0/21 maxlen: 24
                          45.149.228.0/22 maxlen: 24
                          46.18.72.0/21 maxlen: 24
                          95.214.0.0/22 maxlen: 24
                          109.69.48.0/21 maxlen: 24
                          185.11.236.0/22 maxlen: 24
                          185.161.12.0/22 maxlen: 24
                          185.226.236.0/22 maxlen: 24
                          193.57.36.0/22 maxlen: 24
                          194.56.236.0/22 maxlen: 24
                          194.127.158.0/23 maxlen: 24
                          194.127.162.0/23 maxlen: 24
                          2a00:b5c0::/32 maxlen: 32
                          2a02:2110::/32 maxlen: 32
                          2a0c:7a00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 11 Mar 2024 17:18:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:2d:72:8a:75:21:08:a3:2a:ae:b3:c4:ec:15:e1:9b:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
        Validity
            Not Before: Mar 11 12:17:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=034899093f794a27a30384b1bdeb6bcbf1055075
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:47:47:ae:af:0b:97:ce:b6:97:4e:c6:8e:2c:
                    8b:da:fc:62:f8:a1:46:93:a5:39:d2:56:f3:66:ed:
                    db:f6:87:35:d1:86:d2:19:75:9e:f1:a9:05:d7:4d:
                    0c:d5:ea:2e:ef:74:9c:ce:91:ef:09:f2:04:4f:e5:
                    a3:42:e4:59:cd:88:4d:99:8b:ba:ba:f9:f8:d9:d2:
                    75:4a:7c:c4:a0:b4:2f:83:8b:e8:c7:38:99:e4:44:
                    62:7a:6a:1a:ef:91:b1:61:28:ea:08:bb:39:ba:28:
                    ef:b4:e6:3e:0d:33:7b:de:b5:b5:c5:0b:a3:c9:6d:
                    8a:77:17:64:bf:b2:6b:6c:d0:09:ef:b4:8e:38:2f:
                    ac:c6:22:db:54:db:4b:14:67:ee:fd:93:d0:d1:29:
                    c1:a8:98:67:4f:4a:2c:a7:e5:e1:f2:5b:bc:ca:d2:
                    71:9b:82:c4:67:e3:a1:f3:69:a1:1a:e7:85:ea:dd:
                    83:27:eb:42:8c:0d:1a:6b:27:3b:b0:7e:21:93:d3:
                    0e:10:8c:57:e2:8d:bd:7e:d9:a7:62:6d:de:8e:18:
                    58:aa:f6:d0:73:db:13:47:3a:88:61:27:09:27:53:
                    9d:0c:67:b1:b9:87:fc:49:00:26:d8:a5:90:66:4a:
                    2b:4e:dd:45:b2:1d:69:65:4c:34:27:21:7e:f0:4b:
                    2e:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:48:99:09:3F:79:4A:27:A3:03:84:B1:BD:EB:6B:CB:F1:05:50:75
            X509v3 Authority Key Identifier:
                keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/A0iZCT95SiejA4Sxvetry_EFUHU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.10.72.0/21
                  45.149.228.0/22
                  46.18.72.0/21
                  95.214.0.0/22
                  109.69.48.0/21
                  185.11.236.0/22
                  185.161.12.0/22
                  185.226.236.0/22
                  193.57.36.0/22
                  194.56.236.0/22
                  194.127.158.0/23
                  194.127.162.0/23
                IPv6:
                  2a00:b5c0::/32
                  2a02:2110::/32
                  2a0c:7a00::/29

    Signature Algorithm: sha256WithRSAEncryption
         24:47:60:e7:cc:a3:02:f2:67:dc:a1:a4:3a:79:41:4c:c7:07:
         b8:cf:81:ea:3d:2c:ae:fe:9d:53:5e:d7:1b:f7:4c:2d:78:92:
         74:2a:26:3d:26:f6:81:1f:f9:4a:58:42:d3:87:e5:d6:9b:e3:
         6c:f8:5d:22:8e:c0:b6:57:4f:9c:c8:eb:5c:4d:a8:97:6a:0a:
         21:78:69:21:df:b4:28:b6:ca:a2:b3:75:86:b1:bc:c6:cb:cf:
         14:d5:8e:29:2c:ac:8b:c6:5d:5c:7e:46:ed:08:37:5d:df:67:
         76:1f:b9:93:4b:37:6d:61:a2:10:74:6c:c3:f9:ba:e6:99:06:
         ce:6d:bd:f3:09:f5:f7:dc:64:35:c0:34:71:3f:8a:a7:75:e7:
         6a:a2:9b:d5:7a:11:00:48:47:f5:76:d4:a9:c3:95:f1:51:d5:
         c3:8d:01:09:2b:18:95:2d:e0:3b:63:e3:60:a9:df:a6:15:c0:
         9f:20:6c:c6:e8:f9:21:37:d0:7c:5f:63:5a:2f:d4:7d:4b:bc:
         6b:e2:39:f7:69:3b:08:5a:79:8d:22:bf:42:4e:a2:92:00:f0:
         ba:9b:10:84:7b:c4:6b:a4:8e:7e:bd:9a:04:40:03:51:87:5a:
         18:d8:1d:63:8e:40:d0:40:16:28:45:b6:8d:68:86:0c:b4:78:
         4c:2e:7a:d8
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAY4tcop1IQijKq6zxOwV4ZsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjQwMzExMTIxNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzQ4OTkwOTNmNzk0YTI3YTMwMzg0YjFiZGViNmJjYmYxMDU1MDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokdHrq8Ll862l07GjiyL2vxi+KFG
k6U50lbzZu3b9oc10YbSGXWe8akF100M1eou73SczpHvCfIET+WjQuRZzYhNmYu6
uvn42dJ1SnzEoLQvg4voxziZ5ERiemoa75GxYSjqCLs5uijvtOY+DTN73rW1xQuj
yW2Kdxdkv7JrbNAJ77SOOC+sxiLbVNtLFGfu/ZPQ0SnBqJhnT0osp+Xh8lu8ytJx
m4LEZ+Oh82mhGueF6t2DJ+tCjA0aayc7sH4hk9MOEIxX4o29ftmnYm3ejhhYqvbQ
c9sTRzqIYScJJ1OdDGexuYf8SQAm2KWQZkorTt1Fsh1pZUw0JyF+8Esu3QIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFANImQk/eUonowOEsb3ra8vxBVB1MB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvQTBpWkNUOTVTaWVqQTRTeHZldHJ5X0VGVUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBOBAIAATBIAwQDJQpIAwQC
LZXkAwQDLhJIAwQCX9YAAwQDbUUwAwQCuQvsAwQCuaEMAwQCueLsAwQCwTkkAwQC
wjjsAwQBwn+eAwQBwn+iMBsEAgACMBUDBQAqALXAAwUAKgIhEAMFAyoMegAwDQYJ
KoZIhvcNAQELBQADggEBACRHYOfMowLyZ9yhpDp5QUzHB7jPgeo9LK7+nVNe1xv3
TC14knQqJj0m9oEf+UpYQtOH5dab42z4XSKOwLZXT5zI61xNqJdqCiF4aSHftCi2
yqKzdYaxvMbLzxTVjiksrIvGXVx+Ru0IN13fZ3YfuZNLN21hohB0bMP5uuaZBs5t
vfMJ9ffcZDXANHE/iqd152qim9V6EQBIR/V21KnDlfFR1cONAQkrGJUt4Dtj42Cp
36YVwJ8gbMbo+SE30HxfY1ov1H1LvGviOfdpOwhaeY0iv0JOopIA8LqbEIR7xGuk
jn69mgRAA1GHWhjYHWOOQNBAFihFto1ohgy0eEwuetg=
-----END CERTIFICATE-----