Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EM07y05R6z62AwwycjWmLUDK2yg.roa
File:                     EM07y05R6z62AwwycjWmLUDK2yg.roa (raw, json)
Hash identifier:          nyJniP6LeV5OHfqxSsO/h/gxLtC6CN8BMl3jOekBSSo=
Subject key identifier:   10:CD:3B:CB:4E:51:EB:3E:B6:03:0C:32:72:35:A6:2D:40:CA:DB:28
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018ABBEA6E22797D661BD8439623DFAD199B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EM07y05R6z62AwwycjWmLUDK2yg.roa
Signing time:             Fri 22 Sep 2023 08:03:37 +0000
ROA not before:           Fri 22 Sep 2023 08:03:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212815
IP address blocks:        163.5.83.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.193.0/24 maxlen: 24
                          163.5.215.0/24 maxlen: 24
                          163.5.214.0/24 maxlen: 24
                          163.5.144.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.142.0/24 maxlen: 24
                          163.5.154.0/24 maxlen: 24
                          185.253.54.0/24 maxlen: 24
                          163.5.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Oct 2023 10:53:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:bb:ea:6e:22:79:7d:66:1b:d8:43:96:23:df:ad:19:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Sep 22 08:03:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=10cd3bcb4e51eb3eb6030c327235a62d40cadb28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:bc:eb:c8:c4:1f:57:f3:d1:c7:d1:7d:86:50:
                    2c:45:41:97:49:91:21:29:8b:60:20:97:8c:11:f7:
                    1d:dd:ca:27:3c:43:3f:f7:df:81:bb:94:b3:48:f1:
                    ad:21:f8:9e:20:57:93:5e:4a:91:37:45:02:6e:ab:
                    33:5e:48:1c:74:f6:26:ba:84:a3:ec:25:07:de:64:
                    30:ba:64:8c:54:8b:75:69:94:d9:e5:8a:d7:f2:92:
                    7f:06:bc:af:fd:78:57:3c:47:0a:98:d4:26:1f:36:
                    d7:18:5d:2f:12:3b:c6:9b:7a:3f:1b:67:df:46:15:
                    9e:03:88:6e:aa:a7:1e:17:ce:bd:4d:eb:db:13:9b:
                    eb:47:2b:d3:6e:be:e6:70:5b:27:88:c0:a7:42:1b:
                    90:d9:a9:ab:ef:c2:2b:e3:fd:fc:70:ea:ac:27:d1:
                    4e:40:23:ae:9b:10:ac:e7:fb:46:9d:fd:7f:b0:2d:
                    f4:ef:d1:71:0a:8e:ec:d5:97:cb:eb:44:57:09:15:
                    86:24:a3:6a:a9:a2:73:16:40:6c:6c:02:72:47:40:
                    19:db:be:b6:8b:f0:b9:92:c3:62:c4:3e:dd:78:ec:
                    2c:a0:fe:c9:7b:dc:20:69:bd:82:7c:75:c1:9f:7e:
                    5a:fe:b1:3a:f7:d5:11:1b:f7:79:54:52:5b:aa:0b:
                    6f:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:CD:3B:CB:4E:51:EB:3E:B6:03:0C:32:72:35:A6:2D:40:CA:DB:28
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/EM07y05R6z62AwwycjWmLUDK2yg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.59.0/24
                  163.5.83.0/24
                  163.5.142.0-163.5.144.255
                  163.5.154.0/24
                  163.5.192.0/23
                  163.5.214.0/23
                  185.253.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:7e:3b:ca:64:1e:c6:05:c6:8c:fe:21:7f:01:f6:08:9c:7b:
         ae:ff:e1:dc:fa:11:5f:c4:63:32:58:cf:af:70:7a:02:c7:06:
         ce:48:85:9f:21:6e:92:b7:65:d5:03:9e:d6:ef:0f:48:4a:1e:
         c2:cc:ed:19:b7:59:bd:54:fb:c1:05:03:4b:0e:53:a9:7e:30:
         6d:e7:49:46:de:66:22:a7:87:c6:43:06:2f:74:4d:7b:d2:63:
         6c:25:3e:e4:d6:56:d5:70:c8:ed:9c:d3:92:21:f6:3d:2f:a4:
         cd:e1:c4:5b:d9:2f:13:f6:14:19:6b:3c:ef:9b:1f:77:c3:36:
         84:6d:cd:2b:d4:5e:23:5a:f9:cb:d5:6d:0c:10:c9:48:3f:7d:
         0a:b0:21:0e:2f:1d:fc:19:37:61:60:84:8f:e4:3d:86:9a:dd:
         1b:20:72:22:45:2b:cb:7b:9b:71:af:ba:45:1e:69:04:46:35:
         28:45:4e:19:ba:6c:de:99:3a:fb:ce:d2:f3:0f:2a:92:b0:46:
         f0:98:34:75:b6:eb:9a:4b:9c:8b:9f:e4:78:63:fd:a2:50:ee:
         c1:5d:fe:42:07:fe:3b:7e:56:51:b1:31:f4:b4:b1:55:c9:15:
         65:16:12:ee:b9:55:5c:f7:e7:2a:3c:fb:10:0d:79:4f:99:00:
         5d:7b:ae:d4
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYq76m4ieX1mG9hDliPfrRmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwOTIyMDgwMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGNkM2JjYjRlNTFlYjNlYjYwMzBjMzI3MjM1YTYyZDQwY2FkYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rzryMQfV/PRx9F9hlAsRUGXSZEh
KYtgIJeMEfcd3conPEM/99+Bu5SzSPGtIfieIFeTXkqRN0UCbqszXkgcdPYmuoSj
7CUH3mQwumSMVIt1aZTZ5YrX8pJ/Bryv/XhXPEcKmNQmHzbXGF0vEjvGm3o/G2ff
RhWeA4huqqceF869TevbE5vrRyvTbr7mcFsniMCnQhuQ2amr78Ir4/38cOqsJ9FO
QCOumxCs5/tGnf1/sC3079FxCo7s1ZfL60RXCRWGJKNqqaJzFkBsbAJyR0AZ2762
i/C5ksNixD7deOwsoP7Je9wgab2CfHXBn35a/rE699URG/d5VFJbqgtvYQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBDNO8tOUes+tgMMMnI1pi1AytsoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRU0wN3kwNVI2ejYyQXd3eWNqV21MVURLMnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAowU7AwQA
owVTMAwDBAGjBY4DBACjBZADBACjBZoDBAGjBcADBAGjBdYDBAC5/TYwDQYJKoZI
hvcNAQELBQADggEBAJ9+O8pkHsYFxoz+IX8B9gice67/4dz6EV/EYzJYz69wegLH
Bs5IhZ8hbpK3ZdUDntbvD0hKHsLM7Rm3Wb1U+8EFA0sOU6l+MG3nSUbeZiKnh8ZD
Bi90TXvSY2wlPuTWVtVwyO2c05Ih9j0vpM3hxFvZLxP2FBlrPO+bH3fDNoRtzSvU
XiNa+cvVbQwQyUg/fQqwIQ4vHfwZN2FghI/kPYaa3RsgciJFK8t7m3GvukUeaQRG
NShFThm6bN6ZOvvO0vMPKpKwRvCYNHW265pLnIuf5Hhj/aJQ7sFd/kIH/jt+VlGx
MfS0sVXJFWUWEu65VVz35yo8+xANeU+ZAF17rtQ=
-----END CERTIFICATE-----