Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/d6sPr5iG3riMevPp9Y8nL2s05-k.roa
File:                     d6sPr5iG3riMevPp9Y8nL2s05-k.roa (raw, json)
Hash identifier:          bfdbI2PWKxEFGURhzqjLUZYbAN/AX+1UxaBEB6ACIUk=
Subject key identifier:   77:AB:0F:AF:98:86:DE:B8:8C:7A:F3:E9:F5:8F:27:2F:6B:34:E7:E9
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0186B68F77246E3331C0D388592BAC0FC456
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/d6sPr5iG3riMevPp9Y8nL2s05-k.roa
Signing time:             Mon 06 Mar 2023 10:55:00 +0000
ROA not before:           Mon 06 Mar 2023 10:55:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212815
IP address blocks:        163.5.83.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.84.0/24 maxlen: 24
                          163.5.214.0/24 maxlen: 24
                          163.5.120.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.38.0/24 maxlen: 24
                          163.5.144.0/24 maxlen: 24
                          163.5.154.0/24 maxlen: 24
                          185.253.54.0/24 maxlen: 24
                          163.5.59.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b6:8f:77:24:6e:33:31:c0:d3:88:59:2b:ac:0f:c4:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Mar  6 10:55:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=77ab0faf9886deb88c7af3e9f58f272f6b34e7e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e9:dc:67:7c:33:09:d1:18:85:bb:04:b1:1a:
                    39:45:fe:de:97:87:1e:e0:21:26:79:90:aa:50:06:
                    bc:60:49:09:e7:a2:36:25:19:67:37:8c:3a:06:0b:
                    37:00:7b:fc:b7:45:3f:98:4d:53:11:09:b8:e8:e5:
                    32:c6:9e:e3:c3:d6:02:d4:e8:bc:68:75:71:7e:d3:
                    70:bb:56:a7:e6:66:91:ad:7a:d7:80:26:f0:5c:ba:
                    f7:90:44:b7:6b:ca:a9:a1:f3:e1:02:ed:4d:12:7e:
                    eb:3f:fe:95:59:0f:8d:79:8c:61:05:06:b9:6b:c0:
                    34:13:ce:e3:e7:e3:30:38:b6:bd:c4:a4:1c:1b:9e:
                    2a:15:f9:c7:49:e1:ed:52:c2:b6:08:05:9d:73:41:
                    af:64:16:67:36:29:6f:8c:e0:ab:86:45:22:fd:82:
                    d8:4a:50:28:e8:b2:df:65:82:04:3f:ef:a9:6e:4a:
                    6f:88:ed:e5:7b:a4:a8:d0:80:62:62:d7:bd:5c:8c:
                    54:4f:b8:55:01:eb:63:ef:86:c9:83:c0:14:ef:75:
                    ac:b6:93:1d:c6:c7:ea:48:b2:a1:d7:41:b7:f2:ec:
                    40:7d:15:22:30:2a:34:7b:56:80:e0:22:d2:80:e1:
                    73:08:79:f7:02:62:ba:28:80:94:6d:01:93:41:cf:
                    e3:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:AB:0F:AF:98:86:DE:B8:8C:7A:F3:E9:F5:8F:27:2F:6B:34:E7:E9
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/d6sPr5iG3riMevPp9Y8nL2s05-k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.38.0/24
                  163.5.59.0/24
                  163.5.83.0-163.5.84.255
                  163.5.120.0/24
                  163.5.143.0-163.5.144.255
                  163.5.154.0/24
                  163.5.192.0/24
                  163.5.214.0/24
                  185.253.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:50:99:7a:55:8e:2d:1b:a6:99:47:95:ea:33:5d:28:56:12:
         4a:a5:ad:21:e7:e3:03:49:30:db:9b:59:6d:80:66:db:89:76:
         9f:4e:51:43:2f:b3:8e:49:b0:46:6a:cd:d4:e0:a8:38:60:6d:
         20:e7:43:38:c9:fc:f6:93:08:ca:bd:e3:a6:c0:9c:31:94:85:
         9a:e0:ed:10:1d:06:21:f3:09:bf:a5:89:44:75:21:d9:bd:e4:
         a5:fe:e8:9d:82:51:1e:9e:6d:e9:89:cb:47:35:2e:3f:cd:c4:
         63:8b:1a:ac:d3:ba:6f:a3:9f:d5:05:0e:83:3b:45:df:55:0b:
         5a:58:b8:40:32:44:cc:d1:1f:15:3f:79:88:eb:70:0f:cd:6c:
         b7:64:a8:55:b5:39:42:49:7a:32:1f:58:c3:49:4e:4e:3a:98:
         b2:1e:d7:f7:f4:c9:49:8b:4f:a1:11:d2:d5:6c:26:25:fe:81:
         3e:86:2c:3a:8b:39:00:05:8d:e7:7e:09:be:03:0a:81:14:9e:
         27:24:88:0d:10:35:98:4c:28:3d:60:ec:5a:2b:23:0b:33:2a:
         41:1f:73:e5:c9:5a:f6:bf:f0:15:cc:4f:62:0d:f7:06:0c:c2:
         55:15:23:87:d3:4e:22:ba:33:ce:97:6f:7f:7f:a1:bf:cc:2d:
         91:70:4b:5b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYa2j3ckbjMxwNOIWSusD8RWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwMzA2MTA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FiMGZhZjk4ODZkZWI4OGM3YWYzZTlmNThmMjcyZjZiMzRlN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+ncZ3wzCdEYhbsEsRo5Rf7el4ce
4CEmeZCqUAa8YEkJ56I2JRlnN4w6Bgs3AHv8t0U/mE1TEQm46OUyxp7jw9YC1Oi8
aHVxftNwu1an5maRrXrXgCbwXLr3kES3a8qpofPhAu1NEn7rP/6VWQ+NeYxhBQa5
a8A0E87j5+MwOLa9xKQcG54qFfnHSeHtUsK2CAWdc0GvZBZnNilvjOCrhkUi/YLY
SlAo6LLfZYIEP++pbkpviO3le6So0IBiYte9XIxUT7hVAetj74bJg8AU73WstpMd
xsfqSLKh10G38uxAfRUiMCo0e1aA4CLSgOFzCHn3AmK6KICUbQGTQc/jdwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHerD6+Yht64jHrz6fWPJy9rNOfpMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZDZzUHI1aUczcmlNZXZQcDlZOG5MMnMwNS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAowUmAwQA
owU7MAwDBACjBVMDBACjBVQDBACjBXgwDAMEAKMFjwMEAKMFkAMEAKMFmgMEAKMF
wAMEAKMF1gMEALn9NjANBgkqhkiG9w0BAQsFAAOCAQEARlCZelWOLRummUeV6jNd
KFYSSqWtIefjA0kw25tZbYBm24l2n05RQy+zjkmwRmrN1OCoOGBtIOdDOMn89pMI
yr3jpsCcMZSFmuDtEB0GIfMJv6WJRHUh2b3kpf7onYJRHp5t6YnLRzUuP83EY4sa
rNO6b6Of1QUOgztF31ULWli4QDJEzNEfFT95iOtwD81st2SoVbU5Qkl6Mh9Yw0lO
TjqYsh7X9/TJSYtPoRHS1WwmJf6BPoYsOos5AAWN534JvgMKgRSeJySIDRA1mEwo
PWDsWisjCzMqQR9z5cla9r/wFcxPYg33BgzCVRUjh9NOIrozzpdvf3+hv8wtkXBL
Ww==
-----END CERTIFICATE-----