Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/g5pyFlOrVotbnz-g_ECtY-6Rho8.roa
File:                     g5pyFlOrVotbnz-g_ECtY-6Rho8.roa (raw, json)
Hash identifier:          SmJDUHL+SfVOB5Hx7il4Ldo5/VCKKmctw+n0tIai0Mw=
Subject key identifier:   83:9A:72:16:53:AB:56:8B:5B:9F:3F:A0:FC:40:AD:63:EE:91:86:8F
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       0187B1690185E5E13C567E7056A8679ACAE9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/g5pyFlOrVotbnz-g_ECtY-6Rho8.roa
Signing time:             Mon 24 Apr 2023 03:57:41 +0000
ROA not before:           Mon 24 Apr 2023 03:57:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        163.5.71.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.192.0/24 maxlen: 24
                          163.5.101.0/24 maxlen: 24
                          163.5.108.0/24 maxlen: 24
                          163.5.116.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.238.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.60.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b1:69:01:85:e5:e1:3c:56:7e:70:56:a8:67:9a:ca:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Apr 24 03:57:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=839a721653ab568b5b9f3fa0fc40ad63ee91868f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ef:50:15:21:3f:b3:eb:e6:27:c6:92:82:00:
                    4c:11:0f:cc:bc:c2:67:ee:03:4f:0d:80:16:6b:9d:
                    e5:dd:7d:aa:35:98:5f:a6:4b:ff:ab:e5:27:2b:d6:
                    a2:55:a2:98:99:0b:23:e0:3d:b6:e1:23:83:d2:61:
                    1c:ca:b7:84:fe:b3:c6:c5:1d:1b:df:aa:12:58:b9:
                    aa:54:b8:ae:66:90:03:ca:19:8b:c2:5b:dc:d0:9c:
                    ad:d3:44:99:d7:6f:aa:36:60:00:9b:48:ab:3d:b2:
                    37:fa:31:eb:88:6f:ce:ef:7e:52:f2:a9:35:03:d9:
                    98:9b:61:55:ac:49:95:9c:69:22:18:de:05:2c:3e:
                    2f:41:74:f8:a9:80:6b:ba:8f:2d:e0:1e:54:af:e2:
                    6d:03:03:b1:21:03:bf:50:e2:82:47:72:87:f1:39:
                    27:ab:df:67:41:31:20:9f:73:b8:be:b9:2b:9a:a8:
                    4c:65:3b:f3:4f:ce:52:91:a8:a8:27:79:33:f9:5f:
                    7f:e8:73:58:c8:da:9c:c2:70:ed:13:4e:b4:3f:53:
                    55:01:e9:6d:a0:e1:17:a3:2c:1a:e7:43:7d:93:6f:
                    c2:42:08:3c:be:51:e7:c7:0a:05:3b:76:d7:a9:3a:
                    de:d4:50:ab:61:76:3c:3c:93:71:76:d6:1f:22:85:
                    50:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:9A:72:16:53:AB:56:8B:5B:9F:3F:A0:FC:40:AD:63:EE:91:86:8F
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/g5pyFlOrVotbnz-g_ECtY-6Rho8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.60.0/24
                  163.5.71.0/24
                  163.5.101.0/24
                  163.5.108.0/24
                  163.5.116.0/24
                  163.5.134.0/24
                  163.5.189.0/24
                  163.5.192.0/24
                  163.5.228.0/24
                  163.5.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:ed:19:9b:1a:6a:15:d7:cb:04:46:07:1d:b8:f9:bc:80:44:
         64:a2:cd:21:be:04:21:e4:64:32:9b:61:ee:e6:b9:4e:fb:55:
         f6:16:ab:49:d8:3e:3b:d1:b3:65:c8:51:db:7f:e0:6f:5f:8f:
         2b:02:42:79:41:5f:e9:a7:cc:03:36:a9:68:60:40:72:e2:41:
         8f:7a:b9:92:a5:6f:54:83:14:9e:b9:19:e6:e9:77:98:7c:f5:
         e4:55:81:52:29:81:46:26:2c:be:42:ee:bc:e2:4d:15:97:05:
         63:79:47:52:69:2b:28:dc:81:26:95:d4:0d:17:01:f6:a6:3e:
         ef:0a:b8:de:db:e2:b8:48:ea:e3:77:06:a6:48:04:71:ef:d4:
         81:8d:92:61:32:e5:46:b9:b6:e3:47:58:1d:55:80:1a:c4:dd:
         35:9e:12:c7:c7:55:87:b3:1b:00:2e:65:1d:a3:63:19:bd:20:
         b1:15:df:fa:50:68:e3:24:37:d6:1e:f9:d6:47:b1:79:ef:b8:
         00:aa:b3:ad:d9:23:4c:2a:b2:ec:27:c2:7f:5a:41:26:e8:ee:
         21:5a:0f:53:59:66:17:21:00:aa:94:73:a1:f6:36:b9:49:4f:
         f5:0b:56:82:4d:10:9d:d8:08:20:26:ec:1a:3c:43:96:94:6c:
         5f:61:d4:03
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYexaQGF5eE8Vn5wVqhnmsrpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjMwNDI0MDM1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzlhNzIxNjUzYWI1NjhiNWI5ZjNmYTBmYzQwYWQ2M2VlOTE4NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu9QFSE/s+vmJ8aSggBMEQ/MvMJn
7gNPDYAWa53l3X2qNZhfpkv/q+UnK9aiVaKYmQsj4D224SOD0mEcyreE/rPGxR0b
36oSWLmqVLiuZpADyhmLwlvc0Jyt00SZ12+qNmAAm0irPbI3+jHriG/O735S8qk1
A9mYm2FVrEmVnGkiGN4FLD4vQXT4qYBruo8t4B5Ur+JtAwOxIQO/UOKCR3KH8Tkn
q99nQTEgn3O4vrkrmqhMZTvzT85SkaioJ3kz+V9/6HNYyNqcwnDtE060P1NVAelt
oOEXoywa50N9k2/CQgg8vlHnxwoFO3bXqTre1FCrYXY8PJNxdtYfIoVQ2QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIOachZTq1aLW58/oPxArWPukYaPMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZzVweUZsT3JWb3RibnotZ19FQ3RZLTZSaG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAowU8AwQA
owVHAwQAowVlAwQAowVsAwQAowV0AwQAowWGAwQAowW9AwQAowXAAwQAowXkAwQA
owXuMA0GCSqGSIb3DQEBCwUAA4IBAQCK7RmbGmoV18sERgcduPm8gERkos0hvgQh
5GQym2Hu5rlO+1X2FqtJ2D470bNlyFHbf+BvX48rAkJ5QV/pp8wDNqloYEBy4kGP
ermSpW9UgxSeuRnm6XeYfPXkVYFSKYFGJiy+Qu684k0VlwVjeUdSaSso3IEmldQN
FwH2pj7vCrje2+K4SOrjdwamSARx79SBjZJhMuVGubbjR1gdVYAaxN01nhLHx1WH
sxsALmUdo2MZvSCxFd/6UGjjJDfWHvnWR7F577gAqrOt2SNMKrLsJ8J/WkEm6O4h
Wg9TWWYXIQCqlHOh9ja5SU/1C1aCTRCd2AggJuwaPEOWlGxfYdQD
-----END CERTIFICATE-----