Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/1zj6ar4PTDGIbEziSqxtyCbQvbc.roa
File:                     1zj6ar4PTDGIbEziSqxtyCbQvbc.roa (raw, json)
Hash identifier:          07k57ae7if5hZfMLiUKtfmED1XpxpYOT+Fswbotjn2g=
Subject key identifier:   D7:38:FA:6A:BE:0F:4C:31:88:6C:4C:E2:4A:AC:6D:C8:26:D0:BD:B7
Certificate issuer:       /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial:       01898B0C502F5A055EA50D8863ABDC288FD7
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/1zj6ar4PTDGIbEziSqxtyCbQvbc.roa
Signing time:             Tue 25 Jul 2023 03:16:27 +0000
ROA not before:           Tue 25 Jul 2023 03:16:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25031
IP address blocks:        160.61.211.0/24 maxlen: 24
                          160.61.208.0/24 maxlen: 24
                          160.61.168.0/23 maxlen: 23
                          160.61.170.0/23 maxlen: 23
                          160.62.3.0/24 maxlen: 24
                          160.62.4.0/24 maxlen: 24
                          160.62.0.0/23 maxlen: 23
                          160.62.2.0/24 maxlen: 24
                          160.62.1.0/24 maxlen: 24
                          160.62.5.0/24 maxlen: 24
                          160.62.7.0/24 maxlen: 24
                          160.62.6.0/24 maxlen: 24
                          160.62.22.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Sep 2023 18:27:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:8b:0c:50:2f:5a:05:5e:a5:0d:88:63:ab:dc:28:8f:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
        Validity
            Not Before: Jul 25 03:16:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d738fa6abe0f4c31886c4ce24aac6dc826d0bdb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:fa:8b:a4:fd:f4:f6:a7:fa:0a:de:0b:a7:5a:
                    47:6e:3b:32:3b:13:b3:b5:e8:6c:c1:e1:ce:36:19:
                    5e:20:8b:7e:5d:72:fc:d9:e1:77:30:5d:3f:a1:1b:
                    38:e5:c3:93:ff:82:cf:d8:4f:1b:41:af:7f:1a:25:
                    e7:e1:1c:db:09:92:aa:89:90:c4:d9:1f:cf:2a:3b:
                    76:12:c2:83:82:2c:98:c7:59:cc:c0:f9:10:96:f9:
                    cb:cf:54:75:5d:37:5c:3b:5d:17:cd:e3:dc:3f:ca:
                    4a:8c:eb:63:12:ee:4e:23:6b:d1:b9:00:e1:cd:3c:
                    2e:e6:40:0b:ca:e3:1d:7c:ca:3a:d8:4e:15:96:f6:
                    cf:07:a4:98:57:e3:38:eb:0d:c5:1a:9f:31:72:3a:
                    f2:44:26:6a:88:20:09:d5:9f:e0:d5:e2:66:aa:9a:
                    c1:8b:f8:74:52:8d:7f:3d:98:7f:e0:5c:3b:96:95:
                    4a:1d:85:2e:f4:18:d8:d0:f6:cb:2b:22:cc:40:b7:
                    18:c5:b5:29:30:e1:13:85:eb:d9:ba:62:7e:b6:40:
                    f6:f4:4b:1e:a5:0c:2b:a0:90:b1:6c:0a:83:03:d9:
                    86:d2:9f:c9:b0:dc:20:e5:5c:54:fa:ea:ea:a5:66:
                    32:f5:e2:dd:dd:96:de:f6:33:0e:70:2b:e4:1e:28:
                    12:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:38:FA:6A:BE:0F:4C:31:88:6C:4C:E2:4A:AC:6D:C8:26:D0:BD:B7
            X509v3 Authority Key Identifier:
                keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/1zj6ar4PTDGIbEziSqxtyCbQvbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.61.168.0/22
                  160.61.208.0/24
                  160.61.211.0/24
                  160.62.0.0/21
                  160.62.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:d3:ae:b6:9c:35:04:8d:f6:28:c0:77:27:3d:13:35:f9:7d:
         7a:be:c6:8c:a3:d0:88:2e:2d:90:a1:a4:b6:99:37:28:5b:bd:
         6a:ff:79:fe:d9:23:55:f9:fb:e9:98:7b:d7:0f:fe:aa:c0:15:
         4a:5c:cd:63:d4:77:b7:e0:53:e5:70:b5:93:b9:25:3b:54:9b:
         2c:0c:ea:8c:b1:13:34:bc:9c:93:20:94:6f:5d:5e:e0:ec:21:
         8c:0a:f4:f4:ad:d0:59:db:67:68:44:a3:36:f5:fb:54:69:0e:
         27:71:64:3a:88:ef:8a:49:9c:51:1a:6f:15:39:2a:5d:9e:09:
         66:9a:d7:1e:b3:4b:6c:6c:2f:62:88:ee:45:86:0e:fe:1a:e5:
         3b:75:ac:c1:55:52:68:02:8d:4d:85:63:4a:f8:4c:33:c0:5d:
         e4:90:8c:83:34:4e:6c:3f:3e:6e:27:4a:85:9d:2a:0b:b2:27:
         b5:9e:83:0c:e1:bf:22:32:a2:c5:af:1f:85:8d:90:a2:9f:6e:
         16:39:03:b1:9f:f1:7a:7a:92:89:43:5e:d0:80:cc:d4:f2:10:
         2f:61:6a:0f:26:86:91:18:20:4d:30:6a:3e:d9:3c:86:03:ad:
         12:1d:ec:3c:fa:6b:a3:da:8c:c8:69:a3:bc:fc:4d:5a:33:87:
         8a:0a:e7:23
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmLDFAvWgVepQ2IY6vcKI/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjMwNzI1MDMxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzM4ZmE2YWJlMGY0YzMxODg2YzRjZTI0YWFjNmRjODI2ZDBiZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vqLpP309qf6Ct4Lp1pHbjsyOxOz
tehsweHONhleIIt+XXL82eF3MF0/oRs45cOT/4LP2E8bQa9/GiXn4RzbCZKqiZDE
2R/PKjt2EsKDgiyYx1nMwPkQlvnLz1R1XTdcO10XzePcP8pKjOtjEu5OI2vRuQDh
zTwu5kALyuMdfMo62E4VlvbPB6SYV+M46w3FGp8xcjryRCZqiCAJ1Z/g1eJmqprB
i/h0Uo1/PZh/4Fw7lpVKHYUu9BjY0PbLKyLMQLcYxbUpMOEThevZumJ+tkD29Ese
pQwroJCxbAqDA9mG0p/JsNwg5VxU+urqpWYy9eLd3Zbe9jMOcCvkHigSpwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNc4+mq+D0wxiGxM4kqsbcgm0L23MB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvMXpqNmFyNFBUREdJYkV6aVNxeHR5Q2JRdmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCoD2oAwQA
oD3QAwQAoD3TAwQDoD4AAwQAoD4WMA0GCSqGSIb3DQEBCwUAA4IBAQBi0662nDUE
jfYowHcnPRM1+X16vsaMo9CILi2QoaS2mTcoW71q/3n+2SNV+fvpmHvXD/6qwBVK
XM1j1He34FPlcLWTuSU7VJssDOqMsRM0vJyTIJRvXV7g7CGMCvT0rdBZ22doRKM2
9ftUaQ4ncWQ6iO+KSZxRGm8VOSpdnglmmtces0tsbC9iiO5Fhg7+GuU7dazBVVJo
Ao1NhWNK+EwzwF3kkIyDNE5sPz5uJ0qFnSoLsie1noMM4b8iMqLFrx+FjZCin24W
OQOxn/F6epKJQ17QgMzU8hAvYWoPJoaRGCBNMGo+2TyGA60SHew8+muj2ozIaaO8
/E1aM4eKCucj
-----END CERTIFICATE-----