Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/xpL0LG6ar7KlFmj1h5dK-BV2FCk.roa
File:                     xpL0LG6ar7KlFmj1h5dK-BV2FCk.roa (raw, json)
Hash identifier:          /NT55p6bGpZJf/7nX5iqgexOv1MPGYyIk4nh6dacxjM=
Subject key identifier:   C6:92:F4:2C:6E:9A:AF:B2:A5:16:68:F5:87:97:4A:F8:15:76:14:29
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       018AA6D3C2315D75FBCCF5430DAE0DF6AAC1
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/xpL0LG6ar7KlFmj1h5dK-BV2FCk.roa
Signing time:             Mon 18 Sep 2023 05:46:50 +0000
ROA not before:           Mon 18 Sep 2023 05:46:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15611
IP address blocks:        213.176.96.0/24 maxlen: 24
                          213.176.4.0/24 maxlen: 24
                          213.176.5.0/24 maxlen: 24
                          62.60.168.0/21 maxlen: 24
                          62.60.132.0/22 maxlen: 24
                          62.60.136.0/24 maxlen: 24
                          62.60.137.0/24 maxlen: 24
                          62.60.139.0/24 maxlen: 24
                          62.60.138.0/24 maxlen: 24
                          62.60.140.0/24 maxlen: 24
                          62.60.141.0/24 maxlen: 24
                          62.60.142.0/24 maxlen: 24
                          62.60.145.0/24 maxlen: 24
                          213.176.124.0/24 maxlen: 24
                          213.176.125.0/24 maxlen: 24
                          213.176.122.0/24 maxlen: 24
                          213.176.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Sep 2023 08:15:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a6:d3:c2:31:5d:75:fb:cc:f5:43:0d:ae:0d:f6:aa:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Sep 18 05:46:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c692f42c6e9aafb2a51668f587974af815761429
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:a2:7d:ad:03:5a:71:81:d0:48:62:aa:b8:d1:
                    bd:98:02:ee:a6:67:20:98:fe:aa:2c:6c:ba:7d:b5:
                    82:81:ec:06:1f:d5:d8:b6:f8:7a:dd:93:79:7b:14:
                    33:b2:f8:d7:1b:d5:ef:57:8d:97:ef:b6:2b:a2:7e:
                    de:01:e3:97:7c:8f:91:06:83:fb:f5:9d:50:4e:44:
                    15:51:4a:ac:a1:9a:4a:84:14:90:25:06:72:dd:56:
                    a6:dd:fd:99:d1:60:de:bf:3d:11:b7:3d:4f:04:e6:
                    2b:0a:d2:f8:f5:da:a9:45:e2:74:1b:ce:50:a4:97:
                    b1:06:25:54:b4:c6:6a:04:6f:a9:1b:2c:f1:c1:28:
                    d2:fd:c3:cf:ba:a1:3b:9f:a8:f4:d1:9d:77:2c:13:
                    ef:8e:bd:61:d6:f7:0e:bc:29:c4:26:11:ef:05:e3:
                    f9:0f:5b:9d:1e:2c:4a:00:29:b3:a9:83:ff:88:03:
                    cc:6c:cd:e6:56:4b:44:11:53:cf:d3:a7:43:9c:82:
                    17:0b:d3:47:71:da:f6:81:df:4e:ff:26:d1:50:15:
                    b2:4a:27:c1:29:a1:cd:87:63:68:a0:cd:c3:a0:f8:
                    c9:b8:84:19:0b:d9:07:7d:c8:8d:49:0a:c7:cf:d9:
                    f9:22:45:84:c5:82:50:7f:aa:2b:24:8a:fa:f2:cf:
                    0d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:92:F4:2C:6E:9A:AF:B2:A5:16:68:F5:87:97:4A:F8:15:76:14:29
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/xpL0LG6ar7KlFmj1h5dK-BV2FCk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.60.132.0-62.60.142.255
                  62.60.145.0/24
                  62.60.168.0/21
                  213.176.4.0/23
                  213.176.96.0/24
                  213.176.122.0-213.176.125.255

    Signature Algorithm: sha256WithRSAEncryption
         08:75:a7:16:52:78:b8:35:a9:9e:81:6b:32:32:4f:38:f7:cc:
         79:65:9b:07:9c:a2:c6:9a:a0:03:e7:cf:f1:29:bc:5a:39:15:
         e4:01:03:c9:7c:49:64:e8:11:14:63:3b:94:66:01:63:66:95:
         ac:70:9a:90:72:8d:7a:ff:87:7b:c4:08:a0:93:44:72:40:37:
         7f:1b:5f:61:2d:86:92:c8:6a:81:72:08:32:a2:53:10:55:57:
         28:89:20:e1:ca:9a:0e:05:a2:9a:e3:6d:9e:7c:9c:72:ed:c0:
         2c:35:2d:19:80:4d:8c:64:5f:12:0a:7c:9d:86:26:cb:d4:d6:
         50:1f:5b:33:23:35:b3:77:d2:e5:63:83:2c:15:6e:ed:32:00:
         7e:85:1c:0a:43:06:dd:60:82:ee:95:e1:8f:29:12:60:93:fa:
         66:5f:2e:8f:63:1e:72:0d:85:b0:ea:9e:6a:b3:6b:fc:fb:b5:
         79:ad:b7:b3:4f:49:5d:9c:b2:e5:85:09:0f:a0:8a:19:b4:81:
         d4:0b:a5:78:97:46:84:8a:4f:1b:85:06:80:0d:39:11:4c:83:
         48:7e:36:b2:c9:c7:5d:05:f4:50:27:dc:e4:a9:14:9f:e5:ef:
         de:62:d8:e5:7b:03:17:21:21:13:79:7c:bc:7f:47:64:9f:cf:
         c3:9f:be:bc
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYqm08IxXXX7zPVDDa4N9qrBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwOTE4MDU0NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjkyZjQyYzZlOWFhZmIyYTUxNjY4ZjU4Nzk3NGFmODE1NzYxNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqJ9rQNacYHQSGKquNG9mALupmcg
mP6qLGy6fbWCgewGH9XYtvh63ZN5exQzsvjXG9XvV42X77Yron7eAeOXfI+RBoP7
9Z1QTkQVUUqsoZpKhBSQJQZy3Vam3f2Z0WDevz0Rtz1PBOYrCtL49dqpReJ0G85Q
pJexBiVUtMZqBG+pGyzxwSjS/cPPuqE7n6j00Z13LBPvjr1h1vcOvCnEJhHvBeP5
D1udHixKACmzqYP/iAPMbM3mVktEEVPP06dDnIIXC9NHcdr2gd9O/ybRUBWySifB
KaHNh2NooM3DoPjJuIQZC9kHfciNSQrHz9n5IkWExYJQf6orJIr68s8NMQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFMaS9Cxumq+ypRZo9YeXSvgVdhQpMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEveHBMMExHNmFyN0tsRm1qMWg1ZEstQlYyRkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAI+PIQD
BAA+PI4DBAA+PJEDBAM+PKgDBAHVsAQDBADVsGAwDAMEAdWwegMEAdWwfDANBgkq
hkiG9w0BAQsFAAOCAQEACHWnFlJ4uDWpnoFrMjJPOPfMeWWbB5yixpqgA+fP8Sm8
WjkV5AEDyXxJZOgRFGM7lGYBY2aVrHCakHKNev+He8QIoJNEckA3fxtfYS2Gkshq
gXIIMqJTEFVXKIkg4cqaDgWimuNtnnyccu3ALDUtGYBNjGRfEgp8nYYmy9TWUB9b
MyM1s3fS5WODLBVu7TIAfoUcCkMG3WCC7pXhjykSYJP6Zl8uj2Mecg2FsOqearNr
/Pu1ea23s09JXZyy5YUJD6CKGbSB1AuleJdGhIpPG4UGgA05EUyDSH42ssnHXQX0
UCfc5KkUn+Xv3mLY5XsDFyEhE3l8vH9HZJ/Pw5++vA==
-----END CERTIFICATE-----