Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/Ee52tov0AAtA81bbZvl-uewB3YU.roa
File:                     Ee52tov0AAtA81bbZvl-uewB3YU.roa (raw, json)
Hash identifier:          Q+FXICc+mQLuBosdXZbWn3NYWnRvR99f3hNUJ8e6RrU=
Subject key identifier:   11:EE:76:B6:8B:F4:00:0B:40:F3:56:DB:66:F9:7E:B9:EC:01:DD:85
Certificate issuer:       /CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Certificate serial:       01859C6C43B37D8489FCE125B52487A04E9D
Authority key identifier: DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/Ee52tov0AAtA81bbZvl-uewB3YU.roa
Signing time:             Tue 10 Jan 2023 16:03:39 +0000
ROA not before:           Tue 10 Jan 2023 16:03:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39010
IP address blocks:        109.75.64.0/24 maxlen: 24
                          109.75.69.0/24 maxlen: 24
                          109.75.70.0/24 maxlen: 24
                          109.75.71.0/24 maxlen: 24
                          109.75.65.0/24 maxlen: 24
                          109.75.66.0/24 maxlen: 24
                          109.75.67.0/24 maxlen: 24
                          109.75.68.0/24 maxlen: 24
                          109.75.72.0/24 maxlen: 24
                          109.75.73.0/24 maxlen: 24
                          109.75.74.0/24 maxlen: 24
                          109.75.75.0/24 maxlen: 24
                          109.75.76.0/24 maxlen: 24
                          109.75.77.0/24 maxlen: 24
                          109.75.78.0/24 maxlen: 24
                          109.75.79.0/24 maxlen: 24
                          185.204.49.0/24 maxlen: 24
                          185.204.50.0/24 maxlen: 24
                          185.204.51.0/24 maxlen: 24
                          185.204.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:9c:6c:43:b3:7d:84:89:fc:e1:25:b5:24:87:a0:4e:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
        Validity
            Not Before: Jan 10 16:03:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=11ee76b68bf4000b40f356db66f97eb9ec01dd85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:59:14:9c:49:49:57:f1:73:05:8b:bd:ca:ef:
                    24:49:89:da:d7:a5:91:4f:b2:38:92:a0:46:e4:f0:
                    56:2f:15:d3:53:a1:b0:1d:d8:f1:77:76:91:aa:55:
                    c8:18:07:d6:0b:ea:65:97:db:f8:8c:80:e1:18:90:
                    f3:f2:6e:65:1b:aa:4b:8a:43:27:eb:92:0b:30:a2:
                    9d:ac:6f:d7:b3:4b:e3:3a:0a:eb:ae:23:38:2a:6f:
                    ce:79:6e:a8:f2:f7:2f:a2:26:b9:0e:4d:98:9d:f9:
                    17:4d:d6:b2:64:90:ef:d7:49:d5:7b:2b:c4:60:32:
                    37:6f:fa:88:73:de:69:c9:e5:e4:28:e4:a7:f4:a3:
                    6d:4d:a8:f2:12:7b:87:3c:a5:c9:85:33:f7:63:ec:
                    e5:8e:8d:2e:ec:c1:9b:57:c1:8b:8c:2c:3c:fb:77:
                    85:f2:f4:00:e3:de:ca:27:f8:b1:18:f1:39:6d:82:
                    6f:f6:18:e9:c3:87:c9:f9:97:da:0a:a2:a2:54:4c:
                    b7:1b:da:51:42:53:90:e4:9e:4d:bf:d9:9f:19:1c:
                    83:23:47:8f:d2:86:43:7f:a5:d7:43:eb:1c:d4:ed:
                    e3:4d:87:44:f5:ce:a6:7c:c1:d0:1e:06:58:0f:5d:
                    4b:b7:81:78:42:04:c4:59:fb:58:e6:72:37:dd:56:
                    20:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:EE:76:B6:8B:F4:00:0B:40:F3:56:DB:66:F9:7E:B9:EC:01:DD:85
            X509v3 Authority Key Identifier:
                keyid:DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/Ee52tov0AAtA81bbZvl-uewB3YU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.75.64.0/20
                  185.204.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b9:57:10:45:48:36:8a:07:94:7c:66:95:28:4a:0a:41:aa:8c:
         45:ed:13:89:5a:8d:6e:c5:85:39:ab:25:b1:81:19:35:e1:56:
         ec:47:f9:71:74:d4:80:17:30:74:12:6f:ac:25:18:ec:a4:ba:
         fc:5b:3b:37:e9:7c:96:4a:25:16:88:89:ea:32:1e:e0:7f:e8:
         41:21:16:11:d0:80:c2:ad:dd:ed:08:e6:6d:b9:21:0b:27:ee:
         1d:b3:d8:ca:04:de:34:46:18:ab:0c:45:3e:b2:d0:a9:92:6f:
         20:5b:3a:0d:d8:9f:b1:8c:96:de:de:9d:7c:76:8b:b1:b6:d5:
         64:53:46:18:84:8c:e5:13:03:86:53:f0:15:60:d7:dc:ec:be:
         da:44:8f:fb:4e:c2:ec:c5:bc:0e:4f:9d:91:8d:88:78:5d:0c:
         f4:3d:79:10:ab:ad:90:b3:60:58:5d:d9:02:1f:76:37:dc:12:
         91:13:e8:ba:53:08:b3:8f:3e:bd:06:b3:fa:a7:90:f3:5b:42:
         f4:88:24:26:31:82:e9:dd:b9:4a:b2:bf:f0:c0:b0:ec:89:20:
         c5:ed:2e:42:57:bb:44:a1:5d:04:2b:7f:87:1c:d6:9c:0e:dc:
         98:50:74:7b:9e:f3:da:6f:bc:36:2c:ac:e3:a4:73:cc:43:ba:
         93:a4:69:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWcbEOzfYSJ/OEltSSHoE6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNWYyZTdjYzJjNjg3ZjU4YzBkMWY2MTMyYmIyZGNmZGYz
OGNiNjQwHhcNMjMwMTEwMTYwMzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWVlNzZiNjhiZjQwMDBiNDBmMzU2ZGI2NmY5N2ViOWVjMDFkZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lkUnElJV/FzBYu9yu8kSYna16WR
T7I4kqBG5PBWLxXTU6GwHdjxd3aRqlXIGAfWC+pll9v4jIDhGJDz8m5lG6pLikMn
65ILMKKdrG/Xs0vjOgrrriM4Km/OeW6o8vcvoia5Dk2YnfkXTdayZJDv10nVeyvE
YDI3b/qIc95pyeXkKOSn9KNtTajyEnuHPKXJhTP3Y+zljo0u7MGbV8GLjCw8+3eF
8vQA497KJ/ixGPE5bYJv9hjpw4fJ+ZfaCqKiVEy3G9pRQlOQ5J5Nv9mfGRyDI0eP
0oZDf6XXQ+sc1O3jTYdE9c6mfMHQHgZYD11Lt4F4QgTEWftY5nI33VYghwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBHudraL9AALQPNW22b5frnsAd2FMB8GA1UdIwQY
MBaAFN1fLnzCxof1jA0fYTK7Lc/fOMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMt
OWRjZmQyZWYzMDIzLzEvRWU1MnRvdjBBQXRBODFiYlp2bC11ZXdCM1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMtOWRjZmQyZWYzMDIz
LzEvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEbUtAAwQC
ucwwMA0GCSqGSIb3DQEBCwUAA4IBAQC5VxBFSDaKB5R8ZpUoSgpBqoxF7ROJWo1u
xYU5qyWxgRk14VbsR/lxdNSAFzB0Em+sJRjspLr8Wzs36XyWSiUWiInqMh7gf+hB
IRYR0IDCrd3tCOZtuSELJ+4ds9jKBN40RhirDEU+stCpkm8gWzoN2J+xjJbe3p18
douxttVkU0YYhIzlEwOGU/AVYNfc7L7aRI/7TsLsxbwOT52RjYh4XQz0PXkQq62Q
s2BYXdkCH3Y33BKRE+i6Uwizjz69BrP6p5DzW0L0iCQmMYLp3blKsr/wwLDsiSDF
7S5CV7tEoV0EK3+HHNacDtyYUHR7nvPab7w2LKzjpHPMQ7qTpGnb
-----END CERTIFICATE-----