Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/DBFwNtmMKmvPRkB_-Qdp45dUdwc.roa
File:                     DBFwNtmMKmvPRkB_-Qdp45dUdwc.roa (raw, json)
Hash identifier:          XG0g9vGSUGGfsIY4WVFbtMj3luxTN6HGTkNIOuIhxCo=
Subject key identifier:   0C:11:70:36:D9:8C:2A:6B:CF:46:40:7F:F9:07:69:E3:97:54:77:07
Certificate issuer:       /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial:       018C4EED4101434E0160407C6ABC7989EE6B
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/DBFwNtmMKmvPRkB_-Qdp45dUdwc.roa
Signing time:             Sat 09 Dec 2023 14:13:40 +0000
ROA not before:           Sat 09 Dec 2023 14:13:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212271
IP address blocks:        2a05:4140::/29 maxlen: 48
                          2a05:4143::/32 maxlen: 48
                          2a05:4140:187::/48 maxlen: 48
                          2a05:4140:32::/48 maxlen: 48
                          2a11:e102::/32 maxlen: 32
                          2a05:4140:400::/40 maxlen: 48
                          2a05:4140:100::/40 maxlen: 48
                          2a05:4140:300::/40 maxlen: 40
                          2a05:4140:30::/48 maxlen: 48
                          2a05:4140:10::/48 maxlen: 48
                          2a05:4140:190::/48 maxlen: 48
                          2a05:4140:16::/48 maxlen: 48
                          2a05:4140:31::/48 maxlen: 48
                          2a05:4140:4::/48 maxlen: 48
                          2a05:4144::/32 maxlen: 32
                          2a05:4140:5::/48 maxlen: 48
                          2a05:4140:15::/48 maxlen: 48
                          2a05:4140:8::/48 maxlen: 48
                          2a05:4140:3::/48 maxlen: 48
                          2a05:4140:29::/48 maxlen: 48
                          2a05:4140:9::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 26 Dec 2023 15:35:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:4e:ed:41:01:43:4e:01:60:40:7c:6a:bc:79:89:ee:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
        Validity
            Not Before: Dec  9 14:13:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0c117036d98c2a6bcf46407ff90769e397547707
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ed:03:a2:f6:2e:70:6e:c1:c5:38:ec:ce:88:
                    35:2f:54:f7:40:06:bc:c5:1d:38:2f:ae:67:c3:e1:
                    4f:3e:b5:16:3c:cc:f7:2f:d6:95:d8:31:02:49:a9:
                    bd:2e:81:ce:bd:c2:54:2e:ba:c6:88:23:bb:08:a5:
                    80:4e:f6:be:4d:60:d5:e3:e1:ce:16:0b:49:a6:57:
                    a5:a5:c2:ca:0b:15:4d:da:b8:fb:62:1b:ff:ae:f8:
                    39:be:6b:ac:dc:83:3b:e9:e5:b3:8f:8b:8c:54:9b:
                    70:99:c3:9e:6a:f5:16:1f:fa:58:67:43:6a:ec:c4:
                    3e:28:6b:c6:0f:d9:ee:da:55:61:d7:fe:8d:c0:b9:
                    1c:01:60:97:2b:3d:40:9b:53:00:82:36:e2:4c:35:
                    91:43:c8:4b:92:72:91:86:68:e2:a7:3d:53:aa:e5:
                    a0:5e:15:03:70:fd:e7:1c:94:c9:6b:ee:d4:ac:4e:
                    55:99:23:d2:61:23:e9:89:50:3f:27:82:8c:69:31:
                    50:82:ff:a8:1e:53:69:7f:bc:ea:e1:cb:33:bb:ca:
                    11:7d:38:50:8a:20:78:b7:d0:7c:fe:64:16:e4:97:
                    a2:a0:7a:f6:01:e5:5d:ae:c2:23:7f:01:cc:92:4a:
                    5e:2d:a6:7d:31:e6:e3:e0:6e:5c:54:73:26:ac:51:
                    99:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:11:70:36:D9:8C:2A:6B:CF:46:40:7F:F9:07:69:E3:97:54:77:07
            X509v3 Authority Key Identifier:
                keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/DBFwNtmMKmvPRkB_-Qdp45dUdwc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:4140::/29
                  2a11:e102::/32

    Signature Algorithm: sha256WithRSAEncryption
         94:35:0d:63:80:75:9b:61:5d:a0:fd:12:e8:39:85:54:50:aa:
         9d:ad:2a:91:27:b4:6c:fd:b3:53:41:7a:fa:bf:6f:89:5e:a2:
         27:6f:62:56:02:b4:4c:f4:f6:c3:e9:2c:f7:bf:3d:2d:50:35:
         ff:1c:45:3b:bc:38:bf:91:ad:d9:cb:d6:ee:6b:70:fb:a8:59:
         6b:61:5d:91:f5:59:28:89:87:18:df:ee:cb:fc:75:e6:ac:67:
         1d:e1:5f:3a:8d:27:f3:fa:58:03:3e:61:fa:5d:b1:f8:3c:1d:
         2c:1d:5c:c1:e3:58:d6:c7:42:c7:f7:74:8c:d9:e8:00:7c:ed:
         bf:20:c5:d2:5e:e0:02:c9:2b:20:b1:e9:f3:cb:62:1f:31:d1:
         84:33:eb:ce:45:6d:61:e8:45:b1:94:1d:75:62:10:f7:f0:1c:
         23:dd:25:a9:8b:09:6f:9d:6e:93:6a:1b:1e:d7:09:5b:d2:71:
         a4:50:35:26:85:db:de:7d:98:48:3d:4d:8c:0b:e2:ab:f7:3c:
         b4:a1:d8:4f:e5:20:25:af:25:b0:67:8c:f9:a9:af:39:83:1e:
         8a:63:d9:e1:d6:68:bb:d1:0c:57:4c:92:4b:f0:dc:a5:f3:da:
         e1:18:1f:44:35:24:cc:e5:b2:8f:4e:0c:d0:c8:84:66:a6:17:
         6e:e0:af:a2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYxO7UEBQ04BYEB8arx5ie5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjMxMjA5MTQxMzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzExNzAzNmQ5OGMyYTZiY2Y0NjQwN2ZmOTA3NjllMzk3NTQ3NzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu0DovYucG7BxTjszog1L1T3QAa8
xR04L65nw+FPPrUWPMz3L9aV2DECSam9LoHOvcJULrrGiCO7CKWATva+TWDV4+HO
FgtJplelpcLKCxVN2rj7Yhv/rvg5vmus3IM76eWzj4uMVJtwmcOeavUWH/pYZ0Nq
7MQ+KGvGD9nu2lVh1/6NwLkcAWCXKz1Am1MAgjbiTDWRQ8hLknKRhmjipz1TquWg
XhUDcP3nHJTJa+7UrE5VmSPSYSPpiVA/J4KMaTFQgv+oHlNpf7zq4cszu8oRfThQ
iiB4t9B8/mQW5JeioHr2AeVdrsIjfwHMkkpeLaZ9Mebj4G5cVHMmrFGZPQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAwRcDbZjCprz0ZAf/kHaeOXVHcHMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvREJGd050bU1LbXZQUmtCXy1RZHA0NWRVZHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgVBQAMF
ACoR4QIwDQYJKoZIhvcNAQELBQADggEBAJQ1DWOAdZthXaD9Eug5hVRQqp2tKpEn
tGz9s1NBevq/b4leoidvYlYCtEz09sPpLPe/PS1QNf8cRTu8OL+RrdnL1u5rcPuo
WWthXZH1WSiJhxjf7sv8deasZx3hXzqNJ/P6WAM+Yfpdsfg8HSwdXMHjWNbHQsf3
dIzZ6AB87b8gxdJe4ALJKyCx6fPLYh8x0YQz685FbWHoRbGUHXViEPfwHCPdJamL
CW+dbpNqGx7XCVvScaRQNSaF2959mEg9TYwL4qv3PLSh2E/lICWvJbBnjPmprzmD
Hopj2eHWaLvRDFdMkkvw3KXz2uEYH0Q1JMzlso9ODNDIhGamF27gr6I=
-----END CERTIFICATE-----