Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/gIw6PVDIgsjwu94OmFqfNJdYvc0.roa
File:                     gIw6PVDIgsjwu94OmFqfNJdYvc0.roa (raw, json)
Hash identifier:          LGiuY3n+Ia9dhuaihiYU3Jh8SI6ejQOgkxqQAnVLmGA=
Subject key identifier:   80:8C:3A:3D:50:C8:82:C8:F0:BB:DE:0E:98:5A:9F:34:97:58:BD:CD
Certificate issuer:       /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial:       0188B53C3B2CCF3E632860C04C7D9C0937DC
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/gIw6PVDIgsjwu94OmFqfNJdYvc0.roa
Signing time:             Tue 13 Jun 2023 14:50:03 +0000
ROA not before:           Tue 13 Jun 2023 14:50:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        45.150.64.0/24 maxlen: 32
                          45.150.67.0/24 maxlen: 32
                          45.150.65.0/24 maxlen: 32
                          5.181.20.0/24 maxlen: 32
                          5.181.22.0/24 maxlen: 32
                          5.181.21.0/24 maxlen: 32
                          185.234.247.0/24 maxlen: 32
                          5.181.23.0/24 maxlen: 32
                          45.144.29.0/24 maxlen: 32
                          45.144.28.0/24 maxlen: 32
                          45.144.31.0/24 maxlen: 32
                          45.144.30.0/24 maxlen: 32
                          45.140.147.0/24 maxlen: 32
                          45.140.146.0/24 maxlen: 32

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b5:3c:3b:2c:cf:3e:63:28:60:c0:4c:7d:9c:09:37:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
        Validity
            Not Before: Jun 13 14:50:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=808c3a3d50c882c8f0bbde0e985a9f349758bdcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:1c:4b:52:ef:59:5f:4c:2d:5a:fb:6a:9e:c4:
                    e1:06:c1:0a:95:b2:5b:96:f5:d3:5b:d8:87:c3:e6:
                    f6:e9:77:95:67:9e:32:62:70:0d:a7:09:28:4b:57:
                    d1:3c:0f:dc:ab:bd:01:bb:db:ab:fd:c1:bc:08:0e:
                    6e:08:f2:3a:f1:e0:15:1e:ca:c7:0a:1b:60:34:a1:
                    51:30:e2:0f:62:27:c2:bd:ef:79:56:39:05:12:7f:
                    6c:6b:8a:f0:e7:65:94:16:01:ac:d7:62:0f:84:57:
                    9f:54:56:08:63:23:c4:fe:8b:69:6f:75:f0:cf:e6:
                    0b:ea:79:75:87:a2:0d:72:f7:a9:6d:c4:0b:34:d6:
                    68:90:66:9b:9c:17:c5:c0:89:8b:52:b1:11:0d:d0:
                    ef:c5:2e:a3:12:19:10:8b:4e:2b:1a:ac:b6:b9:eb:
                    e9:4d:26:85:66:a0:60:ac:95:3d:50:d4:bb:54:57:
                    23:fb:54:28:51:f6:54:08:e9:84:9b:91:93:14:2b:
                    6f:0c:aa:c7:3a:9d:39:74:61:77:cb:7c:58:fd:4d:
                    4d:00:22:2f:3a:c1:bd:de:e3:b5:69:97:ec:e0:be:
                    26:5c:91:49:f3:b9:42:2a:f9:37:d0:67:af:d2:4e:
                    db:4f:22:ff:09:a6:4d:a9:e1:91:dc:ef:db:b7:fd:
                    3d:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:8C:3A:3D:50:C8:82:C8:F0:BB:DE:0E:98:5A:9F:34:97:58:BD:CD
            X509v3 Authority Key Identifier:
                keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/gIw6PVDIgsjwu94OmFqfNJdYvc0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.181.20.0/22
                  45.140.146.0/23
                  45.144.28.0/22
                  45.150.64.0/23
                  45.150.67.0/24
                  185.234.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:7c:75:2f:8b:ea:95:0a:db:66:84:55:a8:c9:db:4a:57:81:
         c3:0a:d1:43:62:e9:d7:02:47:5d:43:72:48:fe:1e:cb:e0:80:
         0c:14:a4:d2:db:dc:4d:78:ac:9a:03:e6:c1:fc:c1:64:0b:87:
         f1:5b:7a:f4:57:3f:12:4b:1d:b8:85:54:71:2f:ef:fa:e7:a6:
         30:94:11:96:40:c2:61:e6:0f:33:a3:df:9b:0d:18:89:fb:5a:
         49:3a:1f:d8:21:6b:b0:11:f7:06:90:e8:6f:58:07:3e:c5:ba:
         f8:6a:47:15:cd:86:cb:9e:8f:36:9b:0e:91:52:93:72:a4:ce:
         9f:6a:30:e0:7d:b9:25:f1:b1:3d:8c:68:4c:7b:1c:db:6f:53:
         51:9d:49:d4:d0:a0:8b:70:9a:15:5d:a7:ea:d9:71:b4:4d:55:
         57:fc:6b:28:9c:a7:e2:ab:a2:e2:6f:de:30:fa:d5:c4:e2:61:
         4d:05:31:9f:eb:8f:c3:f5:c1:b7:c2:24:eb:cd:9e:b9:d6:ef:
         6e:c9:c6:4a:a8:0f:c5:55:84:59:b5:6c:82:59:94:98:e2:0c:
         e5:91:31:39:de:75:ac:f6:5a:c4:48:dd:0d:98:33:29:28:d9:
         ea:1c:f7:66:7d:a1:b3:35:08:e1:02:81:c0:6b:92:ba:0e:a7:
         9d:3f:42:01
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYi1PDsszz5jKGDATH2cCTfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwNjEzMTQ1MDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDhjM2EzZDUwYzg4MmM4ZjBiYmRlMGU5ODVhOWYzNDk3NThiZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBxLUu9ZX0wtWvtqnsThBsEKlbJb
lvXTW9iHw+b26XeVZ54yYnANpwkoS1fRPA/cq70Bu9ur/cG8CA5uCPI68eAVHsrH
ChtgNKFRMOIPYifCve95VjkFEn9sa4rw52WUFgGs12IPhFefVFYIYyPE/otpb3Xw
z+YL6nl1h6INcvepbcQLNNZokGabnBfFwImLUrERDdDvxS6jEhkQi04rGqy2uevp
TSaFZqBgrJU9UNS7VFcj+1QoUfZUCOmEm5GTFCtvDKrHOp05dGF3y3xY/U1NACIv
OsG93uO1aZfs4L4mXJFJ87lCKvk30Gev0k7bTyL/CaZNqeGR3O/bt/09EQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFICMOj1QyILI8LveDphanzSXWL3NMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvZ0l3NlBWRElnc2p3dTk0T21GcWZOSmRZdmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBbUUAwQB
LYySAwQCLZAcAwQBLZZAAwQALZZDAwQAuer3MA0GCSqGSIb3DQEBCwUAA4IBAQAI
fHUvi+qVCttmhFWoydtKV4HDCtFDYunXAkddQ3JI/h7L4IAMFKTS29xNeKyaA+bB
/MFkC4fxW3r0Vz8SSx24hVRxL+/656YwlBGWQMJh5g8zo9+bDRiJ+1pJOh/YIWuw
EfcGkOhvWAc+xbr4akcVzYbLno82mw6RUpNypM6fajDgfbkl8bE9jGhMexzbb1NR
nUnU0KCLcJoVXafq2XG0TVVX/GsonKfiq6Lib94w+tXE4mFNBTGf64/D9cG3wiTr
zZ651u9uycZKqA/FVYRZtWyCWZSY4gzlkTE53nWs9lrESN0NmDMpKNnqHPdmfaGz
NQjhAoHAa5K6DqedP0IB
-----END CERTIFICATE-----