Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/DG58wrNFrU9TJAyL2FAoCu_FZyM.roa
File:                     DG58wrNFrU9TJAyL2FAoCu_FZyM.roa (raw, json)
Hash identifier:          2K845KXVwsTgsk+pKe/wxLcsE8LF7imSpJcl+10fiQk=
Subject key identifier:   0C:6E:7C:C2:B3:45:AD:4F:53:24:0C:8B:D8:50:28:0A:EF:C5:67:23
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       0185CDBE62918CC4BA8FBA70BB6C2A67CB2F
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/DG58wrNFrU9TJAyL2FAoCu_FZyM.roa
Signing time:             Fri 20 Jan 2023 05:54:44 +0000
ROA not before:           Fri 20 Jan 2023 05:54:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     22773
IP address blocks:        85.8.160.0/23 maxlen: 23
                          85.8.162.0/23 maxlen: 23
                          217.18.208.0/22 maxlen: 22
                          92.249.62.0/23 maxlen: 23
                          92.249.60.0/23 maxlen: 23
                          193.187.108.0/22 maxlen: 22
                          84.54.0.0/23 maxlen: 23
                          84.54.2.0/23 maxlen: 23
                          85.8.144.0/23 maxlen: 23
                          176.53.156.0/23 maxlen: 23
                          176.53.158.0/23 maxlen: 23
                          85.8.146.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Fri 20 Jan 2023 14:03:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:cd:be:62:91:8c:c4:ba:8f:ba:70:bb:6c:2a:67:cb:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Jan 20 05:54:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0c6e7cc2b345ad4f53240c8bd850280aefc56723
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:69:5d:44:87:61:83:02:8e:54:44:9a:b0:c0:
                    d5:27:94:91:fc:4d:c9:ec:0e:08:d6:09:58:c9:19:
                    f1:4f:30:6b:47:86:7a:2a:d5:86:21:4f:55:ee:25:
                    4b:f5:d3:94:7f:fa:ce:47:97:cd:9a:8a:46:8b:52:
                    1c:61:df:ea:ea:0a:e6:33:e9:9a:ff:f4:d3:b5:2c:
                    be:ea:52:92:5e:dc:06:8e:aa:ae:f6:64:25:dd:8a:
                    cc:4f:4e:c7:ed:93:f1:b4:bc:ee:b0:80:7e:62:07:
                    79:ad:67:3c:96:da:be:3a:44:12:b5:71:2a:77:c4:
                    9e:64:91:7f:b5:28:b9:6f:e0:50:86:32:2b:fb:9c:
                    05:45:c0:65:57:48:72:d5:8d:db:a2:f0:f4:70:16:
                    04:c7:47:dc:04:a6:6a:eb:fc:ea:25:60:9f:f2:5e:
                    03:2b:2e:91:49:39:2d:61:5b:33:b3:8e:fc:4e:65:
                    e4:88:18:78:8a:54:c7:b7:7b:37:35:ed:b1:df:95:
                    f2:ba:71:7b:0f:49:95:82:b1:c1:c5:c5:ea:75:22:
                    a9:6b:44:bf:e9:df:7a:ec:33:ed:e1:39:a6:95:17:
                    c1:34:87:f1:d7:2c:92:dd:05:ea:05:3f:f8:24:86:
                    e7:56:fe:51:01:09:30:37:8d:ef:e3:c4:e9:e9:26:
                    bb:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:6E:7C:C2:B3:45:AD:4F:53:24:0C:8B:D8:50:28:0A:EF:C5:67:23
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/DG58wrNFrU9TJAyL2FAoCu_FZyM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.54.0.0/22
                  85.8.144.0/22
                  85.8.160.0/22
                  92.249.60.0/22
                  176.53.156.0/22
                  193.187.108.0/22
                  217.18.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7a:ee:23:1b:29:57:47:29:c4:ed:5a:70:79:10:6f:a5:05:31:
         37:b7:1d:76:71:05:e6:74:ef:47:7e:89:fb:2b:4c:8e:c6:b0:
         5d:df:aa:7c:63:f5:80:ce:d3:26:66:0b:8c:b8:52:62:0e:0a:
         b4:81:9d:55:e1:fc:04:62:8c:c2:96:ed:37:22:80:4e:9b:9c:
         20:a6:7c:b2:c2:0f:32:d7:de:39:4d:47:d4:26:8a:86:15:6d:
         33:48:5b:ac:6b:32:2a:f1:2e:80:f7:7a:55:db:4d:29:d6:c0:
         7f:8d:89:29:74:46:20:a9:1d:76:ce:dc:14:a8:e6:17:8e:6a:
         01:1f:16:9b:35:91:17:25:09:a7:8e:d7:13:35:b8:5a:3f:65:
         13:66:b1:96:c4:6c:e0:c7:f8:f4:44:50:17:89:2e:e9:36:3a:
         f3:4d:88:75:51:47:89:aa:e3:6b:16:0d:ec:e5:27:cb:9f:76:
         58:c4:83:a0:b2:58:48:6d:d1:b2:d8:51:51:a5:bf:b2:ee:0d:
         00:f7:4c:49:10:4c:14:85:ce:f5:d6:df:b6:3e:50:33:2c:95:
         0a:bf:ac:28:16:c9:2d:c2:c8:d6:c5:eb:44:6d:1f:c5:0b:a1:
         c6:da:d7:f2:e7:0f:48:b9:32:54:b0:3f:1a:58:ea:68:4f:6d:
         40:e3:af:5a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYXNvmKRjMS6j7pwu2wqZ8svMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMTIwMDU1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzZlN2NjMmIzNDVhZDRmNTMyNDBjOGJkODUwMjgwYWVmYzU2NzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGldRIdhgwKOVESasMDVJ5SR/E3J
7A4I1glYyRnxTzBrR4Z6KtWGIU9V7iVL9dOUf/rOR5fNmopGi1IcYd/q6grmM+ma
//TTtSy+6lKSXtwGjqqu9mQl3YrMT07H7ZPxtLzusIB+Ygd5rWc8ltq+OkQStXEq
d8SeZJF/tSi5b+BQhjIr+5wFRcBlV0hy1Y3bovD0cBYEx0fcBKZq6/zqJWCf8l4D
Ky6RSTktYVszs478TmXkiBh4ilTHt3s3Ne2x35XyunF7D0mVgrHBxcXqdSKpa0S/
6d967DPt4TmmlRfBNIfx1yyS3QXqBT/4JIbnVv5RAQkwN43v48Tp6Sa7OQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAxufMKzRa1PUyQMi9hQKArvxWcjMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvREc1OHdyTkZyVTlUSkF5TDJGQW9DdV9GWnlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCVDYAAwQC
VQiQAwQCVQigAwQCXPk8AwQCsDWcAwQCwbtsAwQC2RLQMA0GCSqGSIb3DQEBCwUA
A4IBAQB67iMbKVdHKcTtWnB5EG+lBTE3tx12cQXmdO9Hfon7K0yOxrBd36p8Y/WA
ztMmZguMuFJiDgq0gZ1V4fwEYozClu03IoBOm5wgpnyywg8y1945TUfUJoqGFW0z
SFusazIq8S6A93pV200p1sB/jYkpdEYgqR12ztwUqOYXjmoBHxabNZEXJQmnjtcT
NbhaP2UTZrGWxGzgx/j0RFAXiS7pNjrzTYh1UUeJquNrFg3s5SfLn3ZYxIOgslhI
bdGy2FFRpb+y7g0A90xJEEwUhc711t+2PlAzLJUKv6woFsktwsjWxetEbR/FC6HG
2tfy5w9IuTJUsD8aWOpoT21A469a
-----END CERTIFICATE-----