Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/uwJs0JpnNJ-JTFr8qGnCgSZ2e7U.roa
File:                     uwJs0JpnNJ-JTFr8qGnCgSZ2e7U.roa (raw, json)
Hash identifier:          EtCCE+F1EufMnFE09UPBEEJmsnS6toXY7QaBiKKPv6Y=
Subject key identifier:   BB:02:6C:D0:9A:67:34:9F:89:4C:5A:FC:A8:69:C2:81:26:76:7B:B5
Certificate issuer:       /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial:       018CC6B8C65EE868D9A027AD2F1E7929161F
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/uwJs0JpnNJ-JTFr8qGnCgSZ2e7U.roa
Signing time:             Mon 01 Jan 2024 20:30:47 +0000
ROA not before:           Mon 01 Jan 2024 20:30:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     22773
IP address blocks:        85.8.160.0/23 maxlen: 23
                          85.8.162.0/23 maxlen: 23
                          185.231.224.0/22 maxlen: 22
                          193.187.108.0/22 maxlen: 22
                          213.139.224.0/22 maxlen: 22
                          84.54.0.0/23 maxlen: 23
                          84.54.2.0/23 maxlen: 23
                          85.8.144.0/23 maxlen: 23
                          85.8.146.0/23 maxlen: 23
                          176.53.168.0/22 maxlen: 22
                          85.8.156.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 11:26:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b8:c6:5e:e8:68:d9:a0:27:ad:2f:1e:79:29:16:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
        Validity
            Not Before: Jan  1 20:30:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bb026cd09a67349f894c5afca869c28126767bb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:d1:fe:51:be:70:5b:3d:a3:f1:c3:d0:10:56:
                    cd:1d:f7:12:2b:16:dc:14:d7:74:6c:01:d2:b5:1a:
                    20:6f:8c:37:b7:e3:47:ab:b2:ee:7b:b5:3c:7e:7c:
                    74:fb:a4:a3:03:73:65:eb:20:39:82:46:9c:b2:18:
                    ce:8a:2b:9e:65:6e:3c:3b:ad:7e:0a:af:6a:aa:37:
                    ab:2a:c5:fc:26:3c:4d:42:dd:93:0c:d1:c4:c5:f8:
                    a5:f8:87:30:ad:1c:37:28:8a:48:62:4a:02:fe:e7:
                    69:93:20:c9:11:f8:36:f5:e3:45:0b:30:e3:04:03:
                    2d:75:47:42:d1:14:a9:af:3e:64:b3:49:38:71:d3:
                    6a:2a:f8:91:9a:4e:08:69:31:0f:ad:17:7f:8e:2e:
                    5b:f8:fa:db:87:29:83:64:73:8c:b0:55:35:a0:9e:
                    79:f5:2b:61:ab:05:ba:5a:ac:11:87:fd:9d:75:1f:
                    66:f9:e6:d0:1a:b6:e3:55:56:24:3e:ed:23:6c:bf:
                    9c:f9:43:20:fb:48:c6:6d:12:c3:49:6e:06:7f:d8:
                    a2:d3:f2:4b:f0:dc:b0:2f:57:37:2d:f3:88:cb:b4:
                    98:0c:c8:f7:cb:60:58:4c:eb:0b:90:94:ef:4c:c7:
                    8a:a6:5b:01:fc:6b:3f:c7:19:42:01:7b:81:ec:be:
                    1e:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:02:6C:D0:9A:67:34:9F:89:4C:5A:FC:A8:69:C2:81:26:76:7B:B5
            X509v3 Authority Key Identifier:
                keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/uwJs0JpnNJ-JTFr8qGnCgSZ2e7U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.54.0.0/22
                  85.8.144.0/22
                  85.8.156.0-85.8.163.255
                  176.53.168.0/22
                  185.231.224.0/22
                  193.187.108.0/22
                  213.139.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:c1:1a:8f:7c:9d:99:ab:8d:d9:a4:f7:01:a9:68:35:fb:59:
         8a:9c:23:37:15:31:10:21:5e:cb:06:d4:09:e3:61:41:c3:2f:
         20:f3:e1:2f:9b:95:1e:2c:ad:19:bf:ba:ef:40:35:d5:c3:98:
         b0:20:ed:c9:ff:4a:ff:e0:35:18:e1:14:16:a5:26:35:cd:cf:
         fd:b5:08:0e:cc:28:df:ea:9c:6a:bb:c6:00:e6:a7:30:ee:7c:
         35:3f:43:fe:74:d5:14:2d:ea:a0:48:8b:d6:f7:d2:9c:61:17:
         97:1f:12:cb:15:3e:09:5a:b5:41:7e:e4:15:06:aa:fa:50:f9:
         2e:dd:76:c1:4f:78:68:28:11:3d:fe:24:3e:2a:09:48:2a:4a:
         24:27:1e:7c:6c:48:15:06:2b:d5:c9:5a:58:bc:10:d1:5f:f7:
         ae:a9:9e:b7:3b:4f:e4:98:4f:54:6d:ae:5b:25:31:d9:c3:a4:
         c8:15:06:13:bb:88:74:93:18:43:bf:9b:2a:a2:77:c2:3b:c0:
         22:41:cb:10:35:24:9d:81:a2:50:08:78:94:67:d2:79:ef:65:
         5c:3d:19:9c:af:10:98:77:ee:a5:6b:81:3d:dc:d9:01:0c:3b:
         53:eb:00:74:d6:7a:10:2f:3a:7f:02:2d:89:fb:f9:cf:62:32:
         e3:9b:22:2b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzGuMZe6GjZoCetLx55KRYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwMTAxMjAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjAyNmNkMDlhNjczNDlmODk0YzVhZmNhODY5YzI4MTI2NzY3YmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dH+Ub5wWz2j8cPQEFbNHfcSKxbc
FNd0bAHStRogb4w3t+NHq7Lue7U8fnx0+6SjA3Nl6yA5gkacshjOiiueZW48O61+
Cq9qqjerKsX8JjxNQt2TDNHExfil+IcwrRw3KIpIYkoC/udpkyDJEfg29eNFCzDj
BAMtdUdC0RSprz5ks0k4cdNqKviRmk4IaTEPrRd/ji5b+PrbhymDZHOMsFU1oJ55
9SthqwW6WqwRh/2ddR9m+ebQGrbjVVYkPu0jbL+c+UMg+0jGbRLDSW4Gf9ii0/JL
8NywL1c3LfOIy7SYDMj3y2BYTOsLkJTvTMeKplsB/Gs/xxlCAXuB7L4efwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLsCbNCaZzSfiUxa/KhpwoEmdnu1MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvdXdKczBKcG5OSi1KVEZyOHFHbkNnU1oyZTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCVDYAAwQC
VQiQMAwDBAJVCJwDBAJVCKADBAKwNagDBAK55+ADBALBu2wDBALVi+AwDQYJKoZI
hvcNAQELBQADggEBABDBGo98nZmrjdmk9wGpaDX7WYqcIzcVMRAhXssG1AnjYUHD
LyDz4S+blR4srRm/uu9ANdXDmLAg7cn/Sv/gNRjhFBalJjXNz/21CA7MKN/qnGq7
xgDmpzDufDU/Q/501RQt6qBIi9b30pxhF5cfEssVPglatUF+5BUGqvpQ+S7ddsFP
eGgoET3+JD4qCUgqSiQnHnxsSBUGK9XJWli8ENFf966pnrc7T+SYT1RtrlslMdnD
pMgVBhO7iHSTGEO/myqid8I7wCJByxA1JJ2BolAIeJRn0nnvZVw9GZyvEJh37qVr
gT3c2QEMO1PrAHTWehAvOn8CLYn7+c9iMuObIis=
-----END CERTIFICATE-----