Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/oAaBcFOThiElho-CeDPX7KwdMxg.roa
File:                     oAaBcFOThiElho-CeDPX7KwdMxg.roa (raw, json)
Hash identifier:          uC63yLlV68dA0w6G+PmekQjKMteLIKS+KUsNhsN2qqI=
Subject key identifier:   A0:06:81:70:53:93:86:21:25:86:8F:82:78:33:D7:EC:AC:1D:33:18
Certificate issuer:       /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial:       018F2E10C792AB3CDDC821034397EE4887B5
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/oAaBcFOThiElho-CeDPX7KwdMxg.roa
Signing time:             Tue 30 Apr 2024 08:13:22 +0000
ROA not before:           Tue 30 Apr 2024 08:13:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8300
IP address blocks:        193.5.20.0/23 maxlen: 23
                          193.5.30.0/24 maxlen: 24
                          193.5.158.0/23 maxlen: 24
                          193.134.248.0/23 maxlen: 23
                          194.209.74.0/24 maxlen: 24
                          212.243.101.0/24 maxlen: 24
                          2001:918:1ab::/48 maxlen: 48
                          2001:918:f00::/40 maxlen: 40
                          2001:918:ff70::/44 maxlen: 48
                          2001:918:ffb7::/48 maxlen: 48
Validation:               Failed, certificate revoked on Wed 01 Jan 2025 05:47:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:2e:10:c7:92:ab:3c:dd:c8:21:03:43:97:ee:48:87:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
        Validity
            Not Before: Apr 30 08:13:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a00681705393862125868f827833d7ecac1d3318
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:6a:d6:ed:6a:71:d4:82:23:86:b5:eb:00:a2:
                    66:0d:10:e8:23:4d:bd:bb:b4:a6:28:24:8e:23:18:
                    86:79:42:e6:eb:18:69:f3:f5:e3:f5:96:de:72:7d:
                    e2:80:3b:3d:cb:da:d7:3d:d8:d4:2f:c6:b2:c3:97:
                    09:a8:ad:12:65:07:a6:ec:1a:09:35:53:07:3e:e0:
                    38:eb:ba:3d:f4:7f:d3:8d:6f:e7:44:5f:21:23:d2:
                    33:04:3f:b7:cf:48:a5:23:c0:64:e4:e1:c0:d6:47:
                    6f:f1:d9:36:d2:a5:ad:0e:b2:f9:16:3d:bb:eb:96:
                    da:26:86:9b:b2:df:de:a9:41:7a:df:fc:e7:1a:3b:
                    8a:b1:d3:b3:1b:ff:d8:24:a1:fa:35:b0:97:a5:d7:
                    69:59:81:34:47:8d:7a:e3:f8:83:9d:4e:d3:a1:46:
                    4c:95:65:36:03:8d:7a:51:90:ac:1e:03:f7:79:8a:
                    f1:b2:75:e3:fa:62:d1:40:2d:61:e4:c1:f3:4e:55:
                    d1:91:6f:53:de:f9:ea:99:6f:09:61:47:0c:dd:b2:
                    ee:e6:46:b9:64:01:c5:48:12:c9:4f:28:5a:c6:af:
                    4d:cd:61:74:5f:4d:d6:78:fc:79:53:7c:bb:36:71:
                    52:07:0e:b3:1a:50:06:b6:f4:76:4f:52:ec:a6:11:
                    7b:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:06:81:70:53:93:86:21:25:86:8F:82:78:33:D7:EC:AC:1D:33:18
            X509v3 Authority Key Identifier:
                keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/oAaBcFOThiElho-CeDPX7KwdMxg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.5.20.0/23
                  193.5.30.0/24
                  193.5.158.0/23
                  193.134.248.0/23
                  194.209.74.0/24
                  212.243.101.0/24
                IPv6:
                  2001:918:1ab::/48
                  2001:918:f00::/40
                  2001:918:ff70::/44
                  2001:918:ffb7::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:f2:74:62:7a:cc:e4:c9:76:67:0b:36:44:04:b0:83:ea:12:
         6b:6f:cb:7c:40:4c:a7:c4:69:97:c2:0a:ca:c4:ad:15:f2:86:
         24:b1:ee:b0:28:62:cd:ea:8c:08:90:8c:30:4a:15:bd:9c:61:
         44:6f:51:f6:a5:06:af:ff:28:72:25:c1:a7:74:df:db:0f:b8:
         5b:b6:40:97:5f:85:50:c6:03:a5:c8:31:b8:a5:26:43:76:4d:
         68:88:0a:9a:f3:3a:e2:20:b9:bb:07:45:88:a1:7e:21:8c:b8:
         f2:8c:f6:e3:50:cc:6f:ee:89:c4:f2:56:83:96:c7:b2:d7:e7:
         95:fa:c2:f2:a6:2d:54:15:81:f3:c1:00:94:63:df:db:ef:4c:
         eb:8b:42:b9:fa:f0:dc:d9:aa:f8:82:22:8f:1f:db:f6:4f:92:
         e7:6e:3c:77:c3:93:5f:37:3b:54:6c:5f:aa:a7:ea:2a:cf:93:
         9f:40:4b:63:09:c8:63:76:9e:ee:33:22:9a:8b:94:1e:6f:b3:
         27:b3:20:6a:e4:21:96:c6:b4:05:27:98:d2:b9:7a:42:de:2a:
         43:95:ac:a0:b0:8a:2c:85:07:da:77:bf:6b:fd:60:e0:f2:41:
         6c:f0:16:f5:93:10:51:cb:be:df:c7:6e:7e:af:d7:09:2e:e5:
         92:b9:bb:35
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAY8uEMeSqzzdyCEDQ5fuSIe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwNDMwMDgxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDA2ODE3MDUzOTM4NjIxMjU4NjhmODI3ODMzZDdlY2FjMWQzMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WrW7Wpx1IIjhrXrAKJmDRDoI029
u7SmKCSOIxiGeULm6xhp8/Xj9Zbecn3igDs9y9rXPdjUL8ayw5cJqK0SZQem7BoJ
NVMHPuA467o99H/TjW/nRF8hI9IzBD+3z0ilI8Bk5OHA1kdv8dk20qWtDrL5Fj27
65baJoabst/eqUF63/znGjuKsdOzG//YJKH6NbCXpddpWYE0R4164/iDnU7ToUZM
lWU2A416UZCsHgP3eYrxsnXj+mLRQC1h5MHzTlXRkW9T3vnqmW8JYUcM3bLu5ka5
ZAHFSBLJTyhaxq9NzWF0X03WePx5U3y7NnFSBw6zGlAGtvR2T1LsphF7hQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFKAGgXBTk4YhJYaPgngz1+ysHTMYMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvb0FhQmNGT1RoaUVsaG8tQ2VEUFg3S3dkTXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAqBAIAATAkAwQBwQUUAwQA
wQUeAwQBwQWeAwQBwYb4AwQAwtFKAwQA1PNlMCkEAgACMCMDBwAgAQkYAasDBgAg
AQkYDwMHBCABCRj/cAMHACABCRj/tzANBgkqhkiG9w0BAQsFAAOCAQEAefJ0YnrM
5Ml2Zws2RASwg+oSa2/LfEBMp8Rpl8IKysStFfKGJLHusChizeqMCJCMMEoVvZxh
RG9R9qUGr/8ociXBp3Tf2w+4W7ZAl1+FUMYDpcgxuKUmQ3ZNaIgKmvM64iC5uwdF
iKF+IYy48oz241DMb+6JxPJWg5bHstfnlfrC8qYtVBWB88EAlGPf2+9M64tCufrw
3Nmq+IIijx/b9k+S5248d8OTXzc7VGxfqqfqKs+Tn0BLYwnIY3ae7jMimouUHm+z
J7MgauQhlsa0BSeY0rl6Qt4qQ5WsoLCKLIUH2ne/a/1g4PJBbPAW9ZMQUcu+38du
fq/XCS7lkrm7NQ==
-----END CERTIFICATE-----