Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/sidQHpUGcNB7-NY8bdOM6MLzJzg.roa
File:                     sidQHpUGcNB7-NY8bdOM6MLzJzg.roa (raw, json)
Hash identifier:          pCMxqikNoQkbLe7uCg8fO9WmF9/5cJ+lFDqPo6SwMac=
Subject key identifier:   B2:27:50:1E:95:06:70:D0:7B:F8:D6:3C:6D:D3:8C:E8:C2:F3:27:38
Certificate issuer:       /CN=fd8eff201218a5a823cbe85336853e3db4dd16eb
Certificate serial:       0193F2E5787E10B9076CDAB38E56C0EC4BDE
Authority key identifier: FD:8E:FF:20:12:18:A5:A8:23:CB:E8:53:36:85:3E:3D:B4:DD:16:EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_Y7_IBIYpagjy-hTNoU-PbTdFus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/sidQHpUGcNB7-NY8bdOM6MLzJzg.roa
Signing time:             Mon 23 Dec 2024 09:42:24 +0000
ROA not before:           Mon 23 Dec 2024 09:42:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60631
IP address blocks:        45.149.76.0/24 maxlen: 24
                          45.149.77.0/24 maxlen: 24
                          45.149.78.0/24 maxlen: 24
                          45.149.79.0/24 maxlen: 24
                          158.255.74.0/24 maxlen: 24
                          171.22.24.0/24 maxlen: 24
                          171.22.25.0/24 maxlen: 24
                          171.22.26.0/24 maxlen: 24
                          171.22.27.0/24 maxlen: 24
                          176.97.218.0/24 maxlen: 24
                          178.211.145.0/24 maxlen: 24
                          185.190.39.0/24 maxlen: 24
                          193.105.234.0/24 maxlen: 24
                          212.23.201.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 01 Jan 2025 01:47:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:f2:e5:78:7e:10:b9:07:6c:da:b3:8e:56:c0:ec:4b:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd8eff201218a5a823cbe85336853e3db4dd16eb
        Validity
            Not Before: Dec 23 09:42:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b227501e950670d07bf8d63c6dd38ce8c2f32738
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:99:57:d7:c7:ab:3f:4e:44:11:c9:ad:0f:bd:
                    74:3c:17:39:06:35:85:6b:73:5c:29:25:ea:c4:37:
                    d2:b3:7c:35:51:71:75:31:70:0e:60:18:12:cc:0a:
                    48:6e:df:4a:35:d8:2b:5b:c4:57:95:b8:ab:0a:b6:
                    cf:74:04:11:04:4d:45:9c:dd:ac:bc:7e:4e:88:61:
                    2c:d4:f8:0c:b6:52:1d:76:c5:bd:b6:76:1a:d1:ff:
                    66:0e:86:74:34:86:ff:7d:57:1c:44:3f:d7:26:1f:
                    a3:7f:6a:d0:e2:68:a9:d2:89:18:ef:5c:24:a8:e1:
                    b3:4f:3b:c0:5a:a8:b6:86:6a:e4:9e:93:fc:3a:4f:
                    b1:ac:8e:9f:ba:3c:81:54:bc:de:34:00:32:88:7a:
                    a9:26:46:16:ea:ea:6f:ee:7e:0e:bc:72:d3:6d:9e:
                    5f:01:49:20:96:fd:e1:7e:30:63:8b:78:40:d0:09:
                    d2:51:7f:35:40:b5:3b:a7:fe:a6:9d:e0:f8:ed:df:
                    76:e2:20:12:c5:f4:14:dd:47:d8:56:0e:29:db:fa:
                    8f:4d:9f:eb:c0:bf:9e:64:99:ac:52:8c:75:c8:67:
                    57:c2:df:a2:54:88:12:a3:77:82:76:64:3e:95:bf:
                    a6:f0:ac:06:fc:a2:05:1c:71:ab:d1:f5:ce:c0:5c:
                    22:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:27:50:1E:95:06:70:D0:7B:F8:D6:3C:6D:D3:8C:E8:C2:F3:27:38
            X509v3 Authority Key Identifier:
                keyid:FD:8E:FF:20:12:18:A5:A8:23:CB:E8:53:36:85:3E:3D:B4:DD:16:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Y7_IBIYpagjy-hTNoU-PbTdFus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/sidQHpUGcNB7-NY8bdOM6MLzJzg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/_Y7_IBIYpagjy-hTNoU-PbTdFus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.149.76.0/22
                  158.255.74.0/24
                  171.22.24.0/22
                  176.97.218.0/24
                  178.211.145.0/24
                  185.190.39.0/24
                  193.105.234.0/24
                  212.23.201.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:dd:38:5e:dc:db:93:37:98:3f:39:77:ea:d4:5b:9c:db:42:
         a0:5f:d0:14:19:9f:39:c3:52:41:7f:cf:31:14:20:99:b7:f0:
         e2:6e:97:0d:cb:f1:8c:ed:d6:3f:4c:6f:96:c5:42:c0:a1:72:
         77:2b:e4:94:a4:08:5c:a0:97:e7:ec:71:88:dc:e5:31:cf:50:
         91:d0:18:8c:ad:b1:a8:89:09:4b:a1:53:e9:a8:3b:f9:fb:6f:
         d7:95:62:ed:85:66:d0:a9:89:c7:6d:f6:da:60:ea:d3:40:64:
         c4:04:7c:ca:db:38:2c:ee:37:0f:7a:25:d2:e9:04:7c:dc:ac:
         ea:76:f3:91:2b:3a:eb:3f:91:81:17:72:ad:8f:73:10:ad:61:
         b5:95:2e:d0:69:ee:a8:69:d1:d9:2e:4d:e6:44:f4:b0:2e:46:
         e1:f5:06:51:48:e6:d5:ba:7c:17:ad:30:b1:28:31:3b:35:85:
         c3:29:12:cf:6c:14:76:57:ce:25:fb:ac:d5:0e:2e:78:8b:4f:
         63:fd:4f:29:73:b5:86:4b:2e:a6:2b:4f:05:57:5f:64:85:61:
         8d:c1:a3:b4:18:40:69:5d:89:ab:35:a2:c4:c7:24:59:98:78:
         d2:09:c7:0b:28:1d:9a:e1:da:1a:8f:1a:85:a4:b2:06:a2:28:
         2c:9c:c2:79
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZPy5Xh+ELkHbNqzjlbA7EveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkOGVmZjIwMTIxOGE1YTgyM2NiZTg1MzM2ODUzZTNkYjRk
ZDE2ZWIwHhcNMjQxMjIzMDk0MjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjI3NTAxZTk1MDY3MGQwN2JmOGQ2M2M2ZGQzOGNlOGMyZjMyNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5lX18erP05EEcmtD710PBc5BjWF
a3NcKSXqxDfSs3w1UXF1MXAOYBgSzApIbt9KNdgrW8RXlbirCrbPdAQRBE1FnN2s
vH5OiGEs1PgMtlIddsW9tnYa0f9mDoZ0NIb/fVccRD/XJh+jf2rQ4mip0okY71wk
qOGzTzvAWqi2hmrknpP8Ok+xrI6fujyBVLzeNAAyiHqpJkYW6upv7n4OvHLTbZ5f
AUkglv3hfjBji3hA0AnSUX81QLU7p/6mneD47d924iASxfQU3UfYVg4p2/qPTZ/r
wL+eZJmsUox1yGdXwt+iVIgSo3eCdmQ+lb+m8KwG/KIFHHGr0fXOwFwioQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLInUB6VBnDQe/jWPG3TjOjC8yc4MB8GA1UdIwQY
MBaAFP2O/yASGKWoI8voUzaFPj203RbrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1k3X0lCSVlwYWdqeS1oVE5vVS1QYlRkRnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85OWZkNDEtN2VkOC00YjI1LThkNTYt
YzdhYzI2YmNjMmRhLzEvc2lkUUhwVUdjTkI3LU5ZOGJkT002TUx6SnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85OWZkNDEtN2VkOC00YjI1LThkNTYtYzdhYzI2YmNjMmRh
LzEvX1k3X0lCSVlwYWdqeS1oVE5vVS1QYlRkRnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLZVMAwQA
nv9KAwQCqxYYAwQAsGHaAwQAstORAwQAub4nAwQAwWnqAwQA1BfJMA0GCSqGSIb3
DQEBCwUAA4IBAQAI3The3NuTN5g/OXfq1Fuc20KgX9AUGZ85w1JBf88xFCCZt/Di
bpcNy/GM7dY/TG+WxULAoXJ3K+SUpAhcoJfn7HGI3OUxz1CR0BiMrbGoiQlLoVPp
qDv5+2/XlWLthWbQqYnHbfbaYOrTQGTEBHzK2zgs7jcPeiXS6QR83KzqdvORKzrr
P5GBF3Ktj3MQrWG1lS7Qae6oadHZLk3mRPSwLkbh9QZRSObVunwXrTCxKDE7NYXD
KRLPbBR2V84l+6zVDi54i09j/U8pc7WGSy6mK08FV19khWGNwaO0GEBpXYmrNaLE
xyRZmHjSCccLKB2a4doajxqFpLIGoigsnMJ5
-----END CERTIFICATE-----