Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/0NYjZZXlpX64YJiP6Ys6mPMxdB0.roa
File:                     0NYjZZXlpX64YJiP6Ys6mPMxdB0.roa (raw, json)
Hash identifier:          LNcIUy6Y8W4lykc+GwQ+/SpoNKsPSrYMf7oCZb3AsSM=
Subject key identifier:   D0:D6:23:65:95:E5:A5:7E:B8:60:98:8F:E9:8B:3A:98:F3:31:74:1D
Certificate issuer:       /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial:       0188E7BB6132DF2BC4D7C5F03E2E698784A5
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/0NYjZZXlpX64YJiP6Ys6mPMxdB0.roa
Signing time:             Fri 23 Jun 2023 10:09:56 +0000
ROA not before:           Fri 23 Jun 2023 10:09:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207713
IP address blocks:        2a05:541:125::/48 maxlen: 48
                          2a05:541:122::/48 maxlen: 48
                          2a05:541:123::/48 maxlen: 48
                          2a05:541:119::/48 maxlen: 48
                          2a05:541:109::/48 maxlen: 48
                          2a05:541:129::/48 maxlen: 48
                          2a05:541:121::/48 maxlen: 48
                          2a05:541:126::/48 maxlen: 48
                          2a05:541:127::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:e7:bb:61:32:df:2b:c4:d7:c5:f0:3e:2e:69:87:84:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
        Validity
            Not Before: Jun 23 10:09:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d0d6236595e5a57eb860988fe98b3a98f331741d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:79:a7:22:a9:08:ab:9d:3d:ec:2a:a3:11:3b:
                    6a:38:15:14:9d:50:ff:be:98:33:ad:c1:25:fb:85:
                    a2:b3:36:a9:58:73:2f:b2:48:63:b4:08:36:29:7b:
                    dd:b0:be:e3:3f:9a:90:bc:3a:1c:4f:c4:84:64:ad:
                    13:83:39:4a:c3:46:ba:43:06:88:c8:a2:5c:5f:5c:
                    38:76:cf:01:b4:8f:f4:3b:2a:a1:5b:b1:41:bc:28:
                    55:bc:3c:9c:56:d5:22:d7:a7:b3:46:db:f6:2b:11:
                    c5:17:1b:69:60:e6:bb:0f:1a:1b:5c:1f:4e:87:07:
                    99:c9:50:93:aa:6a:3e:54:ac:29:c9:ac:55:d9:03:
                    16:4f:38:83:e2:6a:9e:da:a6:93:a3:41:05:1a:27:
                    75:0e:50:58:0e:e0:73:7e:1e:e7:ac:a6:ac:dc:c7:
                    1e:81:e7:81:d5:bc:d1:d2:8e:a5:19:0a:a9:dd:ce:
                    a1:88:cd:b3:d8:0d:bf:25:c9:ac:da:b5:74:04:9f:
                    f4:ed:c0:75:15:cb:cb:37:cd:d9:d1:bb:b1:f6:f5:
                    08:d9:74:77:c6:f7:63:5c:4a:a0:a4:85:99:77:57:
                    c5:52:39:62:18:14:01:17:62:0e:e1:c6:8a:8c:5c:
                    53:33:22:49:bd:ac:cc:23:48:25:ca:18:18:5b:78:
                    af:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:D6:23:65:95:E5:A5:7E:B8:60:98:8F:E9:8B:3A:98:F3:31:74:1D
            X509v3 Authority Key Identifier:
                keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/0NYjZZXlpX64YJiP6Ys6mPMxdB0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:541:109::/48
                  2a05:541:119::/48
                  2a05:541:121::-2a05:541:123:ffff:ffff:ffff:ffff:ffff
                  2a05:541:125::-2a05:541:127:ffff:ffff:ffff:ffff:ffff
                  2a05:541:129::/48

    Signature Algorithm: sha256WithRSAEncryption
         4d:d9:7f:b7:c3:29:14:e7:1b:fb:05:68:18:cf:2b:49:e3:30:
         1e:90:6e:db:bd:62:af:77:b3:83:17:7a:86:4c:ae:2a:d8:db:
         6f:80:c2:bc:07:c6:6f:34:35:06:c5:a9:0f:4d:e2:7a:19:5e:
         f5:1e:3f:f7:d4:99:56:45:b1:6b:96:c1:e5:c3:d5:c5:09:61:
         9b:17:e1:4c:08:f8:91:b1:2d:3e:8b:98:5e:4a:90:7a:34:80:
         ee:ff:7d:20:ff:0a:90:80:2f:9d:89:23:e5:f9:da:ff:bf:e5:
         7b:79:e8:05:42:3f:ba:44:ee:b1:bd:27:07:ba:84:b0:df:43:
         c8:ad:fd:b8:1f:a5:c1:8a:13:b1:c9:63:78:17:48:3c:8f:e3:
         0c:17:b0:6c:8b:34:74:dc:3c:4d:86:c8:24:68:e4:d8:05:24:
         e0:62:c1:37:05:d9:34:f3:c2:97:67:b2:9b:69:f5:45:67:66:
         35:e8:ec:f0:cc:8e:f1:00:c5:16:0e:ee:a1:fd:8b:87:4f:cb:
         17:05:f9:0e:3b:cc:0c:9c:f6:d9:9e:c1:91:cb:b0:db:f2:7b:
         19:b2:3c:25:64:4c:d9:b1:8b:38:ca:7f:5d:a4:9c:2e:f3:c1:
         bc:1d:e1:d6:55:9d:3c:87:c3:f0:8f:30:ed:0e:39:cc:18:be:
         bf:7c:be:2e
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYjnu2Ey3yvE18XwPi5ph4SlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjMwNjIzMTAwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQ2MjM2NTk1ZTVhNTdlYjg2MDk4OGZlOThiM2E5OGYzMzE3NDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXmnIqkIq5097CqjETtqOBUUnVD/
vpgzrcEl+4WiszapWHMvskhjtAg2KXvdsL7jP5qQvDocT8SEZK0TgzlKw0a6QwaI
yKJcX1w4ds8BtI/0OyqhW7FBvChVvDycVtUi16ezRtv2KxHFFxtpYOa7DxobXB9O
hweZyVCTqmo+VKwpyaxV2QMWTziD4mqe2qaTo0EFGid1DlBYDuBzfh7nrKas3Mce
geeB1bzR0o6lGQqp3c6hiM2z2A2/Jcms2rV0BJ/07cB1FcvLN83Z0bux9vUI2XR3
xvdjXEqgpIWZd1fFUjliGBQBF2IO4caKjFxTMyJJvazMI0glyhgYW3ivdQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFNDWI2WV5aV+uGCYj+mLOpjzMXQdMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvME5ZalpaWGxwWDY0WUppUDZZczZtUE14ZEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzBJBAIAAjBDAwcAKgUFQQEJ
AwcAKgUFQQEZMBIDBwAqBQVBASEDBwIqBQVBASAwEgMHACoFBUEBJQMHAyoFBUEB
IAMHACoFBUEBKTANBgkqhkiG9w0BAQsFAAOCAQEATdl/t8MpFOcb+wVoGM8rSeMw
HpBu271ir3ezgxd6hkyuKtjbb4DCvAfGbzQ1BsWpD03iehle9R4/99SZVkWxa5bB
5cPVxQlhmxfhTAj4kbEtPouYXkqQejSA7v99IP8KkIAvnYkj5fna/7/le3noBUI/
ukTusb0nB7qEsN9DyK39uB+lwYoTscljeBdIPI/jDBewbIs0dNw8TYbIJGjk2AUk
4GLBNwXZNPPCl2eym2n1RWdmNejs8MyO8QDFFg7uof2Lh0/LFwX5DjvMDJz22Z7B
kcuw2/J7GbI8JWRM2bGLOMp/XaScLvPBvB3h1lWdPIfD8I8w7Q45zBi+v3y+Lg==
-----END CERTIFICATE-----