Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/GMuwG9Z_q0hZTpcnuRc265x6oDI.roa
File:                     GMuwG9Z_q0hZTpcnuRc265x6oDI.roa (raw, json)
Hash identifier:          nkMRxWnwfVP56qFi3wOTSOOhaoyAnsFd2vUoriQnyyc=
Subject key identifier:   18:CB:B0:1B:D6:7F:AB:48:59:4E:97:27:B9:17:36:EB:9C:7A:A0:32
Certificate issuer:       /CN=d130117ae1cdc2df1c58816e00e5451f87efb370
Certificate serial:       018F1704F9C8385C61F3B04CBCD81AD24AD8
Authority key identifier: D1:30:11:7A:E1:CD:C2:DF:1C:58:81:6E:00:E5:45:1F:87:EF:B3:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0TAReuHNwt8cWIFuAOVFH4fvs3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/GMuwG9Z_q0hZTpcnuRc265x6oDI.roa
Signing time:             Thu 25 Apr 2024 20:49:13 +0000
ROA not before:           Thu 25 Apr 2024 20:49:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8351
IP address blocks:        194.59.16.0/23 maxlen: 24
                          195.98.192.0/19 maxlen: 19
                          195.98.196.0/24 maxlen: 24
                          195.98.205.0/24 maxlen: 24
                          195.98.206.0/24 maxlen: 24
                          195.98.213.0/24 maxlen: 24
                          195.98.217.0/24 maxlen: 24
                          213.254.32.0/19 maxlen: 19
                          213.254.33.0/24 maxlen: 24
                          213.254.56.0/23 maxlen: 24
                          213.254.57.0/24 maxlen: 24
                          213.254.58.0/24 maxlen: 24
                          213.254.63.0/24 maxlen: 24
                          2a02:320::/29 maxlen: 48

Validation:               Failed, certificate revoked on Fri 03 May 2024 21:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:17:04:f9:c8:38:5c:61:f3:b0:4c:bc:d8:1a:d2:4a:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d130117ae1cdc2df1c58816e00e5451f87efb370
        Validity
            Not Before: Apr 25 20:49:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=18cbb01bd67fab48594e9727b91736eb9c7aa032
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:a8:11:b1:d7:cb:2d:d1:17:f1:2d:b8:82:2a:
                    a3:e5:69:32:df:e2:cf:45:87:c0:76:68:66:08:7d:
                    04:71:2f:d3:0e:d6:77:d8:bb:0b:a1:32:73:87:b6:
                    09:54:36:5f:ec:be:ab:36:ff:79:9c:b8:53:d0:3e:
                    74:4a:9c:52:31:2a:ab:d5:33:47:cb:8c:ab:74:ce:
                    25:3d:db:35:9c:a6:05:89:9d:35:cf:48:ae:cc:ca:
                    aa:3d:63:15:ff:a2:51:10:3d:38:92:11:f1:01:75:
                    e6:ee:6f:96:5b:30:30:a6:3e:b4:d6:30:7f:9f:97:
                    6c:6e:e7:58:4b:c7:88:00:be:13:e4:45:fd:da:b3:
                    1f:d3:ea:bd:17:1b:a6:cb:54:59:d3:4d:43:0d:a7:
                    5b:35:27:9e:5b:e9:9c:f8:c5:de:86:8f:51:38:a7:
                    68:40:12:84:46:f7:d7:46:85:78:aa:de:de:c1:8a:
                    98:40:ef:4d:c7:9b:1e:62:ed:0f:58:da:83:7a:b2:
                    de:92:19:f4:0d:8b:39:2d:fa:d4:78:51:c5:0d:fe:
                    40:01:b8:d4:c1:3c:a8:82:00:b4:a8:9f:2b:a8:a8:
                    44:0a:c1:34:27:db:b5:b3:f8:02:c4:78:a1:a5:55:
                    db:90:09:69:53:ec:8f:02:c6:1d:c5:22:bd:e8:e4:
                    b0:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:CB:B0:1B:D6:7F:AB:48:59:4E:97:27:B9:17:36:EB:9C:7A:A0:32
            X509v3 Authority Key Identifier:
                keyid:D1:30:11:7A:E1:CD:C2:DF:1C:58:81:6E:00:E5:45:1F:87:EF:B3:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0TAReuHNwt8cWIFuAOVFH4fvs3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/GMuwG9Z_q0hZTpcnuRc265x6oDI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/0TAReuHNwt8cWIFuAOVFH4fvs3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.59.16.0/23
                  195.98.192.0/19
                  213.254.32.0/19
                IPv6:
                  2a02:320::/29

    Signature Algorithm: sha256WithRSAEncryption
         65:fa:a8:a4:12:82:cb:88:8e:73:f4:c8:9c:9b:44:40:24:81:
         e7:e6:f7:22:b7:42:8b:c1:48:94:8f:64:f8:4b:6d:3b:26:cc:
         5c:91:12:70:1b:90:2d:fb:28:87:46:28:b4:aa:d6:ba:ec:ad:
         ce:e5:2e:77:68:99:f9:d2:81:1e:b3:08:f8:65:df:6d:19:41:
         06:b7:fa:10:42:6a:1d:86:99:2e:a2:b2:79:19:8a:e8:c7:33:
         38:4f:dc:72:f8:c7:94:61:89:1e:11:e8:d9:0c:0b:2d:67:77:
         6e:59:80:0f:b0:c5:20:43:6e:5b:e6:35:6a:c4:86:3a:d1:83:
         5b:13:4f:d2:9b:7e:14:f9:6b:b0:8a:69:d7:7b:d1:e7:73:b7:
         5a:40:d1:72:f0:64:d7:c4:9c:33:c7:b8:04:81:6f:3d:79:87:
         e5:7d:d5:f4:28:40:c9:8e:7c:4b:a5:33:16:5e:ac:e0:b7:ee:
         34:76:56:7d:1d:43:0c:88:ec:f2:0d:ae:60:9b:e2:5e:5e:02:
         17:84:12:df:5b:78:60:40:a7:13:d0:bd:a1:91:fd:00:48:ff:
         ec:81:0a:7e:c0:0a:d6:e8:b1:c3:8b:15:cd:29:93:f8:1f:f3:
         49:72:5c:c8:03:75:eb:03:f7:fa:43:1d:b4:8b:a8:f3:e9:85:
         91:67:27:39
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8XBPnIOFxh87BMvNga0krYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMzAxMTdhZTFjZGMyZGYxYzU4ODE2ZTAwZTU0NTFmODdl
ZmIzNzAwHhcNMjQwNDI1MjA0OTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGNiYjAxYmQ2N2ZhYjQ4NTk0ZTk3MjdiOTE3MzZlYjljN2FhMDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKgRsdfLLdEX8S24giqj5Wky3+LP
RYfAdmhmCH0EcS/TDtZ32LsLoTJzh7YJVDZf7L6rNv95nLhT0D50SpxSMSqr1TNH
y4yrdM4lPds1nKYFiZ01z0iuzMqqPWMV/6JRED04khHxAXXm7m+WWzAwpj601jB/
n5dsbudYS8eIAL4T5EX92rMf0+q9Fxumy1RZ001DDadbNSeeW+mc+MXeho9ROKdo
QBKERvfXRoV4qt7ewYqYQO9Nx5seYu0PWNqDerLekhn0DYs5LfrUeFHFDf5AAbjU
wTyoggC0qJ8rqKhECsE0J9u1s/gCxHihpVXbkAlpU+yPAsYdxSK96OSwBwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBjLsBvWf6tIWU6XJ7kXNuuceqAyMB8GA1UdIwQY
MBaAFNEwEXrhzcLfHFiBbgDlRR+H77NwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFRBUmV1SE53dDhjV0lGdUFPVkZINGZ2czNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xMGNlNzMtM2Q0Zi00M2VmLWI2ODUt
MjUwYTRkNzc3YmE2LzEvR011d0c5Wl9xMGhaVHBjbnVSYzI2NXg2b0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xMGNlNzMtM2Q0Zi00M2VmLWI2ODUtMjUwYTRkNzc3YmE2
LzEvMFRBUmV1SE53dDhjV0lGdUFPVkZINGZ2czNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwjsQAwQF
w2LAAwQF1f4gMA0EAgACMAcDBQMqAgMgMA0GCSqGSIb3DQEBCwUAA4IBAQBl+qik
EoLLiI5z9Micm0RAJIHn5vcit0KLwUiUj2T4S207JsxckRJwG5At+yiHRii0qta6
7K3O5S53aJn50oEeswj4Zd9tGUEGt/oQQmodhpkuorJ5GYroxzM4T9xy+MeUYYke
EejZDAstZ3duWYAPsMUgQ25b5jVqxIY60YNbE0/Sm34U+WuwimnXe9Hnc7daQNFy
8GTXxJwzx7gEgW89eYflfdX0KEDJjnxLpTMWXqzgt+40dlZ9HUMMiOzyDa5gm+Je
XgIXhBLfW3hgQKcT0L2hkf0ASP/sgQp+wArW6LHDixXNKZP4H/NJclzIA3XrA/f6
Qx20i6jz6YWRZyc5
-----END CERTIFICATE-----