Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/29RLidLhWgE68R5jcZsx7DUV9EI.roa
File:                     29RLidLhWgE68R5jcZsx7DUV9EI.roa (raw, json)
Hash identifier:          y6AcdRBzR+4/ltMWFAD4YqwH+xOcijnXnbIF0rmjAzo=
Subject key identifier:   DB:D4:4B:89:D2:E1:5A:01:3A:F1:1E:63:71:9B:31:EC:35:15:F4:42
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0186636262BD6B21F59DD11F44E178FC82FF
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/29RLidLhWgE68R5jcZsx7DUV9EI.roa
Signing time:             Sat 18 Feb 2023 07:17:17 +0000
ROA not before:           Sat 18 Feb 2023 07:17:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61138
IP address blocks:        5.105.131.0/24 maxlen: 24
                          5.105.127.0/24 maxlen: 24
                          5.105.29.0/24 maxlen: 24
                          5.105.134.0/24 maxlen: 24
                          5.105.156.0/24 maxlen: 24
                          5.105.157.0/24 maxlen: 24
                          5.105.168.0/24 maxlen: 24
                          5.105.80.0/24 maxlen: 24
                          5.105.82.0/24 maxlen: 24
                          5.105.197.0/24 maxlen: 24
                          5.105.214.0/24 maxlen: 24
                          5.105.216.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:63:62:62:bd:6b:21:f5:9d:d1:1f:44:e1:78:fc:82:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Feb 18 07:17:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dbd44b89d2e15a013af11e63719b31ec3515f442
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:47:14:f4:54:e1:62:c3:80:a4:b2:85:89:ce:
                    d9:ee:0f:bd:a3:2d:81:50:7f:c1:f4:e1:03:77:f0:
                    92:8a:cb:ca:0f:7d:13:64:f0:35:77:b9:27:c6:a4:
                    bf:95:66:f9:ef:34:89:af:2e:0e:8d:f5:96:be:0c:
                    7b:0c:25:c3:c5:3b:45:d9:7b:83:c7:4f:64:33:0c:
                    54:b2:b2:77:3b:ae:53:a2:52:88:bf:23:5a:54:1b:
                    8e:19:d3:29:0d:9a:b2:23:1d:b6:ac:4e:ff:5d:21:
                    14:61:40:a7:1c:fb:ff:79:8d:36:2e:93:b2:a9:ba:
                    82:a3:a2:bf:e3:6c:72:15:c4:c2:cb:50:c9:21:fe:
                    1a:9b:b4:52:93:e4:fb:62:9e:a2:9a:a0:6d:31:e2:
                    69:ee:65:85:fa:d2:eb:b3:28:fa:97:36:6f:0c:5f:
                    4e:27:f4:14:4f:b7:b7:50:ab:99:75:2b:d3:72:96:
                    30:52:a4:82:3a:cb:81:c4:95:06:cb:30:7c:02:ba:
                    91:2f:81:0d:99:84:ec:7c:0c:a5:04:f1:43:a6:e0:
                    4b:85:e3:ef:0e:f2:f5:fa:31:b3:32:37:13:53:33:
                    d8:0e:df:73:9f:45:6f:24:8f:b6:af:4c:46:ff:26:
                    1d:c3:8b:01:00:9b:38:62:17:dc:f9:4b:ed:e5:6e:
                    de:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:D4:4B:89:D2:E1:5A:01:3A:F1:1E:63:71:9B:31:EC:35:15:F4:42
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/29RLidLhWgE68R5jcZsx7DUV9EI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.29.0/24
                  5.105.80.0/24
                  5.105.82.0/24
                  5.105.127.0/24
                  5.105.131.0/24
                  5.105.134.0/24
                  5.105.156.0/23
                  5.105.168.0/24
                  5.105.197.0/24
                  5.105.214.0/24
                  5.105.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:1b:dc:4c:cf:63:5b:a8:72:75:16:59:25:37:2c:8b:fe:4e:
         a9:6c:89:38:eb:32:c9:e8:ae:1c:08:3c:d7:e1:f9:ef:ab:97:
         a1:e8:f3:7f:e9:f4:75:cc:40:6e:14:88:e3:07:9e:49:fa:d3:
         2c:fd:93:8f:2c:fa:62:65:6c:5a:80:46:57:c6:cf:7b:70:82:
         30:31:5f:78:ba:ff:97:3b:a9:50:37:b8:36:33:79:a4:aa:2b:
         af:51:55:4a:b7:f8:08:95:02:f5:e6:4d:93:1e:03:77:48:a7:
         3e:e4:02:47:1c:a9:41:00:32:6e:9e:0f:c7:40:22:b9:f3:41:
         8e:d2:8d:0f:c3:e7:38:23:ec:7f:5a:87:4a:59:29:f6:eb:4c:
         8b:a8:a3:c0:a1:e3:dc:c1:37:27:1a:27:b1:86:4e:b1:10:a8:
         ff:cc:f8:1c:a0:0b:d6:f3:6e:12:98:14:ea:18:a9:95:67:68:
         ce:09:b9:7b:fb:c4:98:8b:a2:d0:a3:94:68:5e:e9:77:a4:20:
         b3:5e:1c:5c:cb:24:cd:89:65:3d:e2:e6:f3:c8:a2:b3:b9:25:
         a5:b4:54:ee:a7:5d:6b:30:00:ff:a9:ee:02:71:a3:72:0d:e2:
         1b:c2:0b:86:af:d5:63:15:a4:69:72:fe:d0:76:e3:53:1a:a2:
         b8:b0:2b:8a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYZjYmK9ayH1ndEfROF4/IL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMjE4MDcxNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmQ0NGI4OWQyZTE1YTAxM2FmMTFlNjM3MTliMzFlYzM1MTVmNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0cU9FThYsOApLKFic7Z7g+9oy2B
UH/B9OEDd/CSisvKD30TZPA1d7knxqS/lWb57zSJry4OjfWWvgx7DCXDxTtF2XuD
x09kMwxUsrJ3O65TolKIvyNaVBuOGdMpDZqyIx22rE7/XSEUYUCnHPv/eY02LpOy
qbqCo6K/42xyFcTCy1DJIf4am7RSk+T7Yp6imqBtMeJp7mWF+tLrsyj6lzZvDF9O
J/QUT7e3UKuZdSvTcpYwUqSCOsuBxJUGyzB8ArqRL4ENmYTsfAylBPFDpuBLhePv
DvL1+jGzMjcTUzPYDt9zn0VvJI+2r0xG/yYdw4sBAJs4Yhfc+Uvt5W7e5wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFNvUS4nS4VoBOvEeY3GbMew1FfRCMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMjlSTGlkTGhXZ0U2OFI1amNac3g3RFVWOUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABWkdAwQA
BWlQAwQABWlSAwQABWl/AwQABWmDAwQABWmGAwQBBWmcAwQABWmoAwQABWnFAwQA
BWnWAwQABWnYMA0GCSqGSIb3DQEBCwUAA4IBAQAvG9xMz2NbqHJ1FlklNyyL/k6p
bIk46zLJ6K4cCDzX4fnvq5eh6PN/6fR1zEBuFIjjB55J+tMs/ZOPLPpiZWxagEZX
xs97cIIwMV94uv+XO6lQN7g2M3mkqiuvUVVKt/gIlQL15k2THgN3SKc+5AJHHKlB
ADJung/HQCK580GO0o0Pw+c4I+x/WodKWSn260yLqKPAoePcwTcnGiexhk6xEKj/
zPgcoAvW824SmBTqGKmVZ2jOCbl7+8SYi6LQo5RoXul3pCCzXhxcyyTNiWU94ubz
yKKzuSWltFTup11rMAD/qe4CcaNyDeIbwguGr9VjFaRpcv7QduNTGqK4sCuK
-----END CERTIFICATE-----