Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/g0PR75h7411-QpmreoY8LdmiQQM.roa
File:                     g0PR75h7411-QpmreoY8LdmiQQM.roa (raw, json)
Hash identifier:          6hZ1LXWR4w+eogwuIC9K3V4KzS4PdeZMwvzcs0x51F0=
Subject key identifier:   83:43:D1:EF:98:7B:E3:5D:7E:42:99:AB:7A:86:3C:2D:D9:A2:41:03
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0188BE30B9D66F521AEE9E00731D7714C729
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/g0PR75h7411-QpmreoY8LdmiQQM.roa
Signing time:             Thu 15 Jun 2023 08:34:04 +0000
ROA not before:           Thu 15 Jun 2023 08:34:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212815
IP address blocks:        5.105.24.0/24 maxlen: 24
                          5.105.25.0/24 maxlen: 24
                          5.105.33.0/24 maxlen: 24
                          5.105.40.0/24 maxlen: 24
                          5.105.43.0/24 maxlen: 24
                          5.105.50.0/24 maxlen: 24
                          5.105.57.0/24 maxlen: 24
                          5.105.168.0/24 maxlen: 24
                          5.105.184.0/24 maxlen: 24
                          5.105.81.0/24 maxlen: 24
                          5.105.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:be:30:b9:d6:6f:52:1a:ee:9e:00:73:1d:77:14:c7:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Jun 15 08:34:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8343d1ef987be35d7e4299ab7a863c2dd9a24103
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:8f:1d:71:2a:74:dd:f3:cb:e5:95:25:23:ae:
                    64:80:c8:d6:3a:ca:f5:82:e9:e6:ae:51:19:3a:f5:
                    3f:d7:5a:d0:d6:f2:6e:42:bf:4b:f9:67:07:13:af:
                    57:6e:64:cc:8b:ba:f2:b7:a1:84:3c:3b:c6:da:1e:
                    7a:4a:11:d7:8a:11:71:69:90:17:fc:74:d4:11:a0:
                    49:f3:02:a3:ec:8e:47:d6:ce:a6:d2:6e:bb:15:3e:
                    8d:0e:d2:6f:a0:ed:55:a0:cd:97:d2:e4:a1:b3:c5:
                    64:6f:cc:0d:81:b3:7b:14:05:c1:be:bc:e4:22:79:
                    37:75:06:f1:f9:bb:ca:c0:f5:04:b8:60:25:15:7f:
                    2c:83:37:67:f4:67:32:a6:81:2f:9d:e2:e3:ae:ca:
                    0e:79:f2:c1:91:2d:7a:69:59:ed:29:ed:96:67:86:
                    85:6d:b0:40:47:b0:51:1c:e2:08:4b:3c:ac:4c:93:
                    c1:f9:c7:2d:93:9a:52:b0:5b:7b:76:a1:d1:2e:4b:
                    5e:25:02:af:ed:b2:54:86:09:94:fb:49:2d:7d:cc:
                    a4:21:3a:1f:3c:04:a4:2e:e3:4e:08:5a:b6:c0:0c:
                    42:8f:27:e9:0b:97:85:71:d7:43:32:2d:b7:f2:9c:
                    00:42:fa:14:0b:5f:e6:b3:45:5c:ea:33:d9:88:16:
                    09:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:43:D1:EF:98:7B:E3:5D:7E:42:99:AB:7A:86:3C:2D:D9:A2:41:03
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/g0PR75h7411-QpmreoY8LdmiQQM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.24.0/23
                  5.105.33.0/24
                  5.105.40.0/24
                  5.105.43.0/24
                  5.105.50.0/24
                  5.105.57.0/24
                  5.105.81.0/24
                  5.105.96.0/24
                  5.105.168.0/24
                  5.105.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:7b:70:2a:e7:f8:7f:64:06:cc:30:ba:f8:90:e2:d3:88:6e:
         5b:82:61:7f:2b:56:af:bb:7a:18:f7:02:e9:05:0f:64:b6:bc:
         36:8e:6a:6f:d5:f6:84:21:fb:6d:ba:8c:e1:51:fb:b7:a7:42:
         c4:14:98:00:cc:95:a1:f1:f4:ec:4e:be:5d:9c:39:15:32:d7:
         c2:4d:49:17:89:a6:c9:e9:fd:f7:4c:d7:ec:71:e3:dc:0b:d1:
         11:be:42:5e:a1:8c:ea:2c:52:2d:0a:7e:9c:03:01:d1:c1:ac:
         9b:27:7e:a8:6b:1e:3b:3f:75:0b:a3:fd:46:9d:d9:46:10:97:
         fd:bb:34:a1:3c:8c:bb:81:86:1e:29:de:70:32:1e:4b:48:d6:
         65:d6:cb:78:26:ff:cc:f4:49:38:58:b6:14:a9:8a:33:69:6a:
         ce:2c:0a:4a:19:3b:93:9c:1d:d4:e8:e5:03:27:41:d8:f1:ef:
         85:03:48:10:13:b6:42:b3:da:4d:dd:78:eb:91:1e:ea:95:42:
         4a:04:49:aa:6a:04:11:81:03:82:9c:98:0c:dc:f4:d5:86:84:
         e1:a0:94:03:9c:42:df:2b:90:c9:eb:f4:95:5e:9a:f5:b3:26:
         8b:12:56:f4:cb:76:42:a6:39:18:99:cd:12:b6:cf:5f:c7:42:
         4f:c5:95:24
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYi+MLnWb1Ia7p4Acx13FMcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjE1MDgzNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQzZDFlZjk4N2JlMzVkN2U0Mjk5YWI3YTg2M2MyZGQ5YTI0MTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko8dcSp03fPL5ZUlI65kgMjWOsr1
gunmrlEZOvU/11rQ1vJuQr9L+WcHE69XbmTMi7ryt6GEPDvG2h56ShHXihFxaZAX
/HTUEaBJ8wKj7I5H1s6m0m67FT6NDtJvoO1VoM2X0uShs8Vkb8wNgbN7FAXBvrzk
Ink3dQbx+bvKwPUEuGAlFX8sgzdn9GcypoEvneLjrsoOefLBkS16aVntKe2WZ4aF
bbBAR7BRHOIISzysTJPB+cctk5pSsFt7dqHRLkteJQKv7bJUhgmU+0ktfcykITof
PASkLuNOCFq2wAxCjyfpC5eFcddDMi238pwAQvoUC1/ms0Vc6jPZiBYJiQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIND0e+Ye+NdfkKZq3qGPC3ZokEDMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvZzBQUjc1aDc0MTEtUXBtcmVvWThMZG1pUVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBBWkYAwQA
BWkhAwQABWkoAwQABWkrAwQABWkyAwQABWk5AwQABWlRAwQABWlgAwQABWmoAwQA
BWm4MA0GCSqGSIb3DQEBCwUAA4IBAQB8e3Aq5/h/ZAbMMLr4kOLTiG5bgmF/K1av
u3oY9wLpBQ9ktrw2jmpv1faEIfttuozhUfu3p0LEFJgAzJWh8fTsTr5dnDkVMtfC
TUkXiabJ6f33TNfscePcC9ERvkJeoYzqLFItCn6cAwHRwaybJ36oax47P3ULo/1G
ndlGEJf9uzShPIy7gYYeKd5wMh5LSNZl1st4Jv/M9Ek4WLYUqYozaWrOLApKGTuT
nB3U6OUDJ0HY8e+FA0gQE7ZCs9pN3XjrkR7qlUJKBEmqagQRgQOCnJgM3PTVhoTh
oJQDnELfK5DJ6/SVXpr1syaLElb0y3ZCpjkYmc0Sts9fx0JPxZUk
-----END CERTIFICATE-----