Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/9ikS0mf1R5u68IHhQkzyGYXpZpk.roa
File:                     9ikS0mf1R5u68IHhQkzyGYXpZpk.roa (raw, json)
Hash identifier:          Bb5PLXADZ5BgNaMRaBeoDKR7zuDeF5CkPxpMVpiQhHo=
Subject key identifier:   F6:29:12:D2:67:F5:47:9B:BA:F0:81:E1:42:4C:F2:19:85:E9:66:99
Certificate issuer:       /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial:       0193BACAA436A7957801FBB31524460D2CD2
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/9ikS0mf1R5u68IHhQkzyGYXpZpk.roa
Signing time:             Thu 12 Dec 2024 12:14:22 +0000
ROA not before:           Thu 12 Dec 2024 12:14:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     209737
IP address blocks:        93.190.12.0/24 maxlen: 24
                          109.236.51.0/24 maxlen: 24
                          160.20.109.0/24 maxlen: 24
                          185.86.6.0/24 maxlen: 24
                          185.243.181.0/24 maxlen: 24
                          185.254.28.0/24 maxlen: 24
                          185.254.29.0/24 maxlen: 24
                          185.254.239.0/24 maxlen: 24
                          193.35.152.0/24 maxlen: 24
                          193.35.153.0/24 maxlen: 24
                          193.35.155.0/24 maxlen: 24
                          193.160.143.0/24 maxlen: 24
                          194.62.54.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Sun 15 Dec 2024 15:48:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:ba:ca:a4:36:a7:95:78:01:fb:b3:15:24:46:0d:2c:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
        Validity
            Not Before: Dec 12 12:14:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f62912d267f5479bbaf081e1424cf21985e96699
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:61:47:2c:4f:00:4c:99:f6:b5:a3:ed:93:60:
                    24:7f:02:f9:3f:35:ad:e5:c2:5a:0d:1f:95:3a:d0:
                    d0:d4:57:3c:2e:a8:d4:d6:2a:66:71:94:c4:46:4c:
                    ee:78:a6:63:f4:18:07:9d:ab:c4:4b:12:1f:a1:69:
                    18:5e:c4:14:b1:bc:0e:d0:36:9f:5d:76:14:48:f8:
                    c5:00:5b:12:c7:06:b3:8f:a2:04:9c:cd:25:c2:5b:
                    61:95:10:b5:05:9f:25:86:4a:7b:34:39:a5:90:11:
                    f8:5f:de:1f:30:b0:d3:93:52:7c:2b:f8:5c:94:d5:
                    21:8d:e6:8c:de:6c:c9:a5:45:fc:ad:23:40:3d:37:
                    88:b4:ba:e5:fb:a1:7e:47:43:df:0a:76:99:69:22:
                    e8:3b:af:ca:85:84:cf:aa:9e:41:82:bf:40:99:d6:
                    cc:3c:91:28:04:96:59:30:87:88:36:88:d0:aa:5d:
                    eb:9d:71:bb:c3:c4:85:1c:bc:81:f6:8f:a5:38:15:
                    f4:b4:47:f8:a6:2d:e1:b9:bb:17:95:b2:1b:2a:db:
                    5c:77:f2:53:01:6c:5d:ba:a5:33:da:d0:ab:8d:26:
                    34:f1:2c:a7:05:24:4c:5c:ca:5f:81:81:16:11:fa:
                    d1:a0:24:7f:df:48:fc:80:17:60:75:8d:2a:12:a6:
                    f6:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:29:12:D2:67:F5:47:9B:BA:F0:81:E1:42:4C:F2:19:85:E9:66:99
            X509v3 Authority Key Identifier:
                keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/9ikS0mf1R5u68IHhQkzyGYXpZpk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.190.12.0/24
                  109.236.51.0/24
                  160.20.109.0/24
                  185.86.6.0/24
                  185.243.181.0/24
                  185.254.28.0/23
                  185.254.239.0/24
                  193.35.152.0/23
                  193.35.155.0/24
                  193.160.143.0/24
                  194.62.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:79:6a:00:fc:51:75:65:53:b9:10:29:59:80:f7:03:f8:51:
         99:02:26:2a:1a:35:6b:d8:6c:75:21:74:02:ab:ce:84:8a:98:
         cd:72:fa:29:69:9b:3f:c4:53:5c:e6:08:1c:03:d4:ba:fa:ec:
         64:a7:d7:fd:61:82:0a:57:f8:d9:11:0b:22:5d:61:39:0a:47:
         dc:9a:27:03:8f:e5:30:67:42:43:8c:ce:01:13:84:0a:35:ae:
         c4:54:e3:13:ad:e2:78:5f:80:29:f8:73:6d:42:32:e6:45:c5:
         07:97:98:2c:22:a5:61:1a:a9:96:97:72:7b:5f:67:13:2b:54:
         4e:d9:8a:09:2f:d2:bd:4b:33:89:c0:2b:76:41:23:da:83:ef:
         5d:63:e6:1f:1e:07:96:e1:db:18:ed:ed:56:5a:ee:ae:95:45:
         2a:9c:18:9a:e3:98:55:09:2c:0c:aa:cc:5a:6b:46:65:e5:71:
         ac:42:72:8e:ea:62:fb:d7:90:76:b9:0a:ac:92:b2:ae:e2:bb:
         5d:8c:23:6d:04:29:68:0f:0c:cd:08:6e:b9:3f:fa:27:3b:09:
         d5:84:35:15:57:9d:2c:59:e8:12:65:c7:83:f9:04:2c:36:df:
         14:13:8c:f3:95:39:8e:fd:a3:0f:4b:35:11:c7:e1:5b:22:ad:
         1c:d6:7f:89
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZO6yqQ2p5V4AfuzFSRGDSzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQxMjEyMTIxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjI5MTJkMjY3ZjU0NzliYmFmMDgxZTE0MjRjZjIxOTg1ZTk2Njk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2FHLE8ATJn2taPtk2AkfwL5PzWt
5cJaDR+VOtDQ1Fc8LqjU1ipmcZTERkzueKZj9BgHnavESxIfoWkYXsQUsbwO0Daf
XXYUSPjFAFsSxwazj6IEnM0lwlthlRC1BZ8lhkp7NDmlkBH4X94fMLDTk1J8K/hc
lNUhjeaM3mzJpUX8rSNAPTeItLrl+6F+R0PfCnaZaSLoO6/KhYTPqp5Bgr9AmdbM
PJEoBJZZMIeINojQql3rnXG7w8SFHLyB9o+lOBX0tEf4pi3hubsXlbIbKttcd/JT
AWxduqUz2tCrjSY08SynBSRMXMpfgYEWEfrRoCR/30j8gBdgdY0qEqb2swIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFPYpEtJn9UebuvCB4UJM8hmF6WaZMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvOWlrUzBtZjFSNXU2OElIaFFrenlHWVhwWnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAXb4MAwQA
bewzAwQAoBRtAwQAuVYGAwQAufO1AwQBuf4cAwQAuf7vAwQBwSOYAwQAwSObAwQA
waCPAwQAwj42MA0GCSqGSIb3DQEBCwUAA4IBAQBjeWoA/FF1ZVO5EClZgPcD+FGZ
AiYqGjVr2Gx1IXQCq86EipjNcvopaZs/xFNc5ggcA9S6+uxkp9f9YYIKV/jZEQsi
XWE5CkfcmicDj+UwZ0JDjM4BE4QKNa7EVOMTreJ4X4Ap+HNtQjLmRcUHl5gsIqVh
GqmWl3J7X2cTK1RO2YoJL9K9SzOJwCt2QSPag+9dY+YfHgeW4dsY7e1WWu6ulUUq
nBia45hVCSwMqsxaa0Zl5XGsQnKO6mL715B2uQqskrKu4rtdjCNtBCloDwzNCG65
P/onOwnVhDUVV50sWegSZceD+QQsNt8UE4zzlTmO/aMPSzURx+FbIq0c1n+J
-----END CERTIFICATE-----