Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/0dUNvYEh_ET0AyUik6wDVGAioXI.roa
File:                     0dUNvYEh_ET0AyUik6wDVGAioXI.roa (raw, json)
Hash identifier:          yRPnYy29eObkzfLw/JE28bNh+CEgArm8q9R4xoyhal0=
Subject key identifier:   D1:D5:0D:BD:81:21:FC:44:F4:03:25:22:93:AC:03:54:60:22:A1:72
Certificate issuer:       /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial:       018606F421F0A70ED23485692FB1899C359E
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/0dUNvYEh_ET0AyUik6wDVGAioXI.roa
Signing time:             Tue 31 Jan 2023 08:31:48 +0000
ROA not before:           Tue 31 Jan 2023 08:31:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34465
IP address blocks:        2a12:8fc6:cd02::/48 maxlen: 48
                          2a12:8fc6:ace2::/48 maxlen: 48
                          2a12:8fc6:be01::/48 maxlen: 48
                          2a12:8fc6:ee01::/48 maxlen: 48
                          2a12:8fc6:ace1::/48 maxlen: 48
                          2a12:8fc6:cd01::/48 maxlen: 48
                          2a12:8fc6:cae1::/48 maxlen: 48
                          2a12:8fc6:ace3::/48 maxlen: 48
                          2a12:8fc6:cd04::/48 maxlen: 48
                          2a12:8fc6::/32 maxlen: 32
                          2a12:8fc6:bab0::/48 maxlen: 48
                          2a12:8fc6:ce00::/48 maxlen: 48
                          2a12:8fc6:cd00::/48 maxlen: 48
                          2a12:8fc6:faa0::/48 maxlen: 48
                          2a12:8fc6:ca00::/48 maxlen: 48
                          2a12:8fc6:aa00::/48 maxlen: 48
                          2a12:8fc6:fae0::/48 maxlen: 48
                          2a12:8fc6:dae0::/48 maxlen: 48
                          2a12:8fc6:daa0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 31 Jan 2023 19:07:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:06:f4:21:f0:a7:0e:d2:34:85:69:2f:b1:89:9c:35:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
        Validity
            Not Before: Jan 31 08:31:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1d50dbd8121fc44f403252293ac03546022a172
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:84:56:69:11:c3:f5:76:1e:61:53:2a:98:d5:
                    04:1a:f0:8d:c9:f9:a4:a7:d3:98:06:a7:1b:cc:9d:
                    61:ad:03:d2:44:3c:f2:04:5b:87:cd:f2:c8:ff:94:
                    a5:5f:b2:48:23:bd:d6:71:26:18:b4:0a:98:84:fe:
                    00:fa:6d:1f:39:40:e8:a2:cc:95:bd:7f:a8:b7:69:
                    2c:aa:3d:a8:76:6c:82:e5:ce:04:f0:0a:8a:ec:c4:
                    15:eb:32:1d:4b:f0:f8:a1:d9:77:21:6d:34:9f:fc:
                    53:53:54:68:28:78:7a:ef:65:72:5d:bc:3e:fa:48:
                    a2:1c:89:6f:79:74:74:9b:b5:c3:7f:df:a9:98:80:
                    d5:c0:23:e8:a2:04:64:7e:b6:94:87:17:4b:8f:ab:
                    4e:0e:94:63:ce:57:fc:68:6d:b5:c7:a1:f7:b5:e0:
                    71:08:e7:cc:08:a8:5d:72:b4:08:54:f5:90:35:e0:
                    0a:32:a2:d1:1f:8f:ba:76:35:ee:84:1c:55:21:58:
                    7b:ee:bc:75:ac:ab:0c:68:01:0a:49:ac:ca:ec:5c:
                    e3:08:76:32:d4:3d:60:5e:fc:25:1e:86:48:d1:19:
                    29:36:dc:c9:55:92:29:1b:21:a1:d2:62:c6:44:b9:
                    a3:04:42:d9:72:fb:9f:65:b3:58:45:e7:5c:07:3f:
                    89:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:D5:0D:BD:81:21:FC:44:F4:03:25:22:93:AC:03:54:60:22:A1:72
            X509v3 Authority Key Identifier:
                keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/0dUNvYEh_ET0AyUik6wDVGAioXI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:8fc6::/32

    Signature Algorithm: sha256WithRSAEncryption
         9e:e5:e4:5e:8e:f8:10:43:34:79:48:73:c9:76:53:17:97:f8:
         81:2c:af:02:fb:31:85:33:b5:bc:ed:c8:3c:6f:14:9e:21:23:
         e7:99:d7:12:9c:43:5e:d7:39:a9:ef:b5:e0:9f:fb:7f:0b:1b:
         84:74:42:7f:e1:4b:c3:eb:52:d4:e2:74:18:52:b1:46:f2:2b:
         95:c9:87:01:08:09:a5:28:f9:23:bd:39:c6:bc:32:7d:5c:01:
         bf:4e:c3:b8:81:73:4d:58:9d:2d:ef:d4:5e:ab:93:95:a7:b6:
         f9:9a:6f:18:af:33:4a:af:1f:57:06:40:13:ef:3f:f7:58:df:
         45:25:d3:ce:0f:d4:4f:81:28:7b:4c:39:55:8d:3d:0e:56:6d:
         d7:9c:32:cc:13:23:35:6d:6e:40:97:fd:46:2c:9d:ea:9c:0b:
         1c:d2:b4:55:28:da:af:c5:1a:31:81:05:79:f3:65:99:f7:fe:
         2b:50:e0:8b:35:91:73:7c:4f:d8:98:98:72:34:53:be:19:33:
         6d:a3:49:52:35:b9:bf:b5:a5:5f:23:ea:85:04:76:49:5a:82:
         93:43:41:fe:ca:d6:6d:cd:e3:36:82:ff:86:12:55:4a:66:73:
         49:e7:9d:b0:92:69:e3:58:30:7b:f2:a4:80:1a:a0:db:d5:d6:
         0f:47:39:9c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYG9CHwpw7SNIVpL7GJnDWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMwMTMxMDgzMTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWQ1MGRiZDgxMjFmYzQ0ZjQwMzI1MjI5M2FjMDM1NDYwMjJhMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4RWaRHD9XYeYVMqmNUEGvCNyfmk
p9OYBqcbzJ1hrQPSRDzyBFuHzfLI/5SlX7JII73WcSYYtAqYhP4A+m0fOUDoosyV
vX+ot2ksqj2odmyC5c4E8AqK7MQV6zIdS/D4odl3IW00n/xTU1RoKHh672VyXbw+
+kiiHIlveXR0m7XDf9+pmIDVwCPoogRkfraUhxdLj6tODpRjzlf8aG21x6H3teBx
COfMCKhdcrQIVPWQNeAKMqLRH4+6djXuhBxVIVh77rx1rKsMaAEKSazK7FzjCHYy
1D1gXvwlHoZI0RkpNtzJVZIpGyGh0mLGRLmjBELZcvufZbNYRedcBz+JuwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNHVDb2BIfxE9AMlIpOsA1RgIqFyMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvMGRVTnZZRWhfRVQwQXlVaWs2d0RWR0Fpb1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKPxjAN
BgkqhkiG9w0BAQsFAAOCAQEAnuXkXo74EEM0eUhzyXZTF5f4gSyvAvsxhTO1vO3I
PG8UniEj55nXEpxDXtc5qe+14J/7fwsbhHRCf+FLw+tS1OJ0GFKxRvIrlcmHAQgJ
pSj5I705xrwyfVwBv07DuIFzTVidLe/UXquTlae2+ZpvGK8zSq8fVwZAE+8/91jf
RSXTzg/UT4Eoe0w5VY09DlZt15wyzBMjNW1uQJf9Riyd6pwLHNK0VSjar8UaMYEF
efNlmff+K1DgizWRc3xP2JiYcjRTvhkzbaNJUjW5v7WlXyPqhQR2SVqCk0NB/srW
bc3jNoL/hhJVSmZzSeedsJJp41gwe/KkgBqg29XWD0c5nA==
-----END CERTIFICATE-----