Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/r4GaCDWD_fhaw3DXuLk3zI9qtqs.roa
File:                     r4GaCDWD_fhaw3DXuLk3zI9qtqs.roa (raw, json)
Hash identifier:          UT5+g4jDAFAi9P3BBBWmbeGD9qL1Fr557byYVJtvihA=
Subject key identifier:   AF:81:9A:08:35:83:FD:F8:5A:C3:70:D7:B8:B9:37:CC:8F:6A:B6:AB
Certificate issuer:       /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial:       0186F5C2291943F06D006E3B1CA312AFF56F
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/r4GaCDWD_fhaw3DXuLk3zI9qtqs.roa
Signing time:             Sat 18 Mar 2023 17:26:27 +0000
ROA not before:           Sat 18 Mar 2023 17:26:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34465
IP address blocks:        185.188.28.0/24 maxlen: 24
                          2a12:8fc6:ace2::/48 maxlen: 48
                          2a12:8fc6:cd02::/48 maxlen: 48
                          2a12:8fc6:bdee::/48 maxlen: 48
                          2a12:8fc6:efdf::/48 maxlen: 48
                          2a12:8fc6:cd04::/48 maxlen: 48
                          2a12:8fc6:bab0::/48 maxlen: 48
                          2a12:8fc6:cae1::/48 maxlen: 48
                          2a12:8fc6:cd01::/48 maxlen: 48
                          2a12:8fc6:ace1::/48 maxlen: 48
                          2a12:8fc6:ee01::/48 maxlen: 48
                          2a12:8fc6:be01::/48 maxlen: 48
                          2a12:8fc6:ace3::/48 maxlen: 48
                          2a12:8fc6:eaca::/48 maxlen: 48
                          2a12:8fc6:dbaa::/48 maxlen: 48
                          2a12:8fc6::/32 maxlen: 32
                          2a12:8fc6:caa0::/48 maxlen: 48
                          2a12:8fc6:ca00::/48 maxlen: 48
                          2a12:8fc6:daa0::/48 maxlen: 48
                          2a12:8fc6:ce00::/48 maxlen: 48
                          2a12:8fc6:aa00::/48 maxlen: 48
                          2a12:8fc6:cd00::/48 maxlen: 48
                          2a12:8fc6:faa0::/48 maxlen: 48
                          2a12:8fc6:dae0::/48 maxlen: 48
                          2a12:8fc6:fae0::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:f5:c2:29:19:43:f0:6d:00:6e:3b:1c:a3:12:af:f5:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
        Validity
            Not Before: Mar 18 17:26:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=af819a083583fdf85ac370d7b8b937cc8f6ab6ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:56:78:54:d8:31:bf:e9:17:e6:35:8d:2d:82:
                    f7:1a:72:9f:7b:39:73:31:be:a0:66:c6:8d:f6:a3:
                    6e:3b:b2:4c:12:aa:fe:b4:de:c0:ea:eb:02:70:04:
                    74:7b:0d:db:f9:58:6e:46:68:84:2a:91:26:3f:73:
                    31:e5:c7:90:d5:6e:cf:af:d0:e5:de:53:49:77:1a:
                    fd:66:ae:29:14:d4:8a:33:78:25:82:7e:a7:c4:64:
                    a6:e9:bf:49:d5:e4:b2:e7:e7:d0:76:a2:b2:58:b2:
                    18:e3:7d:14:35:7b:a4:94:77:8d:f2:f8:15:9a:64:
                    72:b5:43:5c:1b:66:42:0b:ad:6a:cd:c4:2c:c7:0d:
                    87:35:f4:75:11:aa:2c:a0:9e:32:95:43:59:e3:70:
                    4f:a5:1b:ae:d9:57:2f:a2:60:32:e8:86:c4:74:a2:
                    43:58:55:ad:68:b4:f7:f7:87:18:80:a3:be:36:fe:
                    0a:93:a7:33:26:0e:81:9d:81:d3:7d:a8:03:51:fb:
                    83:bc:b6:34:61:1b:63:74:76:50:25:f5:98:83:4b:
                    cb:14:7a:df:a2:78:38:ef:b1:9e:02:f7:07:8b:ac:
                    d9:c9:a0:9e:83:9a:c6:42:d9:05:dc:c1:48:7d:64:
                    67:95:cc:2d:f4:ca:57:21:cf:02:ce:76:64:cf:6a:
                    61:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:81:9A:08:35:83:FD:F8:5A:C3:70:D7:B8:B9:37:CC:8F:6A:B6:AB
            X509v3 Authority Key Identifier:
                keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/r4GaCDWD_fhaw3DXuLk3zI9qtqs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.188.28.0/24
                IPv6:
                  2a12:8fc6::/32

    Signature Algorithm: sha256WithRSAEncryption
         6a:bf:3f:3c:0b:72:c1:72:1d:0e:fd:82:e0:f3:10:29:53:28:
         a8:fa:cc:b4:be:b4:32:ad:7f:d8:6d:b9:04:63:fa:97:48:09:
         a3:23:bf:b8:10:01:9b:ad:29:4f:b6:e3:f4:c9:2b:3e:45:01:
         03:9a:61:f6:dc:3a:ca:a1:d3:cf:25:8d:83:1b:04:a5:fc:00:
         fe:f9:fd:d3:d0:7b:fb:7d:cc:16:b2:08:d0:48:8d:65:91:5e:
         9d:f1:cd:fc:54:03:25:ea:15:7c:c0:d2:64:93:97:20:1d:f2:
         d1:29:56:0e:56:48:a7:1f:71:81:b9:ff:54:bb:c1:a9:0e:77:
         d6:a8:fa:36:f3:be:74:9b:02:dd:6e:dc:6d:39:22:68:9e:2a:
         ca:98:66:f6:1b:88:a4:71:8d:c7:cc:03:a7:75:82:82:3d:a2:
         ec:46:ea:ba:46:8f:0a:67:d2:ef:c2:61:90:8f:5f:8a:4d:77:
         e1:40:5d:a4:93:c1:82:20:58:1d:1c:8b:f9:b6:5f:db:c3:12:
         f4:3a:bb:18:94:c8:b9:ca:9a:14:06:3f:e9:ef:ba:44:8d:40:
         ef:2e:d3:71:ee:8c:67:64:7a:24:eb:c8:89:6d:8e:20:38:73:
         b5:a1:18:ee:35:37:8c:d9:ae:e6:32:03:87:48:95:c4:74:da:
         1a:e8:2b:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYb1wikZQ/BtAG47HKMSr/VvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMwMzE4MTcyNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjgxOWEwODM1ODNmZGY4NWFjMzcwZDdiOGI5MzdjYzhmNmFiNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1Z4VNgxv+kX5jWNLYL3GnKfezlz
Mb6gZsaN9qNuO7JMEqr+tN7A6usCcAR0ew3b+VhuRmiEKpEmP3Mx5ceQ1W7Pr9Dl
3lNJdxr9Zq4pFNSKM3glgn6nxGSm6b9J1eSy5+fQdqKyWLIY430UNXuklHeN8vgV
mmRytUNcG2ZCC61qzcQsxw2HNfR1EaosoJ4ylUNZ43BPpRuu2VcvomAy6IbEdKJD
WFWtaLT394cYgKO+Nv4Kk6czJg6BnYHTfagDUfuDvLY0YRtjdHZQJfWYg0vLFHrf
ong477GeAvcHi6zZyaCeg5rGQtkF3MFIfWRnlcwt9MpXIc8CznZkz2ph2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+Bmgg1g/34WsNw17i5N8yPararMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvcjRHYUNEV0RfZmhhdzNEWHVMazN6STlxdHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubwcMA0E
AgACMAcDBQAqEo/GMA0GCSqGSIb3DQEBCwUAA4IBAQBqvz88C3LBch0O/YLg8xAp
Uyio+sy0vrQyrX/YbbkEY/qXSAmjI7+4EAGbrSlPtuP0ySs+RQEDmmH23DrKodPP
JY2DGwSl/AD++f3T0Hv7fcwWsgjQSI1lkV6d8c38VAMl6hV8wNJkk5cgHfLRKVYO
VkinH3GBuf9Uu8GpDnfWqPo28750mwLdbtxtOSJonirKmGb2G4ikcY3HzAOndYKC
PaLsRuq6Ro8KZ9LvwmGQj1+KTXfhQF2kk8GCIFgdHIv5tl/bwxL0OrsYlMi5ypoU
Bj/p77pEjUDvLtNx7oxnZHok68iJbY4gOHO1oRjuNTeM2a7mMgOHSJXEdNoa6Cv6
-----END CERTIFICATE-----