Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/IpsADWejdY6Q97OEZSVEGJ45p8I.roa
File:                     IpsADWejdY6Q97OEZSVEGJ45p8I.roa (raw, json)
Hash identifier:          PrY3E44K0reIVQSQPPjrMTRQp/kFiVFPxr9GAt6nuQQ=
Subject key identifier:   22:9B:00:0D:67:A3:75:8E:90:F7:B3:84:65:25:44:18:9E:39:A7:C2
Certificate issuer:       /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial:       01878E4507F3BEA9889800ED60091DF302C8
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/IpsADWejdY6Q97OEZSVEGJ45p8I.roa
Signing time:             Mon 17 Apr 2023 08:11:41 +0000
ROA not before:           Mon 17 Apr 2023 08:11:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     26548
IP address blocks:        193.202.80.0/23 maxlen: 23
                          193.202.82.0/23 maxlen: 23
                          45.80.104.0/23 maxlen: 23
                          193.203.8.0/23 maxlen: 23
                          193.203.10.0/23 maxlen: 23
                          45.140.206.0/23 maxlen: 23
                          45.145.130.0/23 maxlen: 23
                          45.148.232.0/23 maxlen: 23
                          45.148.234.0/23 maxlen: 23
                          83.142.52.0/23 maxlen: 23
                          83.142.54.0/23 maxlen: 23
                          212.119.44.0/23 maxlen: 23
                          212.119.46.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:8e:45:07:f3:be:a9:88:98:00:ed:60:09:1d:f3:02:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
        Validity
            Not Before: Apr 17 08:11:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=229b000d67a3758e90f7b384652544189e39a7c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:9b:03:d6:8b:34:66:43:d5:9c:b7:8b:23:cc:
                    a3:a4:b8:f6:8a:61:59:7e:bd:f3:b5:1b:f7:d6:85:
                    58:7b:3c:d5:b8:04:30:c7:08:29:4d:bf:8b:e3:4d:
                    76:52:89:96:d2:95:bd:1c:c5:ac:08:95:34:df:61:
                    84:b1:ca:5f:c7:fd:ed:14:96:21:fb:81:96:53:e7:
                    60:dd:85:f9:7f:11:3a:14:ac:e8:32:66:05:46:a9:
                    7d:77:ba:df:2a:84:a9:f6:13:bb:eb:c3:54:60:68:
                    59:a2:b1:4e:d5:ec:dd:3e:1d:ac:b9:5d:5f:c0:7a:
                    fc:e8:15:be:a8:d8:d1:e6:c8:36:87:eb:5e:61:a8:
                    ed:d0:36:1a:4f:c3:5d:22:ea:84:83:3d:3a:9c:23:
                    2c:d2:80:92:cb:54:c3:8a:2f:d3:8b:23:ce:c6:16:
                    74:1d:39:1d:3c:a0:58:68:ad:f9:44:f5:9d:72:da:
                    bc:1c:52:21:5d:03:78:1d:34:0d:1e:9b:af:1e:fb:
                    2e:23:8b:26:4c:81:52:31:72:8b:dd:e4:9d:bf:4c:
                    46:fb:3c:91:b4:55:f6:fc:9e:b6:10:1f:34:f5:b8:
                    f4:49:04:c4:6e:df:8f:62:46:db:dc:a1:70:15:4c:
                    88:71:33:44:2c:c8:20:40:a2:75:99:e9:71:67:64:
                    f0:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:9B:00:0D:67:A3:75:8E:90:F7:B3:84:65:25:44:18:9E:39:A7:C2
            X509v3 Authority Key Identifier:
                keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/IpsADWejdY6Q97OEZSVEGJ45p8I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.104.0/23
                  45.140.206.0/23
                  45.145.130.0/23
                  45.148.232.0/22
                  83.142.52.0/22
                  193.202.80.0/22
                  193.203.8.0/22
                  212.119.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:53:ed:06:ad:a7:bc:5f:b5:e6:d9:82:47:d0:db:f8:5c:0a:
         a8:29:77:5e:d0:7c:9e:41:63:9d:88:75:49:e8:fe:30:a9:8c:
         e3:d8:ee:0a:a2:67:02:d9:24:6a:d8:af:88:6f:5a:d3:01:a2:
         32:41:98:2b:e1:62:ff:5a:51:2f:f1:b6:d8:1e:94:77:30:cf:
         2a:07:8f:6c:05:89:e8:da:61:c6:0f:15:1c:b2:aa:6d:0b:40:
         a3:c5:96:a3:a3:02:29:fd:56:9d:36:39:2d:77:7d:60:c9:c6:
         28:6f:8d:09:4b:85:46:38:a2:f2:ae:78:bf:64:d0:b8:b9:b2:
         36:1c:fe:c4:27:90:a8:1b:c4:f1:cb:33:ec:9c:96:e2:0e:b6:
         20:e4:cf:be:d2:8e:2e:27:e6:7d:d2:f9:34:13:5e:86:72:2e:
         e6:9c:b6:34:e6:e2:60:1d:de:17:50:f5:17:82:2a:38:b2:1e:
         99:ed:5d:de:94:1b:00:97:a5:2d:23:a3:fa:eb:6d:33:96:76:
         3b:3e:6a:5c:44:59:4c:b7:05:aa:e5:90:db:c4:9e:ec:87:57:
         fb:02:4c:48:47:fc:3b:8e:3b:3a:2f:fa:d7:5d:50:05:27:64:
         f1:5d:fa:b3:23:94:9b:71:05:f7:84:bf:bc:69:86:21:8d:d8:
         af:34:62:39
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYeORQfzvqmImADtYAkd8wLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwNDE3MDgxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjliMDAwZDY3YTM3NThlOTBmN2IzODQ2NTI1NDQxODllMzlhN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JsD1os0ZkPVnLeLI8yjpLj2imFZ
fr3ztRv31oVYezzVuAQwxwgpTb+L4012UomW0pW9HMWsCJU032GEscpfx/3tFJYh
+4GWU+dg3YX5fxE6FKzoMmYFRql9d7rfKoSp9hO768NUYGhZorFO1ezdPh2suV1f
wHr86BW+qNjR5sg2h+teYajt0DYaT8NdIuqEgz06nCMs0oCSy1TDii/TiyPOxhZ0
HTkdPKBYaK35RPWdctq8HFIhXQN4HTQNHpuvHvsuI4smTIFSMXKL3eSdv0xG+zyR
tFX2/J62EB809bj0SQTEbt+PYkbb3KFwFUyIcTNELMggQKJ1melxZ2TwJQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFCKbAA1no3WOkPezhGUlRBieOafCMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL0lwc0FEV2VqZFk2UTk3T0VaU1ZFR0o0NXA4SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAEtUGgD
BAEtjM4DBAEtkYIDBAItlOgDBAJTjjQDBALBylADBALBywgDBALUdywwDQYJKoZI
hvcNAQELBQADggEBAGlT7Qatp7xftebZgkfQ2/hcCqgpd17QfJ5BY52IdUno/jCp
jOPY7gqiZwLZJGrYr4hvWtMBojJBmCvhYv9aUS/xttgelHcwzyoHj2wFiejaYcYP
FRyyqm0LQKPFlqOjAin9Vp02OS13fWDJxihvjQlLhUY4ovKueL9k0Li5sjYc/sQn
kKgbxPHLM+ycluIOtiDkz77Sji4n5n3S+TQTXoZyLuactjTm4mAd3hdQ9ReCKjiy
HpntXd6UGwCXpS0jo/rrbTOWdjs+alxEWUy3BarlkNvEnuyHV/sCTEhH/DuOOzov
+tddUAUnZPFd+rMjlJtxBfeEv7xphiGN2K80Yjk=
-----END CERTIFICATE-----