Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5d4TmOk8srMRdPd0-31C6Cwfq9Q.roa
File:                     5d4TmOk8srMRdPd0-31C6Cwfq9Q.roa (raw, json)
Hash identifier:          KvFyNtftywr0pw/mW5jcUUJNkSOkOdxPXeSi+N1x3zQ=
Subject key identifier:   E5:DE:13:98:E9:3C:B2:B3:11:74:F7:74:FB:7D:42:E8:2C:1F:AB:D4
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       019528C79577BF38CD4363B4310760A18F8E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5d4TmOk8srMRdPd0-31C6Cwfq9Q.roa
Signing time:             Fri 21 Feb 2025 13:52:03 +0000
ROA not before:           Fri 21 Feb 2025 13:52:03 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     13852
IP address blocks:        2a06:de03:3692::/48 maxlen: 48
                          2a06:de03:3693::/48 maxlen: 48
                          2a06:de03:3694::/48 maxlen: 48
                          2a06:de03:3695::/48 maxlen: 48
                          2a06:de03:3696::/48 maxlen: 48
                          2a06:de03:3697::/48 maxlen: 48
                          2a06:de03:3698::/48 maxlen: 48
                          2a06:de03:3699::/48 maxlen: 48
                          2a06:de03:369a::/48 maxlen: 48
                          2a06:de03:369b::/48 maxlen: 48
                          2a06:de03:369c::/48 maxlen: 48
                          2a06:de03:369d::/48 maxlen: 48
                          2a06:de03:369e::/48 maxlen: 48
                          2a06:de03:369f::/48 maxlen: 48
Validation:               Failed, certificate revoked on Fri 21 Feb 2025 22:55:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:28:c7:95:77:bf:38:cd:43:63:b4:31:07:60:a1:8f:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 21 13:52:03 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=e5de1398e93cb2b31174f774fb7d42e82c1fabd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:bf:88:1c:db:47:c6:bd:43:56:98:d1:ea:69:
                    bd:73:0b:df:74:ec:48:bb:5c:35:79:4c:b9:8b:ee:
                    24:39:d8:c3:ff:a7:0a:6a:61:e6:7f:35:20:27:0f:
                    bf:a0:b1:e4:39:43:0a:48:9b:bb:f5:00:58:cf:9d:
                    43:80:94:9b:4b:12:de:57:92:81:c5:f4:ff:dd:b4:
                    f9:30:10:54:c6:f2:71:4d:b2:a0:dc:42:bb:a8:dc:
                    af:31:ba:27:16:63:38:c3:19:e8:ee:7c:b8:8b:20:
                    db:e0:41:5a:2d:5b:07:3a:ba:54:08:eb:79:3e:65:
                    43:ae:a0:92:50:5d:db:d4:dc:59:92:48:a7:95:7a:
                    3e:2d:bb:97:81:58:e0:25:e4:95:31:ca:5c:32:30:
                    f0:c6:17:1a:ed:52:2a:b8:0d:51:ae:e2:52:25:be:
                    78:06:7d:74:42:02:a7:bd:63:c9:9a:b6:9d:86:d8:
                    a4:9a:73:01:c8:a9:1d:25:50:e6:57:cd:38:53:28:
                    75:d5:cc:d1:fd:bf:75:de:cb:1d:7c:49:0d:eb:53:
                    bd:c7:0d:42:da:a0:66:ad:5f:a1:d0:60:6c:00:ce:
                    18:64:7f:d2:1c:4d:c1:0f:75:2b:b0:5d:e5:42:c9:
                    a7:68:2f:2c:ac:c7:7e:ac:fe:8e:73:89:91:ce:e3:
                    19:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:DE:13:98:E9:3C:B2:B3:11:74:F7:74:FB:7D:42:E8:2C:1F:AB:D4
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/5d4TmOk8srMRdPd0-31C6Cwfq9Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:de03:3692::-2a06:de03:369f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         89:3d:e7:34:de:db:36:3d:89:9f:bd:2f:ce:1b:07:d3:66:4a:
         6e:ce:a3:e3:95:f5:29:a3:67:74:87:a5:cb:54:c3:db:f5:66:
         b4:05:77:9e:9b:f4:22:38:ac:f9:f7:85:a0:8f:f3:7b:96:2c:
         2f:a2:f0:8e:5d:be:67:90:21:fb:bb:bb:b9:3d:c7:b6:e3:e9:
         fb:cc:43:99:d6:98:41:f9:28:0d:ef:4f:27:02:ff:58:c9:b2:
         4d:85:a7:d2:31:d5:0a:bd:9a:71:59:f0:9e:1a:df:e9:44:4c:
         f6:46:84:7a:bc:61:da:4f:66:86:4d:d8:30:03:56:55:6f:b8:
         f2:2c:2f:1a:2e:40:a0:5d:8e:d3:00:08:16:af:f4:7a:a3:a9:
         cb:c0:a7:33:58:4a:c7:b8:ad:25:54:84:39:e0:d5:de:ae:20:
         27:79:a4:26:c0:71:48:20:f5:95:1b:36:da:57:ed:a4:ff:36:
         7e:9f:e7:86:ba:10:2f:3d:07:ba:4c:c3:d7:ef:23:5a:77:6f:
         0f:55:4c:b5:c6:d2:e0:41:ab:6a:e5:e8:a3:d7:6b:e2:68:b7:
         12:ba:af:78:f3:a4:cf:fb:56:8e:31:04:33:ad:31:a2:e6:01:
         d6:16:38:1b:38:d5:72:af:8f:c4:71:c7:a7:48:e7:9a:80:a6:
         f8:2b:4c:a4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZUox5V3vzjNQ2O0MQdgoY+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMjIxMTM1MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWRlMTM5OGU5M2NiMmIzMTE3NGY3NzRmYjdkNDJlODJjMWZhYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb+IHNtHxr1DVpjR6mm9cwvfdOxI
u1w1eUy5i+4kOdjD/6cKamHmfzUgJw+/oLHkOUMKSJu79QBYz51DgJSbSxLeV5KB
xfT/3bT5MBBUxvJxTbKg3EK7qNyvMbonFmM4wxno7ny4iyDb4EFaLVsHOrpUCOt5
PmVDrqCSUF3b1NxZkkinlXo+LbuXgVjgJeSVMcpcMjDwxhca7VIquA1RruJSJb54
Bn10QgKnvWPJmradhtikmnMByKkdJVDmV804Uyh11czR/b913ssdfEkN61O9xw1C
2qBmrV+h0GBsAM4YZH/SHE3BD3UrsF3lQsmnaC8srMd+rP6Oc4mRzuMZ8QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOXeE5jpPLKzEXT3dPt9QugsH6vUMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNWQ0VG1Pazhzck1SZFBkMC0zMUM2Q3dmcTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwEqBt4D
NpIDBwUqBt4DNoAwDQYJKoZIhvcNAQELBQADggEBAIk95zTe2zY9iZ+9L84bB9Nm
Sm7Oo+OV9SmjZ3SHpctUw9v1ZrQFd56b9CI4rPn3haCP83uWLC+i8I5dvmeQIfu7
u7k9x7bj6fvMQ5nWmEH5KA3vTycC/1jJsk2Fp9Ix1Qq9mnFZ8J4a3+lETPZGhHq8
YdpPZoZN2DADVlVvuPIsLxouQKBdjtMACBav9HqjqcvApzNYSse4rSVUhDng1d6u
ICd5pCbAcUgg9ZUbNtpX7aT/Nn6f54a6EC89B7pMw9fvI1p3bw9VTLXG0uBBq2rl
6KPXa+JotxK6r3jzpM/7Vo4xBDOtMaLmAdYWOBs41XKvj8Rxx6dI55qApvgrTKQ=
-----END CERTIFICATE-----