Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CpP3jEGWTPk-ZXdYBZzEi325D2g.roa
File:                     CpP3jEGWTPk-ZXdYBZzEi325D2g.roa (raw, json)
Hash identifier:          WR2ZcQCY8CIzqDnsE3Gncgd1e03fPXMLSMqTtgobDTM=
Subject key identifier:   0A:93:F7:8C:41:96:4C:F9:3E:65:77:58:05:9C:C4:8B:7D:B9:0F:68
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0187D347F9DDE8D3AE9655E68788CD645F1E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CpP3jEGWTPk-ZXdYBZzEi325D2g.roa
Signing time:             Sun 30 Apr 2023 17:48:42 +0000
ROA not before:           Sun 30 Apr 2023 17:48:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200160
IP address blocks:        2a0e:b107:660::/44 maxlen: 48
                          2a0e:b107:1d60::/44 maxlen: 48
                          2a0e:b107:1e00::/44 maxlen: 48
                          2a0e:b107:600::/44 maxlen: 48
                          2a0e:b107:5e0::/44 maxlen: 48
                          2a0e:b107:800::/44 maxlen: 48
                          2a0e:b107:690::/44 maxlen: 48
                          2a0e:b107:5f0::/44 maxlen: 48
                          2a0e:b107:ad0::/44 maxlen: 48
                          2a0e:b107:2150::/44 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d3:47:f9:dd:e8:d3:ae:96:55:e6:87:88:cd:64:5f:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Apr 30 17:48:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0a93f78c41964cf93e657758059cc48b7db90f68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:91:23:ed:c4:84:83:1f:03:e4:20:db:c3:0a:
                    3d:7f:2c:5d:20:f9:45:f2:ac:39:22:87:5f:53:a5:
                    5b:11:99:f5:74:8c:71:2a:c7:f5:ae:db:da:c9:7e:
                    c9:db:ec:10:b6:b2:b1:9f:39:e2:33:ef:9e:f5:51:
                    a0:d5:87:6b:bf:f5:be:32:e4:fe:83:82:aa:5c:49:
                    73:21:58:b3:1b:ec:e3:68:6c:d8:19:ce:d6:8c:58:
                    e8:01:b2:00:2f:54:93:ae:e8:d6:cc:3a:57:87:82:
                    0f:1f:cf:61:09:f5:83:d7:73:4d:68:41:47:87:c4:
                    03:e9:04:83:36:ee:86:7d:4e:df:e8:d0:3f:84:9e:
                    5a:cb:cb:48:1d:83:78:f8:69:21:99:b4:26:f8:d9:
                    59:a7:73:52:94:b1:6c:a1:da:7c:e5:c4:35:29:61:
                    89:fe:2e:74:51:4e:26:bb:f5:a9:4e:66:bc:f2:7c:
                    7a:7b:73:36:09:ac:3e:94:e1:dc:43:03:f7:74:67:
                    66:42:31:09:83:db:74:b9:23:6a:93:7a:0e:cb:56:
                    a2:fe:8c:c4:e5:15:f7:a4:5b:50:f9:32:01:67:62:
                    de:fc:0b:5d:ff:52:2c:15:50:e4:b9:00:fa:47:3d:
                    f5:06:55:6a:02:2a:11:0c:6d:0b:b0:65:8d:88:04:
                    18:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:93:F7:8C:41:96:4C:F9:3E:65:77:58:05:9C:C4:8B:7D:B9:0F:68
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CpP3jEGWTPk-ZXdYBZzEi325D2g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:5e0::-2a0e:b107:60f:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:660::/44
                  2a0e:b107:690::/44
                  2a0e:b107:800::/44
                  2a0e:b107:ad0::/44
                  2a0e:b107:1d60::/44
                  2a0e:b107:1e00::/44
                  2a0e:b107:2150::/44

    Signature Algorithm: sha256WithRSAEncryption
         61:fb:ec:31:4d:2f:65:be:21:ed:82:0c:34:76:29:7b:87:46:
         be:f7:96:a8:88:d2:81:cb:df:3a:3b:40:bf:24:37:d1:b4:83:
         0b:40:ab:e9:da:9d:82:9d:7f:c1:4f:4a:a8:aa:d9:55:f3:9f:
         1d:85:b6:98:4a:f2:ef:0d:1c:03:2d:c4:0a:b6:03:e0:f8:14:
         12:0e:a2:f2:e2:a6:06:d6:dd:d8:fd:fc:6c:14:e9:5b:1d:f0:
         c2:b2:a1:d7:e0:db:95:f6:82:32:6f:1a:cc:43:cf:92:f0:b2:
         bc:30:7e:ba:18:e3:c6:e1:74:1e:74:fb:4c:34:bb:fb:3d:0c:
         90:20:3c:a9:34:67:d1:d7:5b:53:be:4f:3c:55:de:d3:c1:c2:
         0a:e8:1f:de:55:7c:75:12:ad:56:e5:21:d6:56:e0:2c:47:55:
         9e:0c:1c:42:25:23:cb:cc:c4:c0:64:1e:c9:ee:da:bc:59:4e:
         df:63:ed:3e:b4:01:ad:f8:55:f3:b2:23:04:2b:50:18:8e:ab:
         cd:6d:25:74:fd:9d:f9:4e:24:c6:a9:8e:81:12:b4:0e:54:4f:
         b0:c5:26:92:90:57:48:4c:74:f1:ae:a5:21:97:18:4a:d3:be:
         d9:c2:ad:22:de:44:7e:80:53:15:f8:27:81:fc:a3:76:0a:5b:
         f5:e6:a0:42
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYfTR/nd6NOullXmh4jNZF8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDMwMTc0ODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTkzZjc4YzQxOTY0Y2Y5M2U2NTc3NTgwNTljYzQ4YjdkYjkwZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupEj7cSEgx8D5CDbwwo9fyxdIPlF
8qw5IodfU6VbEZn1dIxxKsf1rtvayX7J2+wQtrKxnzniM++e9VGg1Ydrv/W+MuT+
g4KqXElzIVizG+zjaGzYGc7WjFjoAbIAL1STrujWzDpXh4IPH89hCfWD13NNaEFH
h8QD6QSDNu6GfU7f6NA/hJ5ay8tIHYN4+GkhmbQm+NlZp3NSlLFsodp85cQ1KWGJ
/i50UU4mu/WpTma88nx6e3M2Caw+lOHcQwP3dGdmQjEJg9t0uSNqk3oOy1ai/ozE
5RX3pFtQ+TIBZ2Le/Atd/1IsFVDkuQD6Rz31BlVqAioRDG0LsGWNiAQYyQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFAqT94xBlkz5PmV3WAWcxIt9uQ9oMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ3BQM2pFR1dUUGstWlhkWUJaekVpMzI1RDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAAjBTMBIDBwUqDrEH
BeADBwQqDrEHBgADBwQqDrEHBmADBwQqDrEHBpADBwQqDrEHCAADBwQqDrEHCtAD
BwQqDrEHHWADBwQqDrEHHgADBwQqDrEHIVAwDQYJKoZIhvcNAQELBQADggEBAGH7
7DFNL2W+Ie2CDDR2KXuHRr73lqiI0oHL3zo7QL8kN9G0gwtAq+nanYKdf8FPSqiq
2VXznx2FtphK8u8NHAMtxAq2A+D4FBIOovLipgbW3dj9/GwU6Vsd8MKyodfg25X2
gjJvGsxDz5LwsrwwfroY48bhdB50+0w0u/s9DJAgPKk0Z9HXW1O+TzxV3tPBwgro
H95VfHUSrVblIdZW4CxHVZ4MHEIlI8vMxMBkHsnu2rxZTt9j7T60Aa34VfOyIwQr
UBiOq81tJXT9nflOJMapjoEStA5UT7DFJpKQV0hMdPGupSGXGErTvtnCrSLeRH6A
UxX4J4H8o3YKW/XmoEI=
-----END CERTIFICATE-----