Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EDfuL0_LL2eCjUnrkXnQf621MuA.roa
File:                     EDfuL0_LL2eCjUnrkXnQf621MuA.roa (raw, json)
Hash identifier:          6AlfB1lPwmgUHSAOaoIw1Bfgr89evaFjluwshCQsKmI=
Subject key identifier:   10:37:EE:2F:4F:CB:2F:67:82:8D:49:EB:91:79:D0:7F:AD:B5:32:E0
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018B41DA4ACDEFCD3B75DFAB57EC51420C54
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EDfuL0_LL2eCjUnrkXnQf621MuA.roa
Signing time:             Wed 18 Oct 2023 08:15:06 +0000
ROA not before:           Wed 18 Oct 2023 08:15:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205977
IP address blocks:        2a0e:b107:760::/48 maxlen: 48
                          2a0e:b107:765::/48 maxlen: 48
                          2a0e:b107:76a::/48 maxlen: 48
                          2a10:2f00:120::/48 maxlen: 48
                          2a0e:b107:764::/48 maxlen: 48
                          2a0e:b107:769::/48 maxlen: 48
                          2a0e:b107:768::/45 maxlen: 48
                          2a0e:b107:763::/48 maxlen: 48
                          2a0e:b107:768::/48 maxlen: 48
                          2a0e:b107:760::/44 maxlen: 48
                          2a0e:b107:762::/48 maxlen: 48
                          2a0e:b107:767::/48 maxlen: 48
                          2a0e:b107:761::/48 maxlen: 48
                          2a0e:b107:766::/48 maxlen: 48
                          2a0e:b107:76b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:41:da:4a:cd:ef:cd:3b:75:df:ab:57:ec:51:42:0c:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Oct 18 08:15:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1037ee2f4fcb2f67828d49eb9179d07fadb532e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:74:db:36:10:5f:f4:0c:21:85:cf:e2:33:a9:
                    5e:46:c4:b4:2e:b8:7f:33:ab:3f:6a:a8:c1:ea:cc:
                    fc:2f:45:8b:bd:23:83:44:c3:88:27:71:31:60:b6:
                    7d:b2:95:64:0e:23:29:08:e9:ee:e3:fb:f3:fa:7a:
                    65:dc:ae:3d:53:79:40:86:b8:7d:52:41:3c:12:6e:
                    04:ca:fc:58:5f:48:bf:95:2a:99:cc:83:8b:9f:bd:
                    55:3e:16:43:7e:6b:bd:e5:86:b8:51:d1:18:71:e2:
                    2d:ac:2a:53:7f:10:d3:2d:8f:23:8b:07:61:7f:59:
                    45:ae:60:73:4b:d5:0c:50:6b:4a:a6:f6:ed:9f:66:
                    96:0b:6d:c0:75:a6:8d:d7:63:cf:9b:bf:03:bc:ff:
                    41:56:ba:63:6a:02:16:17:0c:e8:ee:71:db:a3:22:
                    14:a8:d6:d0:b4:c7:58:3f:b9:15:43:92:87:c5:e9:
                    9d:2c:7f:fa:69:a1:74:0b:40:4a:b6:06:8b:fd:f1:
                    29:13:84:2e:a3:a9:e9:18:a0:7d:4d:d4:5e:c8:55:
                    94:8a:57:d7:8a:de:63:d5:32:c7:92:a9:43:22:ff:
                    ad:3d:37:3b:10:8f:e4:b9:02:1a:ab:62:38:19:77:
                    32:1a:29:c8:e7:93:e8:df:c1:9b:ea:e5:46:8f:3b:
                    e6:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:37:EE:2F:4F:CB:2F:67:82:8D:49:EB:91:79:D0:7F:AD:B5:32:E0
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/EDfuL0_LL2eCjUnrkXnQf621MuA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:760::/44
                  2a10:2f00:120::/48

    Signature Algorithm: sha256WithRSAEncryption
         ae:aa:f2:84:1b:21:45:a2:49:f5:22:de:06:dd:a5:ea:a6:c6:
         d2:94:35:93:69:70:99:51:60:c4:07:34:30:55:74:07:25:52:
         69:26:ca:99:38:c7:be:a5:53:de:b3:70:59:c5:47:19:ab:b9:
         e1:a1:15:70:5b:e8:7a:b4:09:db:5f:ae:e3:15:5e:f7:40:36:
         b8:a8:87:45:0f:eb:41:d2:3c:a1:95:e8:8e:54:ee:0c:b8:82:
         05:a3:00:5d:9e:51:5c:47:ec:10:86:c3:30:aa:6b:b4:80:65:
         1c:47:35:3c:b1:f0:d4:cf:73:c6:15:9e:8c:b7:cd:54:c3:0d:
         85:37:66:5a:ae:17:29:52:de:57:c3:f2:4b:df:8c:d5:e8:76:
         46:90:da:1d:39:e9:8a:25:64:a5:f9:b9:e5:35:4a:0e:6d:11:
         84:ff:d0:cf:11:dc:0a:70:a1:e2:5e:63:17:65:e4:35:88:aa:
         bb:4d:4e:52:b7:ea:a3:a0:1a:40:bf:51:79:21:b4:a4:c4:8c:
         25:71:ae:d4:b0:b3:73:a3:e6:f4:3c:d0:4e:03:85:14:a3:52:
         0c:ea:ec:04:06:3f:07:2f:f0:2e:bb:25:28:6f:1b:0f:53:49:
         26:71:62:dd:6d:dd:1d:25:8f:22:fe:6a:cd:fb:be:4f:a6:b4:
         c6:cc:48:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtB2krN7807dd+rV+xRQgxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMDE4MDgxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDM3ZWUyZjRmY2IyZjY3ODI4ZDQ5ZWI5MTc5ZDA3ZmFkYjUzMmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3TbNhBf9Awhhc/iM6leRsS0Lrh/
M6s/aqjB6sz8L0WLvSODRMOIJ3ExYLZ9spVkDiMpCOnu4/vz+npl3K49U3lAhrh9
UkE8Em4EyvxYX0i/lSqZzIOLn71VPhZDfmu95Ya4UdEYceItrCpTfxDTLY8jiwdh
f1lFrmBzS9UMUGtKpvbtn2aWC23AdaaN12PPm78DvP9BVrpjagIWFwzo7nHboyIU
qNbQtMdYP7kVQ5KHxemdLH/6aaF0C0BKtgaL/fEpE4Quo6npGKB9TdReyFWUilfX
it5j1TLHkqlDIv+tPTc7EI/kuQIaq2I4GXcyGinI55Po38Gb6uVGjzvmGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBA37i9Pyy9ngo1J65F50H+ttTLgMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRURmdUwwX0xMMmVDalVucmtYblFmNjIxTXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwdg
AwcAKhAvAAEgMA0GCSqGSIb3DQEBCwUAA4IBAQCuqvKEGyFFokn1It4G3aXqpsbS
lDWTaXCZUWDEBzQwVXQHJVJpJsqZOMe+pVPes3BZxUcZq7nhoRVwW+h6tAnbX67j
FV73QDa4qIdFD+tB0jyhleiOVO4MuIIFowBdnlFcR+wQhsMwqmu0gGUcRzU8sfDU
z3PGFZ6Mt81Uww2FN2ZarhcpUt5Xw/JL34zV6HZGkNodOemKJWSl+bnlNUoObRGE
/9DPEdwKcKHiXmMXZeQ1iKq7TU5St+qjoBpAv1F5IbSkxIwlca7UsLNzo+b0PNBO
A4UUo1IM6uwEBj8HL/AuuyUobxsPU0kmcWLdbd0dJY8i/mrN+75PprTGzEjC
-----END CERTIFICATE-----