Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JsMP4UWUaq_hbSZC-K_vLapI_XU.roa
File:                     JsMP4UWUaq_hbSZC-K_vLapI_XU.roa (raw, json)
Hash identifier:          cucD4aRuNRWcWnXQBGzjwdlsFO5k9hZ6rSqZ8nSrs/o=
Subject key identifier:   26:C3:0F:E1:45:94:6A:AF:E1:6D:26:42:F8:AF:EF:2D:AA:48:FD:75
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01863C818D5FBD979B41815275180B3BE6CC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JsMP4UWUaq_hbSZC-K_vLapI_XU.roa
Signing time:             Fri 10 Feb 2023 18:06:08 +0000
ROA not before:           Fri 10 Feb 2023 18:06:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200160
IP address blocks:        2a0e:b107:660::/44 maxlen: 48
                          2a0e:b107:1d60::/44 maxlen: 48
                          2a0e:b107:600::/44 maxlen: 48
                          2a0e:b107:1e00::/44 maxlen: 48
                          2a0e:b107:5e0::/44 maxlen: 48
                          2a0e:b107:900::/44 maxlen: 48
                          2a0e:b107:800::/44 maxlen: 48
                          2a0e:b107:bb0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 10:38:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:3c:81:8d:5f:bd:97:9b:41:81:52:75:18:0b:3b:e6:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 10 18:06:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=26c30fe145946aafe16d2642f8afef2daa48fd75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:a4:0a:4c:ee:1c:31:0c:51:e9:2d:b3:97:e7:
                    b8:c2:58:bf:d9:66:de:db:d3:b4:24:d3:4f:16:63:
                    a0:b3:e2:15:5e:4b:5d:a6:b4:df:fc:c4:d3:8e:b6:
                    b4:45:e5:05:51:29:6c:97:0b:31:38:2d:95:d3:3e:
                    3c:41:90:eb:d2:71:d6:66:28:52:21:71:90:6a:36:
                    27:61:00:4d:31:ba:77:09:21:0b:7e:fe:36:16:09:
                    f9:6e:f0:39:8e:16:c5:55:b5:fc:c9:32:14:d4:b3:
                    90:0b:07:15:75:b7:f2:8f:5f:99:7e:17:8e:d5:6e:
                    67:2f:90:28:f5:c7:2b:eb:17:6d:6a:2b:9a:2a:e9:
                    e2:14:b8:23:cb:8f:70:4a:2a:5a:31:d5:d5:73:0a:
                    5b:8f:ef:ab:a4:76:60:d0:81:60:d3:84:c5:71:60:
                    98:af:c7:9c:72:e5:24:bb:b5:2e:85:be:ae:f1:62:
                    37:b0:fe:80:74:5c:dd:2d:e3:c1:14:d3:2f:11:08:
                    29:b8:de:1e:2c:22:14:6e:7a:9a:b3:a9:60:2f:61:
                    09:9b:9d:4e:62:b4:ee:de:3e:b7:b9:6e:b6:f5:f8:
                    d1:6c:95:e8:09:34:a6:b3:dd:6c:9a:08:6c:dd:32:
                    e3:6c:ce:0b:14:5f:5b:5b:01:1c:72:bd:a6:d2:ec:
                    ae:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:C3:0F:E1:45:94:6A:AF:E1:6D:26:42:F8:AF:EF:2D:AA:48:FD:75
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JsMP4UWUaq_hbSZC-K_vLapI_XU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:5e0::/44
                  2a0e:b107:600::/44
                  2a0e:b107:660::/44
                  2a0e:b107:800::/44
                  2a0e:b107:900::/44
                  2a0e:b107:bb0::/44
                  2a0e:b107:1d60::/44
                  2a0e:b107:1e00::/44

    Signature Algorithm: sha256WithRSAEncryption
         39:6f:91:50:59:b6:5a:06:b0:d3:7a:58:43:1a:52:8e:8e:20:
         a9:51:5c:da:1e:b3:21:6c:11:28:68:87:9a:55:8e:76:dd:84:
         55:8a:4f:71:ee:f9:e7:0a:4f:2e:fe:83:15:7e:c5:56:a6:bb:
         10:05:71:38:b2:ae:70:66:32:ba:5f:3a:db:f6:8c:f7:d2:ff:
         c3:f3:a2:f3:61:bf:2a:df:01:b9:98:79:42:68:ce:1f:67:12:
         49:b8:2f:8b:78:aa:fe:00:a5:26:2d:65:71:42:28:e0:61:01:
         d9:3c:d4:28:6b:96:6f:93:74:57:0c:ae:5d:e9:f6:38:ac:9a:
         dd:b7:57:ae:ae:f9:c8:f8:5b:e3:c0:d1:16:06:7e:89:e9:70:
         b4:2f:5e:35:39:69:c2:d3:dc:64:ac:48:ba:1e:4b:0e:cf:88:
         10:7a:c0:2e:41:44:dd:b6:56:33:26:da:1d:3e:86:9e:80:48:
         f6:21:4c:65:4b:55:b6:fb:ec:42:7e:96:ea:92:76:ca:91:11:
         a8:75:8e:b6:5d:69:74:fc:d7:91:12:9b:cc:4c:e6:00:ff:7b:
         b3:6b:1e:3e:24:01:a6:ba:90:b7:87:16:ee:47:cf:f0:1f:8a:
         79:ee:32:c2:22:80:66:03:98:77:a5:18:2b:2d:d0:f5:32:bb:
         b4:81:e6:63
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYY8gY1fvZebQYFSdRgLO+bMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjEwMTgwNjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmMzMGZlMTQ1OTQ2YWFmZTE2ZDI2NDJmOGFmZWYyZGFhNDhmZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaQKTO4cMQxR6S2zl+e4wli/2Wbe
29O0JNNPFmOgs+IVXktdprTf/MTTjra0ReUFUSlslwsxOC2V0z48QZDr0nHWZihS
IXGQajYnYQBNMbp3CSELfv42Fgn5bvA5jhbFVbX8yTIU1LOQCwcVdbfyj1+ZfheO
1W5nL5Ao9ccr6xdtaiuaKuniFLgjy49wSipaMdXVcwpbj++rpHZg0IFg04TFcWCY
r8eccuUku7Uuhb6u8WI3sP6AdFzdLePBFNMvEQgpuN4eLCIUbnqas6lgL2EJm51O
YrTu3j63uW629fjRbJXoCTSms91smghs3TLjbM4LFF9bWwEccr2m0uyuwQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCbDD+FFlGqv4W0mQviv7y2qSP11MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSnNNUDRVV1VhcV9oYlNaQy1LX3ZMYXBJX1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAAjBIAwcEKg6xBwXg
AwcEKg6xBwYAAwcEKg6xBwZgAwcEKg6xBwgAAwcEKg6xBwkAAwcEKg6xBwuwAwcE
Kg6xBx1gAwcEKg6xBx4AMA0GCSqGSIb3DQEBCwUAA4IBAQA5b5FQWbZaBrDTelhD
GlKOjiCpUVzaHrMhbBEoaIeaVY523YRVik9x7vnnCk8u/oMVfsVWprsQBXE4sq5w
ZjK6Xzrb9oz30v/D86LzYb8q3wG5mHlCaM4fZxJJuC+LeKr+AKUmLWVxQijgYQHZ
PNQoa5Zvk3RXDK5d6fY4rJrdt1eurvnI+FvjwNEWBn6J6XC0L141OWnC09xkrEi6
HksOz4gQesAuQUTdtlYzJtodPoaegEj2IUxlS1W2++xCfpbqknbKkRGodY62XWl0
/NeREpvMTOYA/3uzax4+JAGmupC3hxbuR8/wH4p57jLCIoBmA5h3pRgrLdD1Mru0
geZj
-----END CERTIFICATE-----