Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M2MvX1xxyDO4gqvjlo2IOjxBZgI.roa
File:                     M2MvX1xxyDO4gqvjlo2IOjxBZgI.roa (raw, json)
Hash identifier:          fBw8tIiiO1POIVsggin52ixzb9jytZHtsWss6kKhyXs=
Subject key identifier:   33:63:2F:5F:5C:71:C8:33:B8:82:AB:E3:96:8D:88:3A:3C:41:66:02
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018570E7A0C5973EFE4861D00812984CFCEA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M2MvX1xxyDO4gqvjlo2IOjxBZgI.roa
Signing time:             Mon 02 Jan 2023 05:15:06 +0000
ROA not before:           Mon 02 Jan 2023 05:15:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200625
IP address blocks:        2a0e:97c0:61d::/48 maxlen: 48
                          2a0e:97c0:610::/44 maxlen: 48
                          2a0e:97c0:618::/48 maxlen: 48
                          2a0e:97c0:613::/48 maxlen: 48
                          2a0e:97c0:61e::/48 maxlen: 48
                          2a0e:97c0:611::/48 maxlen: 48
                          2a0e:97c0:61c::/48 maxlen: 48
                          2a0e:97c0:617::/48 maxlen: 48
                          2a0e:97c0:612::/48 maxlen: 48
                          2a0e:97c0:615::/48 maxlen: 48
                          2a0e:97c0:610::/48 maxlen: 48
                          2a0e:97c0:61b::/48 maxlen: 48
                          2a0e:97c0:616::/48 maxlen: 48
                          2a0e:97c0:619::/48 maxlen: 48
                          2a0e:97c0:614::/48 maxlen: 48
                          2a0e:97c0:61f::/48 maxlen: 48
                          2a0e:97c0:61a::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:a0:c5:97:3e:fe:48:61:d0:08:12:98:4c:fc:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan  2 05:15:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=33632f5f5c71c833b882abe3968d883a3c416602
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:da:12:94:d2:22:1e:1b:bd:b7:71:5c:44:fe:
                    ec:32:a8:60:19:96:78:7f:b0:1e:7b:b6:4d:93:f6:
                    ea:84:19:c4:a0:af:3e:dd:12:73:66:8b:0e:7a:d1:
                    85:39:43:6e:e4:6f:b7:50:c0:80:4b:04:37:10:6d:
                    9f:be:b2:b3:01:e5:41:e7:b8:bd:9b:49:fd:a2:68:
                    b1:c4:e7:e4:14:e1:85:63:f6:ef:a2:09:0b:b5:22:
                    9c:88:a1:2b:64:63:31:46:a7:46:b2:89:a7:c2:1d:
                    be:4c:46:74:14:7a:61:7a:27:f8:77:a1:61:04:0a:
                    fb:38:55:5b:c6:ec:28:47:a8:59:99:37:6b:b2:c5:
                    b5:92:5c:38:6d:4b:45:b2:bc:e2:84:62:96:ae:e9:
                    a1:a0:08:0d:ea:5c:d6:a6:b8:ee:b6:69:44:67:71:
                    b9:35:ec:53:69:e8:a4:1e:97:30:0c:ca:9f:ce:12:
                    e6:1a:2b:25:70:a5:7f:c4:c7:99:48:49:e7:bd:89:
                    fc:2f:59:b5:64:61:9e:de:c0:7b:a1:d1:be:d4:cc:
                    a2:00:ac:79:9a:16:9b:0c:90:8a:11:66:17:85:78:
                    35:6d:24:45:54:ef:f3:7d:ca:51:18:dc:be:98:b0:
                    e0:d6:5e:18:94:a0:bd:c8:cd:e8:cb:28:0e:8a:4a:
                    ec:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:63:2F:5F:5C:71:C8:33:B8:82:AB:E3:96:8D:88:3A:3C:41:66:02
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/M2MvX1xxyDO4gqvjlo2IOjxBZgI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:610::/44

    Signature Algorithm: sha256WithRSAEncryption
         b0:54:82:ca:5c:aa:31:25:00:33:7e:ad:f6:b0:56:79:44:c6:
         01:a7:5d:b3:55:e3:ee:d2:86:c5:44:80:b8:ec:ca:c6:13:ea:
         5f:34:d4:eb:2d:51:82:7a:ac:8a:f9:62:16:c2:38:94:36:de:
         d3:eb:41:90:84:c4:21:0e:54:d3:77:0e:29:84:77:fa:ee:41:
         21:e6:af:49:24:95:98:ba:ee:a7:e3:1b:3c:ff:68:ff:dd:29:
         61:3b:bb:e2:06:5b:2a:eb:ec:e1:fb:bf:a9:38:cd:a0:31:6c:
         48:46:89:9f:c1:b7:a1:61:5f:b9:e2:40:62:93:4f:a2:c9:d4:
         e1:ce:38:0a:40:07:2a:18:f8:dd:76:32:d0:a6:af:12:d8:d1:
         d6:64:29:ff:56:30:27:62:54:c6:6f:02:96:ba:2a:0a:9c:98:
         7d:d1:a8:b1:36:31:d5:e0:37:f3:a0:92:a4:ad:06:53:f4:6f:
         4e:35:ce:14:1f:5a:56:f7:c2:7d:dd:8c:1a:4c:25:c9:77:48:
         f6:00:2c:3d:7d:f2:0e:0e:cb:92:66:56:6e:e7:d7:5f:e5:e8:
         67:23:7b:d9:f0:d7:b7:2b:f8:2b:9d:fd:58:29:1a:76:b5:63:
         48:da:18:20:e4:7c:7d:0c:58:db:ca:02:12:2c:fc:83:f9:39:
         05:fa:94:1c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw56DFlz7+SGHQCBKYTPzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzYzMmY1ZjVjNzFjODMzYjg4MmFiZTM5NjhkODgzYTNjNDE2NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudoSlNIiHhu9t3FcRP7sMqhgGZZ4
f7Aee7ZNk/bqhBnEoK8+3RJzZosOetGFOUNu5G+3UMCASwQ3EG2fvrKzAeVB57i9
m0n9omixxOfkFOGFY/bvogkLtSKciKErZGMxRqdGsomnwh2+TEZ0FHpheif4d6Fh
BAr7OFVbxuwoR6hZmTdrssW1klw4bUtFsrzihGKWrumhoAgN6lzWprjutmlEZ3G5
NexTaeikHpcwDMqfzhLmGislcKV/xMeZSEnnvYn8L1m1ZGGe3sB7odG+1MyiAKx5
mhabDJCKEWYXhXg1bSRFVO/zfcpRGNy+mLDg1l4YlKC9yM3oyygOikrstQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDNjL19cccgzuIKr45aNiDo8QWYCMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTTJNdlgxeHh5RE80Z3F2amxvMklPanhCWmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCwVILKXKoxJQAzfq32sFZ5RMYBp12zVePu0obF
RIC47MrGE+pfNNTrLVGCeqyK+WIWwjiUNt7T60GQhMQhDlTTdw4phHf67kEh5q9J
JJWYuu6n4xs8/2j/3SlhO7viBlsq6+zh+7+pOM2gMWxIRomfwbehYV+54kBik0+i
ydThzjgKQAcqGPjddjLQpq8S2NHWZCn/VjAnYlTGbwKWuioKnJh90aixNjHV4Dfz
oJKkrQZT9G9ONc4UH1pW98J93YwaTCXJd0j2ACw9ffIODsuSZlZu59df5ehnI3vZ
8Ne3K/grnf1YKRp2tWNI2hgg5Hx9DFjbygISLPyD+TkF+pQc
-----END CERTIFICATE-----