Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PoIUZNriItnGTW_ui5bu_Eu-0XQ.roa
File:                     PoIUZNriItnGTW_ui5bu_Eu-0XQ.roa (raw, json)
Hash identifier:          wJEo3T6tiJvhnushY+mD1talu0JUwziAExMlom7UfSI=
Subject key identifier:   3E:82:14:64:DA:E2:22:D9:C6:4D:6F:EE:8B:96:EE:FC:4B:BE:D1:74
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018DE1EF3C4D67D2DBCCD8D2550588301839
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PoIUZNriItnGTW_ui5bu_Eu-0XQ.roa
Signing time:             Sun 25 Feb 2024 20:22:48 +0000
ROA not before:           Sun 25 Feb 2024 20:22:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210490
IP address blocks:        2a0e:b107:17b0::/48 maxlen: 48
                          2a0e:b107:17b1::/48 maxlen: 48
                          2a0e:b107:17b2::/48 maxlen: 48
                          2a0e:b107:17b3::/48 maxlen: 48
                          2a0e:b107:17b4::/48 maxlen: 48
                          2a0e:b107:17b5::/48 maxlen: 48
                          2a0e:b107:17b6::/48 maxlen: 48
                          2a0e:b107:17b7::/48 maxlen: 48
                          2a0e:b107:17b8::/48 maxlen: 48
                          2a0e:b107:17b9::/48 maxlen: 48
                          2a0e:b107:17ba::/48 maxlen: 48
                          2a0e:b107:17bb::/48 maxlen: 48
                          2a0e:b107:17bc::/48 maxlen: 48
                          2a0e:b107:17bd::/48 maxlen: 48
                          2a0e:b107:17be::/48 maxlen: 48
                          2a0e:b107:17bf::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 25 Feb 2024 21:40:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:e1:ef:3c:4d:67:d2:db:cc:d8:d2:55:05:88:30:18:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 25 20:22:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3e821464dae222d9c64d6fee8b96eefc4bbed174
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:6f:59:cd:b1:d2:8f:28:22:0f:07:ae:ba:5f:
                    0a:41:b8:02:ee:d2:61:13:1d:c4:82:d3:cd:2e:6f:
                    ef:37:03:a6:da:ce:6f:4e:23:81:32:81:f0:a2:06:
                    af:a4:27:ad:5e:ed:15:79:3c:50:b8:34:39:c8:09:
                    15:f7:5a:74:30:4d:ca:4d:8e:79:3a:ec:08:8d:63:
                    47:b6:42:80:f7:c4:1d:2f:99:c4:1b:6e:15:03:15:
                    65:c2:55:9e:ac:b5:00:bc:c6:67:88:8a:ba:e0:fd:
                    a1:cd:b0:70:8b:21:a5:6d:f1:2c:46:4b:55:48:5e:
                    85:d4:b0:e1:4f:ee:2d:8a:06:25:7a:a6:ac:f0:59:
                    07:18:54:74:22:6f:51:84:66:3c:70:ab:03:62:6a:
                    20:b2:29:5c:a6:e2:2a:f6:13:13:c8:36:fd:69:4d:
                    d4:86:56:eb:d7:a6:62:ba:16:3b:61:d8:b8:7e:b5:
                    55:2d:57:b9:5a:f0:2e:83:6f:96:e3:3e:c5:64:e9:
                    dd:b6:98:71:4a:aa:c1:69:ad:50:68:ed:ec:e9:10:
                    97:96:67:e1:b2:e8:a3:cf:e3:b1:bf:8b:4b:18:39:
                    2d:03:5c:d5:9f:2e:08:fd:19:e1:dd:57:75:c1:01:
                    6b:45:16:c9:73:b5:97:a8:87:b4:46:82:ce:8a:4c:
                    3f:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:82:14:64:DA:E2:22:D9:C6:4D:6F:EE:8B:96:EE:FC:4B:BE:D1:74
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/PoIUZNriItnGTW_ui5bu_Eu-0XQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:17b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         00:71:db:df:94:94:dd:c3:cc:7d:a4:a1:ce:3f:f0:3b:7d:05:
         39:ce:62:a0:34:d3:2e:04:ae:d9:f1:fa:2d:15:90:ef:1b:75:
         36:69:f7:d5:34:01:5a:98:16:5c:36:cc:15:e6:8d:81:b1:01:
         d0:09:aa:0d:92:aa:9a:4b:c0:f1:9b:d4:89:04:72:2c:c8:8e:
         3f:8b:a0:99:a3:2f:98:4c:a6:a9:29:02:51:77:78:32:87:cd:
         9c:53:73:c6:7f:02:a4:99:cd:3f:0a:29:c4:1d:e9:c3:99:d5:
         7e:f0:7b:3f:49:03:70:b0:10:6a:d5:aa:d8:ac:4f:5b:2c:94:
         6a:fd:39:7c:c2:db:57:6f:8e:fd:7e:a5:3d:d2:02:7b:08:f8:
         cf:7c:26:02:6b:74:f1:80:a5:3f:55:84:cd:88:b3:c6:38:26:
         18:a8:da:b2:a3:42:1e:01:db:5f:cb:4a:e1:30:ac:aa:82:18:
         86:06:8c:bb:ff:de:23:77:3c:c3:ad:c9:5f:16:e2:c8:f8:09:
         3a:eb:bc:95:33:f0:7d:12:a9:62:33:70:04:b1:5b:c7:19:32:
         ea:09:57:60:5b:28:a8:d6:fa:48:02:e7:20:9f:cd:3c:b8:67:
         e1:04:3e:2b:d9:b3:56:10:91:94:f2:6e:42:75:3a:64:83:1e:
         d9:5a:0a:24
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY3h7zxNZ9LbzNjSVQWIMBg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjI1MjAyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTgyMTQ2NGRhZTIyMmQ5YzY0ZDZmZWU4Yjk2ZWVmYzRiYmVkMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj29ZzbHSjygiDweuul8KQbgC7tJh
Ex3EgtPNLm/vNwOm2s5vTiOBMoHwogavpCetXu0VeTxQuDQ5yAkV91p0ME3KTY55
OuwIjWNHtkKA98QdL5nEG24VAxVlwlWerLUAvMZniIq64P2hzbBwiyGlbfEsRktV
SF6F1LDhT+4tigYleqas8FkHGFR0Im9RhGY8cKsDYmogsilcpuIq9hMTyDb9aU3U
hlbr16ZiuhY7Ydi4frVVLVe5WvAug2+W4z7FZOndtphxSqrBaa1QaO3s6RCXlmfh
suijz+Oxv4tLGDktA1zVny4I/Rnh3Vd1wQFrRRbJc7WXqIe0RoLOikw/TQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD6CFGTa4iLZxk1v7ouW7vxLvtF0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUG9JVVpOcmlJdG5HVFdfdWk1YnVfRXUtMFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxew
MA0GCSqGSIb3DQEBCwUAA4IBAQAAcdvflJTdw8x9pKHOP/A7fQU5zmKgNNMuBK7Z
8fotFZDvG3U2affVNAFamBZcNswV5o2BsQHQCaoNkqqaS8Dxm9SJBHIsyI4/i6CZ
oy+YTKapKQJRd3gyh82cU3PGfwKkmc0/CinEHenDmdV+8Hs/SQNwsBBq1arYrE9b
LJRq/Tl8wttXb479fqU90gJ7CPjPfCYCa3TxgKU/VYTNiLPGOCYYqNqyo0IeAdtf
y0rhMKyqghiGBoy7/94jdzzDrclfFuLI+Ak667yVM/B9EqliM3AEsVvHGTLqCVdg
Wyio1vpIAucgn808uGfhBD4r2bNWEJGU8m5CdTpkgx7ZWgok
-----END CERTIFICATE-----