Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UT5E_HPSFjNfJ3H2NtU763YFlAo.roa
File:                     UT5E_HPSFjNfJ3H2NtU763YFlAo.roa (raw, json)
Hash identifier:          SqxkOxoRGPIdnHx/hcK1xPyRI9L5S94wnL6dnl5iDTM=
Subject key identifier:   51:3E:44:FC:73:D2:16:33:5F:27:71:F6:36:D5:3B:EB:76:05:94:0A
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       01903A176762A5B5F3DFB1886E249BA00F3B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UT5E_HPSFjNfJ3H2NtU763YFlAo.roa
Signing time:             Fri 21 Jun 2024 09:18:50 +0000
ROA not before:           Fri 21 Jun 2024 09:18:50 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        194.50.111.0/24 maxlen: 24
                          2a06:de00:10::/48 maxlen: 48
                          2a0e:97c0:411::/48 maxlen: 48
                          2a0e:97c0:8e0::/48 maxlen: 48
                          2a0e:b107:19a0::/48 maxlen: 48
                          2a0e:b107:1a63::/48 maxlen: 48
                          2a0e:b107:1a64::/48 maxlen: 48
                          2a0e:b107:2880::/46 maxlen: 48

Validation:               Failed, certificate revoked on Fri 21 Jun 2024 22:55:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:3a:17:67:62:a5:b5:f3:df:b1:88:6e:24:9b:a0:0f:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jun 21 09:18:50 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=513e44fc73d216335f2771f636d53beb7605940a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:fd:ae:95:19:94:b9:37:38:23:3e:7a:ae:30:
                    57:86:b2:22:6a:c4:fe:cf:84:15:e6:2b:32:8a:af:
                    20:4b:1b:b7:35:5e:bb:73:f4:38:5c:6e:00:60:bd:
                    90:91:fe:c0:c7:dc:32:df:8f:8a:f9:68:e5:4d:d7:
                    35:79:d3:49:2f:cd:15:4e:9d:bb:53:d5:7a:d7:1d:
                    79:2e:5f:56:ef:a1:4e:31:97:55:fe:c9:aa:7a:89:
                    4d:b9:04:4c:7f:0e:dc:32:69:45:4b:6b:e7:2c:cb:
                    ea:53:7b:9c:80:b3:5c:50:7d:d6:87:c6:18:df:a5:
                    18:32:29:30:80:cf:a4:54:27:21:b8:31:26:d2:09:
                    aa:fe:39:05:ff:0b:e1:05:b4:83:ca:48:2b:10:23:
                    c1:d0:d1:f5:84:80:6b:5b:07:61:b9:70:e6:48:2d:
                    38:6a:70:c1:05:3a:aa:64:11:b2:49:bb:5e:ac:01:
                    04:f1:2b:01:86:0d:cf:a1:2b:cd:9b:d2:be:33:f3:
                    80:3f:4b:a2:f9:3b:18:54:b9:c0:f6:a6:98:98:b3:
                    ad:f4:65:d0:42:2c:0b:33:61:2f:7c:b1:8d:97:fe:
                    3f:af:5f:c7:0b:10:7a:cf:5a:74:67:18:ce:0f:94:
                    19:7d:37:f3:29:40:87:4b:d8:9d:e9:98:a7:88:1e:
                    7c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:3E:44:FC:73:D2:16:33:5F:27:71:F6:36:D5:3B:EB:76:05:94:0A
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UT5E_HPSFjNfJ3H2NtU763YFlAo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.111.0/24
                IPv6:
                  2a06:de00:10::/48
                  2a0e:97c0:411::/48
                  2a0e:97c0:8e0::/48
                  2a0e:b107:19a0::/48
                  2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:2880::/46

    Signature Algorithm: sha256WithRSAEncryption
         ab:a3:5b:a9:ca:27:d3:37:b8:01:09:13:12:3e:81:b9:fb:07:
         f7:db:07:94:01:77:49:cc:0f:3d:0f:81:0b:18:b2:77:21:05:
         5c:aa:07:90:df:31:b8:4c:83:16:36:e9:8c:6d:42:6b:cf:e8:
         fb:8e:6f:32:d7:92:be:0f:67:05:63:a6:c3:76:36:ba:e7:ed:
         37:4f:77:ec:dd:e3:00:db:62:9e:97:51:aa:fd:68:a2:14:37:
         87:f0:9f:be:6b:27:74:aa:99:5a:69:9b:92:d3:56:8e:13:01:
         60:68:2a:e1:a1:40:8c:3c:b8:51:8b:17:f0:2e:69:61:a8:a9:
         13:35:eb:3b:50:e4:b1:b8:f3:e3:4d:ad:85:d1:25:fa:58:a3:
         67:2c:7d:db:d4:38:d4:43:6d:db:f5:08:f2:ae:55:d1:d4:0c:
         20:9c:58:83:38:dd:97:90:88:6f:99:ce:c7:01:d3:e9:a4:42:
         2c:25:fa:2b:73:a8:67:03:6f:21:a0:52:b7:dd:d6:5d:68:02:
         57:f5:b4:ec:eb:6a:d0:03:62:a6:5f:64:fe:9a:bf:d9:36:e2:
         6a:08:4a:77:cf:c6:fb:56:65:08:53:f0:e7:15:88:36:f8:89:
         1e:00:a3:fa:87:1a:6b:3b:de:bf:10:15:0b:8e:2b:c9:07:93:
         84:96:39:0d
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZA6F2dipbXz37GIbiSboA87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjIxMDkxODUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTNlNDRmYzczZDIxNjMzNWYyNzcxZjYzNmQ1M2JlYjc2MDU5NDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv2ulRmUuTc4Iz56rjBXhrIiasT+
z4QV5isyiq8gSxu3NV67c/Q4XG4AYL2Qkf7Ax9wy34+K+WjlTdc1edNJL80VTp27
U9V61x15Ll9W76FOMZdV/smqeolNuQRMfw7cMmlFS2vnLMvqU3ucgLNcUH3Wh8YY
36UYMikwgM+kVCchuDEm0gmq/jkF/wvhBbSDykgrECPB0NH1hIBrWwdhuXDmSC04
anDBBTqqZBGySbterAEE8SsBhg3PoSvNm9K+M/OAP0ui+TsYVLnA9qaYmLOt9GXQ
QiwLM2EvfLGNl/4/r1/HCxB6z1p0ZxjOD5QZfTfzKUCHS9id6ZiniB58CwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFFE+RPxz0hYzXydx9jbVO+t2BZQKMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVVQ1RV9IUFNGak5mSjNIMk50VTc2M1lGbEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAMBAIAATAGAwQAwjJvMEcE
AgACMEEDBwAqBt4AABADBwAqDpfABBEDBwAqDpfACOADBwAqDrEHGaAwEgMHACoO
sQcaYwMHACoOsQcaZAMHAioOsQcogDANBgkqhkiG9w0BAQsFAAOCAQEAq6Nbqcon
0ze4AQkTEj6BufsH99sHlAF3ScwPPQ+BCxiydyEFXKoHkN8xuEyDFjbpjG1Ca8/o
+45vMteSvg9nBWOmw3Y2uuftN0937N3jANtinpdRqv1oohQ3h/CfvmsndKqZWmmb
ktNWjhMBYGgq4aFAjDy4UYsX8C5pYaipEzXrO1Dksbjz402thdEl+lijZyx929Q4
1ENt2/UI8q5V0dQMIJxYgzjdl5CIb5nOxwHT6aRCLCX6K3OoZwNvIaBSt93WXWgC
V/W07Otq0ANipl9k/pq/2TbiaghKd8/G+1ZlCFPw5xWINviJHgCj+ocaazvevxAV
C44ryQeThJY5DQ==
-----END CERTIFICATE-----