Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/a0kPSghVcbp_Kd6cWXoBK-vd2to.roa
File:                     a0kPSghVcbp_Kd6cWXoBK-vd2to.roa (raw, json)
Hash identifier:          lE9LGNy7qPa1rWfoaViSPWECVecBcTmEGdDYxrMzglA=
Subject key identifier:   6B:49:0F:4A:08:55:71:BA:7F:29:DE:9C:59:7A:01:2B:EB:DD:DA:DA
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0185E48AE07DAB72D60FE020340DDFDF91F7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/a0kPSghVcbp_Kd6cWXoBK-vd2to.roa
Signing time:             Tue 24 Jan 2023 16:09:44 +0000
ROA not before:           Tue 24 Jan 2023 16:09:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208680
IP address blocks:        2a0e:b107:790::/48 maxlen: 48
                          2a0e:b107:795::/48 maxlen: 48
                          2a0e:b107:79a::/48 maxlen: 48
                          2a0e:b107:79f::/48 maxlen: 48
                          2a0e:b107:794::/48 maxlen: 48
                          2a0e:b107:799::/48 maxlen: 48
                          2a0e:b107:79e::/48 maxlen: 48
                          2a0e:b107:793::/48 maxlen: 48
                          2a0e:b107:798::/48 maxlen: 48
                          2a0e:b107:79d::/48 maxlen: 48
                          2a0e:b107:792::/48 maxlen: 48
                          2a0e:b107:797::/48 maxlen: 48
                          2a0e:b107:79c::/48 maxlen: 48
                          2a0e:b107:791::/48 maxlen: 48
                          2a0e:b107:796::/48 maxlen: 48
                          2a0e:b107:79b::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 14 Sep 2023 06:56:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:e4:8a:e0:7d:ab:72:d6:0f:e0:20:34:0d:df:df:91:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 24 16:09:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6b490f4a085571ba7f29de9c597a012bebdddada
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:0c:0f:0d:b5:96:1f:15:cf:5d:4b:da:9f:20:
                    cd:89:4a:7c:c8:ca:f8:67:57:83:0f:1e:8c:69:7e:
                    cb:90:93:ee:15:27:77:8f:aa:61:f4:b3:db:96:3f:
                    b4:d2:04:f0:b1:2a:c8:f7:0e:12:17:d7:47:6e:7e:
                    00:d4:2f:1c:0d:d3:aa:d7:08:86:96:f8:8b:88:fa:
                    3b:e8:83:70:d2:ca:1e:a5:1f:05:d4:f0:23:f7:3d:
                    a1:c9:43:24:06:a0:61:26:93:bf:71:cb:84:ca:78:
                    0e:27:d0:51:8e:91:f1:4b:70:75:b6:74:40:76:30:
                    8e:85:5f:23:a3:51:63:f2:cf:d8:02:90:b2:f3:de:
                    6e:90:d3:93:a8:85:8e:07:75:da:60:c1:c7:71:1e:
                    3d:4b:0c:fa:53:12:c7:d5:17:7b:be:66:ca:7a:28:
                    53:78:eb:e2:b5:6d:5c:81:60:23:06:7b:16:7e:0b:
                    17:22:3c:b4:2e:a8:7d:52:b0:54:49:15:1e:93:d2:
                    e3:3f:de:f4:96:92:c1:ca:ae:98:4e:77:c2:24:19:
                    a5:91:9d:d3:0e:e9:36:8b:4e:ee:78:b9:48:91:ac:
                    27:c3:ab:15:9c:2f:b5:22:02:cc:c3:7f:f1:09:f3:
                    3f:d0:38:f9:6a:53:62:cb:aa:ec:25:2d:c2:4b:ba:
                    f5:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:49:0F:4A:08:55:71:BA:7F:29:DE:9C:59:7A:01:2B:EB:DD:DA:DA
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/a0kPSghVcbp_Kd6cWXoBK-vd2to.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:790::/44

    Signature Algorithm: sha256WithRSAEncryption
         0e:19:05:39:c4:6f:83:a5:2f:d3:c5:af:3f:4a:34:ab:58:ad:
         88:8c:65:95:70:70:41:19:e4:a6:23:4c:a8:69:a5:80:d4:94:
         3a:78:b8:f7:bd:0d:78:8c:82:b6:78:87:35:69:1f:8d:a6:c4:
         31:f1:ef:36:60:20:ba:57:37:10:73:f0:7f:2d:0b:c3:63:85:
         f6:b0:85:15:20:29:9c:8a:fe:16:eb:c9:96:e0:5f:4b:a7:4e:
         8a:c5:7c:d5:15:60:0a:5b:50:15:b0:36:2e:f3:e3:90:2b:0a:
         83:b2:e9:d6:84:1c:2b:2c:26:f9:d0:fe:9b:c9:0c:43:a6:4e:
         89:77:04:ae:26:50:a6:5c:e4:b1:f8:18:96:89:9c:c0:34:7d:
         62:be:1f:55:7c:73:23:a6:1c:b9:be:5a:aa:32:57:77:ae:e7:
         05:41:cb:fd:40:36:e4:9b:07:af:9a:3a:d7:17:25:e4:c6:8c:
         74:de:66:84:a0:e4:b1:f5:14:d3:57:37:3c:51:ec:d0:be:f6:
         15:ae:99:bd:be:ba:5e:a8:30:0c:5f:36:c1:ed:f2:94:8b:55:
         14:79:51:5c:1d:2e:61:04:b9:3e:e9:07:3c:99:09:38:c7:4d:
         60:76:a6:01:9c:34:fb:19:31:a4:b8:44:6d:da:10:d4:01:58:
         3c:79:24:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiuB9q3LWD+AgNA3f35H3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQ5MGY0YTA4NTU3MWJhN2YyOWRlOWM1OTdhMDEyYmViZGRkYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQwPDbWWHxXPXUvanyDNiUp8yMr4
Z1eDDx6MaX7LkJPuFSd3j6ph9LPblj+00gTwsSrI9w4SF9dHbn4A1C8cDdOq1wiG
lviLiPo76INw0soepR8F1PAj9z2hyUMkBqBhJpO/ccuEyngOJ9BRjpHxS3B1tnRA
djCOhV8jo1Fj8s/YApCy895ukNOTqIWOB3XaYMHHcR49Swz6UxLH1Rd7vmbKeihT
eOvitW1cgWAjBnsWfgsXIjy0Lqh9UrBUSRUek9LjP970lpLByq6YTnfCJBmlkZ3T
Duk2i07ueLlIkawnw6sVnC+1IgLMw3/xCfM/0Dj5alNiy6rsJS3CS7r16QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGtJD0oIVXG6fynenFl6ASvr3draMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYTBrUFNnaFZjYnBfS2Q2Y1dYb0JLLXZkMnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBweQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAOGQU5xG+DpS/Txa8/SjSrWK2IjGWVcHBBGeSm
I0yoaaWA1JQ6eLj3vQ14jIK2eIc1aR+NpsQx8e82YCC6VzcQc/B/LQvDY4X2sIUV
ICmciv4W68mW4F9Lp06KxXzVFWAKW1AVsDYu8+OQKwqDsunWhBwrLCb50P6byQxD
pk6JdwSuJlCmXOSx+BiWiZzANH1ivh9VfHMjphy5vlqqMld3rucFQcv9QDbkmwev
mjrXFyXkxox03maEoOSx9RTTVzc8UezQvvYVrpm9vrpeqDAMXzbB7fKUi1UUeVFc
HS5hBLk+6Qc8mQk4x01gdqYBnDT7GTGkuERt2hDUAVg8eSR/
-----END CERTIFICATE-----