Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eErI06CndxvYhWnyrdDdJ8AMdm8.roa
File:                     eErI06CndxvYhWnyrdDdJ8AMdm8.roa (raw, json)
Hash identifier:          BhLhBnkpMPPddrVihlMZpcNQ4l/L9Qn4wbfl2zEXpvM=
Subject key identifier:   78:4A:C8:D3:A0:A7:77:1B:D8:85:69:F2:AD:D0:DD:27:C0:0C:76:6F
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018678B3D9D49B1E67EF6038DF506DA45994
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eErI06CndxvYhWnyrdDdJ8AMdm8.roa
Signing time:             Wed 22 Feb 2023 10:38:17 +0000
ROA not before:           Wed 22 Feb 2023 10:38:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200160
IP address blocks:        2a0e:b107:660::/44 maxlen: 48
                          2a0e:b107:5f0::/44 maxlen: 48
                          2a0e:b107:1d60::/44 maxlen: 48
                          2a0e:b107:1e00::/44 maxlen: 48
                          2a0e:b107:600::/44 maxlen: 48
                          2a0e:b107:5e0::/44 maxlen: 48
                          2a0e:b107:900::/44 maxlen: 48
                          2a0e:b107:800::/44 maxlen: 48
                          2a0e:b107:bb0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 11:11:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:78:b3:d9:d4:9b:1e:67:ef:60:38:df:50:6d:a4:59:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb 22 10:38:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=784ac8d3a0a7771bd88569f2add0dd27c00c766f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:2f:c4:0f:b6:ab:ce:e5:3f:19:d0:bd:9b:67:
                    06:69:65:60:d6:1e:d7:7a:82:37:1e:1d:6c:d1:86:
                    22:18:89:98:98:e0:b6:e4:29:49:62:36:07:ca:cd:
                    e3:29:64:ce:00:a8:b9:2e:1c:a1:b3:93:18:f6:ae:
                    68:f7:b4:f5:fd:e0:62:2d:2d:74:f1:ad:a5:c1:c4:
                    dd:ea:42:c9:a0:1b:fb:63:eb:df:c2:b6:c2:60:a1:
                    7b:ad:a2:0c:a1:df:7c:86:e4:da:d1:9c:2e:bf:3b:
                    0a:7a:e9:bf:a0:f9:bd:14:20:ba:67:9f:62:50:e8:
                    e7:92:9b:e9:c4:3b:25:73:cb:a2:fe:ff:9d:80:2a:
                    5b:03:7c:06:f6:84:80:29:1b:df:00:cb:2f:91:aa:
                    80:d4:1c:23:0a:f3:01:d1:01:5f:f5:d0:88:46:eb:
                    b2:9b:87:0a:19:9d:b2:c4:16:b7:39:eb:43:52:36:
                    31:31:b9:a9:56:87:e9:2c:03:f6:4e:eb:5c:bc:40:
                    24:f0:bc:a9:41:85:bc:84:5c:39:80:3e:da:d1:2a:
                    68:41:a1:af:63:ea:84:cc:23:7a:98:07:32:2b:72:
                    9a:d3:10:3a:64:64:8a:55:d9:b1:a2:03:f7:05:b6:
                    56:d2:5a:de:50:d2:b6:a3:a9:7c:22:55:2d:94:a7:
                    cf:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:4A:C8:D3:A0:A7:77:1B:D8:85:69:F2:AD:D0:DD:27:C0:0C:76:6F
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/eErI06CndxvYhWnyrdDdJ8AMdm8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:5e0::-2a0e:b107:60f:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:660::/44
                  2a0e:b107:800::/44
                  2a0e:b107:900::/44
                  2a0e:b107:bb0::/44
                  2a0e:b107:1d60::/44
                  2a0e:b107:1e00::/44

    Signature Algorithm: sha256WithRSAEncryption
         16:19:0d:3b:43:f0:72:86:fe:4e:05:44:6c:1e:e6:53:01:5d:
         84:30:e6:85:a9:60:f4:15:f7:1b:3c:92:2a:39:77:76:f1:c5:
         5c:66:6d:c5:06:ac:e3:05:eb:8d:a8:26:a3:38:1b:be:9b:ce:
         ad:0a:2c:d0:a0:e1:e7:ee:e6:08:35:63:bc:46:d8:1a:ec:63:
         16:ad:9a:b6:e0:a3:67:df:8e:19:fc:72:38:88:48:47:60:de:
         ce:ba:be:a6:22:a0:b4:fc:63:fa:91:b0:13:e9:f9:bd:db:bd:
         74:36:d7:df:1d:fd:dc:89:99:74:92:ff:e6:c4:b6:79:d0:8a:
         ee:0f:ca:f4:c9:cf:61:1b:ea:39:74:11:ea:13:07:6f:b6:75:
         22:17:2a:3b:60:4b:93:e6:58:07:e3:9f:da:17:c6:97:c1:4d:
         89:89:3d:e7:c8:14:dd:6d:93:8d:e2:cb:83:75:3e:78:41:b2:
         d1:84:42:72:82:0e:88:ea:3e:61:57:44:fc:cb:41:d1:26:32:
         92:42:21:06:97:9a:c2:9f:93:29:94:c9:6b:68:6f:6e:b1:1e:
         08:cc:c5:84:e0:b6:0f:13:06:d7:13:f3:85:11:cf:ba:50:fb:
         e5:b6:94:48:af:3f:45:6f:cc:83:83:7e:96:bd:85:9c:9c:26:
         31:ff:d9:33
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYZ4s9nUmx5n72A431BtpFmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjIyMTAzODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODRhYzhkM2EwYTc3NzFiZDg4NTY5ZjJhZGQwZGQyN2MwMGM3NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS/ED7arzuU/GdC9m2cGaWVg1h7X
eoI3Hh1s0YYiGImYmOC25ClJYjYHys3jKWTOAKi5Lhyhs5MY9q5o97T1/eBiLS10
8a2lwcTd6kLJoBv7Y+vfwrbCYKF7raIMod98huTa0ZwuvzsKeum/oPm9FCC6Z59i
UOjnkpvpxDslc8ui/v+dgCpbA3wG9oSAKRvfAMsvkaqA1BwjCvMB0QFf9dCIRuuy
m4cKGZ2yxBa3OetDUjYxMbmpVofpLAP2TutcvEAk8LypQYW8hFw5gD7a0SpoQaGv
Y+qEzCN6mAcyK3Ka0xA6ZGSKVdmxogP3BbZW0lreUNK2o6l8IlUtlKfPvwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFHhKyNOgp3cb2IVp8q3Q3SfADHZvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZUVySTA2Q25keHZZaFdueXJkRGRKOEFNZG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAAjBKMBIDBwUqDrEH
BeADBwQqDrEHBgADBwQqDrEHBmADBwQqDrEHCAADBwQqDrEHCQADBwQqDrEHC7AD
BwQqDrEHHWADBwQqDrEHHgAwDQYJKoZIhvcNAQELBQADggEBABYZDTtD8HKG/k4F
RGwe5lMBXYQw5oWpYPQV9xs8kio5d3bxxVxmbcUGrOMF642oJqM4G76bzq0KLNCg
4efu5gg1Y7xG2BrsYxatmrbgo2ffjhn8cjiISEdg3s66vqYioLT8Y/qRsBPp+b3b
vXQ2198d/dyJmXSS/+bEtnnQiu4PyvTJz2Eb6jl0EeoTB2+2dSIXKjtgS5PmWAfj
n9oXxpfBTYmJPefIFN1tk43iy4N1PnhBstGEQnKCDojqPmFXRPzLQdEmMpJCIQaX
msKfkymUyWtob26xHgjMxYTgtg8TBtcT84URz7pQ++W2lEivP0VvzIODfpa9hZyc
JjH/2TM=
-----END CERTIFICATE-----