Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sdmyRoPJMTkpsJWHyOBKJ8SeYnM.roa
File:                     sdmyRoPJMTkpsJWHyOBKJ8SeYnM.roa (raw, json)
Hash identifier:          W3PbPVgpGbkQTYzW0P+DtOyeJbJFdHAOqRyJcZz3GpU=
Subject key identifier:   B1:D9:B2:46:83:C9:31:39:29:B0:95:87:C8:E0:4A:27:C4:9E:62:73
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018D57D9AECED96BB595CDAB5A9D11661C1A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sdmyRoPJMTkpsJWHyOBKJ8SeYnM.roa
Signing time:             Tue 30 Jan 2024 00:51:40 +0000
ROA not before:           Tue 30 Jan 2024 00:51:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     31898
IP address blocks:        2a0e:97c0:aba::/48 maxlen: 48
                          2a0e:b107:19::/48 maxlen: 48
                          2a0e:b107:360::/48 maxlen: 48
                          2a0e:b107:361::/48 maxlen: 48
                          2a0e:b107:362::/48 maxlen: 48
                          2a0e:b107:363::/48 maxlen: 48
                          2a0e:b107:364::/48 maxlen: 48
                          2a0e:b107:365::/48 maxlen: 48
                          2a0e:b107:367::/48 maxlen: 48
                          2a0e:b107:f50::/44 maxlen: 48

Validation:               Failed, certificate revoked on Tue 13 Feb 2024 09:34:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:57:d9:ae:ce:d9:6b:b5:95:cd:ab:5a:9d:11:66:1c:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Jan 30 00:51:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b1d9b24683c9313929b09587c8e04a27c49e6273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f0:ef:27:a8:a8:b7:aa:98:7e:dc:36:94:a5:
                    23:32:1e:10:e9:ae:fa:15:b9:11:7e:79:76:41:7e:
                    c4:0a:48:1b:64:cd:39:d1:76:15:b6:91:85:bf:ed:
                    66:74:72:8c:ba:7a:42:82:b9:c8:43:74:41:9a:df:
                    3c:65:21:fd:e2:fb:51:bd:98:98:5f:9d:3d:6c:b8:
                    42:23:45:ea:15:5e:d6:9f:6e:c9:20:bc:12:de:a0:
                    a4:12:ce:65:ca:c8:7e:fc:bb:dd:0b:df:f0:92:49:
                    b3:f2:a6:1d:3f:e7:e4:99:47:70:89:11:28:41:f8:
                    41:ea:a8:9b:b3:4e:60:bf:67:72:c7:2c:5b:73:ff:
                    a5:40:2f:cc:78:69:90:5b:7a:86:01:2c:64:62:5c:
                    5e:eb:5d:40:2e:79:2f:51:3a:20:2f:4f:16:ac:16:
                    34:71:01:51:23:f2:5f:b6:d4:ec:6d:86:74:dd:ea:
                    a1:aa:e4:09:70:4c:8c:00:03:8f:68:0f:00:cd:77:
                    ff:ed:d0:e4:03:f3:4a:61:ce:88:e3:86:f1:21:84:
                    75:3b:5b:f0:f7:9b:72:11:a3:24:13:0a:68:b2:47:
                    d5:95:dd:f5:b5:93:30:95:02:07:3d:5c:30:5b:e9:
                    2e:16:a5:72:8f:e7:cc:24:43:52:90:b1:c9:ea:d7:
                    ff:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:D9:B2:46:83:C9:31:39:29:B0:95:87:C8:E0:4A:27:C4:9E:62:73
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/sdmyRoPJMTkpsJWHyOBKJ8SeYnM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:97c0:aba::/48
                  2a0e:b107:19::/48
                  2a0e:b107:360::-2a0e:b107:365:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:367::/48
                  2a0e:b107:f50::/44

    Signature Algorithm: sha256WithRSAEncryption
         0f:f4:dd:38:40:39:40:ed:31:50:60:28:47:9e:7e:33:d6:07:
         f4:6b:62:53:1e:17:1e:51:89:c0:ef:fe:8a:58:f1:b0:35:16:
         28:64:9a:65:74:03:97:d9:56:5c:b2:fb:08:c3:99:f9:9c:9d:
         24:9d:f3:72:4b:5f:f5:d3:45:bd:f9:a1:7e:a3:a5:73:81:5d:
         b1:a4:ee:bc:65:84:80:dd:b9:d9:5b:66:f7:42:10:a1:9c:08:
         88:73:5f:31:70:d0:8c:c5:18:9d:1c:a0:f1:94:df:24:94:8b:
         c9:a4:ab:c8:5d:1b:72:4c:b0:da:47:74:91:a4:45:3a:32:3c:
         00:07:db:e6:2a:fc:a3:36:95:ff:c9:d5:21:6b:b7:fe:53:c5:
         93:ef:8b:32:41:34:39:9a:52:a9:4a:85:25:cb:9b:06:62:4a:
         87:24:7d:f9:b7:f9:75:ce:97:21:4d:13:09:90:47:37:d2:48:
         5d:d4:2a:06:57:c4:62:c4:76:5f:ff:f3:32:aa:54:14:66:22:
         83:d6:ed:1b:44:0f:39:43:69:f3:c6:cd:05:9d:ae:d8:12:0e:
         9d:21:37:e9:3b:82:49:c1:f3:90:cb:48:f1:b8:e2:9c:28:50:
         8b:13:bf:42:b3:78:36:e5:4e:a7:06:45:c0:de:e5:3b:3e:82:
         1a:09:6d:f6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY1X2a7O2Wu1lc2rWp0RZhwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTMwMDA1MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQ5YjI0NjgzYzkzMTM5MjliMDk1ODdjOGUwNGEyN2M0OWU2MjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/DvJ6iot6qYftw2lKUjMh4Q6a76
FbkRfnl2QX7ECkgbZM050XYVtpGFv+1mdHKMunpCgrnIQ3RBmt88ZSH94vtRvZiY
X509bLhCI0XqFV7Wn27JILwS3qCkEs5lysh+/LvdC9/wkkmz8qYdP+fkmUdwiREo
QfhB6qibs05gv2dyxyxbc/+lQC/MeGmQW3qGASxkYlxe611ALnkvUTogL08WrBY0
cQFRI/JfttTsbYZ03eqhquQJcEyMAAOPaA8AzXf/7dDkA/NKYc6I44bxIYR1O1vw
95tyEaMkEwposkfVld31tZMwlQIHPVwwW+kuFqVyj+fMJENSkLHJ6tf/2wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLHZskaDyTE5KbCVh8jgSifEnmJzMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvc2RteVJvUEpNVGtwc0pXSHlPQktKOFNlWW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwcAKg6XwAq6
AwcAKg6xBwAZMBIDBwUqDrEHA2ADBwEqDrEHA2QDBwAqDrEHA2cDBwQqDrEHD1Aw
DQYJKoZIhvcNAQELBQADggEBAA/03ThAOUDtMVBgKEeefjPWB/RrYlMeFx5RicDv
/opY8bA1FihkmmV0A5fZVlyy+wjDmfmcnSSd83JLX/XTRb35oX6jpXOBXbGk7rxl
hIDdudlbZvdCEKGcCIhzXzFw0IzFGJ0coPGU3ySUi8mkq8hdG3JMsNpHdJGkRToy
PAAH2+Yq/KM2lf/J1SFrt/5TxZPvizJBNDmaUqlKhSXLmwZiSockffm3+XXOlyFN
EwmQRzfSSF3UKgZXxGLEdl//8zKqVBRmIoPW7RtEDzlDafPGzQWdrtgSDp0hN+k7
gknB85DLSPG44pwoUIsTv0KzeDblTqcGRcDe5Ts+ghoJbfY=
-----END CERTIFICATE-----