Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yxWI5G34INm0jjZ_rx26RqcxVNQ.roa
File:                     yxWI5G34INm0jjZ_rx26RqcxVNQ.roa (raw, json)
Hash identifier:          eh1wOuQ0mtb2Wjwshsz3U2yOpyz6YHRqT7XqEXadiNM=
Subject key identifier:   CB:15:88:E4:6D:F8:20:D9:B4:8E:36:7F:AF:1D:BA:46:A7:31:54:D4
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       0186A0331E7CC585F50E19DF74C3F61710C9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yxWI5G34INm0jjZ_rx26RqcxVNQ.roa
Signing time:             Thu 02 Mar 2023 02:42:29 +0000
ROA not before:           Thu 02 Mar 2023 02:42:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200160
IP address blocks:        2a0e:b107:660::/44 maxlen: 48
                          2a0e:b107:5f0::/44 maxlen: 48
                          2a0e:b107:1d60::/44 maxlen: 48
                          2a0e:b107:600::/44 maxlen: 48
                          2a0e:b107:1e00::/44 maxlen: 48
                          2a0e:b107:5e0::/44 maxlen: 48
                          2a0e:b107:6c0::/44 maxlen: 48
                          2a0e:b107:670::/44 maxlen: 48
                          2a0e:b107:800::/44 maxlen: 48

Validation:               Failed, certificate revoked on Thu 02 Mar 2023 17:12:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a0:33:1e:7c:c5:85:f5:0e:19:df:74:c3:f6:17:10:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Mar  2 02:42:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cb1588e46df820d9b48e367faf1dba46a73154d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c1:57:3c:3a:a8:34:dc:17:0a:f1:7f:9a:ff:
                    23:35:fd:00:7b:80:0e:07:e0:f5:9d:db:d7:26:53:
                    e5:82:69:a1:2a:02:06:c2:2d:b9:78:92:c4:c6:ba:
                    34:db:0e:70:a3:6c:8d:5c:7a:ea:93:f5:ab:65:98:
                    88:b1:41:67:be:1a:2e:21:58:0d:2b:57:36:d4:d1:
                    31:a0:cc:e0:9e:87:c5:59:b4:8e:8e:a7:0c:aa:54:
                    6d:e8:7d:13:79:ee:33:c1:24:89:96:32:4c:5a:0a:
                    88:fa:3f:65:a3:ae:1a:8c:21:c7:db:c6:d5:44:b1:
                    89:fd:af:1e:88:b9:e9:f1:c9:96:63:4c:77:28:9e:
                    d5:28:7f:54:80:48:ae:22:63:6c:4d:d4:24:a0:86:
                    47:ef:b0:d5:20:d9:9b:2b:d8:40:e7:d2:2a:a0:00:
                    52:c4:c1:16:6a:42:c4:4f:f1:d6:02:8b:af:d1:fb:
                    46:b2:8f:64:c0:39:1a:83:94:95:fa:4d:80:fc:80:
                    ff:41:34:7c:ff:c9:33:87:13:95:51:47:d4:75:4f:
                    aa:df:87:43:5e:11:b4:97:9d:da:7c:94:c6:97:19:
                    f0:c3:94:cc:b7:2c:a4:b4:3d:9e:5b:08:2a:d4:ac:
                    d5:bd:fa:63:12:10:08:fc:61:23:39:fe:ef:26:e3:
                    27:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:15:88:E4:6D:F8:20:D9:B4:8E:36:7F:AF:1D:BA:46:A7:31:54:D4
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/yxWI5G34INm0jjZ_rx26RqcxVNQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0e:b107:5e0::-2a0e:b107:60f:ffff:ffff:ffff:ffff:ffff
                  2a0e:b107:660::/43
                  2a0e:b107:6c0::/44
                  2a0e:b107:800::/44
                  2a0e:b107:1d60::/44
                  2a0e:b107:1e00::/44

    Signature Algorithm: sha256WithRSAEncryption
         3b:c5:f0:50:91:3d:f0:84:81:dc:f8:ea:87:f6:48:c8:d9:f9:
         ba:4f:1a:aa:50:be:cb:5c:34:af:bb:14:bd:68:a9:dc:f5:98:
         6e:6e:8f:b7:d1:2b:ed:7f:59:df:8f:b6:53:81:8a:3c:38:eb:
         f8:15:ed:51:11:79:36:dd:6e:7d:c9:37:7f:be:82:b3:d7:20:
         3e:b0:bf:9e:f2:4b:7f:7e:9d:22:dc:22:fc:76:5d:cd:da:57:
         09:ee:8e:68:00:2d:63:d0:5f:61:9c:c4:19:38:2e:5b:73:bd:
         e6:18:7b:a0:77:b2:57:ff:05:0a:e4:d2:9e:ca:4d:af:01:c5:
         fe:bf:44:cf:95:18:34:a4:a3:ae:c6:4b:8b:aa:6f:67:a2:68:
         a6:91:e0:00:93:27:68:30:96:e7:03:ae:5d:7e:61:b3:75:94:
         93:e1:46:55:dc:da:f4:c3:0f:54:6d:ed:ac:84:40:3a:48:be:
         01:e2:e2:5d:ac:c7:95:a5:d2:49:54:1c:a8:a2:69:85:b2:00:
         7c:65:a5:77:f2:8b:42:d6:13:25:a6:8a:73:cd:11:f2:54:84:
         4c:23:88:28:27:17:e7:55:7f:35:58:6f:08:47:fe:fd:02:23:
         5e:9d:f9:b4:e0:e7:16:2e:58:35:c1:38:fd:fe:2b:99:77:da:
         05:ab:be:cb
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYagMx58xYX1DhnfdMP2FxDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzAyMDI0MjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjE1ODhlNDZkZjgyMGQ5YjQ4ZTM2N2ZhZjFkYmE0NmE3MzE1NGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosFXPDqoNNwXCvF/mv8jNf0Ae4AO
B+D1ndvXJlPlgmmhKgIGwi25eJLExro02w5wo2yNXHrqk/WrZZiIsUFnvhouIVgN
K1c21NExoMzgnofFWbSOjqcMqlRt6H0Tee4zwSSJljJMWgqI+j9lo64ajCHH28bV
RLGJ/a8eiLnp8cmWY0x3KJ7VKH9UgEiuImNsTdQkoIZH77DVINmbK9hA59IqoABS
xMEWakLET/HWAouv0ftGso9kwDkag5SV+k2A/ID/QTR8/8kzhxOVUUfUdU+q34dD
XhG0l53afJTGlxnww5TMtyyktD2eWwgq1KzVvfpjEhAI/GEjOf7vJuMn8QIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMsViORt+CDZtI42f68dukanMVTUMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveXhXSTVHMzRJTm0wampaX3J4MjZScWN4Vk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBMBIDBwUqDrEH
BeADBwQqDrEHBgADBwUqDrEHBmADBwQqDrEHBsADBwQqDrEHCAADBwQqDrEHHWAD
BwQqDrEHHgAwDQYJKoZIhvcNAQELBQADggEBADvF8FCRPfCEgdz46of2SMjZ+bpP
GqpQvstcNK+7FL1oqdz1mG5uj7fRK+1/Wd+PtlOBijw46/gV7VEReTbdbn3JN3++
grPXID6wv57yS39+nSLcIvx2Xc3aVwnujmgALWPQX2GcxBk4LltzveYYe6B3slf/
BQrk0p7KTa8Bxf6/RM+VGDSko67GS4uqb2eiaKaR4ACTJ2gwlucDrl1+YbN1lJPh
RlXc2vTDD1Rt7ayEQDpIvgHi4l2sx5Wl0klUHKiiaYWyAHxlpXfyi0LWEyWminPN
EfJUhEwjiCgnF+dVfzVYbwhH/v0CI16d+bTg5xYuWDXBOP3+K5l32gWrvss=
-----END CERTIFICATE-----