Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/jZjeNasa0u9TOK03hvmoeySHLX4.roa
File:                     jZjeNasa0u9TOK03hvmoeySHLX4.roa (raw, json)
Hash identifier:          qvmRRw5t8W8dPlIl67Jrw3UzbBSfUOvaPOO5uXH0XjE=
Subject key identifier:   8D:98:DE:35:AB:1A:D2:EF:53:38:AD:37:86:F9:A8:7B:24:87:2D:7E
Certificate issuer:       /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial:       0192112E2194898A77F1E0829A321249F51E
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/jZjeNasa0u9TOK03hvmoeySHLX4.roa
Signing time:             Fri 20 Sep 2024 20:44:48 +0000
ROA not before:           Fri 20 Sep 2024 20:44:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     3319
IP address blocks:        77.47.244.0/22 maxlen: 24
                          185.143.56.0/22 maxlen: 24
                          195.178.132.0/24 maxlen: 24
                          195.178.133.0/24 maxlen: 24
                          195.178.134.0/24 maxlen: 24
                          195.178.135.0/24 maxlen: 24
                          195.178.136.0/22 maxlen: 24
                          195.178.144.0/23 maxlen: 23
                          195.178.147.0/24 maxlen: 24
                          195.178.152.0/22 maxlen: 22
                          195.178.156.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 30 Sep 2024 10:31:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:11:2e:21:94:89:8a:77:f1:e0:82:9a:32:12:49:f5:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19426325acb8ce609a686fa655b058968809b346
        Validity
            Not Before: Sep 20 20:44:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8d98de35ab1ad2ef5338ad3786f9a87b24872d7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:44:ec:03:e7:47:31:8f:0c:9b:40:74:04:8d:
                    11:50:cd:52:9d:a1:fb:4c:0d:aa:cd:41:20:e5:7d:
                    7b:74:24:db:47:5c:71:b6:ff:fa:b7:51:f0:b2:4c:
                    8e:4d:eb:54:28:44:bc:b1:6d:9a:dc:97:18:f9:6a:
                    25:1f:ed:dd:f3:7c:3b:f6:81:f8:e5:e6:51:d8:9a:
                    0f:3c:27:2e:59:0a:64:65:bd:93:63:01:4f:31:6f:
                    81:c5:91:06:b5:74:34:c7:39:02:8e:d1:92:ce:c0:
                    f2:49:13:08:cf:f1:3d:c3:4f:39:92:42:f4:36:a3:
                    c2:5b:f6:c3:05:46:2d:bb:2c:94:91:ad:f5:8e:79:
                    a1:ac:f2:c5:b7:3f:e2:32:17:63:4e:2e:ac:93:39:
                    0e:23:11:6e:29:0d:35:f0:f1:ea:3c:dc:bc:92:d2:
                    96:ee:f0:e8:1b:14:96:50:49:b2:25:8d:2f:aa:5a:
                    d1:c0:8e:a0:72:23:1e:73:e1:49:25:26:63:aa:45:
                    a5:ea:44:87:55:37:07:35:99:fb:05:54:4d:1b:16:
                    d8:c0:48:c0:0f:a8:be:6d:ef:e0:73:a3:b5:13:16:
                    af:19:9f:d6:60:db:20:27:62:ac:31:22:12:a1:90:
                    1b:01:14:95:c3:9f:79:f8:76:3c:85:97:4f:c2:7e:
                    d3:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:98:DE:35:AB:1A:D2:EF:53:38:AD:37:86:F9:A8:7B:24:87:2D:7E
            X509v3 Authority Key Identifier:
                keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/jZjeNasa0u9TOK03hvmoeySHLX4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.47.244.0/22
                  185.143.56.0/22
                  195.178.132.0-195.178.139.255
                  195.178.144.0/23
                  195.178.147.0/24
                  195.178.152.0-195.178.156.255

    Signature Algorithm: sha256WithRSAEncryption
         74:ac:f2:ec:f6:8f:a7:c3:2c:10:25:4f:20:40:7b:31:1c:74:
         d8:e4:4d:0c:20:40:30:41:7b:fa:8b:81:df:44:40:c6:0a:35:
         c8:8a:b2:f3:c7:f9:7d:e0:19:51:bc:d5:fe:25:e5:01:46:be:
         a5:9d:0d:76:ae:b5:5c:74:e2:b6:e4:71:60:50:32:be:1b:d7:
         51:58:03:21:63:1f:9a:91:af:10:1e:50:d7:c2:6a:e8:c1:e6:
         c6:c6:bb:d7:45:97:55:91:15:50:2b:97:1a:e7:4f:ae:2c:2d:
         29:9f:52:8b:76:9c:b4:50:b7:26:4c:e8:a6:9c:c5:10:ad:11:
         9f:bb:77:d8:2b:59:9e:56:d6:de:cf:76:3b:42:b5:7b:60:65:
         7d:57:fa:bc:30:99:13:da:c4:7a:14:b6:ca:f8:23:11:97:64:
         1f:a7:34:52:d9:d7:72:cb:5a:08:64:98:e7:0f:81:70:89:6b:
         87:c6:c2:56:7f:42:0e:c1:c8:19:f8:d2:db:8c:cd:12:a7:27:
         5c:33:58:0d:16:88:e8:b0:29:cf:5d:1a:7d:9e:5c:2f:36:6f:
         c4:af:98:b2:43:d2:19:1e:31:98:84:70:56:04:d5:22:72:fa:
         ae:bb:46:24:8e:c4:8d:a2:2e:7e:c7:18:d3:59:c0:23:89:74:
         bf:95:be:cb
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZIRLiGUiYp38eCCmjISSfUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjQwOTIwMjA0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDk4ZGUzNWFiMWFkMmVmNTMzOGFkMzc4NmY5YTg3YjI0ODcyZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkTsA+dHMY8Mm0B0BI0RUM1SnaH7
TA2qzUEg5X17dCTbR1xxtv/6t1HwskyOTetUKES8sW2a3JcY+WolH+3d83w79oH4
5eZR2JoPPCcuWQpkZb2TYwFPMW+BxZEGtXQ0xzkCjtGSzsDySRMIz/E9w085kkL0
NqPCW/bDBUYtuyyUka31jnmhrPLFtz/iMhdjTi6skzkOIxFuKQ018PHqPNy8ktKW
7vDoGxSWUEmyJY0vqlrRwI6gciMec+FJJSZjqkWl6kSHVTcHNZn7BVRNGxbYwEjA
D6i+be/gc6O1ExavGZ/WYNsgJ2KsMSISoZAbARSVw595+HY8hZdPwn7TVwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFI2Y3jWrGtLvUzitN4b5qHskhy1+MB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvalpqZU5hc2EwdTlUT0swM2h2bW9leVNITFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQCTS/0AwQC
uY84MAwDBALDsoQDBALDsogDBAHDspADBADDspMwDAMEA8OymAMEAMOynDANBgkq
hkiG9w0BAQsFAAOCAQEAdKzy7PaPp8MsECVPIEB7MRx02ORNDCBAMEF7+ouB30RA
xgo1yIqy88f5feAZUbzV/iXlAUa+pZ0Ndq61XHTituRxYFAyvhvXUVgDIWMfmpGv
EB5Q18Jq6MHmxsa710WXVZEVUCuXGudPriwtKZ9Si3actFC3JkzoppzFEK0Rn7t3
2CtZnlbW3s92O0K1e2BlfVf6vDCZE9rEehS2yvgjEZdkH6c0UtnXcstaCGSY5w+B
cIlrh8bCVn9CDsHIGfjS24zNEqcnXDNYDRaI6LApz10afZ5cLzZvxK+YskPSGR4x
mIRwVgTVInL6rrtGJI7EjaIufscY01nAI4l0v5W+yw==
-----END CERTIFICATE-----