Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/BVWHPou6qd3LrVNMOkouZJnvA00.roa
File:                     BVWHPou6qd3LrVNMOkouZJnvA00.roa (raw, json)
Hash identifier:          YdrE5u/1FdAD/rmYtqUz9X8yZQCjnrJOMwlkTuGTXqg=
Subject key identifier:   05:55:87:3E:8B:BA:A9:DD:CB:AD:53:4C:3A:4A:2E:64:99:EF:03:4D
Certificate issuer:       /CN=0f47dc7ff485b8413be38f5bee80917330b31738
Certificate serial:       018BA99AD2E7BB49527F19191B878B89323A
Authority key identifier: 0F:47:DC:7F:F4:85:B8:41:3B:E3:8F:5B:EE:80:91:73:30:B3:17:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D0fcf_SFuEE7449b7oCRczCzFzg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/BVWHPou6qd3LrVNMOkouZJnvA00.roa
Signing time:             Tue 07 Nov 2023 11:46:17 +0000
ROA not before:           Tue 07 Nov 2023 11:46:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44858
IP address blocks:        93.95.0.0/21 maxlen: 21
                          93.95.2.0/24 maxlen: 24
                          93.95.0.0/24 maxlen: 24
                          93.95.1.0/24 maxlen: 24
                          93.95.3.0/24 maxlen: 24
                          93.95.4.0/24 maxlen: 24
                          93.95.5.0/24 maxlen: 24
                          93.95.6.0/24 maxlen: 24
                          93.95.7.0/24 maxlen: 24
                          2a03:5d80:7000::/36 maxlen: 36
                          2a03:5d80:9000::/36 maxlen: 36
                          2a03:5d80::/36 maxlen: 36
                          2a03:5d80:4000::/36 maxlen: 36
                          2a03:5d80:c000::/36 maxlen: 36
                          2a03:5d80:f000::/36 maxlen: 36
                          2a03:5d80:1000::/36 maxlen: 36
                          2a03:5d80:e000::/36 maxlen: 36
                          2a03:5d80:3000::/36 maxlen: 36
                          2a03:5d80:b000::/36 maxlen: 36
                          2a03:5d80:6000::/36 maxlen: 36
                          2a03:5d80:8000::/36 maxlen: 36
                          2a03:5d80:5000::/36 maxlen: 36
                          2a03:5d80:2000::/36 maxlen: 36
                          2a03:5d80:a000::/36 maxlen: 36
                          2a03:5d80:d000::/36 maxlen: 36
                          2a03:5d80::/32 maxlen: 32

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a9:9a:d2:e7:bb:49:52:7f:19:19:1b:87:8b:89:32:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f47dc7ff485b8413be38f5bee80917330b31738
        Validity
            Not Before: Nov  7 11:46:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0555873e8bbaa9ddcbad534c3a4a2e6499ef034d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:d2:72:da:32:2e:77:10:d8:05:fd:01:e5:e0:
                    ac:57:64:e3:58:65:fd:48:f9:b1:e3:a6:7e:6a:e2:
                    7e:05:c1:74:9e:c3:70:98:cd:f3:bf:e7:cb:dc:c9:
                    a9:77:3e:c0:c4:58:1f:42:25:db:22:e0:54:45:68:
                    f5:a5:99:13:65:b9:73:34:e2:db:54:8f:5f:44:c4:
                    8a:af:9a:bb:b2:3c:18:ff:17:ab:9a:ad:5c:c4:8b:
                    b3:c8:07:99:ec:0b:42:86:89:aa:ee:a3:80:f1:45:
                    81:0c:db:27:d0:9b:dc:fa:67:8a:4a:a8:59:25:45:
                    fb:1e:bc:37:84:84:3b:6a:df:c9:76:f0:b1:8e:e4:
                    4f:b9:69:5c:73:79:7c:15:9a:79:64:36:6f:32:7d:
                    6b:22:74:b7:bd:e5:0d:93:a4:19:f7:11:9a:2d:02:
                    36:60:cc:b2:10:37:55:54:2b:4b:83:ea:f0:6d:39:
                    2c:ed:f5:97:41:35:65:73:49:90:71:9a:a5:d8:71:
                    a8:aa:0a:bf:77:13:b0:19:a7:95:07:6c:b9:e3:b0:
                    bb:b6:8a:04:85:2f:65:80:d4:2c:4b:66:af:f0:bd:
                    24:f6:59:78:ed:0c:20:c3:6a:b0:f0:b1:5f:64:1a:
                    de:91:1c:ed:9d:82:2b:b1:04:c0:e6:61:a7:9c:5e:
                    42:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:55:87:3E:8B:BA:A9:DD:CB:AD:53:4C:3A:4A:2E:64:99:EF:03:4D
            X509v3 Authority Key Identifier:
                keyid:0F:47:DC:7F:F4:85:B8:41:3B:E3:8F:5B:EE:80:91:73:30:B3:17:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0fcf_SFuEE7449b7oCRczCzFzg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/BVWHPou6qd3LrVNMOkouZJnvA00.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af5078-2243-4fdb-ab2b-2d847a3f7d2f/1/D0fcf_SFuEE7449b7oCRczCzFzg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.95.0.0/21
                IPv6:
                  2a03:5d80::/32

    Signature Algorithm: sha256WithRSAEncryption
         36:2b:e6:06:1a:93:3e:da:79:84:14:4b:bd:91:05:50:ca:f7:
         13:7a:b0:2f:ad:71:2f:a1:a5:91:95:e3:ea:e5:a8:87:3f:ce:
         90:31:aa:cc:6b:37:9b:ba:80:d5:a1:81:18:f9:15:2c:68:b0:
         0a:00:43:32:65:33:db:07:15:19:a2:3a:89:0a:6c:f6:22:6d:
         25:84:f7:65:80:88:b0:a3:c1:56:d9:b0:6e:20:9f:87:8c:02:
         e7:91:5c:b0:95:db:a9:8a:50:cb:09:c6:fb:71:40:a6:8a:e2:
         5f:71:7b:14:7e:42:7b:c7:23:65:30:d0:cc:4a:24:6b:57:fb:
         4a:09:ba:4e:eb:fd:f6:de:00:44:1b:eb:3b:7a:d8:90:20:17:
         3b:73:63:27:47:93:fc:e6:d7:f3:0a:cb:80:e6:b4:66:a1:91:
         07:01:f9:c4:0a:4f:23:b5:65:e0:5c:72:5d:7e:f2:99:f2:84:
         74:db:33:8d:45:1e:5a:44:5a:7b:48:52:37:41:17:d6:0d:f3:
         bd:e7:dc:a7:8f:d5:50:76:82:a1:bc:99:b5:5c:06:94:1c:25:
         e7:7b:bf:2b:db:34:b6:34:c5:d8:4e:eb:62:c1:2d:51:aa:b7:
         6b:8a:31:2b:3e:27:32:43:63:36:4d:b8:b1:39:e1:5f:35:ba:
         72:eb:25:84
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYupmtLnu0lSfxkZG4eLiTI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDdkYzdmZjQ4NWI4NDEzYmUzOGY1YmVlODA5MTczMzBi
MzE3MzgwHhcNMjMxMTA3MTE0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTU1ODczZThiYmFhOWRkY2JhZDUzNGMzYTRhMmU2NDk5ZWYwMzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdJy2jIudxDYBf0B5eCsV2TjWGX9
SPmx46Z+auJ+BcF0nsNwmM3zv+fL3Mmpdz7AxFgfQiXbIuBURWj1pZkTZblzNOLb
VI9fRMSKr5q7sjwY/xermq1cxIuzyAeZ7AtChomq7qOA8UWBDNsn0Jvc+meKSqhZ
JUX7Hrw3hIQ7at/JdvCxjuRPuWlcc3l8FZp5ZDZvMn1rInS3veUNk6QZ9xGaLQI2
YMyyEDdVVCtLg+rwbTks7fWXQTVlc0mQcZql2HGoqgq/dxOwGaeVB2y547C7tooE
hS9lgNQsS2av8L0k9ll47Qwgw2qw8LFfZBrekRztnYIrsQTA5mGnnF5ClwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAVVhz6Luqndy61TTDpKLmSZ7wNNMB8GA1UdIwQY
MBaAFA9H3H/0hbhBO+OPW+6AkXMwsxc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBmY2ZfU0Z1RUU3NDQ5YjdvQ1JjekN6RnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZjUwNzgtMjI0My00ZmRiLWFiMmIt
MmQ4NDdhM2Y3ZDJmLzEvQlZXSFBvdTZxZDNMclZOTU9rb3VaSm52QTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZjUwNzgtMjI0My00ZmRiLWFiMmItMmQ4NDdhM2Y3ZDJm
LzEvRDBmY2ZfU0Z1RUU3NDQ5YjdvQ1JjekN6RnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXV8AMA0E
AgACMAcDBQAqA12AMA0GCSqGSIb3DQEBCwUAA4IBAQA2K+YGGpM+2nmEFEu9kQVQ
yvcTerAvrXEvoaWRlePq5aiHP86QMarMazebuoDVoYEY+RUsaLAKAEMyZTPbBxUZ
ojqJCmz2Im0lhPdlgIiwo8FW2bBuIJ+HjALnkVywldupilDLCcb7cUCmiuJfcXsU
fkJ7xyNlMNDMSiRrV/tKCbpO6/323gBEG+s7etiQIBc7c2MnR5P85tfzCsuA5rRm
oZEHAfnECk8jtWXgXHJdfvKZ8oR02zONRR5aRFp7SFI3QRfWDfO959ynj9VQdoKh
vJm1XAaUHCXne78r2zS2NMXYTutiwS1RqrdrijErPicyQ2M2TbixOeFfNbpy6yWE
-----END CERTIFICATE-----