Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/A8syd0AHMGCPbI-f9a-vXuWX1U8.roa
File:                     A8syd0AHMGCPbI-f9a-vXuWX1U8.roa (raw, json)
Hash identifier:          2Nt/HEHyFLhJ/32lCAIl0OzinaoQ6yRHjt0E5z0J2b0=
Subject key identifier:   03:CB:32:77:40:07:30:60:8F:6C:8F:9F:F5:AF:AF:5E:E5:97:D5:4F
Certificate issuer:       /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial:       018E1850EF10A44C53B95744CD2269909C12
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/A8syd0AHMGCPbI-f9a-vXuWX1U8.roa
Signing time:             Thu 07 Mar 2024 09:49:00 +0000
ROA not before:           Thu 07 Mar 2024 09:49:00 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210107
IP address blocks:        2a05:d740::/32 maxlen: 32
                          2a05:d741::/32 maxlen: 32
                          2a05:d742::/32 maxlen: 32
                          2a05:d743::/32 maxlen: 32
                          2a05:d744::/32 maxlen: 32
                          2a05:d745::/32 maxlen: 32
                          2a05:d746::/32 maxlen: 32
                          2a05:d747::/32 maxlen: 32
                          2a06:e900::/32 maxlen: 32
                          2a06:e901::/32 maxlen: 32
                          2a06:e902::/32 maxlen: 32
                          2a06:e903::/32 maxlen: 32
                          2a06:e904::/32 maxlen: 32
                          2a06:e905::/32 maxlen: 32
                          2a06:e906::/32 maxlen: 32
                          2a06:e907::/32 maxlen: 32
                          2a0f:3380::/32 maxlen: 32
                          2a0f:3381::/32 maxlen: 32
                          2a0f:3382::/32 maxlen: 32
                          2a0f:3383::/32 maxlen: 32
                          2a0f:3384::/32 maxlen: 32
                          2a0f:3385::/32 maxlen: 32
                          2a0f:3386::/32 maxlen: 32
                          2a0f:3387::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 01 Aug 2024 07:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:18:50:ef:10:a4:4c:53:b9:57:44:cd:22:69:90:9c:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
        Validity
            Not Before: Mar  7 09:49:00 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=03cb3277400730608f6c8f9ff5afaf5ee597d54f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:d6:9d:6f:dc:16:27:16:a7:b1:75:21:d8:fe:
                    aa:f0:7a:44:f6:83:cb:39:3c:79:5a:b8:1b:24:0d:
                    25:8a:bb:0f:d2:1e:51:91:e2:f8:d9:d2:21:83:87:
                    cf:db:6c:10:0f:3a:bc:ff:27:11:fd:6e:df:7a:ca:
                    37:07:42:e3:93:5c:0f:a9:d8:f7:f0:8b:15:5d:0e:
                    33:d4:db:72:c0:d3:92:89:8e:ca:81:53:cb:29:75:
                    89:94:81:f8:cd:11:08:d2:ff:ad:f8:df:80:a6:c6:
                    5d:4a:5e:45:b7:d5:d7:12:bd:8e:10:b6:17:f6:95:
                    5d:48:0e:c2:6b:2c:ce:10:df:ca:27:f7:b0:76:d8:
                    ca:7d:fc:80:a7:0e:81:85:b7:b3:01:25:86:c3:a6:
                    4e:73:4b:b9:fb:d8:40:86:bf:a9:f8:fc:36:5a:a9:
                    fa:82:47:97:7e:61:b4:15:e9:f7:dc:25:ec:87:be:
                    87:c8:7e:57:b7:ea:3c:03:36:d9:fc:cb:22:29:e8:
                    86:a6:fe:90:a0:fd:90:10:9c:98:1b:5d:f6:46:c9:
                    2a:ea:a6:0e:88:3c:f0:dd:5f:0e:29:32:84:06:40:
                    f4:3c:5e:46:69:83:61:53:b7:36:90:99:6b:12:59:
                    5d:57:ce:3b:3a:59:f0:57:b8:04:85:74:94:68:d3:
                    ec:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:CB:32:77:40:07:30:60:8F:6C:8F:9F:F5:AF:AF:5E:E5:97:D5:4F
            X509v3 Authority Key Identifier:
                keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/A8syd0AHMGCPbI-f9a-vXuWX1U8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:d740::/29
                  2a06:e900::/29
                  2a0f:3380::/29

    Signature Algorithm: sha256WithRSAEncryption
         30:fc:49:48:e2:84:88:cb:7b:34:34:c7:6a:d2:3a:8b:fb:50:
         49:71:ec:7b:63:c6:79:e3:46:44:43:0b:88:58:de:1b:6e:0f:
         93:5f:ab:13:bf:89:d4:ce:2e:3a:1a:f2:be:a4:33:fc:ed:d2:
         5a:ad:5b:ed:50:32:3e:65:e1:b6:6c:d5:64:91:a9:89:92:24:
         56:f6:02:b2:65:96:93:33:5e:61:74:99:bc:ea:c1:94:09:36:
         5f:72:f9:c4:cc:41:17:fc:f4:85:48:20:bc:fd:f7:7c:68:d1:
         7f:83:15:24:cd:5b:f1:04:ea:b9:d5:ca:60:6a:26:aa:d7:b2:
         6f:cd:36:27:d6:2a:e6:f6:40:35:16:22:44:05:c5:86:6d:08:
         f7:e1:cc:4a:f6:c1:0e:43:fa:7b:89:0f:0b:86:80:f3:a8:9c:
         1c:a2:a3:86:2c:8d:46:99:5e:28:9b:4a:f5:ce:bb:6e:83:d1:
         78:44:bb:ce:37:4d:eb:55:5b:41:ed:e6:4f:d4:dd:db:18:c0:
         23:41:82:b0:c0:48:6e:ae:6f:09:fb:18:42:fe:fb:69:ed:08:
         b3:a9:9f:c7:32:c5:de:7f:8c:f5:f6:d3:e0:dc:31:6c:a4:56:
         be:0f:0d:3f:ef:9f:05:29:67:30:fc:c6:ad:7b:d5:bc:67:17:
         09:09:7f:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY4YUO8QpExTuVdEzSJpkJwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQwMzA3MDk0OTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2NiMzI3NzQwMDczMDYwOGY2YzhmOWZmNWFmYWY1ZWU1OTdkNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdadb9wWJxansXUh2P6q8HpE9oPL
OTx5WrgbJA0lirsP0h5RkeL42dIhg4fP22wQDzq8/ycR/W7feso3B0Ljk1wPqdj3
8IsVXQ4z1NtywNOSiY7KgVPLKXWJlIH4zREI0v+t+N+ApsZdSl5Ft9XXEr2OELYX
9pVdSA7CayzOEN/KJ/ewdtjKffyApw6BhbezASWGw6ZOc0u5+9hAhr+p+Pw2Wqn6
gkeXfmG0Fen33CXsh76HyH5Xt+o8AzbZ/MsiKeiGpv6QoP2QEJyYG132Rskq6qYO
iDzw3V8OKTKEBkD0PF5GaYNhU7c2kJlrElldV847OlnwV7gEhXSUaNPsowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAPLMndABzBgj2yPn/Wvr17ll9VPMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvQThzeWQwQUhNR0NQYkktZjlhLXZYdVdYMVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgXXQAMF
AyoG6QADBQMqDzOAMA0GCSqGSIb3DQEBCwUAA4IBAQAw/ElI4oSIy3s0NMdq0jqL
+1BJcex7Y8Z540ZEQwuIWN4bbg+TX6sTv4nUzi46GvK+pDP87dJarVvtUDI+ZeG2
bNVkkamJkiRW9gKyZZaTM15hdJm86sGUCTZfcvnEzEEX/PSFSCC8/fd8aNF/gxUk
zVvxBOq51cpgaiaq17JvzTYn1irm9kA1FiJEBcWGbQj34cxK9sEOQ/p7iQ8LhoDz
qJwcoqOGLI1GmV4om0r1zrtug9F4RLvON03rVVtB7eZP1N3bGMAjQYKwwEhurm8J
+xhC/vtp7QizqZ/HMsXef4z19tPg3DFspFa+Dw0/758FKWcw/Mate9W8ZxcJCX9B
-----END CERTIFICATE-----