Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/PeaeuOBQ8HBoClRUR0DZEjyY_uI.roa
File:                     PeaeuOBQ8HBoClRUR0DZEjyY_uI.roa (raw, json)
Hash identifier:          RjNWoHMuoHn+p7rejP4bvdsaVAMX3/3foXizrDVh2hA=
Subject key identifier:   3D:E6:9E:B8:E0:50:F0:70:68:0A:54:54:47:40:D9:12:3C:98:FE:E2
Certificate issuer:       /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial:       0193B150A0478FED07341CF81B318912C2E7
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/PeaeuOBQ8HBoClRUR0DZEjyY_uI.roa
Signing time:             Tue 10 Dec 2024 16:04:31 +0000
ROA not before:           Tue 10 Dec 2024 16:04:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48347
IP address blocks:        37.228.88.0/22 maxlen: 22
                          37.228.92.0/24 maxlen: 24
                          37.228.93.0/24 maxlen: 24
                          37.228.94.0/24 maxlen: 24
                          45.10.52.0/24 maxlen: 24
                          45.10.53.0/24 maxlen: 24
                          45.10.54.0/24 maxlen: 24
                          45.10.55.0/24 maxlen: 24
                          93.95.96.0/24 maxlen: 24
                          93.95.97.0/24 maxlen: 24
                          93.95.98.0/23 maxlen: 23
                          93.95.100.0/22 maxlen: 22
                          185.41.185.0/24 maxlen: 24
                          185.41.186.0/24 maxlen: 24
                          185.41.187.0/24 maxlen: 24
                          2a00:f440::/32 maxlen: 32
Validation:               Failed, certificate revoked on Thu 12 Dec 2024 14:03:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:b1:50:a0:47:8f:ed:07:34:1c:f8:1b:31:89:12:c2:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
        Validity
            Not Before: Dec 10 16:04:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3de69eb8e050f070680a54544740d9123c98fee2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ce:9f:93:73:19:4a:40:12:5a:be:45:92:4a:
                    93:af:44:dc:17:17:46:1a:3e:34:86:e3:fd:c0:54:
                    91:0d:07:45:24:e2:bb:e9:0c:fd:bf:7a:4d:ea:ff:
                    87:14:11:b8:57:e6:d3:2a:28:67:95:07:65:ef:98:
                    b0:28:90:14:61:a2:93:f9:db:a6:39:c4:4e:8a:bd:
                    91:35:85:5c:03:10:b4:4d:d2:f1:5c:59:f8:7b:1b:
                    b9:92:13:a6:d5:3e:3d:f2:fc:03:17:22:a9:6a:fd:
                    35:b1:21:38:5d:d8:c6:4e:b9:99:d1:42:68:3d:e1:
                    a9:77:df:b4:6e:41:15:fb:d6:97:81:55:33:90:38:
                    76:b3:ea:ff:d2:eb:52:e1:65:2a:dd:fa:cb:87:51:
                    27:33:24:eb:94:b0:e6:1e:04:0f:2a:44:51:36:cf:
                    ff:c6:a2:28:29:e4:d8:8f:eb:3d:f4:ee:14:89:10:
                    fc:12:74:9d:9d:d0:6c:a1:7c:7e:88:81:0e:2e:95:
                    71:e9:1e:0e:84:e4:ab:f4:d1:b8:00:cd:8a:90:bc:
                    9e:ca:9d:36:c6:5d:81:eb:21:f8:ab:12:b7:73:64:
                    bd:5c:75:18:96:b6:c1:59:00:81:74:37:8a:57:94:
                    ef:46:ed:d7:e4:80:ba:93:19:c0:bb:ae:6c:02:e0:
                    d9:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:E6:9E:B8:E0:50:F0:70:68:0A:54:54:47:40:D9:12:3C:98:FE:E2
            X509v3 Authority Key Identifier:
                keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/PeaeuOBQ8HBoClRUR0DZEjyY_uI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.228.88.0-37.228.94.255
                  45.10.52.0/22
                  93.95.96.0/21
                  185.41.185.0-185.41.187.255
                IPv6:
                  2a00:f440::/32

    Signature Algorithm: sha256WithRSAEncryption
         46:3d:5e:05:98:57:a3:6d:22:55:17:ab:85:8c:9e:f3:21:27:
         54:b0:82:ca:95:7c:c6:72:ad:08:c2:b6:a3:e2:3f:f2:3e:bf:
         07:73:86:92:fb:5c:47:60:f0:0c:aa:93:f3:d5:cc:0a:f5:1d:
         4f:bd:68:28:91:26:35:6a:d9:92:51:51:f7:82:5e:81:3d:41:
         d8:3c:c6:f2:8f:48:12:bd:d8:7e:ea:fe:de:11:15:17:d3:32:
         83:9f:17:cd:4e:7f:f6:c3:de:d7:6e:54:5b:23:34:54:76:63:
         2c:6d:db:7f:38:97:17:e9:71:02:14:38:52:d1:2a:9f:1f:57:
         ab:d8:a6:ea:4c:58:90:45:b1:4e:a9:3c:31:fc:4e:b5:39:84:
         87:64:fa:d6:c1:c2:49:db:fb:26:61:98:58:4c:ca:16:ce:5a:
         3d:c8:ff:79:be:b5:32:f7:a9:9a:9b:3c:2c:14:d3:8a:cf:4c:
         bf:10:6a:e9:d9:ba:de:57:33:cf:d6:d7:7e:29:ca:18:9b:dd:
         d6:1d:02:5c:87:62:7e:c5:34:8d:20:0d:4f:35:c1:9b:29:3d:
         65:b0:db:f2:22:fd:f0:de:aa:e7:38:ff:a1:95:b8:fe:b8:08:
         9f:6f:42:6f:e5:14:3b:aa:49:a5:4d:7e:4d:07:6c:ad:b6:44:
         51:25:49:74
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZOxUKBHj+0HNBz4GzGJEsLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTFjNDQ4ODY5OWU2ZDAyNGUzOWNjNGQ2MWVlZWFiZDM4
MDEwZmEwHhcNMjQxMjEwMTYwNDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGU2OWViOGUwNTBmMDcwNjgwYTU0NTQ0NzQwZDkxMjNjOThmZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0M6fk3MZSkASWr5FkkqTr0TcFxdG
Gj40huP9wFSRDQdFJOK76Qz9v3pN6v+HFBG4V+bTKihnlQdl75iwKJAUYaKT+dum
OcROir2RNYVcAxC0TdLxXFn4exu5khOm1T498vwDFyKpav01sSE4XdjGTrmZ0UJo
PeGpd9+0bkEV+9aXgVUzkDh2s+r/0utS4WUq3frLh1EnMyTrlLDmHgQPKkRRNs//
xqIoKeTYj+s99O4UiRD8EnSdndBsoXx+iIEOLpVx6R4OhOSr9NG4AM2KkLyeyp02
xl2B6yH4qxK3c2S9XHUYlrbBWQCBdDeKV5TvRu3X5IC6kxnAu65sAuDZfQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFD3mnrjgUPBwaApUVEdA2RI8mP7iMB8GA1UdIwQY
MBaAFJiRxEiGmebQJOOcxNYe7qvTgBD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUt
ZTEwYTYwNTk2YzI2LzEvUGVhZXVPQlE4SEJvQ2xSVVIwRFpFanlZX3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUtZTEwYTYwNTk2YzI2
LzEvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoMAwDBAMl5FgD
BAAl5F4DBAItCjQDBANdX2AwDAMEALkpuQMEArkpuDANBAIAAjAHAwUAKgD0QDAN
BgkqhkiG9w0BAQsFAAOCAQEARj1eBZhXo20iVRerhYye8yEnVLCCypV8xnKtCMK2
o+I/8j6/B3OGkvtcR2DwDKqT89XMCvUdT71oKJEmNWrZklFR94JegT1B2DzG8o9I
Er3Yfur+3hEVF9Myg58XzU5/9sPe125UWyM0VHZjLG3bfziXF+lxAhQ4UtEqnx9X
q9im6kxYkEWxTqk8MfxOtTmEh2T61sHCSdv7JmGYWEzKFs5aPcj/eb61Mvepmps8
LBTTis9MvxBq6dm63lczz9bXfinKGJvd1h0CXIdifsU0jSANTzXBmyk9ZbDb8iL9
8N6q5zj/oZW4/rgIn29Cb+UUO6pJpU1+TQdsrbZEUSVJdA==
-----END CERTIFICATE-----