Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/SdlFFb8FS3T1h6bRVVM-r2dR3Oo.roa
File:                     SdlFFb8FS3T1h6bRVVM-r2dR3Oo.roa (raw, json)
Hash identifier:          fkV2xp2gnJZM4AW0/JuFs1MXISLTpsagOovRAjTZK6Q=
Subject key identifier:   49:D9:45:15:BF:05:4B:74:F5:87:A6:D1:55:53:3E:AF:67:51:DC:EA
Certificate issuer:       /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial:       01856DCACE94C91EFB0A94A9D56C76FFF894
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/SdlFFb8FS3T1h6bRVVM-r2dR3Oo.roa
Signing time:             Sun 01 Jan 2023 14:44:45 +0000
ROA not before:           Sun 01 Jan 2023 14:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        31.133.82.0/24 maxlen: 24
                          31.133.83.0/24 maxlen: 24
                          31.133.80.0/24 maxlen: 24
                          31.133.81.0/24 maxlen: 24
                          176.103.224.0/24 maxlen: 24
                          176.103.225.0/24 maxlen: 24
                          176.103.226.0/24 maxlen: 24
                          31.133.88.0/24 maxlen: 24
                          31.133.89.0/24 maxlen: 24
                          31.133.90.0/24 maxlen: 24
                          31.133.91.0/24 maxlen: 24
                          176.103.227.0/24 maxlen: 24
                          176.103.232.0/24 maxlen: 24
                          176.103.233.0/24 maxlen: 24
                          176.103.234.0/24 maxlen: 24
                          176.103.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:ca:ce:94:c9:1e:fb:0a:94:a9:d5:6c:76:ff:f8:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
        Validity
            Not Before: Jan  1 14:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=49d94515bf054b74f587a6d155533eaf6751dcea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a6:02:d7:48:4e:2c:24:3e:64:5b:80:4f:8d:
                    fe:02:92:c5:13:66:09:1a:22:4f:dd:ac:02:4c:b0:
                    fc:01:3a:8d:41:c2:d7:69:f8:16:75:83:c8:0d:3d:
                    e4:29:2f:96:89:2b:d7:e2:f4:41:a3:d9:57:9f:89:
                    d6:16:f7:43:3d:4d:c3:87:18:50:08:60:62:73:98:
                    8d:32:de:f4:f3:e1:5b:2d:aa:7a:54:8f:97:4d:25:
                    70:9c:e3:f5:72:ef:22:1f:8e:5e:05:ea:fe:85:72:
                    8b:cd:f7:14:6a:a8:00:b0:e8:be:1c:a3:18:65:22:
                    50:5b:8c:e7:89:bf:1e:60:c5:e6:f2:50:ee:74:ab:
                    ed:93:4b:11:72:36:26:ab:26:c8:8b:16:78:63:ec:
                    20:93:8e:1b:b7:4c:d4:94:f5:1b:cb:9f:e6:5a:d3:
                    2f:4c:be:90:6d:e6:19:b1:4f:47:7b:d2:6c:3e:ef:
                    33:75:75:3d:9e:b5:b5:25:9f:12:4d:62:9b:02:41:
                    fb:bc:ea:14:2a:b3:0d:c5:bc:0f:03:08:d5:3d:aa:
                    01:ed:da:30:39:49:1d:07:26:03:e1:ec:a8:83:e1:
                    fe:30:ff:11:39:96:d7:c3:02:3e:de:69:87:51:7d:
                    32:9f:fb:6c:05:e3:8c:db:38:03:ee:f5:bd:e4:a1:
                    99:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:D9:45:15:BF:05:4B:74:F5:87:A6:D1:55:53:3E:AF:67:51:DC:EA
            X509v3 Authority Key Identifier:
                keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/SdlFFb8FS3T1h6bRVVM-r2dR3Oo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.133.80.0/22
                  31.133.88.0/22
                  176.103.224.0/22
                  176.103.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:06:56:6f:d9:66:52:12:f5:0b:60:e0:51:ac:36:5c:01:83:
         76:e1:4f:65:17:ab:e6:80:ad:3f:dd:35:ee:7a:fa:c0:3c:09:
         7a:a0:6c:01:75:e4:f4:2f:cf:64:46:7b:03:db:4d:af:aa:f0:
         bb:41:07:94:91:f9:9f:08:2a:d4:76:fd:3d:f6:99:7e:aa:d2:
         8f:f1:c1:8a:16:99:9e:a4:5d:12:58:99:98:c9:e2:a0:b3:84:
         6c:12:79:f6:25:e1:83:e4:2c:a5:9a:71:04:ba:c3:f9:fb:5d:
         04:f6:8c:99:41:67:b9:fb:fb:19:44:61:e2:bf:77:01:6b:f0:
         36:75:0e:25:7b:3f:ef:f9:71:6c:06:23:cc:4e:a8:6b:e4:9d:
         96:10:10:66:31:b2:91:24:3d:5a:0f:17:3e:85:ed:49:47:5d:
         f3:14:02:73:79:c2:ef:85:a2:50:c4:82:14:b0:9b:ea:ff:47:
         4c:01:69:a8:07:3f:bc:22:10:74:d8:4b:3f:90:25:1e:54:a8:
         20:3e:d2:d9:c8:47:83:22:e5:0d:de:55:3e:dc:2f:16:23:17:
         21:ab:83:7a:77:42:76:2d:d8:d0:26:e2:4f:9c:ee:c6:f9:0e:
         ec:92:40:8c:6c:93:f8:de:d8:7b:e0:99:74:7d:cf:b4:b2:78:
         d8:ae:51:52
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtys6UyR77CpSp1Wx2//iUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjMwMTAxMTQ0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWQ5NDUxNWJmMDU0Yjc0ZjU4N2E2ZDE1NTUzM2VhZjY3NTFkY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYC10hOLCQ+ZFuAT43+ApLFE2YJ
GiJP3awCTLD8ATqNQcLXafgWdYPIDT3kKS+WiSvX4vRBo9lXn4nWFvdDPU3DhxhQ
CGBic5iNMt708+FbLap6VI+XTSVwnOP1cu8iH45eBer+hXKLzfcUaqgAsOi+HKMY
ZSJQW4znib8eYMXm8lDudKvtk0sRcjYmqybIixZ4Y+wgk44bt0zUlPUby5/mWtMv
TL6QbeYZsU9He9JsPu8zdXU9nrW1JZ8STWKbAkH7vOoUKrMNxbwPAwjVPaoB7dow
OUkdByYD4eyog+H+MP8ROZbXwwI+3mmHUX0yn/tsBeOM2zgD7vW95KGZ/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEnZRRW/BUt09Yem0VVTPq9nUdzqMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvU2RsRkZiOEZTM1QxaDZiUlZWTS1yMmRSM09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH4VQAwQC
H4VYAwQCsGfgAwQCsGfoMA0GCSqGSIb3DQEBCwUAA4IBAQBjBlZv2WZSEvULYOBR
rDZcAYN24U9lF6vmgK0/3TXuevrAPAl6oGwBdeT0L89kRnsD202vqvC7QQeUkfmf
CCrUdv099pl+qtKP8cGKFpmepF0SWJmYyeKgs4RsEnn2JeGD5CylmnEEusP5+10E
9oyZQWe5+/sZRGHiv3cBa/A2dQ4lez/v+XFsBiPMTqhr5J2WEBBmMbKRJD1aDxc+
he1JR13zFAJzecLvhaJQxIIUsJvq/0dMAWmoBz+8IhB02Es/kCUeVKggPtLZyEeD
IuUN3lU+3C8WIxchq4N6d0J2LdjQJuJPnO7G+Q7skkCMbJP43th74Jl0fc+0snjY
rlFS
-----END CERTIFICATE-----