Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/pmLD3E0AlZTWn0_4MMcEPb035YI.roa
File:                     pmLD3E0AlZTWn0_4MMcEPb035YI.roa (raw, json)
Hash identifier:          R7sWWrj2t+QDMpoyB8bhY2DBROSnNQaYxTnMOkbYfgs=
Subject key identifier:   A6:62:C3:DC:4D:00:95:94:D6:9F:4F:F8:30:C7:04:3D:BD:37:E5:82
Certificate issuer:       /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial:       01900714138C046C5D28A928B6AE413E7E7A
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/pmLD3E0AlZTWn0_4MMcEPb035YI.roa
Signing time:             Tue 11 Jun 2024 11:34:34 +0000
ROA not before:           Tue 11 Jun 2024 11:34:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62206
IP address blocks:        31.133.80.0/22 maxlen: 24
                          31.133.80.0/24 maxlen: 24
                          31.133.81.0/24 maxlen: 24
                          31.133.82.0/24 maxlen: 24
                          31.133.83.0/24 maxlen: 24
                          31.133.84.0/22 maxlen: 22
                          31.133.88.0/22 maxlen: 24
                          31.133.88.0/24 maxlen: 24
                          31.133.89.0/24 maxlen: 24
                          31.133.90.0/24 maxlen: 24
                          31.133.91.0/24 maxlen: 24
                          176.103.224.0/22 maxlen: 22
                          176.103.232.0/22 maxlen: 22
                          176.103.236.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 21 Jun 2024 07:16:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:07:14:13:8c:04:6c:5d:28:a9:28:b6:ae:41:3e:7e:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
        Validity
            Not Before: Jun 11 11:34:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a662c3dc4d009594d69f4ff830c7043dbd37e582
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4c:72:00:1e:7d:3d:ba:ac:59:d0:16:bc:f2:
                    28:58:7a:e1:df:70:6a:25:69:31:4f:58:fb:a7:be:
                    84:e2:fd:cd:49:93:b3:b1:00:25:fc:42:4c:63:88:
                    69:de:71:e7:a3:db:37:41:80:39:6f:a6:93:11:8c:
                    27:b7:f0:dd:5b:3d:32:2e:23:fb:b2:39:1a:5e:c4:
                    1a:c4:ec:b7:71:fa:62:56:f1:c7:f5:47:48:ae:a9:
                    6c:94:f6:10:58:30:17:5b:a3:f0:b2:eb:47:83:8e:
                    1c:97:99:42:2a:b6:48:df:8d:0e:bc:66:ed:9c:1c:
                    db:1f:bf:44:01:98:7e:66:eb:db:8c:2a:62:75:3e:
                    2c:b3:a1:d2:af:42:37:8f:12:bb:53:64:99:fd:d9:
                    64:ae:09:ae:32:cf:52:81:08:38:16:3b:4a:bc:9a:
                    c6:56:77:df:e1:68:07:b2:05:51:0d:be:fe:49:ca:
                    44:7d:46:60:bc:bc:ca:8a:65:bb:66:f7:d9:0f:61:
                    da:9c:db:59:1f:0e:cb:c1:01:4e:10:01:f0:3b:fd:
                    f5:92:b4:4f:6b:85:80:c3:ef:e8:6f:bf:1c:84:97:
                    3e:51:2d:4d:93:be:05:8b:bb:ab:3b:7b:6f:56:93:
                    11:bb:8d:aa:51:0d:d8:a3:fc:11:68:91:a6:67:66:
                    27:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:62:C3:DC:4D:00:95:94:D6:9F:4F:F8:30:C7:04:3D:BD:37:E5:82
            X509v3 Authority Key Identifier:
                keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/pmLD3E0AlZTWn0_4MMcEPb035YI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.133.80.0-31.133.91.255
                  176.103.224.0/22
                  176.103.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         24:22:64:31:6f:e5:6e:49:7c:ea:dc:58:95:7d:4d:35:2d:84:
         e5:35:d7:e5:3a:df:9b:44:6f:a8:d7:41:b0:a4:88:34:73:13:
         63:a2:54:e0:ac:76:ef:66:75:03:28:ed:b5:26:5c:69:3e:5f:
         c9:53:fc:b4:b0:65:85:6b:19:d7:1e:34:c0:e3:ef:64:d4:7a:
         1b:a5:c1:1a:c2:03:0b:67:be:72:29:8a:7e:05:fc:53:4a:5a:
         17:82:b1:be:f8:5e:aa:9d:07:e9:74:53:af:e8:a6:ee:67:0e:
         63:1c:0e:6e:78:33:56:72:2e:ae:c5:8d:b8:9a:9d:d3:2f:f2:
         ae:a2:70:a4:6f:8e:52:12:c1:85:8b:57:7c:38:fe:32:f3:55:
         74:94:00:27:70:1d:8b:c4:b7:41:85:d1:33:41:74:e1:ce:fc:
         fe:0e:76:8f:be:be:f0:f2:04:fb:5c:7e:8e:be:1d:a1:96:15:
         64:c9:f4:98:74:1a:8a:49:89:7d:fe:b6:42:9d:a3:6b:ce:43:
         14:f0:81:35:47:90:0d:06:85:8c:5e:82:80:46:be:9c:da:f7:
         52:fb:ea:f4:e2:22:4a:68:b0:ca:cb:eb:67:51:8e:7a:c3:88:
         11:56:1d:96:d5:70:2c:a9:ec:30:cd:d0:c9:62:64:1d:51:ff:
         3d:b9:24:b7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZAHFBOMBGxdKKkotq5BPn56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjQwNjExMTEzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjYyYzNkYzRkMDA5NTk0ZDY5ZjRmZjgzMGM3MDQzZGJkMzdlNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0xyAB59PbqsWdAWvPIoWHrh33Bq
JWkxT1j7p76E4v3NSZOzsQAl/EJMY4hp3nHno9s3QYA5b6aTEYwnt/DdWz0yLiP7
sjkaXsQaxOy3cfpiVvHH9UdIrqlslPYQWDAXW6PwsutHg44cl5lCKrZI340OvGbt
nBzbH79EAZh+ZuvbjCpidT4ss6HSr0I3jxK7U2SZ/dlkrgmuMs9SgQg4FjtKvJrG
Vnff4WgHsgVRDb7+ScpEfUZgvLzKimW7ZvfZD2HanNtZHw7LwQFOEAHwO/31krRP
a4WAw+/ob78chJc+US1Nk74Fi7urO3tvVpMRu42qUQ3Yo/wRaJGmZ2Yn6QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKZiw9xNAJWU1p9P+DDHBD29N+WCMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvcG1MRDNFMEFsWlRXbjBfNE1NY0VQYjAzNVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAQfhVAD
BAIfhVgDBAKwZ+ADBAOwZ+gwDQYJKoZIhvcNAQELBQADggEBACQiZDFv5W5JfOrc
WJV9TTUthOU11+U635tEb6jXQbCkiDRzE2OiVOCsdu9mdQMo7bUmXGk+X8lT/LSw
ZYVrGdceNMDj72TUehulwRrCAwtnvnIpin4F/FNKWheCsb74XqqdB+l0U6/opu5n
DmMcDm54M1ZyLq7FjbiandMv8q6icKRvjlISwYWLV3w4/jLzVXSUACdwHYvEt0GF
0TNBdOHO/P4Odo++vvDyBPtcfo6+HaGWFWTJ9Jh0GopJiX3+tkKdo2vOQxTwgTVH
kA0GhYxegoBGvpza91L76vTiIkposMrL62dRjnrDiBFWHZbVcCyp7DDN0MliZB1R
/z25JLc=
-----END CERTIFICATE-----