Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/GyOYEnLGwfQ5glMlqPQSVsQaAz4.roa
File:                     GyOYEnLGwfQ5glMlqPQSVsQaAz4.roa (raw, json)
Hash identifier:          zsJ1NZ2rjgatb/1YysIcrZAnLfnGbr3iRNtqSt9MkDY=
Subject key identifier:   1B:23:98:12:72:C6:C1:F4:39:82:53:25:A8:F4:12:56:C4:1A:03:3E
Certificate issuer:       /CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Certificate serial:       018C19BC52D8BB58E99747A7013442E114DE
Authority key identifier: C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/GyOYEnLGwfQ5glMlqPQSVsQaAz4.roa
Signing time:             Wed 29 Nov 2023 06:20:21 +0000
ROA not before:           Wed 29 Nov 2023 06:20:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210402
IP address blocks:        91.106.36.0/22 maxlen: 22
                          91.106.36.0/24 maxlen: 24
                          91.106.37.0/24 maxlen: 24
                          91.106.38.0/24 maxlen: 24
                          91.106.39.0/24 maxlen: 24
                          91.106.38.0/23 maxlen: 23
                          91.106.49.0/24 maxlen: 24
                          91.106.50.0/24 maxlen: 24
                          91.106.57.0/24 maxlen: 24
                          91.106.58.0/24 maxlen: 24
                          91.106.53.0/24 maxlen: 24
                          91.106.54.0/24 maxlen: 24
                          91.106.55.0/24 maxlen: 24
                          91.106.56.0/24 maxlen: 24
                          91.106.56.0/22 maxlen: 22
                          91.106.52.0/24 maxlen: 24
                          91.106.60.0/24 maxlen: 24
                          91.106.61.0/24 maxlen: 24
                          91.106.62.0/24 maxlen: 24
                          91.106.63.0/24 maxlen: 24
                          91.106.59.0/24 maxlen: 24
                          91.106.60.0/22 maxlen: 22

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:19:bc:52:d8:bb:58:e9:97:47:a7:01:34:42:e1:14:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c092d8d5511b19ece456960f23bfa886ee1d570b
        Validity
            Not Before: Nov 29 06:20:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1b23981272c6c1f439825325a8f41256c41a033e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:9f:e3:28:42:a9:8e:53:f0:8f:bd:50:86:34:
                    e8:bc:d0:75:40:da:e2:e7:77:a2:fd:6a:4a:49:73:
                    2f:2c:2a:d8:26:e5:8f:73:24:ac:98:e5:35:a6:86:
                    0a:b0:0f:12:02:3a:a6:39:04:31:a0:97:c8:3c:40:
                    d7:2e:43:87:6e:75:08:f1:b0:7a:2b:9a:2e:f1:0d:
                    cd:a2:69:6c:79:62:5d:9b:19:6a:ac:fb:c0:80:4a:
                    5e:69:0c:09:51:d5:a6:bb:e7:54:d3:0b:9b:47:ae:
                    62:18:b2:3a:e9:27:8d:77:0c:97:b7:d0:32:68:83:
                    de:6b:0b:cb:59:45:21:68:00:4d:94:ad:21:8d:e7:
                    36:1f:92:50:f0:28:92:95:a8:94:80:9e:da:a7:dc:
                    f8:3c:32:08:d2:f0:a5:6a:07:38:af:44:3a:13:26:
                    2a:e0:98:71:65:9e:6e:15:36:52:3e:5d:a1:4f:0e:
                    a3:d1:89:33:17:7f:4e:ae:b5:61:28:b6:63:e8:ad:
                    a7:a4:b7:85:33:40:fb:91:d3:6c:78:d5:bf:f4:19:
                    11:a2:25:0c:d0:bb:da:6e:fe:fc:3d:c9:4a:8a:74:
                    1c:fe:6d:0a:af:59:a4:5a:d3:d7:6d:30:af:b6:a3:
                    59:5e:fa:85:1d:c6:c5:7f:ec:48:4b:3c:6f:85:36:
                    f8:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:23:98:12:72:C6:C1:F4:39:82:53:25:A8:F4:12:56:C4:1A:03:3E
            X509v3 Authority Key Identifier:
                keyid:C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/GyOYEnLGwfQ5glMlqPQSVsQaAz4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.106.36.0/22
                  91.106.49.0-91.106.50.255
                  91.106.52.0-91.106.63.255

    Signature Algorithm: sha256WithRSAEncryption
         82:2e:2a:ef:88:de:d8:c7:4c:6a:dc:70:1e:c1:4b:b4:34:50:
         86:89:c7:93:8e:cf:0b:41:48:d8:e1:27:e2:4c:eb:8b:3c:4e:
         3e:91:b5:f8:8b:6c:56:cc:d7:9c:1f:ae:77:21:ee:54:b2:15:
         53:09:90:bd:4e:34:6c:9e:78:d7:fb:d0:6c:27:15:17:db:54:
         83:4f:10:18:b6:4c:09:05:4b:73:d7:cb:e4:bc:72:5e:5f:6e:
         5e:1c:da:82:09:c0:17:94:7c:6e:91:04:68:57:a9:14:34:8c:
         88:ee:ce:00:b5:74:82:21:62:24:f5:c3:f6:8a:7d:96:29:80:
         0b:87:c9:03:d8:dc:c8:ca:48:10:39:d7:b4:0d:6a:f3:c1:97:
         22:53:38:ab:63:e3:54:92:3c:50:f1:83:74:82:67:a9:74:5f:
         c3:42:27:e1:e1:14:ea:90:a2:6d:c6:48:5e:18:ad:11:38:9b:
         8d:c9:db:99:f8:10:66:89:70:bc:4d:bf:f8:ea:62:5e:c0:5f:
         9b:28:02:e6:56:6b:8b:45:78:08:13:6d:e8:f4:3a:6c:af:01:
         fd:65:36:e5:6f:4b:3f:e7:cf:36:27:59:3b:78:7d:a5:d7:51:
         cf:d8:33:20:44:ee:09:5f:97:4a:26:5b:20:c5:50:94:69:f2:
         a1:2a:2c:7a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYwZvFLYu1jpl0enATRC4RTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTJkOGQ1NTExYjE5ZWNlNDU2OTYwZjIzYmZhODg2ZWUx
ZDU3MGIwHhcNMjMxMTI5MDYyMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjIzOTgxMjcyYzZjMWY0Mzk4MjUzMjVhOGY0MTI1NmM0MWEwMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp/jKEKpjlPwj71QhjTovNB1QNri
53ei/WpKSXMvLCrYJuWPcySsmOU1poYKsA8SAjqmOQQxoJfIPEDXLkOHbnUI8bB6
K5ou8Q3NomlseWJdmxlqrPvAgEpeaQwJUdWmu+dU0wubR65iGLI66SeNdwyXt9Ay
aIPeawvLWUUhaABNlK0hjec2H5JQ8CiSlaiUgJ7ap9z4PDII0vClagc4r0Q6EyYq
4JhxZZ5uFTZSPl2hTw6j0YkzF39OrrVhKLZj6K2npLeFM0D7kdNseNW/9BkRoiUM
0Lvabv78PclKinQc/m0Kr1mkWtPXbTCvtqNZXvqFHcbFf+xISzxvhTb4owIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBsjmBJyxsH0OYJTJaj0ElbEGgM+MB8GA1UdIwQY
MBaAFMCS2NVRGxns5FaWDyO/qIbuHVcLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEt
MjY3YTE2YjQ2MjlmLzEvR3lPWUVuTEd3ZlE1Z2xNbHFQUVNWc1FhQXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEtMjY3YTE2YjQ2Mjlm
LzEvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCW2okMAwD
BABbajEDBABbajIwDAMEAltqNAMEBltqADANBgkqhkiG9w0BAQsFAAOCAQEAgi4q
74je2MdMatxwHsFLtDRQhonHk47PC0FI2OEn4kzrizxOPpG1+ItsVszXnB+udyHu
VLIVUwmQvU40bJ541/vQbCcVF9tUg08QGLZMCQVLc9fL5LxyXl9uXhzaggnAF5R8
bpEEaFepFDSMiO7OALV0giFiJPXD9op9limAC4fJA9jcyMpIEDnXtA1q88GXIlM4
q2PjVJI8UPGDdIJnqXRfw0In4eEU6pCibcZIXhitETibjcnbmfgQZolwvE2/+Opi
XsBfmygC5lZri0V4CBNt6PQ6bK8B/WU25W9LP+fPNidZO3h9pddRz9gzIETuCV+X
SiZbIMVQlGnyoSoseg==
-----END CERTIFICATE-----