Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/wRcg8TGwa3xdht6EDfMU__ud4tY.roa
File:                     wRcg8TGwa3xdht6EDfMU__ud4tY.roa (raw, json)
Hash identifier:          dxm3PC3pgg7oUfynAhEP6fWWRzA5wFweLAXqwqis+7Q=
Subject key identifier:   C1:17:20:F1:31:B0:6B:7C:5D:86:DE:84:0D:F3:14:FF:FB:9D:E2:D6
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       018E2DB5608DE0BD68EAEAFA0052D4452DF4
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/wRcg8TGwa3xdht6EDfMU__ud4tY.roa
Signing time:             Mon 11 Mar 2024 13:30:45 +0000
ROA not before:           Mon 11 Mar 2024 13:30:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        45.88.12.0/24 maxlen: 24
                          45.135.180.0/24 maxlen: 24
                          77.81.182.0/24 maxlen: 24
                          89.34.106.0/24 maxlen: 24
                          89.35.129.0/24 maxlen: 24
                          91.132.50.0/24 maxlen: 24
                          93.114.183.0/24 maxlen: 24
                          128.0.41.0/24 maxlen: 24
                          185.212.119.0/24 maxlen: 24
                          188.215.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 12:24:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:2d:b5:60:8d:e0:bd:68:ea:ea:fa:00:52:d4:45:2d:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: Mar 11 13:30:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c11720f131b06b7c5d86de840df314fffb9de2d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:30:58:7a:f9:f8:ab:52:0f:d7:73:7d:8b:61:
                    a9:da:19:48:4a:d8:63:45:84:84:94:c9:b0:2d:a6:
                    93:aa:47:4c:88:05:c6:8a:cc:d2:52:ea:75:69:45:
                    0d:a0:19:c9:9d:d4:f0:8f:a5:47:a7:89:89:d3:5e:
                    e2:99:d3:05:cd:44:c1:9b:be:cb:39:04:79:28:f6:
                    f4:b4:3e:f0:3d:d5:1d:38:1d:ae:67:42:6d:39:dd:
                    5f:cb:2f:08:a8:45:a5:97:c1:9a:59:0c:15:fc:21:
                    8f:4d:4a:b7:f0:e4:17:88:93:6e:84:e9:0a:7d:24:
                    43:29:a0:90:2d:7a:40:44:0a:8b:0a:43:b4:db:dd:
                    cb:a4:b1:53:83:81:21:04:ff:c4:d9:ae:68:7e:6c:
                    2e:fa:14:41:6f:89:83:24:c4:bd:40:1d:f9:f0:0b:
                    5d:ae:f2:81:34:53:98:e9:33:28:b5:3e:3a:55:83:
                    fb:38:9e:d4:8c:81:e4:1b:dd:a5:f9:00:4b:98:5f:
                    f9:c3:23:b5:14:2f:71:73:22:4b:78:40:21:03:41:
                    76:60:68:a5:cb:b5:2c:69:6d:13:fe:0f:59:c5:1c:
                    d2:fe:87:b4:a0:30:75:83:c1:a1:7d:53:af:be:67:
                    80:d0:65:f1:a5:09:8d:9c:df:b9:ec:9b:d5:b9:b8:
                    60:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:17:20:F1:31:B0:6B:7C:5D:86:DE:84:0D:F3:14:FF:FB:9D:E2:D6
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/wRcg8TGwa3xdht6EDfMU__ud4tY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.12.0/24
                  45.135.180.0/24
                  77.81.182.0/24
                  89.34.106.0/24
                  89.35.129.0/24
                  91.132.50.0/24
                  93.114.183.0/24
                  128.0.41.0/24
                  185.212.119.0/24
                  188.215.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:1b:59:ae:31:5a:24:93:60:f4:8f:41:8d:67:e7:a3:16:90:
         a1:49:af:1d:fa:89:ac:bd:76:7d:50:e4:b9:35:00:dd:cc:aa:
         85:e9:bc:32:6d:67:18:56:f5:0c:f2:41:56:b0:79:57:9a:3a:
         f6:ff:d8:24:7f:72:a8:94:af:09:2f:2d:52:21:49:41:5c:55:
         5b:62:77:a2:8c:6d:81:b9:09:d1:d5:6a:e6:9b:e8:99:ef:50:
         7a:64:5d:bd:b8:b6:ff:04:aa:b4:a6:d4:62:6c:94:8f:c4:8c:
         82:49:aa:29:62:4b:df:23:10:2a:93:6f:eb:80:80:51:a5:2a:
         fa:4d:6d:cb:26:85:73:6d:6b:11:63:6d:75:3b:0b:43:f3:d6:
         45:61:f3:cd:6e:bc:a3:44:dc:33:a3:ff:1d:a0:1e:18:43:01:
         92:a1:3c:04:e2:4a:23:72:3d:e5:ef:20:a6:50:da:2a:0d:34:
         58:38:0b:ce:41:d8:88:1d:d8:17:ab:8c:51:45:12:f3:46:73:
         33:9e:8d:1d:8a:4e:80:da:44:6a:b9:db:03:df:db:43:b0:22:
         97:5e:15:a9:0e:b1:10:db:55:b2:ec:79:77:94:07:6a:07:3f:
         32:5f:2b:86:c9:f4:a6:f5:7f:2a:08:6b:3b:bc:04:ce:47:e6:
         06:82:2e:2a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY4ttWCN4L1o6ur6AFLURS30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMzExMTMzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTE3MjBmMTMxYjA2YjdjNWQ4NmRlODQwZGYzMTRmZmZiOWRlMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizBYevn4q1IP13N9i2Gp2hlISthj
RYSElMmwLaaTqkdMiAXGiszSUup1aUUNoBnJndTwj6VHp4mJ017imdMFzUTBm77L
OQR5KPb0tD7wPdUdOB2uZ0JtOd1fyy8IqEWll8GaWQwV/CGPTUq38OQXiJNuhOkK
fSRDKaCQLXpARAqLCkO0293LpLFTg4EhBP/E2a5ofmwu+hRBb4mDJMS9QB358Atd
rvKBNFOY6TMotT46VYP7OJ7UjIHkG92l+QBLmF/5wyO1FC9xcyJLeEAhA0F2YGil
y7UsaW0T/g9ZxRzS/oe0oDB1g8GhfVOvvmeA0GXxpQmNnN+57JvVubhglQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMEXIPExsGt8XYbehA3zFP/7neLWMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvd1JjZzhUR3dhM3hkaHQ2RURmTVVfX3VkNHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALVgMAwQA
LYe0AwQATVG2AwQAWSJqAwQAWSOBAwQAW4QyAwQAXXK3AwQAgAApAwQAudR3AwQA
vNcfMA0GCSqGSIb3DQEBCwUAA4IBAQBPG1muMVokk2D0j0GNZ+ejFpChSa8d+oms
vXZ9UOS5NQDdzKqF6bwybWcYVvUM8kFWsHlXmjr2/9gkf3KolK8JLy1SIUlBXFVb
YneijG2BuQnR1Wrmm+iZ71B6ZF29uLb/BKq0ptRibJSPxIyCSaopYkvfIxAqk2/r
gIBRpSr6TW3LJoVzbWsRY211OwtD89ZFYfPNbryjRNwzo/8doB4YQwGSoTwE4koj
cj3l7yCmUNoqDTRYOAvOQdiIHdgXq4xRRRLzRnMzno0dik6A2kRqudsD39tDsCKX
XhWpDrEQ21Wy7Hl3lAdqBz8yXyuGyfSm9X8qCGs7vATOR+YGgi4q
-----END CERTIFICATE-----