Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/H22AnvtJkhIsFu-IaCuvBZkY7QM.roa
File:                     H22AnvtJkhIsFu-IaCuvBZkY7QM.roa (raw, json)
Hash identifier:          aC5IEotje/9Ehh8mVE+qxmezT5m7CABzus7jM6DxioY=
Subject key identifier:   1F:6D:80:9E:FB:49:92:12:2C:16:EF:88:68:2B:AF:05:99:18:ED:03
Certificate issuer:       /CN=dbb9bc2de36cf23b689f3c72e80abcfe482026c1
Certificate serial:       01856F1DA19CEF4753F0E7261551FFFF9817
Authority key identifier: DB:B9:BC:2D:E3:6C:F2:3B:68:9F:3C:72:E8:0A:BC:FE:48:20:26:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/27m8LeNs8jtonzxy6Aq8_kggJsE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/H22AnvtJkhIsFu-IaCuvBZkY7QM.roa
Signing time:             Sun 01 Jan 2023 20:54:50 +0000
ROA not before:           Sun 01 Jan 2023 20:54:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12189
IP address blocks:        2a02:5320:100::/40 maxlen: 40
                          2a02:5320:300::/40 maxlen: 40
                          2a02:5320:500::/40 maxlen: 40
                          2a02:5320:700::/40 maxlen: 40
                          2a02:5320:900::/40 maxlen: 40
                          2a02:5320:b00::/40 maxlen: 40
                          2a02:5320:d00::/40 maxlen: 40
                          2a02:5320:f00::/40 maxlen: 40

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:a1:9c:ef:47:53:f0:e7:26:15:51:ff:ff:98:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbb9bc2de36cf23b689f3c72e80abcfe482026c1
        Validity
            Not Before: Jan  1 20:54:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f6d809efb4992122c16ef88682baf059918ed03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:25:63:ca:cf:f3:3e:93:44:35:f0:e6:2e:7d:
                    67:c7:98:cc:81:86:ec:19:2c:ed:70:f7:e2:6e:c1:
                    7e:c7:bc:62:39:a6:47:a5:28:77:41:23:e8:16:9b:
                    60:77:23:6b:3b:48:f4:45:43:a9:66:ce:49:50:d3:
                    22:d7:5d:2a:9e:c9:9c:7b:9f:71:98:07:4e:cb:9f:
                    c5:a5:28:c7:bb:fb:98:a9:7a:2a:17:83:f1:3d:bd:
                    10:32:f6:7a:19:f5:cd:e9:2a:46:cc:4c:81:41:49:
                    ef:9d:1d:ca:41:62:65:d4:76:74:5d:b4:71:e9:d1:
                    8d:60:0f:24:0f:f5:46:4c:b3:12:36:63:ff:c3:35:
                    25:2b:61:05:29:28:c0:93:e8:58:ff:ac:db:de:6d:
                    c6:7e:9c:19:bd:fb:0d:ac:ec:1b:73:06:a3:69:99:
                    96:cd:f1:89:95:75:4a:8b:ad:64:35:df:a6:97:90:
                    d2:c8:bc:6a:1e:07:b1:1c:cc:99:0f:2b:0e:42:67:
                    f3:8c:aa:80:f1:86:8b:02:2a:6d:7e:ce:6e:86:f3:
                    5c:26:f6:68:e6:46:06:b8:fe:31:5d:a2:17:c0:2b:
                    40:01:f8:3e:ba:bd:7e:48:4c:b3:24:1a:e1:e7:cf:
                    27:e8:40:57:0a:11:0a:81:98:b2:ba:85:1b:6a:99:
                    41:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:6D:80:9E:FB:49:92:12:2C:16:EF:88:68:2B:AF:05:99:18:ED:03
            X509v3 Authority Key Identifier:
                keyid:DB:B9:BC:2D:E3:6C:F2:3B:68:9F:3C:72:E8:0A:BC:FE:48:20:26:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27m8LeNs8jtonzxy6Aq8_kggJsE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/H22AnvtJkhIsFu-IaCuvBZkY7QM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/27m8LeNs8jtonzxy6Aq8_kggJsE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a02:5320:100::/40
                  2a02:5320:300::/40
                  2a02:5320:500::/40
                  2a02:5320:700::/40
                  2a02:5320:900::/40
                  2a02:5320:b00::/40
                  2a02:5320:d00::/40
                  2a02:5320:f00::/40

    Signature Algorithm: sha256WithRSAEncryption
         1d:dd:2d:63:61:30:95:50:53:13:e9:f9:b5:cf:77:b3:66:0f:
         27:08:a1:12:d3:b1:a7:95:70:2d:2a:e4:a8:72:03:ce:fb:9f:
         91:31:8e:f2:2f:3e:4d:e7:20:a7:bc:5d:19:15:b5:15:5a:c6:
         86:56:64:30:49:37:f1:0a:4f:b3:2e:f3:69:02:d3:4f:0b:32:
         15:ff:b7:17:a6:08:f9:94:09:20:eb:fe:c3:35:06:a5:d7:6f:
         c5:02:f4:61:47:db:5d:4f:51:ad:a3:73:40:1e:cb:75:b5:6b:
         e1:5e:09:a0:ff:93:a8:a2:27:d1:d0:75:83:36:ce:10:9d:6b:
         cd:cd:73:ae:37:3e:ae:f6:88:65:e0:d8:7b:32:f0:88:ea:12:
         80:73:7c:2d:4b:a3:dc:dc:30:90:c4:05:f5:97:68:79:07:99:
         93:49:1b:62:ea:63:7f:11:a3:a2:39:e5:8f:6b:72:af:92:2c:
         4d:49:77:2a:60:02:d9:c9:f2:d8:1e:be:fc:a9:c3:a5:07:6d:
         9d:f3:73:8f:d3:b8:5e:95:6e:47:dd:eb:98:34:48:da:14:e7:
         17:9f:d2:6c:51:67:62:94:08:57:70:17:07:ae:6c:94:11:d4:
         01:90:a9:8a:94:09:77:ad:cd:5f:11:be:d3:bd:af:13:92:5d:
         b5:5c:f4:d2
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVvHaGc70dT8OcmFVH//5gXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjliYzJkZTM2Y2YyM2I2ODlmM2M3MmU4MGFiY2ZlNDgy
MDI2YzEwHhcNMjMwMTAxMjA1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjZkODA5ZWZiNDk5MjEyMmMxNmVmODg2ODJiYWYwNTk5MThlZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSVjys/zPpNENfDmLn1nx5jMgYbs
GSztcPfibsF+x7xiOaZHpSh3QSPoFptgdyNrO0j0RUOpZs5JUNMi110qnsmce59x
mAdOy5/FpSjHu/uYqXoqF4PxPb0QMvZ6GfXN6SpGzEyBQUnvnR3KQWJl1HZ0XbRx
6dGNYA8kD/VGTLMSNmP/wzUlK2EFKSjAk+hY/6zb3m3GfpwZvfsNrOwbcwajaZmW
zfGJlXVKi61kNd+ml5DSyLxqHgexHMyZDysOQmfzjKqA8YaLAiptfs5uhvNcJvZo
5kYGuP4xXaIXwCtAAfg+ur1+SEyzJBrh588n6EBXChEKgZiyuoUbaplBhwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFB9tgJ77SZISLBbviGgrrwWZGO0DMB8GA1UdIwQY
MBaAFNu5vC3jbPI7aJ88cugKvP5IICbBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdtOExlTnM4anRvbnp4eTZBcThfa2dnSnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lYmMyZTQtNDAyZi00N2MxLTliMjgt
MTRmMjFhZTIxZWQzLzEvSDIyQW52dEpraElzRnUtSWFDdXZCWmtZN1FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lYmMyZTQtNDAyZi00N2MxLTliMjgtMTRmMjFhZTIxZWQz
LzEvMjdtOExlTnM4anRvbnp4eTZBcThfa2dnSnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAAjBAAwYAKgJTIAED
BgAqAlMgAwMGACoCUyAFAwYAKgJTIAcDBgAqAlMgCQMGACoCUyALAwYAKgJTIA0D
BgAqAlMgDzANBgkqhkiG9w0BAQsFAAOCAQEAHd0tY2EwlVBTE+n5tc93s2YPJwih
EtOxp5VwLSrkqHIDzvufkTGO8i8+Tecgp7xdGRW1FVrGhlZkMEk38QpPsy7zaQLT
TwsyFf+3F6YI+ZQJIOv+wzUGpddvxQL0YUfbXU9RraNzQB7LdbVr4V4JoP+TqKIn
0dB1gzbOEJ1rzc1zrjc+rvaIZeDYezLwiOoSgHN8LUuj3NwwkMQF9ZdoeQeZk0kb
YupjfxGjojnlj2tyr5IsTUl3KmAC2cny2B6+/KnDpQdtnfNzj9O4XpVuR93rmDRI
2hTnF5/SbFFnYpQIV3AXB65slBHUAZCpipQJd63NXxG+072vE5JdtVz00g==
-----END CERTIFICATE-----