Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/dB1p5g4VYRSzhI526zBdN5DQksY.roa
File:                     dB1p5g4VYRSzhI526zBdN5DQksY.roa (raw, json)
Hash identifier:          TsX7kkd1KN6NctySb7+Vd0M6AHrJlfzW7KBnehFn8F8=
Subject key identifier:   74:1D:69:E6:0E:15:61:14:B3:84:8E:76:EB:30:5D:37:90:D0:92:C6
Certificate issuer:       /CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Certificate serial:       01857067523CD3EAA6EB086D7D27B4B0A142
Authority key identifier: 17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/dB1p5g4VYRSzhI526zBdN5DQksY.roa
Signing time:             Mon 02 Jan 2023 02:54:57 +0000
ROA not before:           Mon 02 Jan 2023 02:54:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59457
IP address blocks:        5.149.69.0/24 maxlen: 24
                          5.149.70.0/24 maxlen: 24
                          5.149.71.0/24 maxlen: 24
                          5.149.65.0/24 maxlen: 24
                          5.149.66.0/24 maxlen: 24
                          5.149.67.0/24 maxlen: 24
                          5.149.68.0/24 maxlen: 24
                          5.149.76.0/24 maxlen: 24
                          5.149.77.0/24 maxlen: 24
                          5.149.78.0/24 maxlen: 24
                          5.149.72.0/24 maxlen: 24
                          5.149.73.0/24 maxlen: 24
                          5.149.74.0/24 maxlen: 24
                          5.149.75.0/24 maxlen: 24
                          5.149.83.0/24 maxlen: 24
                          5.149.79.0/24 maxlen: 24
                          5.149.81.0/24 maxlen: 24
                          5.149.82.0/24 maxlen: 24
                          5.149.93.0/24 maxlen: 24
                          5.149.94.0/24 maxlen: 24
                          5.149.95.0/24 maxlen: 24
                          5.149.92.0/24 maxlen: 24
                          5.149.64.0/24 maxlen: 24
                          5.149.64.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Mon 11 Sep 2023 09:41:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:52:3c:d3:ea:a6:eb:08:6d:7d:27:b4:b0:a1:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
        Validity
            Not Before: Jan  2 02:54:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=741d69e60e156114b3848e76eb305d3790d092c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:df:66:bd:ed:07:50:91:0f:cf:4d:98:82:6d:
                    6a:df:58:ae:5f:30:ce:a9:d8:ce:0e:20:ff:11:4d:
                    6e:4d:26:6e:f1:c3:4a:21:d0:a9:e7:2c:ae:15:b6:
                    ca:78:74:e7:b9:d6:6c:43:50:e7:33:56:73:8b:84:
                    63:b5:01:e3:4b:d1:4c:27:10:26:45:70:9b:f6:6e:
                    18:92:21:89:bd:7a:c3:cd:66:d0:c6:0e:9d:8e:ce:
                    3b:1e:fd:61:ce:56:de:fc:22:cd:72:b7:91:95:bd:
                    3f:e7:fa:a2:a8:b6:c8:09:a8:c2:9f:1b:22:4f:1c:
                    91:58:92:18:30:93:c8:6f:ed:df:46:43:4b:1b:ce:
                    81:7f:3a:2e:63:54:db:51:ad:b5:8b:25:96:a7:31:
                    0f:86:28:ff:e9:db:f5:01:6a:fa:91:f1:f7:72:6b:
                    c9:ec:35:f4:fe:bb:e5:e1:8c:80:b4:02:b3:f0:f6:
                    ef:c1:cc:29:02:25:f1:dc:38:1d:ee:ab:96:63:6f:
                    28:2f:64:bf:11:53:8f:e4:9a:bb:45:eb:16:ce:27:
                    ff:5d:77:20:6c:41:36:0f:5e:8f:15:80:21:8e:43:
                    5b:36:f3:f8:4e:7e:f9:18:0b:61:63:c7:5d:43:5b:
                    66:e8:3f:b8:c5:fc:b0:60:08:3d:45:c9:6b:48:88:
                    39:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:1D:69:E6:0E:15:61:14:B3:84:8E:76:EB:30:5D:37:90:D0:92:C6
            X509v3 Authority Key Identifier:
                keyid:17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/dB1p5g4VYRSzhI526zBdN5DQksY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/F1lDaGkInNnH5tAgKPJKL-SbhtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.149.64.0/20
                  5.149.81.0-5.149.83.255
                  5.149.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         e9:f1:c6:8d:c6:39:e1:bd:5c:fb:0e:bd:92:3a:a0:3a:26:78:
         22:24:a7:aa:61:a0:cf:41:f6:e9:7a:c0:ef:ca:17:ec:80:fa:
         52:9e:94:31:1e:c3:bf:3e:de:4f:3f:2d:e9:83:89:51:ae:9b:
         fe:6d:12:55:5e:f7:74:07:20:9d:32:29:47:38:f3:70:0f:35:
         d6:e8:e0:96:9b:af:b8:a9:39:68:27:68:81:e2:11:d8:7f:bc:
         fa:55:44:a4:b2:eb:c1:ce:b9:bb:d0:b5:bb:83:bd:b9:08:e0:
         44:09:ea:64:02:e0:f1:d3:dc:05:3a:13:98:fb:f9:3e:eb:62:
         de:61:72:ab:b7:0b:a2:c1:d5:bb:cc:11:be:52:d7:83:c2:52:
         c6:53:b8:4f:dc:56:a6:5b:7f:63:26:8a:48:de:68:35:b7:eb:
         7a:24:86:76:3e:49:0c:08:47:5a:89:ef:09:7f:88:ba:a2:86:
         98:99:23:37:7b:38:6b:40:f8:b3:58:8c:3d:b0:62:35:f7:99:
         17:3b:30:2a:92:c6:ca:58:2f:5d:01:8a:6f:a5:fc:0b:4c:a1:
         2a:8d:fd:fa:7c:7e:47:44:c3:62:a8:a6:f3:dd:71:89:f3:50:
         55:bb:9e:91:da:65:89:3f:c1:6a:77:ec:7f:47:14:42:60:61:
         8f:01:92:17
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVwZ1I80+qm6whtfSe0sKFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTk0MzY4NjkwODljZDljN2U2ZDAyMDI4ZjI0YTJmZTQ5
Yjg2ZDUwHhcNMjMwMTAyMDI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDFkNjllNjBlMTU2MTE0YjM4NDhlNzZlYjMwNWQzNzkwZDA5MmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsN9mve0HUJEPz02Ygm1q31iuXzDO
qdjODiD/EU1uTSZu8cNKIdCp5yyuFbbKeHTnudZsQ1DnM1Zzi4RjtQHjS9FMJxAm
RXCb9m4YkiGJvXrDzWbQxg6djs47Hv1hzlbe/CLNcreRlb0/5/qiqLbICajCnxsi
TxyRWJIYMJPIb+3fRkNLG86BfzouY1TbUa21iyWWpzEPhij/6dv1AWr6kfH3cmvJ
7DX0/rvl4YyAtAKz8PbvwcwpAiXx3Dgd7quWY28oL2S/EVOP5Jq7ResWzif/XXcg
bEE2D16PFYAhjkNbNvP4Tn75GAthY8ddQ1tm6D+4xfywYAg9RclrSIg5PQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHQdaeYOFWEUs4SOduswXTeQ0JLGMB8GA1UdIwQY
MBaAFBdZQ2hpCJzZx+bQICjySi/km4bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFsRGFHa0luTm5INXRBZ0tQSktMLVNiaHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83MjQ3ZDItMGEyOC00ZTRhLWFhMGMt
ZmVmNDFkZDg3NmMwLzEvZEIxcDVnNFZZUlN6aEk1MjZ6QmRONURRa3NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83MjQ3ZDItMGEyOC00ZTRhLWFhMGMtZmVmNDFkZDg3NmMw
LzEvRjFsRGFHa0luTm5INXRBZ0tQSktMLVNiaHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEBZVAMAwD
BAAFlVEDBAIFlVADBAIFlVwwDQYJKoZIhvcNAQELBQADggEBAOnxxo3GOeG9XPsO
vZI6oDomeCIkp6phoM9B9ul6wO/KF+yA+lKelDEew78+3k8/LemDiVGum/5tElVe
93QHIJ0yKUc483APNdbo4Jabr7ipOWgnaIHiEdh/vPpVRKSy68HOubvQtbuDvbkI
4EQJ6mQC4PHT3AU6E5j7+T7rYt5hcqu3C6LB1bvMEb5S14PCUsZTuE/cVqZbf2Mm
ikjeaDW363okhnY+SQwIR1qJ7wl/iLqihpiZIzd7OGtA+LNYjD2wYjX3mRc7MCqS
xspYL10Bim+l/AtMoSqN/fp8fkdEw2KopvPdcYnzUFW7npHaZYk/wWp37H9HFEJg
YY8Bkhc=
-----END CERTIFICATE-----