Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/seFHhy2GQb3sRvMFav2acLaNv7M.roa
File:                     seFHhy2GQb3sRvMFav2acLaNv7M.roa (raw, json)
Hash identifier:          z5tJgk/1EhVUWrdCCSYQjfjy7GwkGmaWCgWzEDcFWoc=
Subject key identifier:   B1:E1:47:87:2D:86:41:BD:EC:46:F3:05:6A:FD:9A:70:B6:8D:BF:B3
Certificate issuer:       /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial:       0189DEE810D2F2B7F5A821091264297C953F
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/seFHhy2GQb3sRvMFav2acLaNv7M.roa
Signing time:             Thu 10 Aug 2023 10:04:57 +0000
ROA not before:           Thu 10 Aug 2023 10:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44477
IP address blocks:        46.151.179.0/24 maxlen: 24
                          46.151.178.0/24 maxlen: 24
                          46.151.177.0/24 maxlen: 24
                          46.151.176.0/24 maxlen: 24
                          46.151.181.0/24 maxlen: 24
                          46.151.180.0/24 maxlen: 24
                          46.151.183.0/24 maxlen: 24
                          46.151.182.0/24 maxlen: 24
                          83.142.211.0/24 maxlen: 24
                          83.142.210.0/24 maxlen: 24
                          83.142.209.0/24 maxlen: 24
                          83.142.208.0/24 maxlen: 24
                          83.142.213.0/24 maxlen: 24
                          83.142.212.0/24 maxlen: 24
                          83.142.215.0/24 maxlen: 24
                          83.142.214.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:de:e8:10:d2:f2:b7:f5:a8:21:09:12:64:29:7c:95:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
        Validity
            Not Before: Aug 10 10:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b1e147872d8641bdec46f3056afd9a70b68dbfb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:f3:8a:37:f9:9c:fa:11:8c:74:4c:5b:77:09:
                    20:91:57:e0:6d:a6:ac:66:fe:18:26:16:11:b4:aa:
                    55:7e:d0:06:73:a9:8a:dd:ff:08:da:69:00:dd:9d:
                    fc:63:96:91:5f:e5:b0:f2:d3:ef:b2:71:82:d1:51:
                    21:93:23:04:de:94:32:03:bc:1e:32:ab:91:a0:08:
                    d6:65:f1:ce:e5:c0:76:19:c0:81:a2:00:bb:61:aa:
                    f5:d3:1e:26:e6:04:c8:1f:dd:16:9a:43:ab:17:23:
                    e4:a0:88:c0:94:1f:fa:4c:1f:60:31:cd:e0:7e:95:
                    01:24:75:3b:54:93:01:87:4f:bf:a9:ec:14:05:e4:
                    fa:60:f9:86:fb:44:6f:af:96:73:de:09:fa:b2:b3:
                    ae:4c:16:21:97:dc:f4:bc:da:ed:eb:c1:eb:be:a1:
                    4a:f0:37:6b:bf:4f:79:74:74:71:dc:e2:94:d5:d6:
                    78:26:98:61:4f:a2:03:a0:33:92:a1:dd:61:75:29:
                    c8:73:0d:9d:1e:1b:60:d2:c9:d5:78:4a:66:a9:90:
                    e3:78:db:73:eb:87:bf:34:c3:ab:f5:82:2b:4d:86:
                    8a:35:f9:22:63:2f:03:f1:f1:88:38:c6:18:fa:e3:
                    4c:56:c8:91:a9:04:23:d6:9b:83:30:f1:16:0f:5c:
                    79:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:E1:47:87:2D:86:41:BD:EC:46:F3:05:6A:FD:9A:70:B6:8D:BF:B3
            X509v3 Authority Key Identifier:
                keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/seFHhy2GQb3sRvMFav2acLaNv7M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.151.176.0/21
                  83.142.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         07:8a:fc:f8:1b:7c:6c:d3:67:8b:c9:a3:cb:a2:90:e3:b9:c5:
         87:2a:c8:13:b9:2f:43:4b:ce:01:83:ce:ff:fa:bf:d9:e8:1a:
         cf:0b:c3:56:ca:f6:85:01:62:5d:cd:05:92:33:96:cd:30:1b:
         6e:af:30:84:8c:5c:52:bf:1e:22:1a:b4:de:9f:82:ab:8f:c9:
         b9:c6:65:50:6e:1b:d5:36:46:16:8e:aa:fa:a3:90:40:1b:dd:
         53:d4:3b:fc:61:55:c3:1f:1e:f2:f3:04:45:1a:a0:2f:35:bd:
         ea:8c:a4:5b:e2:54:ff:e2:6f:ae:ce:44:ab:47:0d:14:49:03:
         21:f6:1d:51:ba:02:f1:bf:59:95:5d:fd:6a:2c:0a:e4:fb:c0:
         98:28:99:e0:6c:e7:b2:f8:f8:a4:53:c1:31:b9:b3:6a:8e:65:
         4f:ed:79:c5:7c:90:9d:fe:9f:4b:50:98:1b:49:84:25:98:85:
         79:e6:92:a3:6e:f7:0a:3d:7e:5e:d6:5b:d9:d0:7c:85:d6:fe:
         07:1d:09:91:dd:da:8e:c3:11:21:42:99:3e:74:8b:c0:a2:a9:
         aa:f8:16:33:5b:2f:1d:3b:a3:59:82:df:80:4c:2e:2f:00:54:
         27:de:75:ba:12:0f:10:4d:02:0a:41:23:af:11:a3:b7:dc:78:
         cb:ed:e8:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYne6BDS8rf1qCEJEmQpfJU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjMwODEwMTAwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWUxNDc4NzJkODY0MWJkZWM0NmYzMDU2YWZkOWE3MGI2OGRiZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/OKN/mc+hGMdExbdwkgkVfgbaas
Zv4YJhYRtKpVftAGc6mK3f8I2mkA3Z38Y5aRX+Ww8tPvsnGC0VEhkyME3pQyA7we
MquRoAjWZfHO5cB2GcCBogC7Yar10x4m5gTIH90WmkOrFyPkoIjAlB/6TB9gMc3g
fpUBJHU7VJMBh0+/qewUBeT6YPmG+0Rvr5Zz3gn6srOuTBYhl9z0vNrt68HrvqFK
8Ddrv095dHRx3OKU1dZ4JphhT6IDoDOSod1hdSnIcw2dHhtg0snVeEpmqZDjeNtz
64e/NMOr9YIrTYaKNfkiYy8D8fGIOMYY+uNMVsiRqQQj1puDMPEWD1x58QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLHhR4cthkG97EbzBWr9mnC2jb+zMB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEvc2VGSGh5MkdRYjNzUnZNRmF2MmFjTGFOdjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLpewAwQD
U47QMA0GCSqGSIb3DQEBCwUAA4IBAQAHivz4G3xs02eLyaPLopDjucWHKsgTuS9D
S84Bg87/+r/Z6BrPC8NWyvaFAWJdzQWSM5bNMBturzCEjFxSvx4iGrTen4Krj8m5
xmVQbhvVNkYWjqr6o5BAG91T1Dv8YVXDHx7y8wRFGqAvNb3qjKRb4lT/4m+uzkSr
Rw0USQMh9h1RugLxv1mVXf1qLArk+8CYKJngbOey+PikU8ExubNqjmVP7XnFfJCd
/p9LUJgbSYQlmIV55pKjbvcKPX5e1lvZ0HyF1v4HHQmR3dqOwxEhQpk+dIvAoqmq
+BYzWy8dO6NZgt+ATC4vAFQn3nW6Eg8QTQIKQSOvEaO33HjL7eiP
-----END CERTIFICATE-----