Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/RjwwcbuZiGwVdTA0amRy0fpspE0.roa
File:                     RjwwcbuZiGwVdTA0amRy0fpspE0.roa (raw, json)
Hash identifier:          DFnO/KX0rXeLQ5PycEhHUJsx+71/vxi25dpVlIo0MTk=
Subject key identifier:   46:3C:30:71:BB:99:88:6C:15:75:30:34:6A:64:72:D1:FA:6C:A4:4D
Certificate issuer:       /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial:       01911D4A2856BEAD8668E1092B12FFD0B331
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/RjwwcbuZiGwVdTA0amRy0fpspE0.roa
Signing time:             Sun 04 Aug 2024 12:08:04 +0000
ROA not before:           Sun 04 Aug 2024 12:08:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        89.187.6.0/24 maxlen: 24
                          89.187.7.0/24 maxlen: 24
                          89.187.8.0/24 maxlen: 24
                          89.187.10.0/24 maxlen: 24
                          89.187.12.0/24 maxlen: 24
                          89.187.13.0/24 maxlen: 24
                          89.187.14.0/24 maxlen: 24
                          89.187.15.0/24 maxlen: 24
                          89.187.17.0/24 maxlen: 24
                          89.187.18.0/24 maxlen: 24
                          89.187.19.0/24 maxlen: 24
                          89.187.22.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 02 Jan 2025 15:50:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:1d:4a:28:56:be:ad:86:68:e1:09:2b:12:ff:d0:b3:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
        Validity
            Not Before: Aug  4 12:08:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=463c3071bb99886c157530346a6472d1fa6ca44d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:af:e9:e8:6e:08:ff:f0:1b:10:fe:c0:b4:d1:
                    e7:d9:bc:c8:09:89:f6:84:01:f8:33:33:20:63:4d:
                    79:f9:c9:dd:34:21:78:47:66:ec:57:e6:88:c8:93:
                    13:72:e0:b2:e5:8b:61:1b:b9:1d:8c:56:e9:6f:31:
                    d4:e9:9d:e1:ef:b8:25:09:0a:8c:49:06:c1:5b:80:
                    75:bb:b6:7b:79:c7:99:df:35:cf:31:f0:d0:36:62:
                    05:95:53:60:8e:34:f3:97:20:a6:8f:e2:41:d1:91:
                    e0:10:8f:3f:3b:89:bd:54:64:27:aa:20:3a:9e:01:
                    08:4e:0d:16:3a:6b:50:4a:b7:f6:26:52:21:ad:00:
                    eb:d7:0b:56:4e:dd:65:47:57:84:66:a7:7f:f7:fa:
                    a2:6c:34:5e:55:cd:bf:f9:23:83:ca:b5:76:24:c8:
                    9c:74:94:67:02:9c:bc:25:70:51:e7:e1:21:4c:3b:
                    85:5e:16:51:64:1b:46:cf:72:b9:d1:eb:62:ee:5f:
                    02:c6:6a:9b:1a:78:de:5b:84:5f:bb:38:b4:63:a1:
                    35:f0:17:6d:44:3f:7f:9e:66:72:59:96:1b:af:ce:
                    1a:32:86:f9:80:37:3c:56:0e:5b:a3:9b:8a:5a:20:
                    88:b8:90:84:85:22:44:e2:bd:81:9c:b0:e4:80:bd:
                    35:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:3C:30:71:BB:99:88:6C:15:75:30:34:6A:64:72:D1:FA:6C:A4:4D
            X509v3 Authority Key Identifier:
                keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/RjwwcbuZiGwVdTA0amRy0fpspE0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.187.6.0-89.187.8.255
                  89.187.10.0/24
                  89.187.12.0/22
                  89.187.17.0-89.187.19.255
                  89.187.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:02:ec:68:b8:cd:91:d3:3b:06:84:99:6e:66:b6:33:1a:47:
         4e:3a:c2:40:b7:82:75:a5:91:2f:69:3e:92:4f:37:e1:97:14:
         0d:c9:c4:cc:6b:52:63:f7:61:de:cc:ec:4f:24:2e:80:db:cd:
         c1:05:b8:bc:76:be:31:6a:50:e6:d4:7d:a6:de:7d:56:44:b2:
         ce:2e:5b:bf:15:11:b0:63:93:46:47:c5:15:bb:d9:fc:c5:3e:
         49:ca:5e:df:8b:5b:2e:de:20:eb:8c:6e:4b:da:5f:1b:de:40:
         2b:3a:b3:15:c7:ee:f0:e6:2c:cd:5f:c1:de:87:f5:03:60:61:
         a3:b8:e8:85:1b:24:ff:37:38:fa:88:44:c2:01:d2:ba:66:33:
         ee:f8:fb:5e:33:24:91:80:cd:3c:62:e6:ce:a8:60:2e:02:1d:
         0e:63:39:77:d0:11:8e:34:f5:2d:8c:79:8d:58:c7:e6:30:ed:
         98:20:a6:99:3b:c9:76:25:6d:74:98:fd:a1:63:b1:7f:37:52:
         17:04:44:be:b3:f9:6f:cb:89:57:e2:75:69:e8:16:a7:13:4c:
         57:96:5e:1c:6c:58:fc:26:0a:c0:02:5c:bb:14:a1:1f:58:a6:
         91:9c:02:b4:62:5d:9f:4a:4e:43:fc:63:43:e3:d0:a3:c0:e6:
         2f:ca:77:d7
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZEdSihWvq2GaOEJKxL/0LMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjQwODA0MTIwODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjNjMzA3MWJiOTk4ODZjMTU3NTMwMzQ2YTY0NzJkMWZhNmNhNDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq/p6G4I//AbEP7AtNHn2bzICYn2
hAH4MzMgY015+cndNCF4R2bsV+aIyJMTcuCy5YthG7kdjFbpbzHU6Z3h77glCQqM
SQbBW4B1u7Z7eceZ3zXPMfDQNmIFlVNgjjTzlyCmj+JB0ZHgEI8/O4m9VGQnqiA6
ngEITg0WOmtQSrf2JlIhrQDr1wtWTt1lR1eEZqd/9/qibDReVc2/+SODyrV2JMic
dJRnApy8JXBR5+EhTDuFXhZRZBtGz3K50eti7l8CxmqbGnjeW4Rfuzi0Y6E18Bdt
RD9/nmZyWZYbr84aMob5gDc8Vg5bo5uKWiCIuJCEhSJE4r2BnLDkgL01eQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEY8MHG7mYhsFXUwNGpkctH6bKRNMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvUmp3d2NidVppR3dWZFRBMGFtUnkwZnBzcEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAFZuwYD
BABZuwgDBABZuwoDBAJZuwwwDAMEAFm7EQMEAlm7EAMEAFm7FjANBgkqhkiG9w0B
AQsFAAOCAQEAYQLsaLjNkdM7BoSZbma2MxpHTjrCQLeCdaWRL2k+kk834ZcUDcnE
zGtSY/dh3szsTyQugNvNwQW4vHa+MWpQ5tR9pt59VkSyzi5bvxURsGOTRkfFFbvZ
/MU+Scpe34tbLt4g64xuS9pfG95AKzqzFcfu8OYszV/B3of1A2Bho7johRsk/zc4
+ohEwgHSumYz7vj7XjMkkYDNPGLmzqhgLgIdDmM5d9ARjjT1LYx5jVjH5jDtmCCm
mTvJdiVtdJj9oWOxfzdSFwREvrP5b8uJV+J1aegWpxNMV5ZeHGxY/CYKwAJcuxSh
H1imkZwCtGJdn0pOQ/xjQ+PQo8DmL8p31w==
-----END CERTIFICATE-----