Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/V0UQlQLAeRrjYOqwYeMvqMY8d2g.roa
File:                     V0UQlQLAeRrjYOqwYeMvqMY8d2g.roa (raw, json)
Hash identifier:          A72Hr9IRZdX79QtMWlNlDBU7UV9OvsOB3ozCVzIsOi4=
Subject key identifier:   57:45:10:95:02:C0:79:1A:E3:60:EA:B0:61:E3:2F:A8:C6:3C:77:68
Certificate issuer:       /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial:       01891BF50A69ABADF7C937F91CEADE4F024F
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/V0UQlQLAeRrjYOqwYeMvqMY8d2g.roa
Signing time:             Mon 03 Jul 2023 13:33:11 +0000
ROA not before:           Mon 03 Jul 2023 13:33:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        89.187.9.0/24 maxlen: 24
                          89.187.8.0/24 maxlen: 24
                          89.187.10.0/24 maxlen: 24
                          89.187.7.0/24 maxlen: 24
                          89.187.6.0/24 maxlen: 24
                          89.187.16.0/24 maxlen: 24
                          89.187.15.0/24 maxlen: 24
                          89.187.17.0/24 maxlen: 24
                          89.187.12.0/24 maxlen: 24
                          89.187.14.0/24 maxlen: 24
                          89.187.13.0/24 maxlen: 24
                          89.187.18.0/24 maxlen: 24
                          89.187.22.0/24 maxlen: 24
                          89.187.19.0/24 maxlen: 24
                          89.187.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 18 Oct 2023 12:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1b:f5:0a:69:ab:ad:f7:c9:37:f9:1c:ea:de:4f:02:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
        Validity
            Not Before: Jul  3 13:33:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5745109502c0791ae360eab061e32fa8c63c7768
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:1d:4a:dc:52:30:a6:12:ed:6c:37:67:aa:2b:
                    20:f3:d5:f9:01:ae:fa:2e:ed:ea:84:f4:47:d1:04:
                    c2:29:a5:23:51:2c:f1:1e:57:b8:23:07:ae:f5:38:
                    38:f9:a6:b4:42:d5:b2:64:fe:72:90:ae:53:25:37:
                    17:54:65:54:7e:fe:90:c3:55:06:89:39:20:fd:ea:
                    54:de:8f:48:52:7b:27:ef:11:cc:6d:81:46:3a:d2:
                    b9:17:24:56:4c:13:2c:54:1b:dc:56:c7:f5:2f:8c:
                    7e:80:d5:31:75:56:46:d4:ab:92:f9:9d:ec:9b:6b:
                    8b:82:8b:8a:8d:68:77:04:d7:2f:5d:2c:bd:27:9f:
                    39:2d:40:24:ad:21:79:c5:e1:f8:c8:34:e4:0f:cb:
                    28:f9:9d:3a:cb:41:d2:2b:fa:96:e2:71:1f:42:71:
                    71:80:46:5b:92:fb:8f:0d:e3:8e:eb:8d:24:60:89:
                    fa:e8:8a:9c:73:ac:f1:ec:23:7b:05:fa:90:dc:79:
                    0d:95:ac:be:dd:e1:cc:48:99:73:84:dd:68:24:90:
                    56:23:25:a5:0f:ed:e5:35:55:86:0b:2d:77:1f:5a:
                    76:6a:49:ae:78:d9:ad:99:80:51:ff:eb:70:c2:48:
                    6f:89:f8:16:08:7d:c0:a1:3b:cf:50:77:cb:77:75:
                    3b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:45:10:95:02:C0:79:1A:E3:60:EA:B0:61:E3:2F:A8:C6:3C:77:68
            X509v3 Authority Key Identifier:
                keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/V0UQlQLAeRrjYOqwYeMvqMY8d2g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.187.6.0-89.187.10.255
                  89.187.12.0-89.187.20.255
                  89.187.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:bf:89:71:15:b6:ed:67:40:7a:95:41:ff:4b:cb:3f:26:6b:
         1e:69:d8:9c:2d:12:72:71:dd:92:76:c9:52:44:8b:a0:0d:98:
         d2:e4:62:98:18:0c:99:c6:34:8e:7a:a4:fa:ae:09:a9:2b:3f:
         ee:33:ed:39:14:62:2d:00:53:2e:51:9d:47:22:d3:31:e9:8d:
         7b:c0:1e:2b:5e:64:74:48:ba:74:d7:f7:a6:67:4d:20:7e:bd:
         26:10:5c:78:35:05:42:23:82:2d:c3:87:fb:65:a8:35:ef:27:
         44:7f:86:14:d1:69:b5:2e:af:25:71:06:94:4f:1f:02:6a:d5:
         76:5d:42:7e:db:19:2c:7d:71:c4:91:92:41:15:a9:2d:85:31:
         1e:1a:41:41:07:a4:b8:f1:89:bb:f6:73:0f:da:0b:8b:da:37:
         a0:66:0a:38:44:97:df:57:ff:3f:72:6f:f0:53:27:83:80:7b:
         99:83:19:b1:5d:2f:e3:03:88:ae:79:89:c0:9f:59:69:1c:7a:
         bf:6c:2e:e1:e0:ae:bf:ad:af:34:ff:fd:99:03:e2:0d:ae:52:
         e7:a8:a0:8d:7c:21:69:4e:cc:6e:a9:6a:2c:d9:f5:55:86:57:
         c8:b4:1e:5f:6a:78:99:51:c9:b3:bc:08:f2:be:8c:af:0d:93:
         23:2e:da:15
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYkb9Qppq633yTf5HOreTwJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjMwNzAzMTMzMzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzQ1MTA5NTAyYzA3OTFhZTM2MGVhYjA2MWUzMmZhOGM2M2M3NzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB1K3FIwphLtbDdnqisg89X5Aa76
Lu3qhPRH0QTCKaUjUSzxHle4Iweu9Tg4+aa0QtWyZP5ykK5TJTcXVGVUfv6Qw1UG
iTkg/epU3o9IUnsn7xHMbYFGOtK5FyRWTBMsVBvcVsf1L4x+gNUxdVZG1KuS+Z3s
m2uLgouKjWh3BNcvXSy9J585LUAkrSF5xeH4yDTkD8so+Z06y0HSK/qW4nEfQnFx
gEZbkvuPDeOO640kYIn66Iqcc6zx7CN7BfqQ3HkNlay+3eHMSJlzhN1oJJBWIyWl
D+3lNVWGCy13H1p2akmueNmtmYBR/+twwkhvifgWCH3AoTvPUHfLd3U7EwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFdFEJUCwHka42DqsGHjL6jGPHdoMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvVjBVUWxRTEFlUnJqWU9xd1llTXZxTVk4ZDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAFZuwYD
BABZuwowDAMEAlm7DAMEAFm7FAMEAFm7FjANBgkqhkiG9w0BAQsFAAOCAQEAr7+J
cRW27WdAepVB/0vLPyZrHmnYnC0ScnHdknbJUkSLoA2Y0uRimBgMmcY0jnqk+q4J
qSs/7jPtORRiLQBTLlGdRyLTMemNe8AeK15kdEi6dNf3pmdNIH69JhBceDUFQiOC
LcOH+2WoNe8nRH+GFNFptS6vJXEGlE8fAmrVdl1CftsZLH1xxJGSQRWpLYUxHhpB
QQekuPGJu/ZzD9oLi9o3oGYKOESX31f/P3Jv8FMng4B7mYMZsV0v4wOIrnmJwJ9Z
aRx6v2wu4eCuv62vNP/9mQPiDa5S56igjXwhaU7MbqlqLNn1VYZXyLQeX2p4mVHJ
s7wI8r6Mrw2TIy7aFQ==
-----END CERTIFICATE-----