Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/B_EWKb9sgIGnN7aybWv4PAMm10U.roa
File:                     B_EWKb9sgIGnN7aybWv4PAMm10U.roa (raw, json)
Hash identifier:          HyHuT+JgJ9Kx7xUbkLZx1YILM5DTrOAeNymb2QGsLZ8=
Subject key identifier:   07:F1:16:29:BF:6C:80:81:A7:37:B6:B2:6D:6B:F8:3C:03:26:D7:45
Certificate issuer:       /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial:       0185729EE663D8FD25D59E256442B9EA5347
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/B_EWKb9sgIGnN7aybWv4PAMm10U.roa
Signing time:             Mon 02 Jan 2023 13:14:54 +0000
ROA not before:           Mon 02 Jan 2023 13:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48519
IP address blocks:        195.253.66.0/24 maxlen: 24
                          195.253.65.0/24 maxlen: 24
                          195.253.84.0/22 maxlen: 22
                          195.253.88.0/23 maxlen: 23
                          195.253.90.0/23 maxlen: 23
                          195.253.96.0/19 maxlen: 24
                          185.119.136.0/22 maxlen: 24
                          195.253.48.0/22 maxlen: 22
                          195.253.52.0/23 maxlen: 23
                          2a01:5b0:8::/46 maxlen: 48
                          2a01:5b0:10::/45 maxlen: 48
                          2a01:5b0:2::/48 maxlen: 48
                          2a01:5b0:12::/47 maxlen: 47
                          2a01:5b0:5::/48 maxlen: 48
                          2a01:5b0:20::/43 maxlen: 48
                          2a01:5b0:6::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:9e:e6:63:d8:fd:25:d5:9e:25:64:42:b9:ea:53:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
        Validity
            Not Before: Jan  2 13:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=07f11629bf6c8081a737b6b26d6bf83c0326d745
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a9:8c:92:1e:fd:92:7f:85:d5:4a:57:2f:33:
                    c2:75:bc:ae:b7:4a:33:c5:3d:18:5c:7f:ac:bc:54:
                    21:97:ec:d9:c7:6b:0e:43:e8:8b:f1:37:d5:0c:62:
                    83:40:12:5a:7a:bb:1c:b7:11:f1:97:77:01:dd:e8:
                    b1:f7:5e:6f:a0:17:2e:7d:e7:68:71:b8:01:0c:d0:
                    3a:bd:4e:f0:fc:af:1f:ae:42:d6:4d:ad:50:ac:c8:
                    92:74:a1:56:ed:a8:61:e7:50:c4:02:c7:1f:8c:a2:
                    35:1d:82:b0:ea:37:60:f7:6b:98:46:ac:7f:0d:92:
                    67:bc:94:35:2f:40:bd:36:97:5d:ef:f8:95:9d:7f:
                    16:1c:a3:b5:61:75:13:18:ab:85:fb:a4:7d:26:07:
                    b7:c2:d2:cb:18:e0:6d:41:3e:f7:bc:b3:03:19:6d:
                    d5:60:3c:c7:e5:32:c0:93:20:9f:c1:cc:f1:07:51:
                    3f:1a:ee:b2:5d:ea:96:4e:f7:27:80:e9:1f:63:36:
                    d0:af:47:ca:73:1d:23:09:7e:fd:5d:bb:8d:e1:63:
                    fd:1c:33:b2:99:da:80:92:ef:6f:26:b6:2f:0f:b2:
                    bf:6f:28:7b:81:94:79:b5:9d:b2:89:1d:19:65:c7:
                    b0:b3:75:72:6c:4b:e6:be:ba:b9:cd:88:4c:d9:50:
                    33:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:F1:16:29:BF:6C:80:81:A7:37:B6:B2:6D:6B:F8:3C:03:26:D7:45
            X509v3 Authority Key Identifier:
                keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/B_EWKb9sgIGnN7aybWv4PAMm10U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.119.136.0/22
                  195.253.48.0-195.253.53.255
                  195.253.65.0-195.253.66.255
                  195.253.84.0-195.253.91.255
                  195.253.96.0/19
                IPv6:
                  2a01:5b0:2::/48
                  2a01:5b0:5::-2a01:5b0:6:ffff:ffff:ffff:ffff:ffff
                  2a01:5b0:8::/46
                  2a01:5b0:10::/45
                  2a01:5b0:20::/43

    Signature Algorithm: sha256WithRSAEncryption
         17:a5:92:f8:7c:63:f8:26:d8:34:dd:22:d5:00:49:91:4f:fe:
         dc:bb:13:ee:17:82:5a:e6:0e:37:25:38:3d:de:43:a9:ec:91:
         7a:86:91:37:a7:b4:98:25:ea:b6:96:33:5b:c5:a3:37:ec:11:
         bc:3f:95:22:65:22:9f:fd:d7:68:37:bf:47:43:57:19:af:06:
         f7:57:cb:0c:54:39:36:23:4f:fb:b8:e5:2d:3e:f1:3a:7e:4f:
         f4:29:2a:30:77:ca:b1:f2:8a:37:cc:39:87:30:af:15:29:45:
         51:c4:4a:a1:c3:34:e8:c7:db:6b:7f:c1:b1:5a:8e:37:0a:b0:
         09:74:71:89:ae:3e:85:ea:56:73:45:68:a8:3c:03:f3:37:03:
         c4:bc:7e:40:0e:91:4c:1b:05:15:9e:fe:22:4d:b3:05:36:78:
         f6:f9:be:aa:71:2c:31:29:0a:b8:6f:44:37:98:3a:6b:eb:73:
         32:38:ff:ac:46:98:4b:d5:8b:2c:ad:b4:b3:b6:20:4c:f3:90:
         7c:70:31:81:a2:84:a5:72:8f:52:3b:df:f5:3a:f0:9c:a2:71:
         f3:80:53:83:f7:21:1a:f6:a7:32:8c:30:9f:27:9c:20:79:bd:
         f3:f7:0f:54:0d:ff:eb:42:34:53:a0:67:00:4f:9d:b8:2b:c4:
         9b:de:87:15
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYVynuZj2P0l1Z4lZEK56lNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjMwMTAyMTMxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2YxMTYyOWJmNmM4MDgxYTczN2I2YjI2ZDZiZjgzYzAzMjZkNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqmMkh79kn+F1UpXLzPCdbyut0oz
xT0YXH+svFQhl+zZx2sOQ+iL8TfVDGKDQBJaersctxHxl3cB3eix915voBcufedo
cbgBDNA6vU7w/K8frkLWTa1QrMiSdKFW7ahh51DEAscfjKI1HYKw6jdg92uYRqx/
DZJnvJQ1L0C9Npdd7/iVnX8WHKO1YXUTGKuF+6R9Jge3wtLLGOBtQT73vLMDGW3V
YDzH5TLAkyCfwczxB1E/Gu6yXeqWTvcngOkfYzbQr0fKcx0jCX79XbuN4WP9HDOy
mdqAku9vJrYvD7K/byh7gZR5tZ2yiR0ZZcews3VybEvmvrq5zYhM2VAzTwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFAfxFim/bICBpze2sm1r+DwDJtdFMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvQl9FV0tiOXNnSUduTjdheWJXdjRQQU1tMTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk
LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MDwEAgABMDYDBAK5d4gw
DAMEBMP9MAMEAcP9NDAMAwQAw/1BAwQAw/1CMAwDBALD/VQDBALD/VgDBAXD/WAw
PgQCAAIwOAMHACoBBbAAAjASAwcAKgEFsAAFAwcAKgEFsAAGAwcCKgEFsAAIAwcD
KgEFsAAQAwcFKgEFsAAgMA0GCSqGSIb3DQEBCwUAA4IBAQAXpZL4fGP4Jtg03SLV
AEmRT/7cuxPuF4Ja5g43JTg93kOp7JF6hpE3p7SYJeq2ljNbxaM37BG8P5UiZSKf
/ddoN79HQ1cZrwb3V8sMVDk2I0/7uOUtPvE6fk/0KSowd8qx8oo3zDmHMK8VKUVR
xEqhwzTox9trf8GxWo43CrAJdHGJrj6F6lZzRWioPAPzNwPEvH5ADpFMGwUVnv4i
TbMFNnj2+b6qcSwxKQq4b0Q3mDpr63MyOP+sRphL1YssrbSztiBM85B8cDGBooSl
co9SO9/1OvCconHzgFOD9yEa9qcyjDCfJ5wgeb3z9w9UDf/rQjRToGcAT524K8Sb
3ocV
-----END CERTIFICATE-----