Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/LP382PUFGLAqCZB54A7FyuKB86o.roa
File:                     LP382PUFGLAqCZB54A7FyuKB86o.roa (raw, json)
Hash identifier:          Aug8QWVIE8tlEqbLkN3ykLT7cDCtnQGo14LWhswGOM0=
Subject key identifier:   2C:FD:FC:D8:F5:05:18:B0:2A:09:90:79:E0:0E:C5:CA:E2:81:F3:AA
Certificate issuer:       /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial:       018D54A81BEE603A09F4A36DB86501DD3E15
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/LP382PUFGLAqCZB54A7FyuKB86o.roa
Signing time:             Mon 29 Jan 2024 09:58:39 +0000
ROA not before:           Mon 29 Jan 2024 09:58:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206509
IP address blocks:        91.85.0.0/17 maxlen: 17
                          91.85.128.0/19 maxlen: 19
                          91.85.192.0/18 maxlen: 18
                          194.46.32.0/19 maxlen: 19
                          194.46.64.0/19 maxlen: 19
                          194.46.80.0/20 maxlen: 20
                          212.104.128.0/19 maxlen: 19
                          212.104.129.0/24 maxlen: 24
                          212.104.130.0/24 maxlen: 24
                          212.104.132.0/24 maxlen: 24
                          212.104.136.0/24 maxlen: 24
                          212.104.143.0/24 maxlen: 24
                          212.104.149.0/24 maxlen: 24
                          212.104.150.0/24 maxlen: 24
                          212.104.152.0/24 maxlen: 24
                          212.104.155.0/24 maxlen: 24
                          212.104.156.0/24 maxlen: 24
                          212.104.159.0/24 maxlen: 24
                          212.108.80.0/21 maxlen: 21
                          212.108.88.0/22 maxlen: 22
                          212.108.88.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 01 Feb 2024 17:04:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:54:a8:1b:ee:60:3a:09:f4:a3:6d:b8:65:01:dd:3e:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
        Validity
            Not Before: Jan 29 09:58:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2cfdfcd8f50518b02a099079e00ec5cae281f3aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:02:bd:52:cc:58:22:0d:0d:0e:62:5f:4d:40:
                    81:65:6c:ee:f9:a2:f3:c1:e2:1d:3f:47:57:d6:d9:
                    b0:98:6a:d8:3d:bf:27:6f:01:cc:0f:56:45:5d:a7:
                    15:64:d9:ba:c4:43:2a:73:e9:1e:b7:e6:5e:23:f6:
                    b6:2f:19:50:8d:fc:e9:82:c4:b2:b8:e5:3a:0d:9d:
                    81:5f:2a:6e:da:94:4c:2f:31:56:dd:ac:8b:f0:50:
                    55:52:16:5e:a0:96:e9:29:18:50:b0:7e:98:a0:6e:
                    68:c3:39:c3:a4:48:2d:75:9f:f4:11:9f:8e:47:d4:
                    c3:f3:17:25:33:09:d4:9e:b7:d4:b0:f9:89:d8:8f:
                    4b:8e:30:a3:38:88:45:2c:97:97:df:a6:22:ff:46:
                    74:88:b5:74:3b:b5:d9:1a:a7:87:46:ab:43:14:8f:
                    0c:60:3f:21:20:48:8f:47:ce:1e:f9:5e:16:53:91:
                    aa:2f:64:de:d2:71:bc:ca:51:fe:5f:65:82:77:95:
                    4e:11:33:2f:5c:55:fd:92:2e:22:ee:0d:4b:2f:3a:
                    d2:f5:c9:88:fe:4b:8a:d3:5c:4c:87:bd:a5:ed:ca:
                    dd:12:24:cd:c0:1a:67:f6:26:c3:ff:1b:c4:95:27:
                    28:1d:66:a2:93:6f:7b:4b:7d:f6:d3:c4:24:d2:ef:
                    12:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:FD:FC:D8:F5:05:18:B0:2A:09:90:79:E0:0E:C5:CA:E2:81:F3:AA
            X509v3 Authority Key Identifier:
                keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/LP382PUFGLAqCZB54A7FyuKB86o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.85.0.0-91.85.159.255
                  91.85.192.0/18
                  194.46.32.0-194.46.95.255
                  212.104.128.0/19
                  212.108.80.0-212.108.91.255

    Signature Algorithm: sha256WithRSAEncryption
         48:05:d5:99:88:c1:5b:03:39:f1:01:23:77:6b:81:20:8a:68:
         81:3c:d3:9e:38:35:59:45:fa:d8:0d:88:97:8a:f1:74:8f:12:
         89:b6:4f:12:ef:c9:2a:ad:07:f6:d6:2c:d9:34:be:81:e0:f9:
         a9:f1:5a:bd:ae:1b:5b:45:d3:06:9f:0a:2b:33:4f:a4:25:17:
         07:d8:04:43:25:40:ea:d2:af:41:92:55:01:31:3c:54:1e:05:
         67:ff:b4:1e:5d:48:b6:ad:79:92:eb:d0:b5:0d:5a:5d:7d:0e:
         8f:64:94:0d:11:75:c5:d4:a3:a0:25:58:99:09:71:5b:55:f8:
         4b:ba:64:a0:a4:b2:8d:04:a1:43:0d:45:30:5f:5a:9d:3b:99:
         e5:16:f3:ae:30:a4:55:ec:f2:8a:e8:44:37:13:ba:32:7a:51:
         38:2b:47:30:65:a7:04:a4:3d:a0:ff:4b:ef:53:8a:d2:6d:97:
         92:f9:84:39:f9:ff:05:74:12:66:70:5e:ee:30:b0:13:50:6d:
         54:f6:83:39:f6:74:fd:05:b5:aa:ab:52:2e:07:a1:b3:d6:1d:
         63:69:c0:6b:99:85:4b:a2:00:1b:83:5a:a5:d0:71:2e:52:84:
         65:b1:b2:ba:58:2f:7c:95:c0:2c:65:f2:15:eb:2c:00:ec:2e:
         fa:eb:76:40
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY1UqBvuYDoJ9KNtuGUB3T4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjQwMTI5MDk1ODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2ZkZmNkOGY1MDUxOGIwMmEwOTkwNzllMDBlYzVjYWUyODFmM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAK9UsxYIg0NDmJfTUCBZWzu+aLz
weIdP0dX1tmwmGrYPb8nbwHMD1ZFXacVZNm6xEMqc+ket+ZeI/a2LxlQjfzpgsSy
uOU6DZ2BXypu2pRMLzFW3ayL8FBVUhZeoJbpKRhQsH6YoG5owznDpEgtdZ/0EZ+O
R9TD8xclMwnUnrfUsPmJ2I9LjjCjOIhFLJeX36Yi/0Z0iLV0O7XZGqeHRqtDFI8M
YD8hIEiPR84e+V4WU5GqL2Te0nG8ylH+X2WCd5VOETMvXFX9ki4i7g1LLzrS9cmI
/kuK01xMh72l7crdEiTNwBpn9ibD/xvElScoHWaik297S33208Qk0u8SLwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCz9/Nj1BRiwKgmQeeAOxcrigfOqMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvTFAzODJQVUZHTEFxQ1pCNTRBN0Z5dUtCODZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAATA1MAsDAwBbVQME
BVtVgAMEBltVwDAMAwQFwi4gAwQFwi5AAwQF1GiAMAwDBATUbFADBALUbFgwDQYJ
KoZIhvcNAQELBQADggEBAEgF1ZmIwVsDOfEBI3drgSCKaIE80544NVlF+tgNiJeK
8XSPEom2TxLvySqtB/bWLNk0voHg+anxWr2uG1tF0wafCiszT6QlFwfYBEMlQOrS
r0GSVQExPFQeBWf/tB5dSLateZLr0LUNWl19Do9klA0RdcXUo6AlWJkJcVtV+Eu6
ZKCkso0EoUMNRTBfWp07meUW864wpFXs8oroRDcTujJ6UTgrRzBlpwSkPaD/S+9T
itJtl5L5hDn5/wV0EmZwXu4wsBNQbVT2gzn2dP0FtaqrUi4HobPWHWNpwGuZhUui
ABuDWqXQcS5ShGWxsrpYL3yVwCxl8hXrLADsLvrrdkA=
-----END CERTIFICATE-----