Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/0LswilWWVWsH7YCS67pQQ6jpdh0.roa
File:                     0LswilWWVWsH7YCS67pQQ6jpdh0.roa (raw, json)
Hash identifier:          MMxLee0t8toyznh6MWLvEpIa1dgJAVyhNrmSMVvVYSg=
Subject key identifier:   D0:BB:30:8A:55:96:55:6B:07:ED:80:92:EB:BA:50:43:A8:E9:76:1D
Certificate issuer:       /CN=5975d519de239cf164cb94a6660c2530ceaef254
Certificate serial:       018B9548C4DBC4953A7B6FFEACD06D9E3270
Authority key identifier: 59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/0LswilWWVWsH7YCS67pQQ6jpdh0.roa
Signing time:             Fri 03 Nov 2023 13:04:16 +0000
ROA not before:           Fri 03 Nov 2023 13:04:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207144
IP address blocks:        85.11.172.0/24 maxlen: 24
                          185.164.240.0/24 maxlen: 24
                          85.11.176.0/24 maxlen: 24
                          85.11.178.0/24 maxlen: 24
                          185.164.241.0/24 maxlen: 24
                          85.11.173.0/24 maxlen: 24
                          185.164.243.0/24 maxlen: 24
                          85.11.175.0/24 maxlen: 24
                          185.164.242.0/24 maxlen: 24
                          85.11.184.0/24 maxlen: 24
                          85.11.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:95:48:c4:db:c4:95:3a:7b:6f:fe:ac:d0:6d:9e:32:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5975d519de239cf164cb94a6660c2530ceaef254
        Validity
            Not Before: Nov  3 13:04:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d0bb308a5596556b07ed8092ebba5043a8e9761d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:30:b3:c8:24:d5:1b:74:54:9e:3b:ae:44:e4:
                    e3:d6:11:b5:43:a5:77:51:8f:1a:9e:62:d9:8b:72:
                    60:15:74:3b:a4:02:98:6d:84:4b:f3:9b:80:29:e9:
                    37:60:25:e3:35:58:04:95:48:53:b3:b4:5d:4a:60:
                    f0:95:87:f9:18:2f:65:2d:9e:5e:67:bc:8a:e9:aa:
                    11:d9:eb:55:6d:1a:58:b5:de:ca:9e:99:a3:fd:ad:
                    98:04:54:c4:2d:07:74:76:51:2b:cb:f9:a9:cc:c1:
                    ef:f0:9f:b8:e7:2e:7f:b2:0d:54:36:70:77:d1:0c:
                    73:db:0d:32:8d:f2:3c:c3:f4:18:2e:01:26:c0:10:
                    12:29:0d:c9:54:8e:46:07:4f:06:d6:42:9f:33:3d:
                    ad:ba:ec:81:45:bd:55:c0:e0:14:60:46:43:9c:58:
                    47:80:f2:8e:4f:d2:98:da:86:92:7b:5a:4e:6f:9a:
                    0e:8d:f7:1d:e1:11:80:8f:1d:2e:ae:4d:8a:c2:f8:
                    a6:2e:71:0c:9d:47:61:2b:94:53:20:4b:63:40:36:
                    10:0a:25:66:e5:93:6a:ae:cd:f6:40:9d:d0:07:1d:
                    a2:f6:9d:0a:4d:64:99:f8:67:8c:2c:95:7e:38:87:
                    58:9e:9b:69:8d:5d:c2:4e:af:cb:ee:ae:67:cf:4f:
                    77:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:BB:30:8A:55:96:55:6B:07:ED:80:92:EB:BA:50:43:A8:E9:76:1D
            X509v3 Authority Key Identifier:
                keyid:59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/0LswilWWVWsH7YCS67pQQ6jpdh0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.11.172.0/23
                  85.11.175.0-85.11.176.255
                  85.11.178.0/24
                  85.11.184.0/24
                  85.11.188.0/24
                  185.164.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:97:5d:d3:b8:37:0e:7d:fc:ab:d7:d8:db:db:b1:ca:46:e1:
         b3:73:24:46:b4:e6:64:b0:12:59:d3:d6:5c:e1:2d:3e:24:ea:
         0a:08:d9:b6:7e:d1:d8:a8:22:69:ca:f2:3a:af:74:12:49:f3:
         98:e0:a6:24:6c:fa:aa:20:4c:22:ca:a1:16:28:f9:f1:71:0c:
         72:8c:b6:db:0b:0a:34:5d:56:1e:78:4f:d8:99:f9:36:95:32:
         b3:57:c4:e6:fd:27:c8:9a:c0:0a:6a:55:1c:5d:81:aa:1a:ef:
         49:d5:18:2b:c1:a2:8f:20:b5:27:97:02:c1:43:2c:34:7b:5c:
         87:39:47:12:90:fd:9b:b5:5b:ee:48:b4:7c:15:ab:1e:1d:85:
         4c:cb:e0:55:ea:68:01:0b:f4:94:04:32:59:4f:11:cd:46:0d:
         db:f0:bc:5d:84:58:fd:df:6b:d6:12:f8:47:f2:9a:7d:8e:b0:
         f5:82:2f:1d:23:46:e4:5c:a2:2e:56:35:2b:54:f4:3d:94:fa:
         2f:b3:65:90:33:8c:08:2e:7e:8d:b0:70:72:00:ee:5b:72:ee:
         5f:0a:b8:67:88:36:d4:7b:da:4c:d5:ed:42:b7:22:34:19:fa:
         1c:29:76:ac:49:fd:1a:98:72:36:8d:81:e4:0d:be:c9:40:e1:
         13:79:11:b1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYuVSMTbxJU6e2/+rNBtnjJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzVkNTE5ZGUyMzljZjE2NGNiOTRhNjY2MGMyNTMwY2Vh
ZWYyNTQwHhcNMjMxMTAzMTMwNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGJiMzA4YTU1OTY1NTZiMDdlZDgwOTJlYmJhNTA0M2E4ZTk3NjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzCzyCTVG3RUnjuuROTj1hG1Q6V3
UY8anmLZi3JgFXQ7pAKYbYRL85uAKek3YCXjNVgElUhTs7RdSmDwlYf5GC9lLZ5e
Z7yK6aoR2etVbRpYtd7Knpmj/a2YBFTELQd0dlEry/mpzMHv8J+45y5/sg1UNnB3
0Qxz2w0yjfI8w/QYLgEmwBASKQ3JVI5GB08G1kKfMz2tuuyBRb1VwOAUYEZDnFhH
gPKOT9KY2oaSe1pOb5oOjfcd4RGAjx0urk2KwvimLnEMnUdhK5RTIEtjQDYQCiVm
5ZNqrs32QJ3QBx2i9p0KTWSZ+GeMLJV+OIdYnptpjV3CTq/L7q5nz0938wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNC7MIpVllVrB+2Akuu6UEOo6XYdMB8GA1UdIwQY
MBaAFFl11RneI5zxZMuUpmYMJTDOrvJUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUt
MmNjNjc1NzI2OTc1LzEvMExzd2lsV1dWV3NIN1lDUzY3cFFRNmpwZGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUtMmNjNjc1NzI2OTc1
LzEvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBVQusMAwD
BABVC68DBABVC7ADBABVC7IDBABVC7gDBABVC7wDBAK5pPAwDQYJKoZIhvcNAQEL
BQADggEBAHmXXdO4Nw59/KvX2NvbscpG4bNzJEa05mSwElnT1lzhLT4k6goI2bZ+
0dioImnK8jqvdBJJ85jgpiRs+qogTCLKoRYo+fFxDHKMttsLCjRdVh54T9iZ+TaV
MrNXxOb9J8iawApqVRxdgaoa70nVGCvBoo8gtSeXAsFDLDR7XIc5RxKQ/Zu1W+5I
tHwVqx4dhUzL4FXqaAEL9JQEMllPEc1GDdvwvF2EWP3fa9YS+Efymn2OsPWCLx0j
RuRcoi5WNStU9D2U+i+zZZAzjAgufo2wcHIA7lty7l8KuGeINtR72kzV7UK3IjQZ
+hwpdqxJ/RqYcjaNgeQNvslA4RN5EbE=
-----END CERTIFICATE-----