Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/jokDKuDlvuvJrM0LBhcPVthp2iU.roa
File:                     jokDKuDlvuvJrM0LBhcPVthp2iU.roa (raw, json)
Hash identifier:          SPChQiX1Cg/EYTl5G/tUUZb1m7RzuG1Iw1utLO7mAKI=
Subject key identifier:   8E:89:03:2A:E0:E5:BE:EB:C9:AC:CD:0B:06:17:0F:56:D8:69:DA:25
Certificate issuer:       /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial:       0194DA219462FFE1D5754FD1E90E871551A2
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/jokDKuDlvuvJrM0LBhcPVthp2iU.roa
Signing time:             Thu 06 Feb 2025 07:20:21 +0000
ROA not before:           Thu 06 Feb 2025 07:20:21 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     42473
IP address blocks:        152.53.0.0/16 maxlen: 24
                          152.53.8.0/24 maxlen: 24
                          152.53.9.0/24 maxlen: 24
                          152.53.24.0/24 maxlen: 24
                          152.53.25.0/24 maxlen: 24
                          152.53.30.0/24 maxlen: 24
                          152.53.36.0/22 maxlen: 24
                          152.53.48.0/22 maxlen: 22
                          152.53.59.0/24 maxlen: 24
                          152.53.62.0/24 maxlen: 24
                          152.53.63.0/24 maxlen: 24
                          152.53.64.0/22 maxlen: 24
                          152.53.69.0/24 maxlen: 24
                          152.53.75.0/24 maxlen: 24
                          152.53.78.0/24 maxlen: 24
                          152.53.80.0/22 maxlen: 22
                          152.53.84.0/22 maxlen: 22
                          152.53.88.0/22 maxlen: 22
                          152.53.92.0/22 maxlen: 22
                          152.53.98.0/24 maxlen: 24
                          152.53.100.0/22 maxlen: 22
                          152.53.104.0/22 maxlen: 22
                          152.53.108.0/22 maxlen: 22
                          152.53.112.0/22 maxlen: 22
                          152.53.116.0/22 maxlen: 22
                          152.53.124.0/22 maxlen: 22
                          152.53.128.0/20 maxlen: 22
Validation:               Failed, certificate revoked on Thu 06 Feb 2025 08:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:da:21:94:62:ff:e1:d5:75:4f:d1:e9:0e:87:15:51:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
        Validity
            Not Before: Feb  6 07:20:21 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=8e89032ae0e5beebc9accd0b06170f56d869da25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e3:b7:58:49:2b:26:1d:ed:24:a0:a1:74:bd:
                    63:e0:da:ae:aa:65:ce:6f:b4:52:d7:4f:73:7e:da:
                    4a:52:d6:23:25:9b:26:0e:c8:2b:7f:95:50:77:df:
                    c4:9f:ad:34:24:e1:6b:5c:13:87:da:dc:2a:52:f9:
                    d2:9e:d4:22:89:77:da:11:fe:4a:5f:14:74:d2:34:
                    fc:6e:c9:ec:fc:77:0c:19:f2:ae:62:88:19:51:13:
                    a0:f1:7b:06:02:c4:6a:2b:3d:14:a6:70:c3:95:fc:
                    8f:b5:c7:0b:53:43:c3:0e:06:b2:8e:d3:33:4a:1a:
                    49:6b:38:7f:5b:95:08:64:0f:5f:c3:86:06:d7:e1:
                    a4:86:70:fa:bd:20:0c:b4:fe:87:0b:c0:13:8b:7d:
                    e5:bd:1d:43:ca:70:28:70:8d:71:3f:73:cf:b2:96:
                    7b:b8:7e:ce:5a:2a:44:8f:ac:f6:1a:ea:33:16:8c:
                    7c:86:87:49:cb:b9:8e:6f:8b:9f:fc:03:4e:8e:5b:
                    72:01:14:d6:85:79:b4:1e:4d:81:02:53:cd:46:20:
                    f2:b8:c4:4a:b7:da:4a:42:5f:a5:6d:4a:3e:9f:97:
                    7e:1a:d7:5e:81:39:8d:4d:50:64:c8:fb:d3:3b:91:
                    a2:01:3d:75:91:ce:9b:9b:88:04:26:71:f3:cf:bd:
                    d5:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:89:03:2A:E0:E5:BE:EB:C9:AC:CD:0B:06:17:0F:56:D8:69:DA:25
            X509v3 Authority Key Identifier:
                keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/jokDKuDlvuvJrM0LBhcPVthp2iU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.53.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         47:21:30:10:3a:78:f9:19:33:42:de:2b:26:91:d2:1e:38:25:
         e5:dd:fd:c0:8e:69:42:fb:f7:f9:8d:a0:d3:d7:07:9e:b6:d3:
         4b:36:f1:83:98:46:09:e8:2e:a6:88:2d:11:fb:79:24:5f:12:
         14:fa:7e:9d:4a:de:68:bb:19:47:47:62:ae:58:0c:e9:e8:2b:
         a1:2f:60:e5:d1:dc:90:f1:33:55:64:fe:7d:d2:38:0d:e7:3d:
         43:99:b0:b5:71:9b:1a:04:0d:94:c8:9b:8b:5b:b8:75:23:e9:
         08:28:d1:35:7e:05:c6:ff:3f:ee:3f:92:9d:09:65:74:8c:2a:
         5a:a4:57:36:e7:3b:9b:2e:ad:5e:31:f7:0c:aa:d6:1b:86:c3:
         53:ce:17:32:65:bc:9d:85:e3:9a:81:a6:ed:f5:f7:13:b5:12:
         3d:be:0f:b6:f4:0d:66:84:29:af:a1:c2:6d:c8:82:bf:28:04:
         3a:19:fb:35:d8:6a:e8:84:06:97:3f:39:01:c6:bd:b3:3b:87:
         ef:96:b2:c2:34:0d:4c:17:9b:90:7f:d8:6a:d6:d2:2d:45:c1:
         bf:90:3d:7c:1c:d8:c1:df:9f:72:4e:19:39:6a:8d:97:b4:52:
         f1:38:6e:80:3e:a6:2c:07:a5:9f:e9:cf:24:e8:c7:25:fb:a7:
         ad:6c:ec:b0
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZTaIZRi/+HVdU/R6Q6HFVGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUwMjA2MDcyMDIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTg5MDMyYWUwZTViZWViYzlhY2NkMGIwNjE3MGY1NmQ4NjlkYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eO3WEkrJh3tJKChdL1j4NquqmXO
b7RS109zftpKUtYjJZsmDsgrf5VQd9/En600JOFrXBOH2twqUvnSntQiiXfaEf5K
XxR00jT8bsns/HcMGfKuYogZUROg8XsGAsRqKz0UpnDDlfyPtccLU0PDDgayjtMz
ShpJazh/W5UIZA9fw4YG1+GkhnD6vSAMtP6HC8ATi33lvR1DynAocI1xP3PPspZ7
uH7OWipEj6z2GuozFox8hodJy7mOb4uf/ANOjltyARTWhXm0Hk2BAlPNRiDyuMRK
t9pKQl+lbUo+n5d+GtdegTmNTVBkyPvTO5GiAT11kc6bm4gEJnHzz73VZQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFI6JAyrg5b7ryazNCwYXD1bYadolMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvam9rREt1RGx2dXZKck0wTEJoY1BWdGhwMmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAEchMBA6ePkZM0LeKyaR0h44JeXd/cCOaUL79/mNoNPX
B56200s28YOYRgnoLqaILRH7eSRfEhT6fp1K3mi7GUdHYq5YDOnoK6EvYOXR3JDx
M1Vk/n3SOA3nPUOZsLVxmxoEDZTIm4tbuHUj6Qgo0TV+Bcb/P+4/kp0JZXSMKlqk
VzbnO5surV4x9wyq1huGw1POFzJlvJ2F45qBpu319xO1Ej2+D7b0DWaEKa+hwm3I
gr8oBDoZ+zXYauiEBpc/OQHGvbM7h++WssI0DUwXm5B/2GrW0i1Fwb+QPXwc2MHf
n3JOGTlqjZe0UvE4boA+piwHpZ/pzyToxyX7p61s7LA=
-----END CERTIFICATE-----