Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/_TklHkym2En4ty-FEayKodfxVbo.roa
File:                     _TklHkym2En4ty-FEayKodfxVbo.roa (raw, json)
Hash identifier:          wCq1osnxkdafBn3PkuxL4wS6y9v6kU9xjc3G6QO/qO4=
Subject key identifier:   FD:39:25:1E:4C:A6:D8:49:F8:B7:2F:85:11:AC:8A:A1:D7:F1:55:BA
Certificate issuer:       /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial:       0192253256BA585A03D9177929EE2481A37A
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/_TklHkym2En4ty-FEayKodfxVbo.roa
Signing time:             Tue 24 Sep 2024 18:01:48 +0000
ROA not before:           Tue 24 Sep 2024 18:01:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     201942
IP address blocks:        46.226.144.0/21 maxlen: 21
                          185.58.196.0/22 maxlen: 22
                          185.119.112.0/22 maxlen: 22
                          185.232.41.0/24 maxlen: 24
                          193.46.216.0/24 maxlen: 24
                          193.163.117.0/24 maxlen: 24
                          194.26.143.0/24 maxlen: 24
                          195.182.205.0/24 maxlen: 24
                          195.184.72.0/24 maxlen: 24
                          212.23.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Nov 2024 10:50:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:25:32:56:ba:58:5a:03:d9:17:79:29:ee:24:81:a3:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
        Validity
            Not Before: Sep 24 18:01:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fd39251e4ca6d849f8b72f8511ac8aa1d7f155ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ec:53:a3:df:f4:8d:31:c4:92:86:17:c5:df:
                    5f:5d:bc:21:7f:a4:67:13:97:f8:92:55:12:0c:c9:
                    03:40:98:11:8b:e2:76:60:5e:50:f7:9a:c3:b1:82:
                    b5:a3:41:4c:be:6c:1d:b7:b1:08:f1:1d:ce:32:fb:
                    03:de:73:e9:d2:37:94:54:40:5b:a8:bf:64:c2:21:
                    9c:58:5a:8a:fe:a9:32:dc:27:ee:99:c9:d8:44:3b:
                    e9:84:3c:f4:29:3f:2b:49:d7:5f:c0:53:a2:b2:f1:
                    57:54:62:0d:61:f8:e4:e1:b6:53:39:0b:a2:ab:9b:
                    34:ff:5d:16:64:88:14:f5:5f:ca:e4:5b:89:c4:00:
                    07:ab:c0:4b:cf:07:c9:93:ec:30:80:b8:ee:da:25:
                    4b:58:bd:2b:77:7f:38:ee:5f:8b:17:3f:db:c5:51:
                    8a:fa:53:45:e0:f6:aa:bb:7b:09:1d:43:5b:27:2b:
                    65:85:88:ed:37:d8:bb:0d:1e:c3:99:b3:27:9a:45:
                    1b:31:d6:a3:fe:1d:9d:a2:c0:50:8e:80:dd:18:80:
                    07:b6:71:8a:18:cb:ff:58:85:26:8b:18:48:8b:56:
                    fe:3c:a4:dc:34:73:b8:c5:d9:d8:64:c6:79:2e:a3:
                    51:af:7e:f3:4e:63:a4:fe:24:74:b0:d9:cf:7a:25:
                    5a:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:39:25:1E:4C:A6:D8:49:F8:B7:2F:85:11:AC:8A:A1:D7:F1:55:BA
            X509v3 Authority Key Identifier:
                keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/_TklHkym2En4ty-FEayKodfxVbo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.226.144.0/21
                  185.58.196.0/22
                  185.119.112.0/22
                  185.232.41.0/24
                  193.46.216.0/24
                  193.163.117.0/24
                  194.26.143.0/24
                  195.182.205.0/24
                  195.184.72.0/24
                  212.23.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:8f:ad:7d:d7:cf:ee:9a:97:df:82:bd:53:7c:a2:76:d0:19:
         d6:d0:77:65:07:d4:b7:12:7b:d3:8e:c7:8a:1a:51:00:79:42:
         45:0a:d9:d6:88:04:12:63:20:ed:f8:b2:9a:96:a7:77:4c:b3:
         4a:55:f4:13:27:5b:5e:eb:a7:e9:0b:7c:94:ae:18:53:d6:9c:
         5c:50:77:6b:f8:64:0b:f0:2c:ac:1f:3b:1b:18:ee:c8:da:bd:
         ed:50:46:5b:1c:30:92:4f:f3:0f:75:13:94:f9:2d:2d:a8:41:
         78:7d:e5:a2:ff:b0:2b:bb:9f:9c:66:14:89:8b:1c:d9:bb:84:
         0e:b4:05:c3:be:1d:55:b1:76:c5:b4:b3:fa:89:a5:70:d3:bd:
         b7:6c:56:26:40:ba:5e:dc:be:c5:67:d7:d6:5c:a5:2c:60:29:
         39:a2:ac:4d:a0:4e:be:e6:3b:27:c6:a3:a4:ec:03:19:ed:af:
         f6:3f:19:6c:ff:5e:36:c3:81:0d:48:27:d5:77:c7:43:02:03:
         5b:29:2f:bd:3f:1f:ac:94:0b:d9:6a:f9:bf:7e:d7:1a:0e:7b:
         07:20:be:e2:87:79:02:8d:b1:b3:94:1e:ae:35:ec:5b:59:04:
         9a:ae:c7:1d:73:b3:56:a7:4c:20:10:43:47:94:42:a3:24:d2:
         f0:fb:5f:c9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZIlMla6WFoD2Rd5Ke4kgaN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjQwOTI0MTgwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDM5MjUxZTRjYTZkODQ5ZjhiNzJmODUxMWFjOGFhMWQ3ZjE1NWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+xTo9/0jTHEkoYXxd9fXbwhf6Rn
E5f4klUSDMkDQJgRi+J2YF5Q95rDsYK1o0FMvmwdt7EI8R3OMvsD3nPp0jeUVEBb
qL9kwiGcWFqK/qky3CfumcnYRDvphDz0KT8rSddfwFOisvFXVGINYfjk4bZTOQui
q5s0/10WZIgU9V/K5FuJxAAHq8BLzwfJk+wwgLju2iVLWL0rd3847l+LFz/bxVGK
+lNF4Paqu3sJHUNbJytlhYjtN9i7DR7DmbMnmkUbMdaj/h2dosBQjoDdGIAHtnGK
GMv/WIUmixhIi1b+PKTcNHO4xdnYZMZ5LqNRr37zTmOk/iR0sNnPeiVaqwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFP05JR5MpthJ+LcvhRGsiqHX8VW6MB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvX1RrbEhreW0yRW40dHktRkVheUtvZGZ4VmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQDLuKQAwQC
uTrEAwQCuXdwAwQAuegpAwQAwS7YAwQAwaN1AwQAwhqPAwQAw7bNAwQAw7hIAwQA
1BffMA0GCSqGSIb3DQEBCwUAA4IBAQB3j61918/umpffgr1TfKJ20BnW0HdlB9S3
EnvTjseKGlEAeUJFCtnWiAQSYyDt+LKalqd3TLNKVfQTJ1te66fpC3yUrhhT1pxc
UHdr+GQL8CysHzsbGO7I2r3tUEZbHDCST/MPdROU+S0tqEF4feWi/7Aru5+cZhSJ
ixzZu4QOtAXDvh1VsXbFtLP6iaVw0723bFYmQLpe3L7FZ9fWXKUsYCk5oqxNoE6+
5jsnxqOk7AMZ7a/2Pxls/142w4ENSCfVd8dDAgNbKS+9Px+slAvZavm/ftcaDnsH
IL7ih3kCjbGzlB6uNexbWQSarscdc7NWp0wgEENHlEKjJNLw+1/J
-----END CERTIFICATE-----