Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/16f2j5wZYfmgkBrFl0EoAtj5Xug.roa
File:                     16f2j5wZYfmgkBrFl0EoAtj5Xug.roa (raw, json)
Hash identifier:          gXIlkGzERRceAeS6wT0P+8RqhX+MW80TSnsQpWept9A=
Subject key identifier:   D7:A7:F6:8F:9C:19:61:F9:A0:90:1A:C5:97:41:28:02:D8:F9:5E:E8
Certificate issuer:       /CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
Certificate serial:       018C41CF512C37CDD2C52A717C9DD4903A56
Authority key identifier: CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/16f2j5wZYfmgkBrFl0EoAtj5Xug.roa
Signing time:             Thu 07 Dec 2023 01:05:54 +0000
ROA not before:           Thu 07 Dec 2023 01:05:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     605040
IP address blocks:        2a13:82c5:1100::/40 maxlen: 40
                          2a13:82c5:1800::/40 maxlen: 40
                          2a13:82c5:1700::/40 maxlen: 40
                          2a13:82c5:1a00::/40 maxlen: 40
                          2a13:82c5:1900::/40 maxlen: 40
                          2a13:82c5:1b00::/40 maxlen: 40
                          2a13:82c5:1e00::/40 maxlen: 40
                          2a13:82c5:1300::/40 maxlen: 40
                          2a13:82c5:1d00::/40 maxlen: 40
                          2a13:82c5:1500::/40 maxlen: 40
                          2a13:82c5:1200::/40 maxlen: 40
                          2a13:82c5:1400::/40 maxlen: 40
                          2a13:82c5:1600::/40 maxlen: 40
                          2a13:82c5:1f00::/40 maxlen: 40
                          2a13:82c5:1c00::/40 maxlen: 40

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:41:cf:51:2c:37:cd:d2:c5:2a:71:7c:9d:d4:90:3a:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cff5dc76eb6f814ed601568fdd2c8110edef8c17
        Validity
            Not Before: Dec  7 01:05:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7a7f68f9c1961f9a0901ac597412802d8f95ee8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b0:82:c7:03:61:1b:b4:5f:05:90:8c:5b:e1:
                    eb:c9:b6:e5:8f:75:8f:b6:7d:59:8f:de:95:e8:48:
                    5d:de:91:4b:0e:1b:0c:f5:57:52:62:10:cd:69:fb:
                    a4:7f:06:61:79:ad:83:65:a3:71:67:4b:60:a5:df:
                    05:e4:76:ed:3c:99:aa:da:a9:91:ea:a0:04:aa:76:
                    aa:68:90:15:bd:32:31:dd:fb:04:be:7d:55:c1:5f:
                    8c:7b:69:9f:f6:b6:76:93:fd:9f:cc:8b:a1:48:5a:
                    4a:8f:63:ed:06:80:00:f1:be:5d:2b:e9:d3:14:1a:
                    69:35:ab:b4:26:3c:f0:a9:04:4a:b8:83:0e:ba:c7:
                    e4:58:7b:13:64:10:25:b0:88:54:e4:ee:08:bb:fa:
                    fd:d3:1a:fe:c3:c7:ce:aa:f8:16:65:b4:7b:ea:2a:
                    92:88:72:ff:87:3c:b5:08:19:41:16:39:0d:b3:6f:
                    48:db:9a:f3:f3:81:96:78:c8:ef:9c:f2:28:a2:a4:
                    cd:05:b9:df:0a:d1:66:1c:f6:3d:f2:7b:8e:c1:53:
                    94:1f:8e:6f:63:29:79:02:58:58:cb:dc:1d:66:00:
                    fd:9a:cd:d9:60:46:2a:92:92:d8:86:ac:db:04:22:
                    e8:fe:cc:87:0f:b4:d7:09:91:d4:8e:e2:9c:26:19:
                    fa:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:A7:F6:8F:9C:19:61:F9:A0:90:1A:C5:97:41:28:02:D8:F9:5E:E8
            X509v3 Authority Key Identifier:
                keyid:CF:F5:DC:76:EB:6F:81:4E:D6:01:56:8F:DD:2C:81:10:ED:EF:8C:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z_XcdutvgU7WAVaP3SyBEO3vjBc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/16f2j5wZYfmgkBrFl0EoAtj5Xug.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/8c0c00-5fce-45cb-bbb7-01d9e9d31943/1/z_XcdutvgU7WAVaP3SyBEO3vjBc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:82c5:1100::-2a13:82c5:1fff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         a2:86:5a:5a:57:62:6b:23:6a:c4:dc:3e:6d:cd:85:bb:25:a0:
         31:a1:01:6b:21:d6:de:bc:7d:ee:61:72:be:62:96:6e:ba:e9:
         13:2e:ed:9b:40:05:b4:7e:69:12:11:67:17:54:bb:3d:2e:49:
         60:f2:08:15:05:27:ac:28:95:93:0d:cd:14:c8:94:91:c1:f2:
         54:8e:f8:28:7f:6a:ee:d2:7b:d8:80:87:7d:c5:67:9a:5c:93:
         13:79:2b:07:cd:84:3d:bc:55:f9:59:97:a7:61:2b:11:0b:12:
         13:80:16:88:fe:47:60:9b:c6:3f:fb:3f:be:e7:13:d3:cd:67:
         6d:cf:f2:ab:d3:96:21:3e:12:e5:5e:82:9f:95:23:eb:f0:a9:
         8b:4b:e5:54:a9:ef:a4:98:1e:ad:c5:23:79:04:51:7f:8c:0a:
         f5:7c:7b:77:eb:40:36:15:01:ba:86:9c:c0:ca:cf:52:9b:b9:
         0b:96:fe:a9:47:a8:38:27:0a:35:e1:46:8b:24:a1:91:63:61:
         3b:eb:36:fd:7e:6d:2b:8b:91:58:7b:04:b4:e0:e0:3d:39:4c:
         c6:df:ea:b1:c8:8f:5c:97:cd:40:07:3a:b2:e2:ed:c4:32:40:
         6d:11:bc:4b:2b:11:fb:13:0b:b3:18:f7:b3:df:96:34:8d:da:
         42:57:3e:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxBz1EsN83SxSpxfJ3UkDpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZjVkYzc2ZWI2ZjgxNGVkNjAxNTY4ZmRkMmM4MTEwZWRl
ZjhjMTcwHhcNMjMxMjA3MDEwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2E3ZjY4ZjljMTk2MWY5YTA5MDFhYzU5NzQxMjgwMmQ4Zjk1ZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7CCxwNhG7RfBZCMW+Hrybblj3WP
tn1Zj96V6Ehd3pFLDhsM9VdSYhDNafukfwZhea2DZaNxZ0tgpd8F5HbtPJmq2qmR
6qAEqnaqaJAVvTIx3fsEvn1VwV+Me2mf9rZ2k/2fzIuhSFpKj2PtBoAA8b5dK+nT
FBppNau0JjzwqQRKuIMOusfkWHsTZBAlsIhU5O4Iu/r90xr+w8fOqvgWZbR76iqS
iHL/hzy1CBlBFjkNs29I25rz84GWeMjvnPIooqTNBbnfCtFmHPY98nuOwVOUH45v
Yyl5AlhYy9wdZgD9ms3ZYEYqkpLYhqzbBCLo/syHD7TXCZHUjuKcJhn6UQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNen9o+cGWH5oJAaxZdBKALY+V7oMB8GA1UdIwQY
MBaAFM/13Hbrb4FO1gFWj90sgRDt74wXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjct
MDFkOWU5ZDMxOTQzLzEvMTZmMmo1d1pZZm1na0JyRmwwRW9BdGo1WHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84YzBjMDAtNWZjZS00NWNiLWJiYjctMDFkOWU5ZDMxOTQz
LzEvel9YY2R1dHZnVTdXQVZhUDNTeUJFTzN2akJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqE4LF
EQMGBSoTgsUAMA0GCSqGSIb3DQEBCwUAA4IBAQCihlpaV2JrI2rE3D5tzYW7JaAx
oQFrIdbevH3uYXK+YpZuuukTLu2bQAW0fmkSEWcXVLs9Lklg8ggVBSesKJWTDc0U
yJSRwfJUjvgof2ru0nvYgId9xWeaXJMTeSsHzYQ9vFX5WZenYSsRCxITgBaI/kdg
m8Y/+z++5xPTzWdtz/Kr05YhPhLlXoKflSPr8KmLS+VUqe+kmB6txSN5BFF/jAr1
fHt360A2FQG6hpzAys9Sm7kLlv6pR6g4Jwo14UaLJKGRY2E76zb9fm0ri5FYewS0
4OA9OUzG3+qxyI9cl81ABzqy4u3EMkBtEbxLKxH7EwuzGPez35Y0jdpCVz4F
-----END CERTIFICATE-----