Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/0UC3d9s9JIAFAFy7kmlZJvrZjM8.roa
File:                     0UC3d9s9JIAFAFy7kmlZJvrZjM8.roa (raw, json)
Hash identifier:          BoATWeC2JOeaQjJJ/sHmO2uxL/rfxSAL1KDFrQq6nDQ=
Subject key identifier:   D1:40:B7:77:DB:3D:24:80:05:00:5C:BB:92:69:59:26:FA:D9:8C:CF
Certificate issuer:       /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial:       0187CB0435B797272DE831B04385177D53EF
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/0UC3d9s9JIAFAFy7kmlZJvrZjM8.roa
Signing time:             Sat 29 Apr 2023 03:17:43 +0000
ROA not before:           Sat 29 Apr 2023 03:17:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52041
IP address blocks:        82.215.64.0/24 maxlen: 24
                          2a12:bec0:7004::/48 maxlen: 48
                          2a12:bec0:7002::/48 maxlen: 48
                          2a12:bec1:b00b::/48 maxlen: 48
                          2a12:bec0:d0::/44 maxlen: 48
                          2a12:bec0:7000::/48 maxlen: 48
                          2a12:bec0:7003::/48 maxlen: 48
                          2a12:bec0:b00b::/48 maxlen: 48
                          2a12:bec0:7001::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 16 Aug 2023 10:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:cb:04:35:b7:97:27:2d:e8:31:b0:43:85:17:7d:53:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
        Validity
            Not Before: Apr 29 03:17:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d140b777db3d248005005cbb92695926fad98ccf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:a3:01:54:3d:fc:93:24:e0:f6:9c:25:c1:f9:
                    b6:49:4b:69:54:68:3f:e7:9f:8a:b1:58:b1:6b:0c:
                    94:33:05:14:b9:7d:3e:bf:2c:54:c9:8c:e3:c5:27:
                    49:06:8e:1b:cd:b7:67:46:12:a7:07:fe:cb:17:3f:
                    85:11:69:66:82:a8:a8:4c:fc:49:75:a6:c1:f1:ec:
                    cd:be:68:3e:53:6a:d3:33:d2:f7:eb:ad:59:9a:40:
                    67:d3:dc:d4:29:bb:dd:a5:55:be:aa:4a:86:42:03:
                    23:8f:95:fa:64:40:6a:a4:08:81:29:84:42:a9:de:
                    b8:b1:c7:f8:06:8d:7d:6f:d5:c0:fd:1e:10:ba:ee:
                    7b:07:ac:eb:eb:4d:8d:6a:1b:c7:02:d0:29:f0:87:
                    8a:2e:db:e0:28:ce:7c:92:38:5c:ee:e3:a9:3c:47:
                    9b:69:b9:8e:b1:34:17:95:9b:7e:27:be:b9:2f:92:
                    d0:b8:f9:8b:b0:c6:74:2d:ed:b9:f6:0b:a2:a1:fb:
                    dd:96:aa:a1:b5:7c:68:26:26:95:c2:da:16:3a:ec:
                    b8:77:24:86:b8:c6:e1:cf:6a:45:6b:13:41:89:cf:
                    0e:e1:de:a3:09:21:11:35:d1:60:3f:84:03:94:cc:
                    80:7a:b0:7a:09:50:d2:cd:36:32:a6:d0:9f:48:86:
                    1e:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:40:B7:77:DB:3D:24:80:05:00:5C:BB:92:69:59:26:FA:D9:8C:CF
            X509v3 Authority Key Identifier:
                keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/0UC3d9s9JIAFAFy7kmlZJvrZjM8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.215.64.0/24
                IPv6:
                  2a12:bec0:d0::/44
                  2a12:bec0:7000::-2a12:bec0:7004:ffff:ffff:ffff:ffff:ffff
                  2a12:bec0:b00b::/48
                  2a12:bec1:b00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:ab:68:b8:65:69:6b:83:67:71:21:b3:ac:7f:4a:0a:3f:2b:
         69:e1:b5:a6:26:b9:31:1a:c2:00:b6:c2:f8:a3:44:fa:75:2d:
         9f:48:24:81:58:ec:cd:0a:ba:82:74:92:da:9b:6a:61:32:76:
         14:ba:3d:0d:bb:40:4d:f2:11:ba:a6:20:d5:01:9a:cd:d1:8b:
         c2:5b:7a:a6:44:2e:43:69:b7:90:88:f5:73:01:e6:b7:71:26:
         4e:b7:de:58:b8:a0:fa:cf:f9:69:0e:44:7c:e5:8c:34:92:28:
         46:32:13:c6:53:ae:7f:ab:df:78:b2:06:a4:d3:01:bc:d2:60:
         e6:b9:7c:ec:5a:23:ad:9a:cf:09:cf:b2:ce:f1:4b:f7:66:eb:
         c3:9f:5c:91:c8:a1:61:80:83:42:ee:6a:49:f8:2e:65:dc:17:
         50:c2:bb:90:1c:2a:78:d7:27:c0:18:e5:b6:20:56:e9:b3:f5:
         51:b9:82:02:2b:aa:8d:5e:2b:55:31:51:de:02:57:df:7c:e6:
         5c:7f:d8:6f:fd:aa:01:fb:1b:00:7e:0a:7b:72:71:c1:ae:23:
         eb:87:44:59:56:bf:bd:46:dd:b8:8e:17:a9:3b:3d:ad:c5:fc:
         64:fb:48:79:8c:90:cf:5d:2e:e6:93:ee:65:04:fa:d6:a2:6d:
         08:fc:1b:ad
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYfLBDW3lyct6DGwQ4UXfVPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwNDI5MDMxNzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQwYjc3N2RiM2QyNDgwMDUwMDVjYmI5MjY5NTkyNmZhZDk4Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqMBVD38kyTg9pwlwfm2SUtpVGg/
55+KsVixawyUMwUUuX0+vyxUyYzjxSdJBo4bzbdnRhKnB/7LFz+FEWlmgqioTPxJ
dabB8ezNvmg+U2rTM9L3661ZmkBn09zUKbvdpVW+qkqGQgMjj5X6ZEBqpAiBKYRC
qd64scf4Bo19b9XA/R4Quu57B6zr602NahvHAtAp8IeKLtvgKM58kjhc7uOpPEeb
abmOsTQXlZt+J765L5LQuPmLsMZ0Le259guiofvdlqqhtXxoJiaVwtoWOuy4dySG
uMbhz2pFaxNBic8O4d6jCSERNdFgP4QDlMyAerB6CVDSzTYyptCfSIYeUwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNFAt3fbPSSABQBcu5JpWSb62YzPMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvMFVDM2Q5czlKSUFGQUZ5N2ttbFpKdnJaak04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAMBAIAATAGAwQAUtdAMDQE
AgACMC4DBwQqEr7AANAwEQMGBCoSvsBwAwcAKhK+wHAEAwcAKhK+wLALAwcAKhK+
wbALMA0GCSqGSIb3DQEBCwUAA4IBAQACq2i4ZWlrg2dxIbOsf0oKPytp4bWmJrkx
GsIAtsL4o0T6dS2fSCSBWOzNCrqCdJLam2phMnYUuj0Nu0BN8hG6piDVAZrN0YvC
W3qmRC5DabeQiPVzAea3cSZOt95YuKD6z/lpDkR85Yw0kihGMhPGU65/q994sgak
0wG80mDmuXzsWiOtms8Jz7LO8Uv3ZuvDn1yRyKFhgINC7mpJ+C5l3BdQwruQHCp4
1yfAGOW2IFbps/VRuYICK6qNXitVMVHeAlfffOZcf9hv/aoB+xsAfgp7cnHBriPr
h0RZVr+9Rt24jhepOz2txfxk+0h5jJDPXS7mk+5lBPrWom0I/But
-----END CERTIFICATE-----