Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/qSQdA4Mv5zPMz5kbSIvFUr6BKpQ.roa
File:                     qSQdA4Mv5zPMz5kbSIvFUr6BKpQ.roa (raw, json)
Hash identifier:          GSJoOBJ/a2KI6Va3JLl8YDjzwy+mY8335TrgONzekdU=
Subject key identifier:   A9:24:1D:03:83:2F:E7:33:CC:CF:99:1B:48:8B:C5:52:BE:81:2A:94
Certificate issuer:       /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial:       0189FDCAF97F71A1C71330EAC08807962740
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/qSQdA4Mv5zPMz5kbSIvFUr6BKpQ.roa
Signing time:             Wed 16 Aug 2023 10:01:25 +0000
ROA not before:           Wed 16 Aug 2023 10:01:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52041
IP address blocks:        82.215.64.0/24 maxlen: 24
                          185.248.134.0/24 maxlen: 24
                          2a12:bec0:7004::/48 maxlen: 48
                          2a12:bec0:7002::/48 maxlen: 48
                          2a12:bec1:b00b::/48 maxlen: 48
                          2a12:bec0:d0::/44 maxlen: 48
                          2a12:bec0:7000::/48 maxlen: 48
                          2a12:bec0:b00b::/48 maxlen: 48
                          2a12:bec0:7003::/48 maxlen: 48
                          2a12:bec0:7001::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 24 Aug 2023 15:12:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:fd:ca:f9:7f:71:a1:c7:13:30:ea:c0:88:07:96:27:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
        Validity
            Not Before: Aug 16 10:01:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a9241d03832fe733cccf991b488bc552be812a94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:e7:a9:cb:37:75:28:0c:62:c0:f1:48:d5:df:
                    cd:0d:4a:c1:e6:44:4a:26:30:30:ec:50:a4:82:1c:
                    a5:fa:52:df:ea:f8:40:76:d1:c0:95:ef:96:80:cc:
                    21:6d:92:e6:8f:66:23:88:cb:74:f1:7d:01:8e:54:
                    ff:5a:38:ef:fa:b1:b6:b3:56:4f:fe:65:9d:33:84:
                    e3:1f:9a:8b:a0:10:ab:8c:d5:74:1f:e9:0c:62:d4:
                    0e:7d:2d:43:3b:45:9f:49:73:d5:28:a6:86:54:f0:
                    05:71:96:11:3e:6f:9f:b0:24:b8:33:04:82:a5:7b:
                    48:53:37:da:08:ec:f1:da:df:c3:bc:3b:39:71:a0:
                    aa:7e:3d:da:d3:d2:fc:3f:c4:81:23:fe:07:89:04:
                    44:18:78:44:44:b4:f5:40:4f:3f:17:5b:a0:ce:23:
                    c5:91:f2:4b:8c:4c:4a:cc:0b:12:56:ef:1e:7b:14:
                    df:b9:bb:a5:d8:7f:c7:4e:d6:a1:dd:21:14:96:29:
                    08:dd:77:28:7b:38:6d:a5:7f:fe:13:3d:72:ae:ec:
                    68:23:7f:fb:f2:e6:3a:8a:20:b8:6e:fe:ca:1d:a8:
                    fa:df:35:66:a2:67:f0:b9:1d:a2:09:7b:62:b6:bc:
                    67:5b:23:81:94:89:fd:51:b2:ec:0d:21:57:6f:05:
                    70:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:24:1D:03:83:2F:E7:33:CC:CF:99:1B:48:8B:C5:52:BE:81:2A:94
            X509v3 Authority Key Identifier:
                keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/qSQdA4Mv5zPMz5kbSIvFUr6BKpQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.215.64.0/24
                  185.248.134.0/24
                IPv6:
                  2a12:bec0:d0::/44
                  2a12:bec0:7000::-2a12:bec0:7004:ffff:ffff:ffff:ffff:ffff
                  2a12:bec0:b00b::/48
                  2a12:bec1:b00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         bd:e7:ec:f0:d4:e3:86:c2:1b:28:12:86:7a:5b:e0:50:e4:2c:
         7f:14:8d:a1:1d:9b:aa:26:bc:0f:63:ca:c1:75:06:e4:ed:87:
         95:00:4f:13:b1:de:11:16:2b:2e:b6:01:34:96:2a:a1:08:f3:
         29:3c:2c:e8:64:5a:95:bc:86:e0:ec:06:f8:5b:f2:94:34:a7:
         4e:79:91:33:81:ca:64:d1:93:c8:71:d8:19:c6:c2:4b:d4:5a:
         de:c5:87:91:14:27:b1:5a:33:8e:94:5a:88:bb:5a:0d:8d:f6:
         d0:fa:1f:2d:46:32:22:92:6e:00:5f:64:1f:01:58:76:3f:5b:
         1a:a2:c1:84:7f:a2:6a:31:26:bd:7d:cf:b0:e0:20:87:86:a4:
         c9:c8:b4:75:b8:30:1d:cb:bd:6a:3f:44:48:f1:2c:d0:7d:60:
         6c:5c:c0:a1:00:43:ec:72:30:13:76:03:44:21:13:e9:0a:a0:
         c3:ce:93:f6:68:3c:d4:82:ff:0e:f9:f2:a6:0e:a7:d1:cd:c2:
         80:37:11:4c:7b:ad:e1:2e:54:22:13:18:1d:18:32:bc:dd:ad:
         c5:0a:e5:39:c4:b5:17:ec:cd:2f:03:02:b2:07:61:da:e0:43:
         e3:e7:cd:e9:57:e0:4d:3d:51:71:87:1b:9f:8e:48:8b:e9:4b:
         b4:c5:b3:27
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYn9yvl/caHHEzDqwIgHlidAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwODE2MTAwMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTI0MWQwMzgzMmZlNzMzY2NjZjk5MWI0ODhiYzU1MmJlODEyYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOepyzd1KAxiwPFI1d/NDUrB5kRK
JjAw7FCkghyl+lLf6vhAdtHAle+WgMwhbZLmj2YjiMt08X0BjlT/Wjjv+rG2s1ZP
/mWdM4TjH5qLoBCrjNV0H+kMYtQOfS1DO0WfSXPVKKaGVPAFcZYRPm+fsCS4MwSC
pXtIUzfaCOzx2t/DvDs5caCqfj3a09L8P8SBI/4HiQREGHhERLT1QE8/F1ugziPF
kfJLjExKzAsSVu8eexTfubul2H/HTtah3SEUlikI3XcoezhtpX/+Ez1yruxoI3/7
8uY6iiC4bv7KHaj63zVmomfwuR2iCXtitrxnWyOBlIn9UbLsDSFXbwVwXwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFKkkHQODL+czzM+ZG0iLxVK+gSqUMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvcVNRZEE0TXY1elBNejVrYlNJdkZVcjZCS3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjASBAIAATAMAwQAUtdAAwQA
ufiGMDQEAgACMC4DBwQqEr7AANAwEQMGBCoSvsBwAwcAKhK+wHAEAwcAKhK+wLAL
AwcAKhK+wbALMA0GCSqGSIb3DQEBCwUAA4IBAQC95+zw1OOGwhsoEoZ6W+BQ5Cx/
FI2hHZuqJrwPY8rBdQbk7YeVAE8Tsd4RFisutgE0liqhCPMpPCzoZFqVvIbg7Ab4
W/KUNKdOeZEzgcpk0ZPIcdgZxsJL1FrexYeRFCexWjOOlFqIu1oNjfbQ+h8tRjIi
km4AX2QfAVh2P1saosGEf6JqMSa9fc+w4CCHhqTJyLR1uDAdy71qP0RI8SzQfWBs
XMChAEPscjATdgNEIRPpCqDDzpP2aDzUgv8O+fKmDqfRzcKANxFMe63hLlQiExgd
GDK83a3FCuU5xLUX7M0vAwKyB2Ha4EPj583pV+BNPVFxhxufjkiL6Uu0xbMn
-----END CERTIFICATE-----