Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/uv6fU0cOpwNZo8xuBy81Fp3vO1A.roa
File:                     uv6fU0cOpwNZo8xuBy81Fp3vO1A.roa (raw, json)
Hash identifier:          wxnraJWlojzKftpC9RCXEtuSKMtmU/QVitPLJ9A+eNI=
Subject key identifier:   BA:FE:9F:53:47:0E:A7:03:59:A3:CC:6E:07:2F:35:16:9D:EF:3B:50
Certificate issuer:       /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial:       018FD3F656B9EE4A5A26FFCFDE6683F67E9C
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/uv6fU0cOpwNZo8xuBy81Fp3vO1A.roa
Signing time:             Sat 01 Jun 2024 13:21:27 +0000
ROA not before:           Sat 01 Jun 2024 13:21:27 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        92.50.0.0/19 maxlen: 19
                          92.50.32.0/19 maxlen: 19
                          147.136.68.0/22 maxlen: 24
                          147.136.76.0/22 maxlen: 24
                          147.136.84.0/22 maxlen: 24
                          185.101.252.0/23 maxlen: 23
                          185.101.254.0/23 maxlen: 23
                          185.171.252.0/23 maxlen: 23
                          185.171.254.0/23 maxlen: 23
                          185.226.204.0/23 maxlen: 23
                          185.226.206.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Sun 02 Jun 2024 20:22:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:d3:f6:56:b9:ee:4a:5a:26:ff:cf:de:66:83:f6:7e:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
        Validity
            Not Before: Jun  1 13:21:27 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bafe9f53470ea70359a3cc6e072f35169def3b50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:72:84:1e:ba:02:6e:5e:d4:a0:67:a4:26:7c:
                    df:39:39:2c:52:0f:1c:ef:7e:df:86:de:99:65:07:
                    eb:f5:65:96:92:c7:84:7e:e9:c6:16:f7:92:77:16:
                    33:37:df:a2:dc:b5:4f:ec:73:c5:97:e1:f8:a9:f6:
                    fe:33:2e:1e:c8:e8:26:65:0a:0b:67:66:aa:34:d5:
                    55:77:f9:55:69:ec:77:a1:1a:30:9a:8f:4b:df:59:
                    4b:f0:43:e6:ed:01:e8:bb:df:32:82:f2:3e:0b:79:
                    c8:37:39:14:30:d8:8d:1f:4a:08:e5:c5:2b:7f:cf:
                    38:fd:87:7a:f1:35:f5:4f:37:81:98:3e:30:fd:02:
                    73:75:af:62:63:77:99:b4:f0:41:b9:a5:cf:c7:7f:
                    2b:66:3a:c2:bc:19:81:11:1b:72:42:64:88:cf:df:
                    86:a2:5f:6b:2b:bf:ab:31:0d:c4:d8:2e:c6:94:29:
                    03:3c:e2:a1:9b:5f:a9:45:59:b1:fa:3b:9a:e8:1a:
                    dd:1e:0f:55:9c:a2:67:52:b4:e8:d4:de:dd:88:94:
                    5e:ec:5e:0a:a6:85:88:3d:55:a6:21:4a:79:3a:37:
                    f9:e3:63:4c:77:65:ee:8d:72:fb:96:06:de:66:ac:
                    81:a7:50:f2:35:fe:66:ed:8b:f4:54:fb:bf:a8:82:
                    39:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:FE:9F:53:47:0E:A7:03:59:A3:CC:6E:07:2F:35:16:9D:EF:3B:50
            X509v3 Authority Key Identifier:
                keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/uv6fU0cOpwNZo8xuBy81Fp3vO1A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.50.0.0/18
                  147.136.68.0/22
                  147.136.76.0/22
                  147.136.84.0/22
                  185.101.252.0/22
                  185.171.252.0/22
                  185.226.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b1:7a:3d:38:1b:fc:86:8d:81:22:35:c1:24:80:76:ef:c4:a9:
         10:66:b3:dc:64:ea:f2:59:8c:55:7b:0d:4e:91:44:55:03:59:
         18:49:1e:a4:42:ef:ac:02:72:e4:d3:9e:c4:f0:fd:8f:59:92:
         13:c3:db:23:d2:fb:70:87:c6:1c:b3:cc:1e:9c:47:70:bd:3b:
         46:36:16:b2:2c:9f:74:64:36:7c:7b:72:07:7a:da:37:6c:82:
         1b:6f:3b:46:7c:3d:5c:ba:49:7d:a2:05:32:c8:d3:4a:8a:b4:
         2d:1c:ce:4e:1d:ca:3d:42:2c:cb:3e:8b:bc:db:76:09:db:2a:
         77:d7:d2:dd:7c:5c:79:97:12:e1:2c:86:1b:7a:b1:2f:18:2d:
         f5:52:19:08:44:22:df:a5:e5:cd:81:5c:9e:11:30:9d:69:11:
         cc:e1:20:8b:3e:6e:8e:b6:73:1f:5d:5f:88:96:1f:14:31:68:
         a3:c0:db:c7:9b:79:1d:6d:d8:aa:dd:fa:81:a9:46:5b:6d:ad:
         37:bd:ae:2f:f3:6e:c8:8f:51:21:3a:e1:4f:01:45:9a:70:2a:
         25:b9:36:a9:ff:5d:2f:a5:46:65:2b:74:cf:e4:0c:59:82:39:
         60:53:6d:44:d2:8d:f6:5e:ac:f6:a7:de:2c:7a:8d:b6:53:8b:
         38:2f:40:8f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY/T9la57kpaJv/P3maD9n6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwNjAxMTMyMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWZlOWY1MzQ3MGVhNzAzNTlhM2NjNmUwNzJmMzUxNjlkZWYzYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3KEHroCbl7UoGekJnzfOTksUg8c
737fht6ZZQfr9WWWkseEfunGFveSdxYzN9+i3LVP7HPFl+H4qfb+My4eyOgmZQoL
Z2aqNNVVd/lVaex3oRowmo9L31lL8EPm7QHou98ygvI+C3nINzkUMNiNH0oI5cUr
f884/Yd68TX1TzeBmD4w/QJzda9iY3eZtPBBuaXPx38rZjrCvBmBERtyQmSIz9+G
ol9rK7+rMQ3E2C7GlCkDPOKhm1+pRVmx+jua6BrdHg9VnKJnUrTo1N7diJRe7F4K
poWIPVWmIUp5Ojf542NMd2XujXL7lgbeZqyBp1DyNf5m7Yv0VPu/qII5EQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLr+n1NHDqcDWaPMbgcvNRad7ztQMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvdXY2ZlUwY09wd05abzh4dUJ5ODFGcDN2TzFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQGXDIAAwQC
k4hEAwQCk4hMAwQCk4hUAwQCuWX8AwQCuav8AwQCueLMMA0GCSqGSIb3DQEBCwUA
A4IBAQCxej04G/yGjYEiNcEkgHbvxKkQZrPcZOryWYxVew1OkURVA1kYSR6kQu+s
AnLk057E8P2PWZITw9sj0vtwh8Ycs8wenEdwvTtGNhayLJ90ZDZ8e3IHeto3bIIb
bztGfD1cukl9ogUyyNNKirQtHM5OHco9QizLPou823YJ2yp319LdfFx5lxLhLIYb
erEvGC31UhkIRCLfpeXNgVyeETCdaRHM4SCLPm6OtnMfXV+Ilh8UMWijwNvHm3kd
bdiq3fqBqUZbba03va4v827Ij1EhOuFPAUWacColuTap/10vpUZlK3TP5AxZgjlg
U21E0o32Xqz2p94seo22U4s4L0CP
-----END CERTIFICATE-----