Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/RdB733AkKx9FDf2DuopfIUy7Y_M.roa
File:                     RdB733AkKx9FDf2DuopfIUy7Y_M.roa (raw, json)
Hash identifier:          W4UuNbb0U7fCmlmFei56IQQZJ24MpDYu/U908nP/ucU=
Subject key identifier:   45:D0:7B:DF:70:24:2B:1F:45:0D:FD:83:BA:8A:5F:21:4C:BB:63:F3
Certificate issuer:       /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial:       018CC26D1CD3E12076497745C06F9960546F
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/RdB733AkKx9FDf2DuopfIUy7Y_M.roa
Signing time:             Mon 01 Jan 2024 00:29:39 +0000
ROA not before:           Mon 01 Jan 2024 00:29:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62261
IP address blocks:        212.192.230.0/24 maxlen: 24
                          194.85.28.0/24 maxlen: 24
                          212.192.230.0/23 maxlen: 23
                          194.85.28.0/23 maxlen: 23
                          194.85.29.0/24 maxlen: 24
                          212.192.231.0/24 maxlen: 24
                          212.192.233.0/24 maxlen: 24
                          212.192.232.0/23 maxlen: 23
                          212.192.232.0/24 maxlen: 24
                          212.192.235.0/24 maxlen: 24
                          212.192.234.0/23 maxlen: 23
                          212.192.234.0/24 maxlen: 24
                          212.192.236.0/23 maxlen: 23
                          212.192.237.0/24 maxlen: 24
                          212.192.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 07:54:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:1c:d3:e1:20:76:49:77:45:c0:6f:99:60:54:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
        Validity
            Not Before: Jan  1 00:29:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=45d07bdf70242b1f450dfd83ba8a5f214cbb63f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:52:d2:b5:f9:d6:93:bc:86:d9:58:48:bc:ab:
                    56:f1:b7:c0:f6:06:a9:1c:61:50:89:d6:66:5e:da:
                    77:50:22:53:f5:b4:83:39:33:f2:38:5b:b9:7a:9c:
                    eb:4d:73:5f:83:e3:c1:71:e4:b2:c9:5e:9a:8f:8a:
                    79:51:96:79:c1:a2:d6:7d:e2:88:d8:22:75:46:37:
                    4b:b9:87:a9:04:2c:42:6d:64:69:07:71:8d:c5:96:
                    50:f9:76:ef:d0:c5:bd:d1:fd:ff:39:60:9d:05:1b:
                    09:17:00:1d:d7:54:9a:03:4f:4e:18:b3:fb:5f:71:
                    6a:5e:e1:a9:f8:92:2d:fc:63:4b:28:5b:0f:1d:0d:
                    67:fc:f4:3c:28:d3:eb:34:3b:f2:93:e3:e1:0e:fb:
                    a7:26:2f:ec:00:c6:ff:98:ef:85:9f:cc:c5:ad:26:
                    1c:34:44:a2:90:1b:61:3c:27:79:b8:1b:a9:c5:21:
                    0a:ad:89:6a:87:76:08:dc:15:84:0a:70:c2:2a:cc:
                    12:5d:20:4f:0c:c2:2d:1f:6c:c7:26:74:21:e8:73:
                    4d:c7:f9:24:b7:76:ae:66:7d:73:f9:11:69:e0:60:
                    29:c9:ea:88:9c:2d:7c:69:97:b5:f9:4b:a9:74:7d:
                    6f:c2:7d:b6:f1:b7:8c:89:38:37:10:44:ed:06:59:
                    99:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:D0:7B:DF:70:24:2B:1F:45:0D:FD:83:BA:8A:5F:21:4C:BB:63:F3
            X509v3 Authority Key Identifier:
                keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/RdB733AkKx9FDf2DuopfIUy7Y_M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.85.28.0/23
                  212.192.230.0-212.192.237.255

    Signature Algorithm: sha256WithRSAEncryption
         28:11:7d:1a:17:7b:a2:91:c8:8c:96:3d:12:24:9d:ad:5e:5a:
         0c:e5:0f:58:39:64:3e:f3:29:8d:ab:bf:08:92:c7:76:72:b4:
         ab:6d:4c:66:e0:b9:ee:11:50:75:13:cf:20:06:54:d0:54:71:
         d8:16:bd:b6:cc:35:d8:12:e4:d7:21:e1:31:f3:24:fd:e7:8d:
         44:3e:c3:9d:9b:e0:0b:94:9e:77:c5:af:b2:7a:1f:90:94:31:
         84:4a:97:a1:18:45:7e:bb:be:58:85:9c:37:62:01:b0:d7:b6:
         cd:ab:70:cf:92:5a:e2:7f:ac:51:fc:f5:99:dc:12:e9:b8:eb:
         e8:26:b2:37:f4:66:32:8d:8f:1c:c9:af:91:70:d0:99:e8:41:
         0c:70:c3:98:3b:ff:09:d3:ca:da:93:b8:81:54:d4:22:39:cf:
         f4:15:0d:91:4c:0c:e3:2a:c0:fa:f4:b9:55:4c:8b:03:33:25:
         0c:05:7d:8e:b6:47:3c:10:41:3a:fa:ab:ff:48:8a:c6:e4:76:
         79:cd:74:d2:16:ea:25:70:9a:65:59:fb:30:42:15:8d:76:de:
         76:3a:e9:b2:5b:19:04:b3:b1:09:00:d5:c9:c5:76:88:f6:b8:
         3a:ec:5e:62:85:94:c5:b4:12:da:8d:f8:a9:97:3a:55:f8:20:
         9c:3d:7a:ee
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzCbRzT4SB2SXdFwG+ZYFRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjQwMTAxMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQwN2JkZjcwMjQyYjFmNDUwZGZkODNiYThhNWYyMTRjYmI2M2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1LStfnWk7yG2VhIvKtW8bfA9gap
HGFQidZmXtp3UCJT9bSDOTPyOFu5epzrTXNfg+PBceSyyV6aj4p5UZZ5waLWfeKI
2CJ1RjdLuYepBCxCbWRpB3GNxZZQ+Xbv0MW90f3/OWCdBRsJFwAd11SaA09OGLP7
X3FqXuGp+JIt/GNLKFsPHQ1n/PQ8KNPrNDvyk+PhDvunJi/sAMb/mO+Fn8zFrSYc
NESikBthPCd5uBupxSEKrYlqh3YI3BWECnDCKswSXSBPDMItH2zHJnQh6HNNx/kk
t3auZn1z+RFp4GApyeqInC18aZe1+UupdH1vwn228beMiTg3EETtBlmZ4QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEXQe99wJCsfRQ39g7qKXyFMu2PzMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvUmRCNzMzQWtLeDlGRGYyRHVvcGZJVXk3WV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBwlUcMAwD
BAHUwOYDBAHUwOwwDQYJKoZIhvcNAQELBQADggEBACgRfRoXe6KRyIyWPRIkna1e
WgzlD1g5ZD7zKY2rvwiSx3ZytKttTGbgue4RUHUTzyAGVNBUcdgWvbbMNdgS5Nch
4THzJP3njUQ+w52b4AuUnnfFr7J6H5CUMYRKl6EYRX67vliFnDdiAbDXts2rcM+S
WuJ/rFH89ZncEum46+gmsjf0ZjKNjxzJr5Fw0JnoQQxww5g7/wnTytqTuIFU1CI5
z/QVDZFMDOMqwPr0uVVMiwMzJQwFfY62RzwQQTr6q/9IisbkdnnNdNIW6iVwmmVZ
+zBCFY123nY66bJbGQSzsQkA1cnFdoj2uDrsXmKFlMW0EtqN+KmXOlX4IJw9eu4=
-----END CERTIFICATE-----