Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bGI0B4aHrzsPZXX8oPZ_lnrXpgc.roa
File:                     bGI0B4aHrzsPZXX8oPZ_lnrXpgc.roa (raw, json)
Hash identifier:          AH+k/ejKXbqDwzKfM2COiDxkGJo3hnHgg0sN6d41d3s=
Subject key identifier:   6C:62:34:07:86:87:AF:3B:0F:65:75:FC:A0:F6:7F:96:7A:D7:A6:07
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       01906AFCEC00C6C8AF5FCC298B4ECA226C50
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bGI0B4aHrzsPZXX8oPZ_lnrXpgc.roa
Signing time:             Sun 30 Jun 2024 21:11:18 +0000
ROA not before:           Sun 30 Jun 2024 21:11:18 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     199614
IP address blocks:        81.168.123.0/24 maxlen: 24
                          82.153.10.0/24 maxlen: 24
                          89.213.46.0/23 maxlen: 24
                          109.176.28.0/24 maxlen: 24
                          109.176.212.0/23 maxlen: 24
                          109.176.214.0/23 maxlen: 24
                          213.130.157.0/24 maxlen: 24
                          213.130.158.0/24 maxlen: 24
                          213.130.159.0/24 maxlen: 24
                          217.145.73.0/24 maxlen: 24
                          217.145.74.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 01 Aug 2024 12:56:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:6a:fc:ec:00:c6:c8:af:5f:cc:29:8b:4e:ca:22:6c:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 30 21:11:18 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6c6234078687af3b0f6575fca0f67f967ad7a607
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e3:b4:c2:b3:6a:be:b6:fd:b4:a5:3e:b9:4b:
                    c9:a0:fc:ee:df:f3:d8:3b:f4:56:ce:7b:87:85:74:
                    1c:1a:c6:0e:fc:b6:66:a3:b1:58:e7:3f:9b:93:8d:
                    4e:cb:09:48:4a:f8:d2:98:ec:66:ea:c8:ce:82:98:
                    49:94:9a:7e:f0:03:9c:d6:9a:42:fc:4f:7c:b2:2f:
                    b2:74:73:4a:b7:d6:8d:86:13:6c:fe:6e:4a:e1:f5:
                    3b:02:8f:d2:d8:b6:70:70:e2:23:ee:94:6f:4b:11:
                    51:a1:29:99:2c:fa:67:ec:c0:78:4c:0c:be:25:2e:
                    b6:ce:3b:3c:0a:6e:da:72:f7:b9:05:b6:33:08:aa:
                    2f:d5:3f:7f:1c:ff:a5:9e:fe:c7:aa:e7:0e:20:66:
                    1e:62:8a:d2:51:f1:64:d7:3c:56:04:3f:7b:ea:ee:
                    5c:86:cf:2f:bc:2d:1a:83:ec:d5:21:ae:0d:c2:a3:
                    d0:64:e7:4a:90:4a:82:76:06:05:f2:49:01:c7:e4:
                    5b:b6:ec:69:a5:15:90:e0:bc:ca:93:58:98:60:d8:
                    30:3c:7c:fa:ae:96:4b:1b:26:a0:2d:e0:10:1a:40:
                    1d:ba:da:59:d3:ee:0e:02:c5:d4:03:0f:51:3f:b5:
                    0b:94:c7:82:94:ac:d3:65:11:8c:a5:02:fa:11:be:
                    2a:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:62:34:07:86:87:AF:3B:0F:65:75:FC:A0:F6:7F:96:7A:D7:A6:07
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bGI0B4aHrzsPZXX8oPZ_lnrXpgc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.168.123.0/24
                  82.153.10.0/24
                  89.213.46.0/23
                  109.176.28.0/24
                  109.176.212.0/22
                  213.130.157.0-213.130.159.255
                  217.145.73.0-217.145.74.255

    Signature Algorithm: sha256WithRSAEncryption
         a3:c2:0f:3e:7a:8a:7a:f3:16:db:53:47:29:62:be:e8:1b:de:
         ab:56:bd:2c:eb:2b:b2:fc:10:b4:5d:f0:d1:08:8e:7f:23:63:
         c1:c9:e2:3a:44:74:a8:35:f8:4c:60:55:d0:00:d4:df:b1:e1:
         31:e8:14:a1:6c:67:90:9f:ae:11:b3:5f:eb:ee:19:12:e5:ff:
         8a:14:d1:03:a9:0e:8c:ae:42:cb:a9:40:a4:90:ff:b1:ed:c1:
         13:2c:3f:d3:a9:7a:a8:9b:a4:04:77:82:e0:65:fa:31:a6:06:
         b3:30:29:b1:78:35:0d:96:82:b3:4d:b9:73:eb:56:37:99:68:
         ff:14:c7:c6:5f:44:a9:e1:37:d6:71:14:4b:af:04:f4:f5:bd:
         00:af:13:ef:70:9d:8a:7e:51:a0:56:f5:a4:98:14:30:2c:29:
         44:be:63:17:31:8a:a4:2b:87:02:0d:e1:ec:3f:7f:5c:1f:9a:
         31:e1:70:73:af:1e:5c:25:8d:84:b1:c8:ec:45:f3:7a:50:f8:
         a3:3d:d9:d5:b2:4d:ab:3c:36:e0:54:1f:d2:0b:29:27:79:91:
         7c:f9:b3:04:80:da:7d:49:65:b1:98:56:2f:f9:98:c6:8f:a9:
         1d:5e:20:01:28:2c:24:3a:57:31:d2:28:c3:0d:90:24:cf:55:
         81:e1:2b:3f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZBq/OwAxsivX8wpi07KImxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjMwMjExMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzYyMzQwNzg2ODdhZjNiMGY2NTc1ZmNhMGY2N2Y5NjdhZDdhNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuO0wrNqvrb9tKU+uUvJoPzu3/PY
O/RWznuHhXQcGsYO/LZmo7FY5z+bk41OywlISvjSmOxm6sjOgphJlJp+8AOc1ppC
/E98si+ydHNKt9aNhhNs/m5K4fU7Ao/S2LZwcOIj7pRvSxFRoSmZLPpn7MB4TAy+
JS62zjs8Cm7acve5BbYzCKov1T9/HP+lnv7HqucOIGYeYorSUfFk1zxWBD976u5c
hs8vvC0ag+zVIa4NwqPQZOdKkEqCdgYF8kkBx+RbtuxppRWQ4LzKk1iYYNgwPHz6
rpZLGyagLeAQGkAdutpZ0+4OAsXUAw9RP7ULlMeClKzTZRGMpQL6Eb4qtQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFGxiNAeGh687D2V1/KD2f5Z616YHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYkdJMEI0YUhyenNQWlhYOG9QWl9sbnJYcGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAUah7AwQA
UpkKAwQBWdUuAwQAbbAcAwQCbbDUMAwDBADVgp0DBAXVgoAwDAMEANmRSQMEANmR
SjANBgkqhkiG9w0BAQsFAAOCAQEAo8IPPnqKevMW21NHKWK+6Bveq1a9LOsrsvwQ
tF3w0QiOfyNjwcniOkR0qDX4TGBV0ADU37HhMegUoWxnkJ+uEbNf6+4ZEuX/ihTR
A6kOjK5Cy6lApJD/se3BEyw/06l6qJukBHeC4GX6MaYGszApsXg1DZaCs025c+tW
N5lo/xTHxl9EqeE31nEUS68E9PW9AK8T73Cdin5RoFb1pJgUMCwpRL5jFzGKpCuH
Ag3h7D9/XB+aMeFwc68eXCWNhLHI7EXzelD4oz3Z1bJNqzw24FQf0gspJ3mRfPmz
BIDafUllsZhWL/mYxo+pHV4gASgsJDpXMdIoww2QJM9VgeErPw==
-----END CERTIFICATE-----