Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/tPUMfzbxZcnMZMHZ7AXPQF1cr8U.roa
File:                     tPUMfzbxZcnMZMHZ7AXPQF1cr8U.roa (raw, json)
Hash identifier:          VFufrHGCQytdM0njdxKOJ7zzdq0p1GhfLMmOXtlMik4=
Subject key identifier:   B4:F5:0C:7F:36:F1:65:C9:CC:64:C1:D9:EC:05:CF:40:5D:5C:AF:C5
Certificate issuer:       /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial:       0185D444336F9C8D2A4B7B5BE6A28F944EED
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/tPUMfzbxZcnMZMHZ7AXPQF1cr8U.roa
Signing time:             Sat 21 Jan 2023 12:18:37 +0000
ROA not before:           Sat 21 Jan 2023 12:18:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197343
IP address blocks:        185.215.230.0/24 maxlen: 24
                          5.56.128.0/22 maxlen: 22
                          37.32.42.0/24 maxlen: 24
                          37.32.41.0/24 maxlen: 24
                          37.32.40.0/22 maxlen: 24
                          5.57.34.0/24 maxlen: 24
                          5.57.33.0/24 maxlen: 24
                          5.57.36.0/24 maxlen: 24
                          5.57.35.0/24 maxlen: 24
                          185.212.48.0/24 maxlen: 24
                          185.212.49.0/24 maxlen: 24
                          178.239.150.0/24 maxlen: 24
                          178.239.156.0/23 maxlen: 23
                          178.239.156.0/22 maxlen: 22

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:d4:44:33:6f:9c:8d:2a:4b:7b:5b:e6:a2:8f:94:4e:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
        Validity
            Not Before: Jan 21 12:18:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b4f50c7f36f165c9cc64c1d9ec05cf405d5cafc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:b8:a8:24:b8:a3:e9:24:2c:c2:e4:1a:e5:6f:
                    ca:ff:78:26:f4:e8:8c:42:a9:9a:82:be:19:b1:ab:
                    d7:ce:4f:6e:33:93:50:e9:85:fe:f6:58:fc:44:9a:
                    23:dc:6e:e6:fc:3d:5d:ef:b8:17:fe:c9:30:c4:fb:
                    c8:d8:b0:70:34:2a:80:2d:7d:fc:e1:ac:8a:9b:5c:
                    d6:64:48:fb:16:1c:15:d9:77:38:c8:e5:2a:85:29:
                    5b:c4:a9:88:8a:fd:32:1c:4b:7e:22:13:02:cb:72:
                    0c:fd:c6:ee:84:82:9e:15:f4:79:06:d6:5a:c8:8d:
                    8f:08:0d:5f:bb:f9:f4:e4:a2:4f:b9:d1:b4:5e:8d:
                    65:8f:97:34:3a:6a:c2:c5:c6:d1:92:5f:58:54:ec:
                    0d:2b:f6:95:f4:00:ff:bf:76:9b:84:12:e3:fa:a3:
                    2b:35:32:93:2b:de:6b:bc:92:8a:e3:ec:31:23:08:
                    52:32:9f:b5:3d:5b:ab:5f:8e:9d:38:4e:27:b1:00:
                    33:99:f3:83:97:f1:37:2a:80:3b:07:b6:ff:9b:d7:
                    be:a2:61:84:41:58:be:f0:17:6e:60:e1:75:ff:ab:
                    e2:89:25:0c:a3:9c:c5:68:29:78:5a:30:7e:9e:35:
                    db:51:c2:a4:4a:48:ee:13:8d:c8:4a:49:26:43:de:
                    80:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:F5:0C:7F:36:F1:65:C9:CC:64:C1:D9:EC:05:CF:40:5D:5C:AF:C5
            X509v3 Authority Key Identifier:
                keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/tPUMfzbxZcnMZMHZ7AXPQF1cr8U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.56.128.0/22
                  5.57.33.0-5.57.36.255
                  37.32.40.0/22
                  178.239.150.0/24
                  178.239.156.0/22
                  185.212.48.0/23
                  185.215.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:c2:fc:55:c1:b9:ae:e2:c0:ed:0c:8e:bb:ad:a0:13:44:8e:
         20:b3:60:e2:c4:c7:c7:2b:8c:3b:8b:8b:b1:0d:c6:24:f5:de:
         5e:b5:b6:d1:60:ba:41:17:dc:89:52:ce:d4:09:c6:f2:35:75:
         da:6b:ee:85:1d:07:03:91:09:4a:0b:6b:bb:c6:d8:29:22:b4:
         05:83:25:54:76:a9:47:18:9a:8a:df:82:76:aa:3c:bc:94:51:
         2b:7c:7d:97:6c:5e:23:f6:80:e3:2b:03:91:f1:78:5f:5c:26:
         c7:4f:1a:40:4b:4d:a1:71:ff:bf:b3:93:96:9c:08:04:3e:96:
         f0:2c:bc:eb:ba:ce:cb:f8:07:17:0b:c9:19:68:cc:18:1e:d1:
         e6:61:bb:fa:82:09:71:10:2f:c3:72:71:ee:6f:57:1c:be:28:
         fa:ed:28:c3:05:0c:6a:78:3b:fc:ed:4f:18:da:ca:12:7a:2f:
         d1:4f:c2:b6:35:f1:6d:a5:43:2a:cd:63:89:24:7e:99:e9:c0:
         54:6e:a5:de:49:61:90:5b:06:4e:ea:d8:89:25:92:c6:c3:0e:
         4a:58:b1:50:86:a9:53:3e:67:1e:73:9f:5e:7c:9c:4b:4e:0c:
         11:c2:0e:75:ae:14:c9:10:5d:d6:1a:de:f6:3d:ad:d9:54:1b:
         3a:16:d7:f6
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYXURDNvnI0qS3tb5qKPlE7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMwMTIxMTIxODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY1MGM3ZjM2ZjE2NWM5Y2M2NGMxZDllYzA1Y2Y0MDVkNWNhZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7ioJLij6SQswuQa5W/K/3gm9OiM
Qqmagr4ZsavXzk9uM5NQ6YX+9lj8RJoj3G7m/D1d77gX/skwxPvI2LBwNCqALX38
4ayKm1zWZEj7FhwV2Xc4yOUqhSlbxKmIiv0yHEt+IhMCy3IM/cbuhIKeFfR5BtZa
yI2PCA1fu/n05KJPudG0Xo1lj5c0OmrCxcbRkl9YVOwNK/aV9AD/v3abhBLj+qMr
NTKTK95rvJKK4+wxIwhSMp+1PVurX46dOE4nsQAzmfODl/E3KoA7B7b/m9e+omGE
QVi+8BduYOF1/6viiSUMo5zFaCl4WjB+njXbUcKkSkjuE43ISkkmQ96AAwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLT1DH828WXJzGTB2ewFz0BdXK/FMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvdFBVTWZ6YnhaY25NWk1IWjdBWFBRRjFjcjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCBTiAMAwD
BAAFOSEDBAAFOSQDBAIlICgDBACy75YDBAKy75wDBAG51DADBAC51+YwDQYJKoZI
hvcNAQELBQADggEBADfC/FXBua7iwO0MjrutoBNEjiCzYOLEx8crjDuLi7ENxiT1
3l61ttFgukEX3IlSztQJxvI1ddpr7oUdBwORCUoLa7vG2CkitAWDJVR2qUcYmorf
gnaqPLyUUSt8fZdsXiP2gOMrA5HxeF9cJsdPGkBLTaFx/7+zk5acCAQ+lvAsvOu6
zsv4BxcLyRlozBge0eZhu/qCCXEQL8Nyce5vVxy+KPrtKMMFDGp4O/ztTxjayhJ6
L9FPwrY18W2lQyrNY4kkfpnpwFRupd5JYZBbBk7q2IklksbDDkpYsVCGqVM+Zx5z
n158nEtODBHCDnWuFMkQXdYa3vY9rdlUGzoW1/Y=
-----END CERTIFICATE-----