Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/rtBSKEb5NOvoyoDOFix8X47uJfs.roa
File:                     rtBSKEb5NOvoyoDOFix8X47uJfs.roa (raw, json)
Hash identifier:          6Q79WJUwEa3IZMJ1BE1mP2zjmmiodp7zUb9O8NzwE7M=
Subject key identifier:   AE:D0:52:28:46:F9:34:EB:E8:CA:80:CE:16:2C:7C:5F:8E:EE:25:FB
Certificate issuer:       /CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Certificate serial:       01869E98F44A833C46DEA39BB7E5D1E2760F
Authority key identifier: B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/rtBSKEb5NOvoyoDOFix8X47uJfs.roa
Signing time:             Wed 01 Mar 2023 19:14:29 +0000
ROA not before:           Wed 01 Mar 2023 19:14:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212369
IP address blocks:        185.93.68.0/24 maxlen: 24
                          185.93.69.0/24 maxlen: 24
                          185.93.70.0/24 maxlen: 24
                          185.255.93.0/24 maxlen: 24
                          185.255.94.0/24 maxlen: 24
                          185.255.95.0/24 maxlen: 24
                          193.164.6.0/24 maxlen: 24
                          89.35.52.0/24 maxlen: 24
                          185.132.126.0/24 maxlen: 24
                          93.115.10.0/24 maxlen: 24
                          93.177.101.0/24 maxlen: 24
                          93.177.102.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 26 Jul 2023 10:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:9e:98:f4:4a:83:3c:46:de:a3:9b:b7:e5:d1:e2:76:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
        Validity
            Not Before: Mar  1 19:14:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aed0522846f934ebe8ca80ce162c7c5f8eee25fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:94:79:bc:45:3f:8f:d3:80:09:8e:f7:ab:6a:
                    43:96:40:23:a7:3d:90:77:46:64:2f:a0:d8:fd:30:
                    22:4b:25:31:0b:73:a3:84:64:0b:60:a9:e2:5e:36:
                    de:9a:12:6f:c2:6c:3f:99:f9:64:ae:8b:ee:62:bf:
                    55:ea:43:2a:5e:76:e0:c1:72:4e:38:1b:c6:50:b3:
                    42:50:0e:7c:48:95:c8:40:d3:c9:5d:c7:34:e7:38:
                    2e:dc:39:04:e8:b7:8e:bc:46:a4:f1:45:63:98:97:
                    81:24:ae:74:09:55:f3:17:27:b2:88:98:1f:a7:a1:
                    9f:57:66:c1:6f:68:d3:e6:88:d1:f5:ab:cb:6e:e2:
                    67:0b:1d:8d:03:45:25:fe:dc:4d:96:55:e7:cd:36:
                    b8:23:52:09:80:d5:41:f9:b0:af:94:d9:53:2e:f4:
                    8c:8e:40:2d:8f:39:3e:c2:d5:c3:07:fe:36:4a:1c:
                    1c:bb:e1:c7:93:b9:8a:52:e1:fc:18:e6:f1:3b:3f:
                    e4:75:e1:ce:93:b0:e7:7f:f6:56:b8:71:c2:fc:14:
                    14:89:e5:50:3b:bc:14:5d:07:cf:26:8b:13:82:f2:
                    2c:9f:79:73:bb:c9:6a:9c:79:1d:04:ea:96:ad:24:
                    07:03:d3:57:db:26:e1:02:2d:83:3f:ab:b1:54:38:
                    91:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:D0:52:28:46:F9:34:EB:E8:CA:80:CE:16:2C:7C:5F:8E:EE:25:FB
            X509v3 Authority Key Identifier:
                keyid:B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/rtBSKEb5NOvoyoDOFix8X47uJfs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.35.52.0/24
                  93.115.10.0/24
                  93.177.101.0-93.177.102.255
                  185.93.68.0-185.93.70.255
                  185.132.126.0/24
                  185.255.93.0-185.255.95.255
                  193.164.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:c5:e7:4c:2b:15:3f:66:ca:cf:88:2a:79:f7:83:ea:19:40:
         5d:c7:10:1c:78:f2:2e:7c:5b:b6:12:90:9d:42:ab:5b:c7:8d:
         f3:16:7d:6e:ef:d3:02:3a:84:6b:c0:30:32:c7:fd:57:9c:f7:
         80:ef:81:e1:a7:f3:98:2d:d4:30:e4:80:36:43:69:24:b2:03:
         84:6c:c7:11:52:1e:21:a9:48:c0:5f:48:97:5a:d8:ed:f1:55:
         21:76:7c:1f:af:d3:e5:fc:cd:9e:1e:13:1f:bb:4c:d7:9d:19:
         26:7b:c5:9f:8d:c5:5f:80:5d:e8:30:46:68:60:67:08:6e:d6:
         16:4d:16:85:80:19:18:b9:c1:2e:9a:e1:50:ef:8b:24:d6:e1:
         a5:c5:4e:45:98:7b:24:a2:8d:6b:e3:2d:76:0a:bf:69:3d:0e:
         13:76:00:eb:d5:fe:f4:b3:9c:ab:06:00:b9:f4:de:62:7d:38:
         53:ea:0a:1a:d7:cf:e7:b1:e4:20:ae:e2:bd:ea:f3:b1:a1:45:
         64:26:3a:bd:e5:c9:2c:2a:c9:40:a6:9f:a3:e8:43:5a:54:18:
         a3:22:19:80:0a:e1:ea:88:c1:50:ce:6d:21:16:ec:ab:47:29:
         03:46:8d:0f:77:de:df:75:48:44:b8:9c:d7:db:8d:9a:a8:c3:
         ac:9d:71:39
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYaemPRKgzxG3qObt+XR4nYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjVhODBhNzEwNmUwYTRiODU0NWM4MTUwYmI3MmM2OTlm
Y2M5YTAwHhcNMjMwMzAxMTkxNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQwNTIyODQ2ZjkzNGViZThjYTgwY2UxNjJjN2M1ZjhlZWUyNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5R5vEU/j9OACY73q2pDlkAjpz2Q
d0ZkL6DY/TAiSyUxC3OjhGQLYKniXjbemhJvwmw/mflkrovuYr9V6kMqXnbgwXJO
OBvGULNCUA58SJXIQNPJXcc05zgu3DkE6LeOvEak8UVjmJeBJK50CVXzFyeyiJgf
p6GfV2bBb2jT5ojR9avLbuJnCx2NA0Ul/txNllXnzTa4I1IJgNVB+bCvlNlTLvSM
jkAtjzk+wtXDB/42Shwcu+HHk7mKUuH8GObxOz/kdeHOk7Dnf/ZWuHHC/BQUieVQ
O7wUXQfPJosTgvIsn3lzu8lqnHkdBOqWrSQHA9NX2ybhAi2DP6uxVDiRJwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFK7QUihG+TTr6MqAzhYsfF+O7iX7MB8GA1UdIwQY
MBaAFLC1qApxBuCkuFRcgVC7csaZ/MmgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDIt
NzQ1ZTA4ZmU1OGM2LzEvcnRCU0tFYjVOT3ZveW9ET0ZpeDhYNDd1SmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDItNzQ1ZTA4ZmU1OGM2
LzEvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAWSM0AwQA
XXMKMAwDBABdsWUDBABdsWYwDAMEArldRAMEALldRgMEALmEfjAMAwQAuf9dAwQF
uf9AAwQAwaQGMA0GCSqGSIb3DQEBCwUAA4IBAQAxxedMKxU/ZsrPiCp594PqGUBd
xxAcePIufFu2EpCdQqtbx43zFn1u79MCOoRrwDAyx/1XnPeA74Hhp/OYLdQw5IA2
Q2kksgOEbMcRUh4hqUjAX0iXWtjt8VUhdnwfr9Pl/M2eHhMfu0zXnRkme8WfjcVf
gF3oMEZoYGcIbtYWTRaFgBkYucEumuFQ74sk1uGlxU5FmHskoo1r4y12Cr9pPQ4T
dgDr1f70s5yrBgC59N5ifThT6goa18/nseQgruK96vOxoUVkJjq95cksKslApp+j
6ENaVBijIhmACuHqiMFQzm0hFuyrRykDRo0Pd97fdUhEuJzX242aqMOsnXE5
-----END CERTIFICATE-----