Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/LsYNLc5noxp-TE9o2ISbaZN7tcM.roa
File:                     LsYNLc5noxp-TE9o2ISbaZN7tcM.roa (raw, json)
Hash identifier:          MdN1qKKdbDN6ytj663GGEnYO0I0UuXRR7XY8IDbJ4no=
Subject key identifier:   2E:C6:0D:2D:CE:67:A3:1A:7E:4C:4F:68:D8:84:9B:69:93:7B:B5:C3
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       018D4B8D2CD4DA2383FAB7E304302105C02C
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/LsYNLc5noxp-TE9o2ISbaZN7tcM.roa
Signing time:             Sat 27 Jan 2024 15:32:39 +0000
ROA not before:           Sat 27 Jan 2024 15:32:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210464
IP address blocks:        2a06:e881:8700::/48 maxlen: 128
                          2a06:e881:8701::/48 maxlen: 128
                          2a06:e881:8702::/48 maxlen: 128
                          2a06:e881:8703::/48 maxlen: 128
                          2a06:e881:8704::/48 maxlen: 128
                          2a06:e881:8705::/48 maxlen: 128
                          2a06:e881:8706::/48 maxlen: 128
                          2a06:e881:8707::/48 maxlen: 128
                          2a06:e881:8708::/48 maxlen: 128
                          2a06:e881:8709::/48 maxlen: 128
                          2a06:e881:870a::/48 maxlen: 128
                          2a06:e881:870b::/48 maxlen: 128
                          2a06:e881:870c::/48 maxlen: 128
                          2a06:e881:870d::/48 maxlen: 128
                          2a06:e881:870e::/48 maxlen: 128
                          2a06:e881:870f::/48 maxlen: 128

Validation:               Failed, certificate revoked on Tue 30 Jan 2024 21:12:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:4b:8d:2c:d4:da:23:83:fa:b7:e3:04:30:21:05:c0:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Jan 27 15:32:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2ec60d2dce67a31a7e4c4f68d8849b69937bb5c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:2b:f5:62:44:5c:2d:2a:02:e8:6a:5c:2f:5b:
                    e2:08:00:e7:6e:08:ea:c2:c3:bd:7c:b2:69:14:63:
                    f1:dc:73:fb:70:68:c7:7b:25:60:cc:c8:6d:1d:4e:
                    b1:d4:a5:14:2b:d7:7f:c9:a3:fd:4c:6e:28:08:84:
                    62:c9:3f:28:ff:9a:4a:79:48:3a:ad:9c:5a:2b:79:
                    65:cf:71:3b:52:e5:3d:5d:ef:76:d9:c0:da:b2:d9:
                    54:31:af:e2:e5:4a:f2:1b:21:3e:17:9e:81:0e:d2:
                    6f:b2:09:30:09:e1:51:4c:ca:4a:d8:8d:78:f5:7f:
                    c8:d5:bc:70:a1:8c:e9:0a:83:4b:b9:95:84:6a:16:
                    82:50:e7:1f:5a:ff:b6:fc:93:10:65:16:f0:e4:64:
                    72:04:e7:5c:94:15:26:88:80:06:6d:51:ee:f6:b9:
                    fb:3b:29:e9:2a:de:7d:29:b1:ca:e6:a9:90:ad:ca:
                    6b:77:36:38:94:b0:78:b1:ee:ea:96:4c:f2:4c:ab:
                    02:90:b4:59:d8:ea:72:f4:b3:b6:4d:df:59:ac:b0:
                    27:d1:fb:e2:32:aa:d8:aa:1a:62:ec:fe:16:02:ea:
                    fe:aa:91:c6:a0:ea:31:f1:1a:8c:a7:ce:46:fc:84:
                    8a:d0:a2:84:ce:de:41:6b:37:b0:10:ce:18:56:a7:
                    f3:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:C6:0D:2D:CE:67:A3:1A:7E:4C:4F:68:D8:84:9B:69:93:7B:B5:C3
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/LsYNLc5noxp-TE9o2ISbaZN7tcM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:e881:8700::/44

    Signature Algorithm: sha256WithRSAEncryption
         5b:42:db:01:26:71:88:7a:27:97:13:25:bd:ba:68:22:9a:2e:
         d2:7a:27:6e:ef:ed:ee:a5:75:74:68:86:3f:5b:c1:16:b5:b0:
         da:ed:2d:5d:ba:e2:fe:af:bb:5e:76:d4:a7:3b:d3:73:2d:76:
         5c:ab:4f:7d:1d:15:67:ed:59:d0:ca:48:86:f2:f7:b2:f2:5f:
         99:e1:e3:79:c5:2f:5a:02:ac:90:c8:a8:6f:73:26:bc:00:43:
         75:ba:de:7a:3b:2d:cf:2b:54:06:cb:bf:58:f5:72:c2:73:07:
         c9:79:06:b0:90:84:5a:63:da:d7:d5:8d:43:3c:f5:bf:3e:e4:
         8e:9e:ab:74:cf:4d:cd:fb:74:79:3c:39:d7:3d:fd:05:3d:a2:
         af:6f:05:bf:84:82:10:2c:37:1e:b9:20:41:aa:1f:dc:df:bb:
         39:eb:27:4c:7f:37:3e:4d:36:81:e2:85:cb:30:97:48:bc:62:
         02:8a:c8:37:d0:5b:1a:36:d1:e3:58:27:71:0c:2e:d2:87:dc:
         e9:34:cd:6c:b6:db:30:91:6f:b2:f2:9f:55:a8:0f:03:e2:0d:
         ed:d5:6d:4a:5b:0e:72:78:97:63:22:49:eb:9b:2c:89:d5:b9:
         96:a4:64:91:f0:88:e6:de:42:aa:05:f3:6b:56:5b:3e:b8:23:
         24:99:5d:2f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1LjSzU2iOD+rfjBDAhBcAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwMTI3MTUzMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWM2MGQyZGNlNjdhMzFhN2U0YzRmNjhkODg0OWI2OTkzN2JiNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviv1YkRcLSoC6GpcL1viCADnbgjq
wsO9fLJpFGPx3HP7cGjHeyVgzMhtHU6x1KUUK9d/yaP9TG4oCIRiyT8o/5pKeUg6
rZxaK3llz3E7UuU9Xe922cDastlUMa/i5UryGyE+F56BDtJvsgkwCeFRTMpK2I14
9X/I1bxwoYzpCoNLuZWEahaCUOcfWv+2/JMQZRbw5GRyBOdclBUmiIAGbVHu9rn7
OynpKt59KbHK5qmQrcprdzY4lLB4se7qlkzyTKsCkLRZ2Opy9LO2Td9ZrLAn0fvi
MqrYqhpi7P4WAur+qpHGoOox8RqMp85G/ISK0KKEzt5BazewEM4YVqfzJwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC7GDS3OZ6MafkxPaNiEm2mTe7XDMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvTHNZTkxjNW5veHAtVEU5bzJJU2JhWk43dGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbogYcA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbQtsBJnGIeieXEyW9umgimi7Seidu7+3upXV0
aIY/W8EWtbDa7S1duuL+r7tedtSnO9NzLXZcq099HRVn7VnQykiG8vey8l+Z4eN5
xS9aAqyQyKhvcya8AEN1ut56Oy3PK1QGy79Y9XLCcwfJeQawkIRaY9rX1Y1DPPW/
PuSOnqt0z03N+3R5PDnXPf0FPaKvbwW/hIIQLDceuSBBqh/c37s56ydMfzc+TTaB
4oXLMJdIvGICisg30FsaNtHjWCdxDC7Sh9zpNM1sttswkW+y8p9VqA8D4g3t1W1K
Ww5yeJdjIknrmyyJ1bmWpGSR8Ijm3kKqBfNrVls+uCMkmV0v
-----END CERTIFICATE-----