Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/mCanUxJmbAJXbJuVqd0EAhFyyT8.roa
File:                     mCanUxJmbAJXbJuVqd0EAhFyyT8.roa (raw, json)
Hash identifier:          sEOrKPbjwRlaooo54SVjjWFMEpKC5WcQxlMWF54mmBo=
Subject key identifier:   98:26:A7:53:12:66:6C:02:57:6C:9B:95:A9:DD:04:02:11:72:C9:3F
Certificate issuer:       /CN=9fcc2f3ee6b5c3ff6dc5346a7535506fa824123e
Certificate serial:       018D41A950664A52A527C8F9A52DD75C5CBB
Authority key identifier: 9F:CC:2F:3E:E6:B5:C3:FF:6D:C5:34:6A:75:35:50:6F:A8:24:12:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n8wvPua1w_9txTRqdTVQb6gkEj4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/mCanUxJmbAJXbJuVqd0EAhFyyT8.roa
Signing time:             Thu 25 Jan 2024 17:27:11 +0000
ROA not before:           Thu 25 Jan 2024 17:27:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42892
IP address blocks:        91.193.220.0/22 maxlen: 22
                          91.193.220.0/23 maxlen: 23
                          91.193.222.0/23 maxlen: 23
                          94.45.192.0/19 maxlen: 19
                          94.45.192.0/22 maxlen: 22
                          94.45.196.0/22 maxlen: 22
                          94.45.199.0/24 maxlen: 24
                          94.45.200.0/22 maxlen: 22
                          94.45.201.0/24 maxlen: 24
                          94.45.204.0/22 maxlen: 22
                          94.45.208.0/22 maxlen: 22
                          94.45.212.0/22 maxlen: 22
                          94.45.216.0/22 maxlen: 22
                          94.45.220.0/22 maxlen: 22
                          176.120.224.0/19 maxlen: 19
                          176.120.224.0/21 maxlen: 21
                          176.120.236.0/24 maxlen: 24
                          176.120.237.0/24 maxlen: 24
                          176.120.238.0/24 maxlen: 24
                          176.120.239.0/24 maxlen: 24
                          176.120.240.0/21 maxlen: 21
                          176.120.248.0/21 maxlen: 21
Validation:               Failed, certificate revoked on Wed 01 Jan 2025 09:48:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:41:a9:50:66:4a:52:a5:27:c8:f9:a5:2d:d7:5c:5c:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9fcc2f3ee6b5c3ff6dc5346a7535506fa824123e
        Validity
            Not Before: Jan 25 17:27:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9826a75312666c02576c9b95a9dd04021172c93f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:64:ad:d6:c2:77:f4:80:1c:04:4f:f4:9c:08:
                    b5:13:ab:7b:ed:44:b0:61:38:67:92:65:e0:80:14:
                    2c:2b:dc:a4:46:e7:25:5d:5e:8a:67:63:2f:32:63:
                    95:18:d9:14:bf:6e:99:f8:cf:40:31:f3:89:be:03:
                    02:74:7b:6e:e9:4a:fe:c6:de:f4:50:1b:c8:1b:ce:
                    ae:7c:a6:b2:67:00:12:5d:24:46:dc:81:c5:83:1d:
                    7a:36:bf:1a:1d:3f:94:32:aa:ab:30:e1:7a:99:dd:
                    0c:df:a2:c1:df:5c:83:e1:5a:4f:e4:93:97:48:91:
                    c8:be:74:35:d7:f6:37:f8:dc:cc:24:f4:57:bb:06:
                    d1:0f:65:fa:f3:ba:73:a7:39:bd:61:b9:0d:49:18:
                    0b:82:6e:91:30:6d:65:14:6d:cf:a0:f6:aa:05:5d:
                    2a:cc:60:2c:0c:d2:13:03:a0:b9:d1:4a:d3:37:f8:
                    a4:44:50:e6:79:73:8e:fa:5b:9b:a7:c8:37:9d:bc:
                    b2:94:b7:16:e3:f7:c8:93:e4:eb:5b:90:6e:26:8c:
                    c4:41:51:f9:51:af:1b:c6:ad:69:97:69:3e:b7:6c:
                    76:59:89:b8:39:b4:f3:fa:17:86:13:22:52:77:03:
                    09:96:86:c0:7b:ad:df:b4:9e:f2:aa:91:bd:6d:97:
                    b6:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:26:A7:53:12:66:6C:02:57:6C:9B:95:A9:DD:04:02:11:72:C9:3F
            X509v3 Authority Key Identifier:
                keyid:9F:CC:2F:3E:E6:B5:C3:FF:6D:C5:34:6A:75:35:50:6F:A8:24:12:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n8wvPua1w_9txTRqdTVQb6gkEj4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/mCanUxJmbAJXbJuVqd0EAhFyyT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/n8wvPua1w_9txTRqdTVQb6gkEj4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.193.220.0/22
                  94.45.192.0/19
                  176.120.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         ac:0a:b1:aa:2f:59:21:12:d4:83:f1:78:d7:9b:b2:ed:22:b2:
         42:e2:3b:ff:cf:ca:7b:75:2a:65:ef:57:de:4e:11:53:c6:2c:
         33:82:3f:3f:05:eb:ff:51:f3:25:21:99:c0:45:a5:72:aa:29:
         5b:1b:c6:b4:a9:b8:a7:5f:97:5b:61:a2:41:2e:61:8b:7b:f1:
         3f:c0:97:a5:5a:ea:f5:cf:16:5a:4e:71:b2:5a:2a:37:11:99:
         f0:73:e0:e4:70:f7:d6:08:78:0d:3c:1d:25:36:78:fa:59:40:
         b3:29:7b:b8:30:26:25:83:14:4a:3c:80:8b:5f:42:09:81:f6:
         22:0f:8f:a8:b1:08:93:06:58:26:ce:da:26:35:7a:2a:e0:cb:
         f6:66:8c:c6:f3:29:b4:26:e0:f7:2b:4e:b5:5c:10:25:85:ef:
         89:e5:f5:f5:ae:92:bc:1b:30:07:75:b6:b3:d7:27:82:fe:90:
         cb:ef:1d:8b:f4:b2:dc:84:87:e4:eb:06:cd:2f:e8:d4:2b:a5:
         6c:4f:42:b2:64:5f:7d:20:d1:16:9b:90:16:42:2a:eb:e2:35:
         3f:69:67:a2:90:f3:90:b4:61:bd:a4:40:43:10:0f:ae:a0:81:
         48:2a:0f:83:f9:c3:7e:44:02:eb:da:b2:83:d6:46:df:4f:b3:
         6f:7b:6a:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1BqVBmSlKlJ8j5pS3XXFy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmY2MyZjNlZTZiNWMzZmY2ZGM1MzQ2YTc1MzU1MDZmYTgy
NDEyM2UwHhcNMjQwMTI1MTcyNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODI2YTc1MzEyNjY2YzAyNTc2YzliOTVhOWRkMDQwMjExNzJjOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGSt1sJ39IAcBE/0nAi1E6t77USw
YThnkmXggBQsK9ykRuclXV6KZ2MvMmOVGNkUv26Z+M9AMfOJvgMCdHtu6Ur+xt70
UBvIG86ufKayZwASXSRG3IHFgx16Nr8aHT+UMqqrMOF6md0M36LB31yD4VpP5JOX
SJHIvnQ11/Y3+NzMJPRXuwbRD2X687pzpzm9YbkNSRgLgm6RMG1lFG3PoPaqBV0q
zGAsDNITA6C50UrTN/ikRFDmeXOO+lubp8g3nbyylLcW4/fIk+TrW5BuJozEQVH5
Ua8bxq1pl2k+t2x2WYm4ObTz+heGEyJSdwMJlobAe63ftJ7yqpG9bZe2FQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJgmp1MSZmwCV2yblandBAIRcsk/MB8GA1UdIwQY
MBaAFJ/MLz7mtcP/bcU0anU1UG+oJBI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjh3dlB1YTF3Xzl0eFRScWRUVlFiNmdrRWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy83Zjg0MGQtM2JkNC00ZmFkLTlhMTUt
OGJmMDRhZjRiMmI0LzEvbUNhblV4Sm1iQUpYYkp1VnFkMEVBaEZ5eVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy83Zjg0MGQtM2JkNC00ZmFkLTlhMTUtOGJmMDRhZjRiMmI0
LzEvbjh3dlB1YTF3Xzl0eFRScWRUVlFiNmdrRWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8HcAwQF
Xi3AAwQFsHjgMA0GCSqGSIb3DQEBCwUAA4IBAQCsCrGqL1khEtSD8XjXm7LtIrJC
4jv/z8p7dSpl71feThFTxiwzgj8/Bev/UfMlIZnARaVyqilbG8a0qbinX5dbYaJB
LmGLe/E/wJelWur1zxZaTnGyWio3EZnwc+DkcPfWCHgNPB0lNnj6WUCzKXu4MCYl
gxRKPICLX0IJgfYiD4+osQiTBlgmztomNXoq4Mv2ZozG8ym0JuD3K061XBAlhe+J
5fX1rpK8GzAHdbaz1yeC/pDL7x2L9LLchIfk6wbNL+jUK6VsT0KyZF99INEWm5AW
Qirr4jU/aWeikPOQtGG9pEBDEA+uoIFIKg+D+cN+RALr2rKD1kbfT7Nve2o2
-----END CERTIFICATE-----