Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/BvTWPGQQjmFMpr8mxyFd6EeVxD4.roa
File:                     BvTWPGQQjmFMpr8mxyFd6EeVxD4.roa (raw, json)
Hash identifier:          u1HmoTaALXJfB68jZRk2JRQJfkGuHMZbKSl5Up8WQuA=
Subject key identifier:   06:F4:D6:3C:64:10:8E:61:4C:A6:BF:26:C7:21:5D:E8:47:95:C4:3E
Certificate issuer:       /CN=cb1d15194278a29aad57ca375f99588b976ef829
Certificate serial:       01856E2F86103AC7D8C918C82275310A5A4A
Authority key identifier: CB:1D:15:19:42:78:A2:9A:AD:57:CA:37:5F:99:58:8B:97:6E:F8:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/BvTWPGQQjmFMpr8mxyFd6EeVxD4.roa
Signing time:             Sun 01 Jan 2023 16:34:46 +0000
ROA not before:           Sun 01 Jan 2023 16:34:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1930
IP address blocks:        192.86.138.0/24 maxlen: 24
                          192.92.142.0/24 maxlen: 24
                          192.82.127.0/24 maxlen: 24
                          192.88.17.0/24 maxlen: 24
                          192.88.251.0/24 maxlen: 24
                          192.88.252.0/24 maxlen: 24
                          192.88.253.0/24 maxlen: 24
                          192.88.250.0/24 maxlen: 24
                          192.88.254.0/24 maxlen: 24
                          192.135.187.0/24 maxlen: 24
                          192.68.209.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:2f:86:10:3a:c7:d8:c9:18:c8:22:75:31:0a:5a:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb1d15194278a29aad57ca375f99588b976ef829
        Validity
            Not Before: Jan  1 16:34:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=06f4d63c64108e614ca6bf26c7215de84795c43e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:db:6f:68:9c:c3:af:eb:3e:2f:9a:d6:63:99:
                    b3:f6:20:ab:fd:e6:46:88:09:3b:e4:0c:06:30:c2:
                    47:08:f8:4c:10:a9:7f:9f:a3:98:04:12:f8:23:32:
                    f1:6e:07:ee:7f:64:22:49:5a:39:46:d1:43:28:33:
                    cf:16:1d:17:17:dd:02:87:d9:f9:2d:94:05:0b:6d:
                    47:9b:95:b1:9e:0d:ff:7d:bd:37:16:9b:76:d8:9e:
                    35:1f:ee:c7:35:42:05:3c:f9:fb:bd:08:d9:4d:a9:
                    23:2f:55:93:4e:43:2b:f2:a2:b8:83:e1:91:82:bc:
                    05:b1:15:ea:bf:c0:24:bd:84:1e:74:aa:0f:ee:73:
                    ea:58:a4:00:c3:66:00:e5:e5:51:45:4f:78:9a:fd:
                    ce:7c:b3:ab:2b:51:ab:de:72:2c:49:33:2d:7e:0e:
                    61:da:f2:77:5a:0b:8a:58:28:0e:60:b7:81:c5:c0:
                    2f:d8:bb:e8:31:0f:af:b0:cb:58:15:9f:a6:98:aa:
                    12:9d:5a:31:6e:87:ae:a3:c7:b0:68:2e:b4:03:01:
                    36:58:f2:5f:b4:99:3f:71:c7:6e:11:49:d3:3e:b2:
                    e5:82:e1:e0:79:22:80:c6:0f:5b:64:cf:66:98:f7:
                    4d:11:8c:eb:a7:96:5d:e4:d5:38:81:2a:fc:79:98:
                    87:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:F4:D6:3C:64:10:8E:61:4C:A6:BF:26:C7:21:5D:E8:47:95:C4:3E
            X509v3 Authority Key Identifier:
                keyid:CB:1D:15:19:42:78:A2:9A:AD:57:CA:37:5F:99:58:8B:97:6E:F8:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/BvTWPGQQjmFMpr8mxyFd6EeVxD4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/yx0VGUJ4opqtV8o3X5lYi5du-Ck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.68.209.0/24
                  192.82.127.0/24
                  192.86.138.0/24
                  192.88.17.0/24
                  192.88.250.0-192.88.254.255
                  192.92.142.0/24
                  192.135.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:be:6b:83:e3:6c:f0:9d:fa:7d:e9:d7:8c:a1:9d:6c:28:53:
         11:0d:23:a0:79:26:b5:9a:f0:c9:0e:68:cd:e2:e3:8e:78:65:
         39:62:dd:d7:68:1e:60:d1:88:0b:16:75:61:8e:27:7b:52:2f:
         d0:74:f7:29:5e:fd:9a:44:a1:ab:3d:39:8b:e2:5e:67:5b:65:
         7c:39:83:fd:cc:ce:39:25:c2:18:35:11:2d:a0:a6:20:d6:c8:
         34:68:ee:0d:35:f4:76:27:04:b3:66:c4:b7:c0:90:8f:84:be:
         7f:c0:78:64:2e:54:3d:4d:e4:21:4e:53:41:e1:93:db:9f:81:
         d7:d1:6e:6d:01:7c:58:4a:47:e7:06:78:6b:c8:b6:56:2f:95:
         75:46:81:60:91:92:eb:9c:53:87:30:11:62:29:9e:c4:cb:ff:
         28:26:4f:22:5c:15:59:8c:6d:9c:1a:38:b2:53:4c:cc:ca:6a:
         55:8e:49:c1:73:bd:d0:90:fa:af:3d:45:83:4a:84:45:ee:58:
         e1:1d:59:43:58:91:13:7e:15:78:81:2c:3c:80:17:ee:e8:f2:
         7e:39:6e:a4:66:95:5a:fe:a0:0b:4d:54:88:37:e1:6b:29:dc:
         bb:21:da:e6:fb:36:3c:a5:75:a1:ca:29:df:33:0e:a4:f5:d5:
         dc:f6:c8:2f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVuL4YQOsfYyRjIInUxClpKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMWQxNTE5NDI3OGEyOWFhZDU3Y2EzNzVmOTk1ODhiOTc2
ZWY4MjkwHhcNMjMwMTAxMTYzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmY0ZDYzYzY0MTA4ZTYxNGNhNmJmMjZjNzIxNWRlODQ3OTVjNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldtvaJzDr+s+L5rWY5mz9iCr/eZG
iAk75AwGMMJHCPhMEKl/n6OYBBL4IzLxbgfuf2QiSVo5RtFDKDPPFh0XF90Ch9n5
LZQFC21Hm5Wxng3/fb03Fpt22J41H+7HNUIFPPn7vQjZTakjL1WTTkMr8qK4g+GR
grwFsRXqv8AkvYQedKoP7nPqWKQAw2YA5eVRRU94mv3OfLOrK1Gr3nIsSTMtfg5h
2vJ3WguKWCgOYLeBxcAv2LvoMQ+vsMtYFZ+mmKoSnVoxboeuo8ewaC60AwE2WPJf
tJk/ccduEUnTPrLlguHgeSKAxg9bZM9mmPdNEYzrp5Zd5NU4gSr8eZiHiwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAb01jxkEI5hTKa/JschXehHlcQ+MB8GA1UdIwQY
MBaAFMsdFRlCeKKarVfKN1+ZWIuXbvgpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXgwVkdVSjRvcHF0VjhvM1g1bFlpNWR1LUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9lYjIzNjEtOGQzNC00ZmY0LWIzZDEt
MWZiMzg0MzVhZjc3LzEvQnZUV1BHUVFqbUZNcHI4bXh5RmQ2RWVWeEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9lYjIzNjEtOGQzNC00ZmY0LWIzZDEtMWZiMzg0MzVhZjc3
LzEveXgwVkdVSjRvcHF0VjhvM1g1bFlpNWR1LUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAwETRAwQA
wFJ/AwQAwFaKAwQAwFgRMAwDBAHAWPoDBADAWP4DBADAXI4DBADAh7swDQYJKoZI
hvcNAQELBQADggEBAI++a4PjbPCd+n3p14yhnWwoUxENI6B5JrWa8MkOaM3i4454
ZTli3ddoHmDRiAsWdWGOJ3tSL9B09yle/ZpEoas9OYviXmdbZXw5g/3Mzjklwhg1
ES2gpiDWyDRo7g019HYnBLNmxLfAkI+Evn/AeGQuVD1N5CFOU0Hhk9ufgdfRbm0B
fFhKR+cGeGvItlYvlXVGgWCRkuucU4cwEWIpnsTL/ygmTyJcFVmMbZwaOLJTTMzK
alWOScFzvdCQ+q89RYNKhEXuWOEdWUNYkRN+FXiBLDyAF+7o8n45bqRmlVr+oAtN
VIg34Wsp3Lsh2ub7NjyldaHKKd8zDqT11dz2yC8=
-----END CERTIFICATE-----