Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/19f984-842a-4098-a8bd-696e09b43d60/1/UVHgDEft_gFA3Y9sFlaTVZl6k-A.roa
File:                     UVHgDEft_gFA3Y9sFlaTVZl6k-A.roa (raw, json)
Hash identifier:          jFFpmYN8yHQc4b6rWQFuxUAgsc5mcUEQdbY5mhZHZ/Y=
Subject key identifier:   51:51:E0:0C:47:ED:FE:01:40:DD:8F:6C:16:56:93:55:99:7A:93:E0
Certificate issuer:       /CN=5e84ee673dc6209ebda7e8e63292a727fc27e8a6
Certificate serial:       0188B3066FA948FCC36E02E66B1D70227963
Authority key identifier: 5E:84:EE:67:3D:C6:20:9E:BD:A7:E8:E6:32:92:A7:27:FC:27:E8:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XoTuZz3GIJ69p-jmMpKnJ_wn6KY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/19f984-842a-4098-a8bd-696e09b43d60/1/UVHgDEft_gFA3Y9sFlaTVZl6k-A.roa
Signing time:             Tue 13 Jun 2023 04:32:03 +0000
ROA not before:           Tue 13 Jun 2023 04:32:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59533
IP address blocks:        91.218.103.0/24 maxlen: 24
                          91.218.102.0/24 maxlen: 24
                          91.218.101.0/24 maxlen: 24
                          91.218.100.0/24 maxlen: 24
                          193.150.52.0/23 maxlen: 23
                          91.219.203.0/24 maxlen: 24
                          91.219.202.0/24 maxlen: 24
                          91.219.201.0/24 maxlen: 24
                          91.219.200.0/24 maxlen: 24
                          91.235.181.0/24 maxlen: 24
                          91.235.180.0/24 maxlen: 24
                          91.240.112.0/24 maxlen: 24
                          91.240.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b3:06:6f:a9:48:fc:c3:6e:02:e6:6b:1d:70:22:79:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e84ee673dc6209ebda7e8e63292a727fc27e8a6
        Validity
            Not Before: Jun 13 04:32:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5151e00c47edfe0140dd8f6c16569355997a93e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:db:a8:d1:8a:af:de:71:31:9f:52:8e:0c:d8:
                    d7:74:4c:3c:af:15:0b:d4:31:50:ef:07:2d:0f:68:
                    4b:df:02:09:1d:4d:60:fa:03:e1:e0:c0:ed:5b:0f:
                    d5:9d:26:6b:08:b3:94:ee:34:4e:dd:e2:ee:73:f3:
                    8c:be:2d:33:d2:1d:62:d8:9d:ce:d5:ce:d9:d0:78:
                    04:09:dc:1e:d7:27:6b:95:bf:75:4e:cf:40:c4:5f:
                    ad:09:26:40:1b:75:ac:e5:d6:70:b4:a5:45:aa:ba:
                    d7:cf:40:30:d5:1a:d8:f8:50:ac:c3:25:ad:01:80:
                    1e:42:98:47:8e:37:cb:5a:87:4c:5e:09:b8:b1:c1:
                    35:69:e8:4f:8d:73:96:7a:3d:24:30:ec:4a:ac:14:
                    50:a6:54:aa:17:da:f1:96:d5:4c:94:8d:7f:a1:86:
                    31:c4:c4:39:6f:5c:75:f1:de:ec:8e:1d:1c:c8:91:
                    3a:88:42:98:df:bd:44:2b:ab:fd:55:36:a1:c8:83:
                    cd:c9:e3:3f:07:31:31:d0:fd:75:f5:60:9f:36:5f:
                    b2:69:79:40:77:53:7e:a5:5e:36:6d:57:e2:0e:ff:
                    58:49:d3:c3:33:12:88:3f:83:b1:c7:9d:64:d5:79:
                    43:74:16:a4:9a:bc:47:34:23:1e:15:59:a4:26:07:
                    03:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:51:E0:0C:47:ED:FE:01:40:DD:8F:6C:16:56:93:55:99:7A:93:E0
            X509v3 Authority Key Identifier:
                keyid:5E:84:EE:67:3D:C6:20:9E:BD:A7:E8:E6:32:92:A7:27:FC:27:E8:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XoTuZz3GIJ69p-jmMpKnJ_wn6KY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19f984-842a-4098-a8bd-696e09b43d60/1/UVHgDEft_gFA3Y9sFlaTVZl6k-A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/19f984-842a-4098-a8bd-696e09b43d60/1/XoTuZz3GIJ69p-jmMpKnJ_wn6KY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.218.100.0/22
                  91.219.200.0/22
                  91.235.180.0/23
                  91.240.112.0/23
                  193.150.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5e:8a:80:4a:13:28:eb:07:17:c4:9e:7d:03:b1:f9:07:70:ca:
         2d:f0:46:53:48:5d:72:a8:eb:36:df:d5:b2:73:25:3d:00:0c:
         25:52:a2:78:32:0c:3d:28:89:85:81:4b:41:78:06:37:67:9c:
         0e:90:b6:2d:61:af:c8:f7:f3:2b:22:d5:45:a2:18:1c:38:59:
         85:f2:89:64:8d:8b:ee:95:14:25:4e:f3:c1:3e:79:3a:88:df:
         02:c4:e9:a1:35:fa:95:58:9b:ff:4f:cd:65:6f:ac:02:af:7e:
         2b:1d:68:e4:5f:fd:eb:18:76:12:7d:53:38:9f:2a:32:00:c6:
         b7:6b:b9:94:bf:52:b7:36:fe:55:2e:db:7f:37:d8:3c:8e:9c:
         99:63:be:ca:bb:bd:ef:84:4f:ae:7f:68:73:1f:19:eb:3d:ae:
         8f:ea:3f:36:78:25:01:6c:b3:91:ad:7c:4c:aa:29:d1:9a:40:
         bf:22:e2:39:cc:98:81:aa:3c:8a:f3:22:77:62:1c:dc:3c:b1:
         93:1a:63:8e:bc:34:be:ff:40:57:f3:55:58:ce:22:3d:8f:1e:
         fc:aa:ea:8b:a7:34:3b:29:46:d6:3a:6f:8c:81:2c:9f:51:9a:
         5f:bc:5f:8d:aa:f7:33:42:82:45:25:97:aa:7b:18:8b:ab:0e:
         a6:8a:94:24
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYizBm+pSPzDbgLmax1wInljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlODRlZTY3M2RjNjIwOWViZGE3ZThlNjMyOTJhNzI3ZmMy
N2U4YTYwHhcNMjMwNjEzMDQzMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTUxZTAwYzQ3ZWRmZTAxNDBkZDhmNmMxNjU2OTM1NTk5N2E5M2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjduo0Yqv3nExn1KODNjXdEw8rxUL
1DFQ7wctD2hL3wIJHU1g+gPh4MDtWw/VnSZrCLOU7jRO3eLuc/OMvi0z0h1i2J3O
1c7Z0HgECdwe1ydrlb91Ts9AxF+tCSZAG3Ws5dZwtKVFqrrXz0Aw1RrY+FCswyWt
AYAeQphHjjfLWodMXgm4scE1aehPjXOWej0kMOxKrBRQplSqF9rxltVMlI1/oYYx
xMQ5b1x18d7sjh0cyJE6iEKY371EK6v9VTahyIPNyeM/BzEx0P119WCfNl+yaXlA
d1N+pV42bVfiDv9YSdPDMxKIP4Oxx51k1XlDdBakmrxHNCMeFVmkJgcDCwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFFR4AxH7f4BQN2PbBZWk1WZepPgMB8GA1UdIwQY
MBaAFF6E7mc9xiCevafo5jKSpyf8J+imMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG9UdVp6M0dJSjY5cC1qbU1wS25KX3duNktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xOWY5ODQtODQyYS00MDk4LWE4YmQt
Njk2ZTA5YjQzZDYwLzEvVVZIZ0RFZnRfZ0ZBM1k5c0ZsYVRWWmw2ay1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xOWY5ODQtODQyYS00MDk4LWE4YmQtNjk2ZTA5YjQzZDYw
LzEvWG9UdVp6M0dJSjY5cC1qbU1wS25KX3duNktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW9pkAwQC
W9vIAwQBW+u0AwQBW/BwAwQBwZY0MA0GCSqGSIb3DQEBCwUAA4IBAQBeioBKEyjr
BxfEnn0DsfkHcMot8EZTSF1yqOs239WycyU9AAwlUqJ4Mgw9KImFgUtBeAY3Z5wO
kLYtYa/I9/MrItVFohgcOFmF8olkjYvulRQlTvPBPnk6iN8CxOmhNfqVWJv/T81l
b6wCr34rHWjkX/3rGHYSfVM4nyoyAMa3a7mUv1K3Nv5VLtt/N9g8jpyZY77Ku73v
hE+uf2hzHxnrPa6P6j82eCUBbLORrXxMqinRmkC/IuI5zJiBqjyK8yJ3YhzcPLGT
GmOOvDS+/0BX81VYziI9jx78quqLpzQ7KUbWOm+MgSyfUZpfvF+NqvczQoJFJZeq
exiLqw6mipQk
-----END CERTIFICATE-----