Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/JTW_EFwrMrANtqKjMaAcgaOuFyE.roa
File:                     JTW_EFwrMrANtqKjMaAcgaOuFyE.roa (raw, json)
Hash identifier:          s4XCKdi+tE+uRWa+KZgol7b/oYbtXdAi8UF2te0wH2c=
Subject key identifier:   25:35:BF:10:5C:2B:32:B0:0D:B6:A2:A3:31:A0:1C:81:A3:AE:17:21
Certificate issuer:       /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial:       01940764445AAC38E10311969DD1844A86C8
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/JTW_EFwrMrANtqKjMaAcgaOuFyE.roa
Signing time:             Fri 27 Dec 2024 09:13:19 +0000
ROA not before:           Fri 27 Dec 2024 09:13:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     57675
IP address blocks:        37.32.64.0/24 maxlen: 24
                          37.32.65.0/24 maxlen: 24
                          37.32.66.0/24 maxlen: 24
                          37.32.67.0/24 maxlen: 24
                          37.32.68.0/24 maxlen: 24
                          37.32.69.0/24 maxlen: 24
                          37.32.70.0/24 maxlen: 24
                          37.32.71.0/24 maxlen: 24
                          37.32.73.0/24 maxlen: 24
                          37.32.76.0/24 maxlen: 24
                          37.32.79.0/24 maxlen: 24
                          185.129.92.0/24 maxlen: 24
                          185.129.93.0/24 maxlen: 24
                          185.129.94.0/24 maxlen: 24
                          185.129.95.0/24 maxlen: 24
                          2a0f:1300::/29 maxlen: 29
Validation:               Failed, certificate revoked on Fri 27 Dec 2024 11:24:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:07:64:44:5a:ac:38:e1:03:11:96:9d:d1:84:4a:86:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
        Validity
            Not Before: Dec 27 09:13:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2535bf105c2b32b00db6a2a331a01c81a3ae1721
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:81:08:6a:be:e1:5d:76:ad:34:86:09:59:1d:
                    59:35:3c:33:19:6b:a9:62:04:ca:b4:a3:80:fc:f2:
                    18:c9:4f:97:44:3e:4c:3c:bc:7a:7f:de:65:ae:fc:
                    eb:a0:a7:b5:31:49:b1:eb:04:f7:17:6d:8b:99:94:
                    36:b2:ab:fb:86:54:56:89:8e:1f:83:59:13:35:25:
                    b8:dc:00:4e:f9:91:6b:b0:94:d5:df:c9:b0:fb:7d:
                    c2:93:81:3f:bf:4c:98:21:81:d4:0b:f5:3a:40:b1:
                    3e:16:ab:dd:9d:ed:fc:f3:c6:8e:fe:f3:22:07:63:
                    71:a0:be:94:89:68:a5:d8:f4:93:98:eb:9c:45:93:
                    8d:db:66:16:02:92:e7:fd:18:49:05:92:76:db:1c:
                    3e:cd:7f:c8:cd:6b:29:e3:76:9a:c5:e0:96:bb:b2:
                    d2:f0:5e:9d:4c:0a:1e:18:82:51:04:96:a1:31:cd:
                    31:2b:24:d8:6a:13:37:48:c5:16:50:a7:ed:34:ee:
                    d6:55:b8:cb:22:73:92:b7:14:20:26:08:15:62:c6:
                    c9:d9:9a:1c:81:93:97:88:5d:ec:5e:e6:52:c1:80:
                    54:14:c9:c5:84:a8:34:d7:6f:66:d0:05:83:45:37:
                    c5:58:62:4f:7a:1f:02:53:4c:7d:32:2e:e7:60:a9:
                    57:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:35:BF:10:5C:2B:32:B0:0D:B6:A2:A3:31:A0:1C:81:A3:AE:17:21
            X509v3 Authority Key Identifier:
                keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/JTW_EFwrMrANtqKjMaAcgaOuFyE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.32.64.0/21
                  37.32.73.0/24
                  37.32.76.0/24
                  37.32.79.0/24
                  185.129.92.0/22
                IPv6:
                  2a0f:1300::/29

    Signature Algorithm: sha256WithRSAEncryption
         7d:02:90:7f:4a:fd:73:f6:32:a5:b8:7c:07:08:de:9b:cf:76:
         1e:cb:f4:d2:51:14:85:be:2a:1b:f7:68:bc:85:bc:b8:c0:6a:
         73:3d:f4:d9:32:9d:a2:71:f3:5c:9d:6e:02:33:b4:75:93:0e:
         7d:42:66:a2:25:4e:8a:cc:b9:fa:03:58:52:02:af:57:87:3d:
         98:b6:43:5b:d2:aa:7c:f0:4f:4b:c7:b8:52:16:b2:69:b7:5b:
         6a:0e:85:c2:1a:0e:f4:d9:c5:84:2e:b6:cb:34:ff:a8:21:00:
         e2:1f:73:0a:80:78:0f:fb:59:1b:52:f0:87:e0:fd:ae:b8:09:
         78:6b:1b:ec:54:98:df:78:eb:9e:5b:42:e0:e2:49:be:a5:0b:
         ef:06:83:9e:6f:94:ba:8b:a6:6d:a0:a9:4d:fb:24:52:cb:fd:
         3e:29:37:52:b3:bb:34:1f:76:68:af:6b:7b:0c:90:a8:f9:69:
         04:d8:24:c2:c8:b9:88:84:3f:26:de:f0:82:06:df:f3:99:52:
         ee:31:bd:07:09:fc:ae:15:62:fc:5b:c3:f8:d8:84:7c:80:b6:
         9c:f3:30:64:c5:06:d3:71:d0:be:24:9d:15:0b:0b:9b:6d:6d:
         b7:0c:fa:3a:64:66:d6:ba:a5:62:ec:1d:ac:7f:5c:3b:b5:1a:
         d7:34:0b:66
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQHZERarDjhAxGWndGESobIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjQxMjI3MDkxMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTM1YmYxMDVjMmIzMmIwMGRiNmEyYTMzMWEwMWM4MWEzYWUxNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4EIar7hXXatNIYJWR1ZNTwzGWup
YgTKtKOA/PIYyU+XRD5MPLx6f95lrvzroKe1MUmx6wT3F22LmZQ2sqv7hlRWiY4f
g1kTNSW43ABO+ZFrsJTV38mw+33Ck4E/v0yYIYHUC/U6QLE+Fqvdne3888aO/vMi
B2NxoL6UiWil2PSTmOucRZON22YWApLn/RhJBZJ22xw+zX/IzWsp43aaxeCWu7LS
8F6dTAoeGIJRBJahMc0xKyTYahM3SMUWUKftNO7WVbjLInOStxQgJggVYsbJ2Zoc
gZOXiF3sXuZSwYBUFMnFhKg0129m0AWDRTfFWGJPeh8CU0x9Mi7nYKlXoQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCU1vxBcKzKwDbaiozGgHIGjrhchMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvSlRXX0VGd3JNckFOdHFLak1hQWNnYU91RnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJSBAAwQA
JSBJAwQAJSBMAwQAJSBPAwQCuYFcMA0EAgACMAcDBQMqDxMAMA0GCSqGSIb3DQEB
CwUAA4IBAQB9ApB/Sv1z9jKluHwHCN6bz3Yey/TSURSFviob92i8hby4wGpzPfTZ
Mp2icfNcnW4CM7R1kw59QmaiJU6KzLn6A1hSAq9Xhz2YtkNb0qp88E9Lx7hSFrJp
t1tqDoXCGg702cWELrbLNP+oIQDiH3MKgHgP+1kbUvCH4P2uuAl4axvsVJjfeOue
W0Lg4km+pQvvBoOeb5S6i6ZtoKlN+yRSy/0+KTdSs7s0H3Zor2t7DJCo+WkE2CTC
yLmIhD8m3vCCBt/zmVLuMb0HCfyuFWL8W8P42IR8gLac8zBkxQbTcdC+JJ0VCwub
bW23DPo6ZGbWuqVi7B2sf1w7tRrXNAtm
-----END CERTIFICATE-----