Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/UW-JLV91sY5n5Fu6WFi_oZYJU54.roa
File:                     UW-JLV91sY5n5Fu6WFi_oZYJU54.roa (raw, json)
Hash identifier:          PLYhbv/k41SMmCH2BgAor7kVEb/VlVL8R21+WXV38J4=
Subject key identifier:   51:6F:89:2D:5F:75:B1:8E:67:E4:5B:BA:58:58:BF:A1:96:09:53:9E
Certificate issuer:       /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial:       018A699CA44C4C3367DEAAEE11440D8B9AC2
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/UW-JLV91sY5n5Fu6WFi_oZYJU54.roa
Signing time:             Wed 06 Sep 2023 08:29:47 +0000
ROA not before:           Wed 06 Sep 2023 08:29:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28968
IP address blocks:        62.181.34.0/23 maxlen: 23
                          62.181.36.0/22 maxlen: 22
                          62.181.38.0/24 maxlen: 24
                          62.181.48.0/23 maxlen: 23
                          62.181.46.0/23 maxlen: 23
                          62.181.56.0/21 maxlen: 21
                          62.181.56.0/22 maxlen: 22
                          212.59.96.0/21 maxlen: 21
                          212.59.96.0/20 maxlen: 20
                          212.59.109.0/24 maxlen: 24
                          77.232.32.0/23 maxlen: 23
                          77.232.35.0/24 maxlen: 24
                          77.232.48.0/23 maxlen: 23
                          2a00:f460::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:69:9c:a4:4c:4c:33:67:de:aa:ee:11:44:0d:8b:9a:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
        Validity
            Not Before: Sep  6 08:29:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=516f892d5f75b18e67e45bba5858bfa19609539e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:fd:1b:99:cb:57:71:29:55:3d:3e:3f:ab:39:
                    bc:c4:1c:42:66:e8:17:c5:2f:b9:16:f6:52:b9:08:
                    6b:9b:5c:6b:70:4d:4e:c8:08:36:67:5f:1d:6a:e6:
                    80:20:53:b6:bc:d1:9d:4b:18:76:6d:34:c1:08:c4:
                    28:14:55:0d:07:c4:4a:fe:dd:be:20:9f:37:c0:c1:
                    6a:91:93:2c:47:ba:75:0f:7f:06:d4:ae:ac:d7:1e:
                    0d:09:a8:25:58:4b:f0:9d:99:b1:56:64:fa:9d:fd:
                    87:07:34:ed:3f:72:4b:06:2a:04:0f:9e:5f:91:b8:
                    75:34:ca:66:8c:1a:61:b4:83:a1:0f:ff:bd:3b:71:
                    a2:5c:b5:ef:f0:db:b8:6f:1b:cb:1d:17:15:4a:22:
                    1b:9d:3b:73:cc:da:79:3f:db:3e:ef:75:de:e9:67:
                    60:a8:11:71:d3:86:5f:0c:96:dd:01:20:d7:67:94:
                    bb:63:5a:33:54:ab:50:17:45:1f:dc:17:9a:59:12:
                    f5:60:e6:5e:51:6c:70:2e:c6:46:53:1e:00:2d:48:
                    ed:13:1e:88:37:cf:99:50:2a:67:82:25:96:ac:16:
                    7c:30:04:49:fc:f0:12:59:49:bf:5b:06:71:eb:be:
                    5a:61:b3:7e:25:16:76:76:9e:7b:9b:e6:17:24:10:
                    2e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:6F:89:2D:5F:75:B1:8E:67:E4:5B:BA:58:58:BF:A1:96:09:53:9E
            X509v3 Authority Key Identifier:
                keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/UW-JLV91sY5n5Fu6WFi_oZYJU54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.181.34.0-62.181.39.255
                  62.181.46.0-62.181.49.255
                  62.181.56.0/21
                  77.232.32.0/23
                  77.232.35.0/24
                  77.232.48.0/23
                  212.59.96.0/20
                IPv6:
                  2a00:f460::/32

    Signature Algorithm: sha256WithRSAEncryption
         3b:dc:2c:12:31:77:dd:e5:f0:08:8a:b0:d3:df:4c:32:6d:db:
         80:7f:ed:fa:a3:17:2e:69:da:16:2a:e6:95:3c:62:ee:b9:ec:
         4d:0c:e6:8d:6b:88:82:82:45:c4:2a:a8:0c:33:b0:9f:33:a9:
         f2:d2:d8:35:4d:95:89:32:44:f3:3f:e0:87:38:a9:e1:77:bf:
         16:b5:96:61:76:61:fe:0e:20:08:e3:4e:9a:49:8e:d3:22:fc:
         4d:80:56:71:14:f5:e6:09:f7:ae:b7:0f:06:98:b0:36:90:66:
         75:7b:d8:f0:d1:0f:ed:ed:ad:73:75:34:d4:46:a0:f5:14:88:
         ff:0c:d2:13:a3:13:1c:e4:d1:03:88:b0:eb:95:9c:af:f3:a8:
         76:c8:42:ab:2b:ae:d7:ce:4d:f5:78:40:6c:3e:6e:f0:48:7f:
         0f:bd:c8:fa:9e:58:5b:6d:49:ef:30:f9:e5:98:c4:dd:cb:8c:
         f1:b3:e4:f0:d7:bd:d9:69:22:5f:71:b7:d9:4e:31:f2:3b:bd:
         9f:29:2a:d6:91:f7:19:31:37:e5:b8:63:91:ff:de:6b:60:72:
         67:a0:e7:11:dc:ce:b4:13:cd:10:9b:6b:81:1a:bf:52:a3:66:
         61:7c:04:57:3b:88:dd:c6:41:e2:dc:60:51:3d:33:1d:5d:25:
         8c:04:c3:74
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYppnKRMTDNn3qruEUQNi5rCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjMwOTA2MDgyOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTZmODkyZDVmNzViMThlNjdlNDViYmE1ODU4YmZhMTk2MDk1MzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/0bmctXcSlVPT4/qzm8xBxCZugX
xS+5FvZSuQhrm1xrcE1OyAg2Z18dauaAIFO2vNGdSxh2bTTBCMQoFFUNB8RK/t2+
IJ83wMFqkZMsR7p1D38G1K6s1x4NCaglWEvwnZmxVmT6nf2HBzTtP3JLBioED55f
kbh1NMpmjBphtIOhD/+9O3GiXLXv8Nu4bxvLHRcVSiIbnTtzzNp5P9s+73Xe6Wdg
qBFx04ZfDJbdASDXZ5S7Y1ozVKtQF0Uf3BeaWRL1YOZeUWxwLsZGUx4ALUjtEx6I
N8+ZUCpngiWWrBZ8MARJ/PASWUm/WwZx675aYbN+JRZ2dp57m+YXJBAuxwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFFFviS1fdbGOZ+RbulhYv6GWCVOeMB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvVVctSkxWOTFzWTVuNUZ1NldGaV9vWllKVTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTctNTk3NTkxM2Y1MmM1
LzEvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6MAwDBAE+tSID
BAM+tSAwDAMEAT61LgMEAT61MAMEAz61OAMEAU3oIAMEAE3oIwMEAU3oMAMEBNQ7
YDANBAIAAjAHAwUAKgD0YDANBgkqhkiG9w0BAQsFAAOCAQEAO9wsEjF33eXwCIqw
099MMm3bgH/t+qMXLmnaFirmlTxi7rnsTQzmjWuIgoJFxCqoDDOwnzOp8tLYNU2V
iTJE8z/ghzip4Xe/FrWWYXZh/g4gCONOmkmO0yL8TYBWcRT15gn3rrcPBpiwNpBm
dXvY8NEP7e2tc3U01Eag9RSI/wzSE6MTHOTRA4iw65Wcr/OodshCqyuu185N9XhA
bD5u8Eh/D73I+p5YW21J7zD55ZjE3cuM8bPk8Ne92WkiX3G32U4x8ju9nykq1pH3
GTE35bhjkf/ea2ByZ6DnEdzOtBPNEJtrgRq/UqNmYXwEVzuI3cZB4txgUT0zHV0l
jATDdA==
-----END CERTIFICATE-----