Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/93kz4TtsnhQHIrcx-0GjwWDcTvM.roa
File:                     93kz4TtsnhQHIrcx-0GjwWDcTvM.roa (raw, json)
Hash identifier:          TJ2zUwHvzpdAGQ4/R/FYekSZAZdjKk93DvTKWHeI0E0=
Subject key identifier:   F7:79:33:E1:3B:6C:9E:14:07:22:B7:31:FB:41:A3:C1:60:DC:4E:F3
Certificate issuer:       /CN=c6169716d0ae64068703140aa3730e3788fdd4c6
Certificate serial:       01857014FDAA568841B0D453C773B42C7D38
Authority key identifier: C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/93kz4TtsnhQHIrcx-0GjwWDcTvM.roa
Signing time:             Mon 02 Jan 2023 01:25:01 +0000
ROA not before:           Mon 02 Jan 2023 01:25:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12679
IP address blocks:        45.134.12.0/24 maxlen: 24
                          45.134.15.0/24 maxlen: 24
                          45.134.14.0/24 maxlen: 24
                          212.8.224.0/22 maxlen: 22
                          212.8.229.0/24 maxlen: 24
                          212.8.228.0/24 maxlen: 24
                          2a07:505::/32 maxlen: 32
                          2a0e:7c41::/32 maxlen: 32
                          2a0e:7c45::/32 maxlen: 32
                          2a07:501::/32 maxlen: 32
                          2a0e:7c44::/32 maxlen: 32
                          2a07:504::/32 maxlen: 32
                          2a0e:7c42::/32 maxlen: 32
                          2a07:502::/32 maxlen: 32
                          2a0e:7c43::/32 maxlen: 32
                          2a07:507::/32 maxlen: 32
                          2a0e:7c47::/32 maxlen: 32
                          2a07:506::/32 maxlen: 32
                          2a0e:7c40::/32 maxlen: 32
                          2a07:500::/32 maxlen: 32
                          2a0e:7c46::/32 maxlen: 32
                          2a07:503::/32 maxlen: 32

Validation:               Failed, certificate revoked on Wed 15 Mar 2023 11:16:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:14:fd:aa:56:88:41:b0:d4:53:c7:73:b4:2c:7d:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6169716d0ae64068703140aa3730e3788fdd4c6
        Validity
            Not Before: Jan  2 01:25:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f77933e13b6c9e140722b731fb41a3c160dc4ef3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:07:a5:37:28:2e:66:02:00:1e:92:40:9d:66:
                    48:31:0c:f7:ee:2d:79:e7:f5:89:72:20:3c:fe:75:
                    b1:d2:2f:d1:bc:6f:53:a5:01:18:32:c9:41:57:17:
                    50:c1:b2:d5:3f:14:49:58:69:48:ad:f2:c0:f1:5b:
                    3b:1f:4c:1f:3d:cf:af:77:f0:e3:62:fc:ff:4a:8f:
                    46:08:a1:e4:f3:ad:88:52:de:d3:ec:98:53:7f:8a:
                    64:f4:4f:60:23:74:89:77:6d:4f:2a:6b:66:60:46:
                    1f:8c:3b:e0:36:26:4a:c0:3f:7e:83:19:b1:98:ea:
                    de:41:88:05:28:3a:f0:e9:1d:42:d5:95:d3:65:ca:
                    3d:5e:ae:85:07:02:80:46:42:a5:f3:2a:73:32:ce:
                    7b:b2:0b:8b:44:93:5d:d0:86:24:fd:86:d1:22:b3:
                    43:40:1c:1b:f3:3c:64:48:b2:7e:a2:0b:f6:c4:2f:
                    d0:13:41:b8:55:f4:cd:f3:f0:60:7b:05:9c:85:4f:
                    3f:2b:72:f3:a9:75:59:21:a5:d1:25:13:71:12:c5:
                    f3:b6:e5:51:4f:e9:be:97:c6:ab:7e:06:c5:a1:b3:
                    76:49:06:e0:5e:33:55:2a:ea:bc:c0:bb:10:3e:76:
                    3c:38:f3:07:89:31:0d:0e:1c:44:60:86:b8:b5:d9:
                    d3:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:79:33:E1:3B:6C:9E:14:07:22:B7:31:FB:41:A3:C1:60:DC:4E:F3
            X509v3 Authority Key Identifier:
                keyid:C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/93kz4TtsnhQHIrcx-0GjwWDcTvM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.134.12.0/24
                  45.134.14.0/23
                  212.8.224.0-212.8.229.255
                IPv6:
                  2a07:500::/29
                  2a0e:7c40::/29

    Signature Algorithm: sha256WithRSAEncryption
         33:f6:45:35:7f:e2:1d:bd:78:f6:a3:82:e9:d4:8d:cd:a9:38:
         30:03:de:86:b6:86:e4:68:99:72:a4:63:db:ef:9f:01:42:fb:
         d3:25:5d:92:c9:4e:17:36:0a:24:2f:f2:b2:92:da:c6:bf:29:
         5c:2b:18:ec:f7:1e:07:96:e7:69:68:cb:70:63:ad:59:6b:24:
         b6:c8:63:32:45:9c:ad:40:29:47:85:11:40:e9:78:6b:eb:25:
         ba:a1:16:74:36:bc:f8:fe:03:72:97:e0:b8:1e:e6:c3:f2:10:
         6a:42:68:0e:6b:7a:13:dc:77:a0:6c:4f:7d:25:0f:c6:2b:eb:
         a1:56:cd:b2:e4:54:e5:98:08:5a:8f:8b:81:0a:12:66:8e:c7:
         31:a6:fc:31:05:bd:75:50:e2:b6:28:9d:f1:32:2c:2b:6e:ab:
         e1:4b:1f:e5:76:0f:c3:e2:0b:f1:2c:5d:15:bf:cd:95:b1:4b:
         b6:e9:ee:5c:2e:41:fc:7c:4f:54:2a:48:a2:f6:c2:cf:f3:04:
         3f:17:54:d9:c0:ae:ed:ec:e5:b1:b0:38:cd:5e:81:a7:d1:e4:
         89:1a:e1:69:1d:4e:75:b8:2f:4f:d9:de:06:82:62:a5:9f:2b:
         ff:86:3d:75:06:d5:3c:17:70:1c:33:8c:30:b7:bb:02:b6:34:
         cd:72:e8:c5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVwFP2qVohBsNRTx3O0LH04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTY5NzE2ZDBhZTY0MDY4NzAzMTQwYWEzNzMwZTM3ODhm
ZGQ0YzYwHhcNMjMwMTAyMDEyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzc5MzNlMTNiNmM5ZTE0MDcyMmI3MzFmYjQxYTNjMTYwZGM0ZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QelNyguZgIAHpJAnWZIMQz37i15
5/WJciA8/nWx0i/RvG9TpQEYMslBVxdQwbLVPxRJWGlIrfLA8Vs7H0wfPc+vd/Dj
Yvz/So9GCKHk862IUt7T7JhTf4pk9E9gI3SJd21PKmtmYEYfjDvgNiZKwD9+gxmx
mOreQYgFKDrw6R1C1ZXTZco9Xq6FBwKARkKl8ypzMs57sguLRJNd0IYk/YbRIrND
QBwb8zxkSLJ+ogv2xC/QE0G4VfTN8/BgewWchU8/K3LzqXVZIaXRJRNxEsXztuVR
T+m+l8arfgbFobN2SQbgXjNVKuq8wLsQPnY8OPMHiTENDhxEYIa4tdnT3wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPd5M+E7bJ4UByK3MftBo8Fg3E7zMB8GA1UdIwQY
MBaAFMYWlxbQrmQGhwMUCqNzDjeI/dTGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2Yt
MDQyNDQ2YjcwZmIxLzEvOTNrejRUdHNuaFFISXJjeC0wR2p3V0RjVHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2YtMDQyNDQ2YjcwZmIx
LzEveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAgBAIAATAaAwQALYYMAwQB
LYYOMAwDBAXUCOADBAHUCOQwFAQCAAIwDgMFAyoHBQADBQMqDnxAMA0GCSqGSIb3
DQEBCwUAA4IBAQAz9kU1f+IdvXj2o4Lp1I3NqTgwA96GtobkaJlypGPb758BQvvT
JV2SyU4XNgokL/KyktrGvylcKxjs9x4HludpaMtwY61ZayS2yGMyRZytQClHhRFA
6Xhr6yW6oRZ0Nrz4/gNyl+C4HubD8hBqQmgOa3oT3HegbE99JQ/GK+uhVs2y5FTl
mAhaj4uBChJmjscxpvwxBb11UOK2KJ3xMiwrbqvhSx/ldg/D4gvxLF0Vv82VsUu2
6e5cLkH8fE9UKkii9sLP8wQ/F1TZwK7t7OWxsDjNXoGn0eSJGuFpHU51uC9P2d4G
gmKlnyv/hj11BtU8F3AcM4wwt7sCtjTNcujF
-----END CERTIFICATE-----