Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/_UlZFtAoiePY7uNOlDYYmUfy3nY.roa
File:                     _UlZFtAoiePY7uNOlDYYmUfy3nY.roa (raw, json)
Hash identifier:          N7x1cU493QfBpiTXElo3ptWpmzlx8EWMgi/cS8xzd/o=
Subject key identifier:   FD:49:59:16:D0:28:89:E3:D8:EE:E3:4E:94:36:18:99:47:F2:DE:76
Certificate issuer:       /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial:       0190436ADBC8CCC29B1CDDFA5E76E3A2480E
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/_UlZFtAoiePY7uNOlDYYmUfy3nY.roa
Signing time:             Sun 23 Jun 2024 04:46:34 +0000
ROA not before:           Sun 23 Jun 2024 04:46:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60262
IP address blocks:        2a0c:e500::/29 maxlen: 29
                          2a11:1300::/29 maxlen: 29
                          2a11:3140::/29 maxlen: 29
                          2a11:3c80::/29 maxlen: 29
                          2a11:7a00::/29 maxlen: 29
                          2a11:7dc0::/29 maxlen: 29
                          2a11:ac00::/29 maxlen: 29
                          2a11:b040::/29 maxlen: 29
                          2a12:2900::/29 maxlen: 29
                          2a12:5000::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 24 Jun 2024 04:17:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:43:6a:db:c8:cc:c2:9b:1c:dd:fa:5e:76:e3:a2:48:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
        Validity
            Not Before: Jun 23 04:46:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fd495916d02889e3d8eee34e9436189947f2de76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:79:a6:f3:02:8f:b6:19:a4:bb:1d:65:c0:29:
                    32:54:e9:ed:54:c9:14:87:98:a4:20:9f:ea:3d:f8:
                    8f:1a:b1:d6:07:bd:ac:e3:c6:9d:a9:3b:84:cf:63:
                    a1:0e:f4:70:88:02:c5:a5:fb:ff:6b:e3:28:41:19:
                    8c:9a:b6:0c:93:76:02:19:d1:a1:d7:46:71:47:e8:
                    c0:94:a1:ef:de:97:d9:18:8e:4f:e8:6e:62:2b:ac:
                    e4:1f:0e:8b:c9:36:3b:61:99:1a:f4:11:04:bd:d0:
                    d8:2f:63:61:10:24:c3:15:28:33:eb:07:f2:ed:f3:
                    8e:63:fe:2a:d3:a4:af:63:00:a4:36:84:0f:06:66:
                    4f:5c:e2:84:d7:ab:72:15:9a:21:fd:dd:26:25:cd:
                    7d:06:f7:cd:69:a8:92:0b:1b:53:bd:c5:c3:f8:4c:
                    dd:79:93:36:41:8c:f9:47:45:b1:bf:0f:e8:d7:5c:
                    6d:a8:fa:ef:0f:91:17:73:a1:64:74:58:12:23:c0:
                    3a:0b:d1:24:2e:fb:fc:c8:ae:3b:09:b6:fa:ab:f4:
                    52:73:b7:6b:8e:55:69:99:b7:40:9e:d3:9e:c4:9b:
                    22:2d:22:43:69:47:e7:2c:73:f6:18:24:ae:1c:1d:
                    99:3a:85:43:fc:b1:4f:48:64:39:bb:d4:9a:71:3f:
                    aa:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:49:59:16:D0:28:89:E3:D8:EE:E3:4E:94:36:18:99:47:F2:DE:76
            X509v3 Authority Key Identifier:
                keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/_UlZFtAoiePY7uNOlDYYmUfy3nY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0c:e500::/29
                  2a11:1300::/29
                  2a11:3140::/29
                  2a11:3c80::/29
                  2a11:7a00::/29
                  2a11:7dc0::/29
                  2a11:ac00::/29
                  2a11:b040::/29
                  2a12:2900::/29
                  2a12:5000::/29

    Signature Algorithm: sha256WithRSAEncryption
         72:6f:9c:df:65:17:13:d2:3c:81:1a:f9:28:d8:35:4d:cc:90:
         2a:be:4f:48:5a:a6:2f:b0:42:b3:63:e2:dd:a0:0b:54:52:5c:
         e8:de:11:2d:83:26:41:b6:92:70:3e:d0:a1:5d:2f:b0:c6:c1:
         b8:5c:37:97:29:3f:ee:de:17:53:20:b1:a3:00:0d:7e:1e:56:
         23:ce:e7:d1:1a:9f:53:76:fa:77:0b:be:e0:ae:ec:30:9f:d4:
         82:a3:16:0b:25:1a:fa:3b:b0:1d:d4:19:98:a2:7e:95:85:ae:
         52:cf:c2:9f:12:45:d7:54:bd:50:8f:75:8a:c3:94:63:df:9c:
         29:4d:94:c5:8b:95:21:2d:39:7d:99:e0:18:42:01:45:0f:65:
         6b:5c:6a:a9:bc:e3:fa:b0:33:e8:3f:5c:aa:8c:eb:37:e3:2b:
         a6:76:62:8c:99:ad:ea:46:8e:8d:6c:98:28:79:fa:66:e8:13:
         a5:a4:0b:4d:46:9c:d2:08:c0:a6:76:a9:10:bb:28:02:9f:1f:
         7f:25:c7:5a:72:bd:86:95:5a:25:5d:d0:10:0e:5b:d7:30:90:
         c8:1c:3e:4a:09:b3:6b:78:01:2f:09:e1:83:e4:5e:be:c4:bf:
         6a:4b:ff:67:bc:4e:8d:81:40:ee:33:c3:c5:6a:23:a5:08:4d:
         55:ab:38:14
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZBDatvIzMKbHN36XnbjokgOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjQwNjIzMDQ0NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDQ5NTkxNmQwMjg4OWUzZDhlZWUzNGU5NDM2MTg5OTQ3ZjJkZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHmm8wKPthmkux1lwCkyVOntVMkU
h5ikIJ/qPfiPGrHWB72s48adqTuEz2OhDvRwiALFpfv/a+MoQRmMmrYMk3YCGdGh
10ZxR+jAlKHv3pfZGI5P6G5iK6zkHw6LyTY7YZka9BEEvdDYL2NhECTDFSgz6wfy
7fOOY/4q06SvYwCkNoQPBmZPXOKE16tyFZoh/d0mJc19BvfNaaiSCxtTvcXD+Ezd
eZM2QYz5R0Wxvw/o11xtqPrvD5EXc6FkdFgSI8A6C9EkLvv8yK47Cbb6q/RSc7dr
jlVpmbdAntOexJsiLSJDaUfnLHP2GCSuHB2ZOoVD/LFPSGQ5u9SacT+q0wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFP1JWRbQKInj2O7jTpQ2GJlH8t52MB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvX1VsWkZ0QW9pZVBZN3VOT2xEWVltVWZ5M25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKgzlAAMF
AyoREwADBQMqETFAAwUDKhE8gAMFAyoRegADBQMqEX3AAwUDKhGsAAMFAyoRsEAD
BQMqEikAAwUDKhJQADANBgkqhkiG9w0BAQsFAAOCAQEAcm+c32UXE9I8gRr5KNg1
TcyQKr5PSFqmL7BCs2Pi3aALVFJc6N4RLYMmQbaScD7QoV0vsMbBuFw3lyk/7t4X
UyCxowANfh5WI87n0RqfU3b6dwu+4K7sMJ/UgqMWCyUa+juwHdQZmKJ+lYWuUs/C
nxJF11S9UI91isOUY9+cKU2UxYuVIS05fZngGEIBRQ9la1xqqbzj+rAz6D9cqozr
N+MrpnZijJmt6kaOjWyYKHn6ZugTpaQLTUac0gjApnapELsoAp8ffyXHWnK9hpVa
JV3QEA5b1zCQyBw+Sgmza3gBLwnhg+RevsS/akv/Z7xOjYFA7jPDxWojpQhNVas4
FA==
-----END CERTIFICATE-----