Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/gs4feMZ9E4Rz4nIce5j-7BitzUw.roa
File:                     gs4feMZ9E4Rz4nIce5j-7BitzUw.roa (raw, json)
Hash identifier:          Xc13OwnbEuaVUfNXOuuXYW+CPtJq68kzo82nVXURoZ0=
Subject key identifier:   82:CE:1F:78:C6:7D:13:84:73:E2:72:1C:7B:98:FE:EC:18:AD:CD:4C
Certificate issuer:       /CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
Certificate serial:       018DCB6DC268ED261DF1E79442EAC0588F3E
Authority key identifier: E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/gs4feMZ9E4Rz4nIce5j-7BitzUw.roa
Signing time:             Wed 21 Feb 2024 11:29:44 +0000
ROA not before:           Wed 21 Feb 2024 11:29:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197075
IP address blocks:        37.77.160.0/21 maxlen: 24
                          45.156.60.0/23 maxlen: 23
                          45.156.62.0/23 maxlen: 23
                          46.31.104.0/21 maxlen: 24
                          81.29.176.0/22 maxlen: 23
                          185.37.116.0/22 maxlen: 23
                          185.47.138.0/24 maxlen: 24
                          185.59.20.0/22 maxlen: 23
                          185.186.12.0/22 maxlen: 23
                          185.246.95.0/24 maxlen: 24
                          2a02:2420::/32 maxlen: 48
Validation:               Failed, certificate revoked on Wed 05 Jun 2024 07:27:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:cb:6d:c2:68:ed:26:1d:f1:e7:94:42:ea:c0:58:8f:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
        Validity
            Not Before: Feb 21 11:29:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=82ce1f78c67d138473e2721c7b98feec18adcd4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:51:b8:21:7c:13:12:c9:e1:0c:09:a5:1c:32:
                    fc:51:1b:d6:e4:87:dc:3a:02:03:f4:a4:5e:6c:f1:
                    20:7c:92:78:d6:8b:a4:d0:99:f5:64:72:90:5b:93:
                    a5:ed:95:da:66:68:64:0c:84:21:21:77:aa:39:9d:
                    bb:9e:60:0b:cd:2a:5f:98:d5:02:dc:70:b4:3f:36:
                    15:64:5f:38:3f:66:8c:2c:ba:ed:f4:41:20:35:83:
                    20:5f:1c:72:54:0e:28:21:cd:c7:f4:42:63:a7:6b:
                    ff:27:5f:72:45:fb:42:69:c3:02:5c:ec:5e:b5:97:
                    b4:1f:6a:ee:cd:18:dc:81:2b:95:14:b1:a5:d7:68:
                    91:8e:d3:06:21:e9:ad:0f:44:84:30:1a:7c:d1:a1:
                    c7:b4:6f:1c:d4:11:18:ca:d5:a5:6c:52:6e:a6:06:
                    50:8f:fe:99:7f:61:b2:f7:a2:a6:a0:8c:b3:7c:34:
                    1b:d6:f0:d3:de:5a:29:8b:e2:96:d1:13:8b:d1:c5:
                    44:48:6f:e2:01:6e:3b:be:e9:b4:02:35:f6:03:cb:
                    df:e2:dc:e7:ce:12:e4:e0:3b:05:5f:7d:c6:1c:6d:
                    74:7d:d9:35:de:b5:ea:ee:36:e8:98:fd:5d:25:22:
                    41:6e:cb:47:c0:b8:c1:d2:a8:4b:36:1e:e4:c1:1b:
                    da:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:CE:1F:78:C6:7D:13:84:73:E2:72:1C:7B:98:FE:EC:18:AD:CD:4C
            X509v3 Authority Key Identifier:
                keyid:E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/gs4feMZ9E4Rz4nIce5j-7BitzUw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/5vqg0vXewCAfVeQJecGQm223fDs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.77.160.0/21
                  45.156.60.0/22
                  46.31.104.0/21
                  81.29.176.0/22
                  185.37.116.0/22
                  185.47.138.0/24
                  185.59.20.0/22
                  185.186.12.0/22
                  185.246.95.0/24
                IPv6:
                  2a02:2420::/32

    Signature Algorithm: sha256WithRSAEncryption
         64:19:40:39:15:c9:1f:f6:56:e9:f3:73:69:a9:b5:eb:f7:ee:
         bf:0f:80:fc:26:65:6d:08:e3:29:ef:2d:6d:16:32:02:6c:c6:
         1c:9e:1f:26:39:07:4f:41:b0:7e:0a:08:97:05:06:d0:fb:43:
         b3:99:09:a3:30:00:ee:86:ef:71:b7:96:dd:c6:98:30:7a:1a:
         9e:0d:45:02:ea:0f:e5:88:66:63:2a:a6:8c:c3:64:aa:83:e4:
         d5:6b:32:59:18:69:39:06:ee:3f:86:0b:05:fc:85:6b:91:9a:
         fe:b4:d5:28:6f:fe:ea:83:2a:22:1f:cd:3b:7c:53:c2:2d:09:
         83:fd:03:58:98:2d:88:e8:da:b5:3f:f8:e4:f5:9c:11:2a:58:
         34:7f:72:44:1c:7e:5b:e7:b9:85:4d:7b:14:7b:14:3f:92:2d:
         d5:80:62:c8:ea:76:d4:10:5f:26:50:2e:71:31:6d:d4:50:56:
         54:4c:65:5e:3f:46:bb:1b:65:c6:5c:22:b1:75:1c:53:10:df:
         d9:05:00:5d:ea:51:3e:b2:d8:f0:8e:9d:98:86:31:8d:94:10:
         02:8a:b5:9e:15:b9:df:e8:33:5f:13:69:70:c0:eb:23:9c:19:
         39:1b:b7:c3:d3:1d:e6:cc:14:2a:79:19:65:4c:1b:07:98:15:
         ce:6d:bc:1c
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY3LbcJo7SYd8eeUQurAWI8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZmFhMGQyZjVkZWMwMjAxZjU1ZTQwOTc5YzE5MDliNmRi
NzdjM2IwHhcNMjQwMjIxMTEyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmNlMWY3OGM2N2QxMzg0NzNlMjcyMWM3Yjk4ZmVlYzE4YWRjZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1G4IXwTEsnhDAmlHDL8URvW5Ifc
OgID9KRebPEgfJJ41ouk0Jn1ZHKQW5Ol7ZXaZmhkDIQhIXeqOZ27nmALzSpfmNUC
3HC0PzYVZF84P2aMLLrt9EEgNYMgXxxyVA4oIc3H9EJjp2v/J19yRftCacMCXOxe
tZe0H2ruzRjcgSuVFLGl12iRjtMGIemtD0SEMBp80aHHtG8c1BEYytWlbFJupgZQ
j/6Zf2Gy96KmoIyzfDQb1vDT3lopi+KW0ROL0cVESG/iAW47vum0AjX2A8vf4tzn
zhLk4DsFX33GHG10fdk13rXq7jbomP1dJSJBbstHwLjB0qhLNh7kwRvaJQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFILOH3jGfROEc+JyHHuY/uwYrc1MMB8GA1UdIwQY
MBaAFOb6oNL13sAgH1XkCXnBkJttt3w7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXZxZzB2WGV3Q0FmVmVRSmVjR1FtMjIzZkRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wOTc3NDgtNWNjOC00NTBmLTlmYmIt
OGM4ZDEwZThlYWJjLzEvZ3M0ZmVNWjlFNFJ6NG5JY2U1ai03Qml0elV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8wOTc3NDgtNWNjOC00NTBmLTlmYmItOGM4ZDEwZThlYWJj
LzEvNXZxZzB2WGV3Q0FmVmVRSmVjR1FtMjIzZkRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDJU2gAwQC
LZw8AwQDLh9oAwQCUR2wAwQCuSV0AwQAuS+KAwQCuTsUAwQCuboMAwQAufZfMA0E
AgACMAcDBQAqAiQgMA0GCSqGSIb3DQEBCwUAA4IBAQBkGUA5Fckf9lbp83NpqbXr
9+6/D4D8JmVtCOMp7y1tFjICbMYcnh8mOQdPQbB+CgiXBQbQ+0OzmQmjMADuhu9x
t5bdxpgwehqeDUUC6g/liGZjKqaMw2Sqg+TVazJZGGk5Bu4/hgsF/IVrkZr+tNUo
b/7qgyoiH807fFPCLQmD/QNYmC2I6Nq1P/jk9ZwRKlg0f3JEHH5b57mFTXsUexQ/
ki3VgGLI6nbUEF8mUC5xMW3UUFZUTGVeP0a7G2XGXCKxdRxTEN/ZBQBd6lE+stjw
jp2YhjGNlBACirWeFbnf6DNfE2lwwOsjnBk5G7fD0x3mzBQqeRllTBsHmBXObbwc
-----END CERTIFICATE-----