Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/VaNGdgfW1UTL0mmpq8iViniwsfU.roa
File:                     VaNGdgfW1UTL0mmpq8iViniwsfU.roa (raw, json)
Hash identifier:          lKeowlZCS7Uzn0jbOUOh8/YM8bxG+9UD8+pNW+hUun0=
Subject key identifier:   55:A3:46:76:07:D6:D5:44:CB:D2:69:A9:AB:C8:95:8A:78:B0:B1:F5
Certificate issuer:       /CN=7642fd3f336ce6ee99e61fa977049a6c6a923e4a
Certificate serial:       0189EDB0DE9662DC2582BE577B64EA853AE6
Authority key identifier: 76:42:FD:3F:33:6C:E6:EE:99:E6:1F:A9:77:04:9A:6C:6A:92:3E:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dkL9PzNs5u6Z5h-pdwSabGqSPko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/VaNGdgfW1UTL0mmpq8iViniwsfU.roa
Signing time:             Sun 13 Aug 2023 06:58:58 +0000
ROA not before:           Sun 13 Aug 2023 06:58:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        46.162.3.0/24 maxlen: 24
                          46.162.0.0/24 maxlen: 24
                          46.162.8.0/24 maxlen: 24
                          46.162.9.0/24 maxlen: 24
                          46.162.10.0/24 maxlen: 24
                          46.162.10.0/23 maxlen: 24
                          46.162.11.0/24 maxlen: 24
                          46.162.15.0/24 maxlen: 24
                          46.162.12.0/24 maxlen: 24
                          46.162.18.0/24 maxlen: 24
                          46.162.23.0/24 maxlen: 24
                          46.162.26.0/24 maxlen: 24
                          46.162.32.0/24 maxlen: 24
                          46.162.50.0/24 maxlen: 24
                          46.162.51.0/24 maxlen: 24
                          46.162.48.0/24 maxlen: 24
                          46.162.49.0/24 maxlen: 24
                          46.162.52.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sun 20 Aug 2023 17:22:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ed:b0:de:96:62:dc:25:82:be:57:7b:64:ea:85:3a:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7642fd3f336ce6ee99e61fa977049a6c6a923e4a
        Validity
            Not Before: Aug 13 06:58:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=55a3467607d6d544cbd269a9abc8958a78b0b1f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:bb:08:3a:5a:14:6d:59:8d:59:c0:36:ad:0d:
                    e2:c1:22:0f:12:61:49:c0:b2:cb:79:75:55:da:e2:
                    9c:7b:0d:a6:70:bb:e3:69:e2:51:2a:ea:e6:64:a9:
                    85:63:be:32:d6:a8:de:63:d4:f0:34:9a:e5:1c:8f:
                    d2:c2:d9:c9:7e:eb:45:69:70:b7:cc:34:f0:7f:33:
                    2e:78:76:68:c1:e7:62:40:5b:3d:43:3f:9d:33:a5:
                    17:a6:5e:21:ac:71:b7:b7:58:3a:84:1f:f8:ec:7e:
                    13:4b:81:a8:25:5a:7e:55:cb:6a:eb:ba:d7:bd:6b:
                    0a:77:4c:7d:dc:2e:df:6f:bc:7a:6c:2c:ee:49:71:
                    9e:f8:ef:50:ed:f7:cf:ba:f5:1b:a6:b9:a7:28:0c:
                    c7:02:e8:88:02:e4:d2:63:95:20:29:5f:0d:dd:a1:
                    75:0d:4b:33:c6:6d:db:f1:04:9f:92:64:b4:40:20:
                    8f:26:3b:88:8f:6f:b9:44:0c:cd:e0:ef:70:36:ce:
                    1b:1d:d6:99:ad:6b:69:48:a9:47:81:52:c0:9c:0b:
                    5a:26:01:e9:a5:03:b1:df:0c:99:20:78:87:9c:89:
                    70:b2:4f:48:31:09:7f:08:4c:d8:ce:cc:0d:61:f5:
                    b9:78:cd:40:17:42:24:e6:a5:a1:b3:8c:20:c6:6b:
                    6c:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:A3:46:76:07:D6:D5:44:CB:D2:69:A9:AB:C8:95:8A:78:B0:B1:F5
            X509v3 Authority Key Identifier:
                keyid:76:42:FD:3F:33:6C:E6:EE:99:E6:1F:A9:77:04:9A:6C:6A:92:3E:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkL9PzNs5u6Z5h-pdwSabGqSPko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/VaNGdgfW1UTL0mmpq8iViniwsfU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/dkL9PzNs5u6Z5h-pdwSabGqSPko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.162.0.0/24
                  46.162.3.0/24
                  46.162.8.0-46.162.12.255
                  46.162.15.0/24
                  46.162.18.0/24
                  46.162.23.0/24
                  46.162.26.0/24
                  46.162.32.0/24
                  46.162.48.0-46.162.53.255

    Signature Algorithm: sha256WithRSAEncryption
         80:17:78:66:b9:c3:9e:49:0f:42:9e:72:01:31:26:b6:a3:e3:
         0d:31:4e:df:da:ef:13:ad:ef:f8:39:72:2d:37:c0:15:43:b7:
         b6:52:4b:ba:9c:de:f0:fe:ab:4f:6d:95:64:12:fc:6d:b9:ef:
         9c:bf:eb:56:33:d0:fa:eb:48:a5:53:7a:08:c0:22:bf:20:96:
         ea:6c:ed:d8:40:fb:cc:8b:2c:ca:fc:1a:a2:1b:7d:02:1f:ce:
         28:cd:8c:fe:54:56:21:28:5a:6e:d4:b6:6b:e3:67:a4:4f:2d:
         11:67:b5:7c:c7:3a:0c:12:19:7f:fb:31:d7:22:27:d8:46:1c:
         24:f7:b4:8e:c1:11:4f:62:c5:a2:64:db:4f:a3:46:38:2c:80:
         75:5d:01:e3:b9:c6:75:d8:5b:02:a1:cd:13:95:57:61:f5:94:
         12:91:b4:b7:ba:0d:a9:6a:ae:15:2e:10:ba:35:0b:c1:6b:71:
         f7:4e:e0:99:cd:dc:5a:de:31:46:0c:18:8b:aa:bd:a3:3d:0a:
         16:72:fe:88:5b:f7:f4:b2:71:c5:3c:71:24:a7:de:59:05:34:
         84:a7:fb:de:90:ce:59:02:f4:7c:59:1d:14:55:37:02:7b:79:
         d5:fd:ff:f2:a2:d6:00:7d:4c:30:14:15:cb:ba:ee:50:0f:7c:
         83:4d:19:01
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYntsN6WYtwlgr5Xe2TqhTrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NDJmZDNmMzM2Y2U2ZWU5OWU2MWZhOTc3MDQ5YTZjNmE5
MjNlNGEwHhcNMjMwODEzMDY1ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWEzNDY3NjA3ZDZkNTQ0Y2JkMjY5YTlhYmM4OTU4YTc4YjBiMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7sIOloUbVmNWcA2rQ3iwSIPEmFJ
wLLLeXVV2uKcew2mcLvjaeJRKurmZKmFY74y1qjeY9TwNJrlHI/SwtnJfutFaXC3
zDTwfzMueHZowediQFs9Qz+dM6UXpl4hrHG3t1g6hB/47H4TS4GoJVp+Vctq67rX
vWsKd0x93C7fb7x6bCzuSXGe+O9Q7ffPuvUbprmnKAzHAuiIAuTSY5UgKV8N3aF1
DUszxm3b8QSfkmS0QCCPJjuIj2+5RAzN4O9wNs4bHdaZrWtpSKlHgVLAnAtaJgHp
pQOx3wyZIHiHnIlwsk9IMQl/CEzYzswNYfW5eM1AF0Ik5qWhs4wgxmts8wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFFWjRnYH1tVEy9JpqavIlYp4sLH1MB8GA1UdIwQY
MBaAFHZC/T8zbObumeYfqXcEmmxqkj5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGtMOVB6TnM1dTZaNWgtcGR3U2FiR3FTUGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85MjQ1NDYtZDljNy00YTBkLWFlMDAt
NjJjNDNhYzdjMDJmLzEvVmFOR2RnZlcxVVRMMG1tcHE4aVZpbml3c2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85MjQ1NDYtZDljNy00YTBkLWFlMDAtNjJjNDNhYzdjMDJm
LzEvZGtMOVB6TnM1dTZaNWgtcGR3U2FiR3FTUGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQALqIAAwQA
LqIDMAwDBAMuoggDBAAuogwDBAAuog8DBAAuohIDBAAuohcDBAAuohoDBAAuoiAw
DAMEBC6iMAMEAS6iNDANBgkqhkiG9w0BAQsFAAOCAQEAgBd4ZrnDnkkPQp5yATEm
tqPjDTFO39rvE63v+DlyLTfAFUO3tlJLupze8P6rT22VZBL8bbnvnL/rVjPQ+utI
pVN6CMAivyCW6mzt2ED7zIssyvwaoht9Ah/OKM2M/lRWIShabtS2a+NnpE8tEWe1
fMc6DBIZf/sx1yIn2EYcJPe0jsERT2LFomTbT6NGOCyAdV0B47nGddhbAqHNE5VX
YfWUEpG0t7oNqWquFS4QujULwWtx907gmc3cWt4xRgwYi6q9oz0KFnL+iFv39LJx
xTxxJKfeWQU0hKf73pDOWQL0fFkdFFU3Ant51f3/8qLWAH1MMBQVy7ruUA98g00Z
AQ==
-----END CERTIFICATE-----