Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/_TAxA3bRMFdc2jpFH3jRSo3H2Mw.roa
File:                     _TAxA3bRMFdc2jpFH3jRSo3H2Mw.roa (raw, json)
Hash identifier:          UBzS2Q5KlsY8BLt3jY8/aKY0nqFpqXWOno3itgW5txE=
Subject key identifier:   FD:30:31:03:76:D1:30:57:5C:DA:3A:45:1F:78:D1:4A:8D:C7:D8:CC
Certificate issuer:       /CN=7642fd3f336ce6ee99e61fa977049a6c6a923e4a
Certificate serial:       01861B60AA0C170A65321064E591E9C31407
Authority key identifier: 76:42:FD:3F:33:6C:E6:EE:99:E6:1F:A9:77:04:9A:6C:6A:92:3E:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dkL9PzNs5u6Z5h-pdwSabGqSPko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/_TAxA3bRMFdc2jpFH3jRSo3H2Mw.roa
Signing time:             Sat 04 Feb 2023 07:42:45 +0000
ROA not before:           Sat 04 Feb 2023 07:42:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13347
IP address blocks:        46.162.38.0/24 maxlen: 24
                          46.162.32.0/24 maxlen: 24
                          46.162.33.0/24 maxlen: 24
                          46.162.34.0/24 maxlen: 24
                          46.162.35.0/24 maxlen: 24
                          46.162.36.0/24 maxlen: 24
                          46.162.39.0/24 maxlen: 24
                          46.162.40.0/24 maxlen: 24
                          46.162.41.0/24 maxlen: 24
                          46.162.42.0/24 maxlen: 24
                          46.162.43.0/24 maxlen: 24
                          46.162.44.0/24 maxlen: 24
                          46.162.45.0/24 maxlen: 24
                          46.162.46.0/24 maxlen: 24
                          46.162.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 04 Feb 2023 11:45:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:1b:60:aa:0c:17:0a:65:32:10:64:e5:91:e9:c3:14:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7642fd3f336ce6ee99e61fa977049a6c6a923e4a
        Validity
            Not Before: Feb  4 07:42:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd30310376d130575cda3a451f78d14a8dc7d8cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:24:2e:29:3a:08:aa:ca:98:17:87:45:ca:fb:
                    cc:e1:14:ea:39:fe:28:62:46:dc:70:d2:9b:50:0d:
                    72:d5:f7:72:fc:0d:87:72:b5:5f:e5:6b:ad:e9:5f:
                    46:3b:bf:40:c8:cd:62:6b:11:24:49:ef:a7:e5:bb:
                    52:16:0e:9a:28:6f:15:c4:e2:c2:da:19:5b:c7:a9:
                    5b:87:13:58:8d:34:47:fe:e1:9d:a8:e3:8e:f3:d7:
                    b6:91:f2:1a:fa:a3:16:57:8d:94:cf:76:e1:97:af:
                    d4:04:44:15:df:6a:7e:77:5c:30:5f:21:74:f9:e4:
                    e4:72:71:19:9e:78:2b:7c:ae:f7:64:a6:7e:e1:b7:
                    b6:10:82:2a:2a:47:6b:8e:be:98:ac:64:9c:1b:08:
                    1e:a4:3c:e3:cb:34:f8:6b:c0:16:cf:8d:e6:92:67:
                    88:7f:5f:a9:cb:40:65:a4:1e:1f:65:8c:2e:8f:ed:
                    50:71:ab:c9:2d:e6:cb:1a:4a:ce:7a:35:5f:10:93:
                    59:9d:41:4f:01:6d:22:17:88:b7:36:84:3d:45:b3:
                    5c:4e:84:53:83:3a:60:dc:59:10:8e:3b:7e:8e:bb:
                    f6:34:86:01:d8:b1:3f:df:b3:fa:d6:f6:4d:49:7e:
                    39:b6:bd:16:79:fa:ad:39:cf:da:b7:25:e4:4e:a1:
                    c9:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:30:31:03:76:D1:30:57:5C:DA:3A:45:1F:78:D1:4A:8D:C7:D8:CC
            X509v3 Authority Key Identifier:
                keyid:76:42:FD:3F:33:6C:E6:EE:99:E6:1F:A9:77:04:9A:6C:6A:92:3E:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkL9PzNs5u6Z5h-pdwSabGqSPko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/_TAxA3bRMFdc2jpFH3jRSo3H2Mw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/924546-d9c7-4a0d-ae00-62c43ac7c02f/1/dkL9PzNs5u6Z5h-pdwSabGqSPko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.162.32.0-46.162.36.255
                  46.162.38.0-46.162.47.255

    Signature Algorithm: sha256WithRSAEncryption
         52:ae:c4:6f:dd:5d:62:9a:b7:f0:02:b8:c1:17:33:e6:da:1b:
         04:7d:d9:49:17:0f:0f:cc:33:b1:5a:1c:c8:4d:bf:39:8c:93:
         f6:b8:2d:70:aa:96:c5:d1:84:ae:40:a1:fd:43:43:05:85:80:
         d7:fe:9b:26:65:7d:41:f7:99:8c:c2:25:ad:9e:5d:a2:2f:1a:
         88:e0:1f:24:ac:8c:f5:6a:c7:df:2d:f7:dc:15:bb:ac:26:fc:
         8d:03:8a:af:75:5e:d7:ea:1d:32:81:58:26:8e:df:e8:3b:ab:
         56:b5:95:22:24:4b:20:e5:f8:fc:fc:4a:40:40:13:d1:e0:38:
         bc:00:af:b2:bf:31:2e:4a:12:90:ce:29:d1:42:11:fa:5b:f2:
         55:25:5c:3e:a7:75:00:3d:dc:96:9d:7a:6a:2b:0f:e4:9a:6e:
         0a:9b:fd:77:bb:3d:ad:5e:62:ec:e9:ab:43:19:b8:86:f4:6d:
         82:ae:13:cf:18:be:1d:60:c9:3b:27:d2:95:2a:34:6e:97:a8:
         5c:54:5f:0c:b6:89:44:fd:07:b7:d5:78:e1:ab:62:45:56:2a:
         5a:ec:03:01:6a:29:fe:41:09:95:dd:84:9e:d1:31:0e:66:57:
         40:cc:78:e2:ef:d7:42:54:c0:43:a1:7c:c7:cc:e1:08:b1:fe:
         f5:1d:cb:c5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYYbYKoMFwplMhBk5ZHpwxQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NDJmZDNmMzM2Y2U2ZWU5OWU2MWZhOTc3MDQ5YTZjNmE5
MjNlNGEwHhcNMjMwMjA0MDc0MjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDMwMzEwMzc2ZDEzMDU3NWNkYTNhNDUxZjc4ZDE0YThkYzdkOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiQuKToIqsqYF4dFyvvM4RTqOf4o
YkbccNKbUA1y1fdy/A2HcrVf5Wut6V9GO79AyM1iaxEkSe+n5btSFg6aKG8VxOLC
2hlbx6lbhxNYjTRH/uGdqOOO89e2kfIa+qMWV42Uz3bhl6/UBEQV32p+d1wwXyF0
+eTkcnEZnngrfK73ZKZ+4be2EIIqKkdrjr6YrGScGwgepDzjyzT4a8AWz43mkmeI
f1+py0BlpB4fZYwuj+1QcavJLebLGkrOejVfEJNZnUFPAW0iF4i3NoQ9RbNcToRT
gzpg3FkQjjt+jrv2NIYB2LE/37P61vZNSX45tr0WefqtOc/atyXkTqHJIwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP0wMQN20TBXXNo6RR940UqNx9jMMB8GA1UdIwQY
MBaAFHZC/T8zbObumeYfqXcEmmxqkj5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGtMOVB6TnM1dTZaNWgtcGR3U2FiR3FTUGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85MjQ1NDYtZDljNy00YTBkLWFlMDAt
NjJjNDNhYzdjMDJmLzEvX1RBeEEzYlJNRmRjMmpwRkgzalJTbzNIMk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85MjQ1NDYtZDljNy00YTBkLWFlMDAtNjJjNDNhYzdjMDJm
LzEvZGtMOVB6TnM1dTZaNWgtcGR3U2FiR3FTUGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAUuoiAD
BAAuoiQwDAMEAS6iJgMEBC6iIDANBgkqhkiG9w0BAQsFAAOCAQEAUq7Eb91dYpq3
8AK4wRcz5tobBH3ZSRcPD8wzsVocyE2/OYyT9rgtcKqWxdGErkCh/UNDBYWA1/6b
JmV9QfeZjMIlrZ5doi8aiOAfJKyM9WrH3y333BW7rCb8jQOKr3Ve1+odMoFYJo7f
6DurVrWVIiRLIOX4/PxKQEAT0eA4vACvsr8xLkoSkM4p0UIR+lvyVSVcPqd1AD3c
lp16aisP5JpuCpv9d7s9rV5i7OmrQxm4hvRtgq4Tzxi+HWDJOyfSlSo0bpeoXFRf
DLaJRP0Ht9V44atiRVYqWuwDAWop/kEJld2EntExDmZXQMx44u/XQlTAQ6F8x8zh
CLH+9R3LxQ==
-----END CERTIFICATE-----