Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/VN3dfgpKqgoEHen7J1RDAZPZhqg.roa
File:                     VN3dfgpKqgoEHen7J1RDAZPZhqg.roa (raw, json)
Hash identifier:          Jogu64h4k63xVx2WdepddwPzGjc2yXxC8XpBxIWaRLU=
Subject key identifier:   54:DD:DD:7E:0A:4A:AA:0A:04:1D:E9:FB:27:54:43:01:93:D9:86:A8
Certificate issuer:       /CN=586329f307b98285b71d22c7197ec19b701ded67
Certificate serial:       0188914FE54F1C5B20D9A485FC6058E9C8A2
Authority key identifier: 58:63:29:F3:07:B9:82:85:B7:1D:22:C7:19:7E:C1:9B:70:1D:ED:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/VN3dfgpKqgoEHen7J1RDAZPZhqg.roa
Signing time:             Tue 06 Jun 2023 15:25:12 +0000
ROA not before:           Tue 06 Jun 2023 15:25:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42586
IP address blocks:        77.36.128.0/17 maxlen: 20
                          77.36.128.0/19 maxlen: 19
                          77.36.128.0/20 maxlen: 20
                          77.36.128.0/18 maxlen: 18
                          77.36.144.0/20 maxlen: 20
                          77.36.224.0/20 maxlen: 20
                          77.36.224.0/19 maxlen: 19
                          77.36.240.0/20 maxlen: 20
                          77.36.160.0/20 maxlen: 20
                          77.36.160.0/19 maxlen: 19
                          77.36.165.0/24 maxlen: 24
                          185.194.244.0/22 maxlen: 22
                          77.36.166.0/24 maxlen: 24
                          77.36.163.0/24 maxlen: 24
                          77.36.164.0/24 maxlen: 24
                          77.36.176.0/20 maxlen: 20
                          77.36.192.0/20 maxlen: 20
                          77.36.192.0/19 maxlen: 19
                          77.36.192.0/18 maxlen: 18
                          77.36.208.0/20 maxlen: 20

Validation:               Failed, certificate revoked on Wed 16 Aug 2023 06:28:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:91:4f:e5:4f:1c:5b:20:d9:a4:85:fc:60:58:e9:c8:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=586329f307b98285b71d22c7197ec19b701ded67
        Validity
            Not Before: Jun  6 15:25:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=54dddd7e0a4aaa0a041de9fb2754430193d986a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:d1:ec:00:22:48:a2:21:00:d4:92:c6:30:df:
                    de:31:bb:62:73:ea:f8:a4:a5:7e:df:51:e9:a9:cd:
                    6d:df:73:38:fb:cf:5e:df:6b:69:a4:03:5d:d2:29:
                    5d:a7:18:27:07:5e:5a:f9:aa:8a:6a:a2:a9:bf:8e:
                    81:ce:c0:c2:db:0a:10:87:23:97:4d:79:f9:83:42:
                    c4:65:ef:4d:3b:e3:29:4a:b6:76:7c:06:e5:fd:7a:
                    c4:b1:4f:fd:10:09:bb:31:da:52:80:60:46:27:e3:
                    af:9d:c6:6e:e1:d8:9d:d6:ac:96:91:12:0d:e7:fc:
                    ef:56:29:b8:43:f9:3c:da:84:be:79:43:8c:e4:dd:
                    96:6f:06:7b:7e:6b:fa:ce:d0:db:4a:70:ea:59:7a:
                    07:c1:03:f9:99:50:5f:4c:22:d5:8b:fd:5f:27:6c:
                    1d:2f:0a:e4:6e:9f:e8:18:8d:c7:2a:c6:f5:42:c9:
                    a6:a0:6b:89:5d:c1:fd:e2:00:41:de:75:2f:5e:ea:
                    04:ed:fa:f4:58:40:6d:71:d9:cf:a5:d8:0b:be:3b:
                    0a:8f:96:91:7f:25:07:d2:6d:0c:cf:b1:40:8b:10:
                    49:4e:5a:d6:b2:ff:50:ac:9c:b1:70:4e:69:4f:ff:
                    fc:7c:46:87:72:ee:c1:54:7a:1a:6d:dc:dd:d2:37:
                    9b:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:DD:DD:7E:0A:4A:AA:0A:04:1D:E9:FB:27:54:43:01:93:D9:86:A8
            X509v3 Authority Key Identifier:
                keyid:58:63:29:F3:07:B9:82:85:B7:1D:22:C7:19:7E:C1:9B:70:1D:ED:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/VN3dfgpKqgoEHen7J1RDAZPZhqg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.36.128.0/17
                  185.194.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         15:f4:c3:6c:02:54:44:d8:5b:21:93:9a:62:d0:f2:fd:a4:b3:
         d9:f3:b1:35:75:b0:db:6d:e6:ff:3e:57:a8:f7:e8:1d:7e:32:
         ce:9d:f8:33:5e:02:10:2e:bc:da:52:e9:31:e4:8e:d5:ae:45:
         af:31:0a:1b:c8:88:5a:3f:14:59:7e:a5:97:3d:09:ba:49:9e:
         bb:02:8e:03:a3:7d:73:11:40:30:f0:ad:38:60:fd:5d:e1:ef:
         4e:2f:ee:67:c7:43:4b:2b:ff:48:7d:f8:8d:8f:e6:22:34:08:
         5c:15:ae:e3:6d:b2:25:6d:4b:55:01:87:39:17:c3:3f:d2:e7:
         1b:71:6e:be:70:a9:d1:7c:33:47:ff:24:03:98:7d:cc:27:dc:
         68:c0:f9:1e:d6:de:c2:c7:83:40:88:04:87:cd:f5:cb:fa:37:
         52:ce:8f:66:a7:3d:b6:a9:2c:a7:4d:7a:d6:ba:a4:f4:d7:29:
         89:10:a0:74:2e:26:2e:5d:1b:de:11:be:c4:aa:47:81:d9:00:
         6b:cc:63:f1:6b:4e:60:bb:bc:03:ec:b8:ab:fc:dd:8f:80:8a:
         cc:16:a2:d7:dd:e1:b1:86:6d:de:a0:c6:15:b8:37:c1:df:a2:
         c3:7a:8c:7d:aa:d3:5c:45:46:6f:45:e1:b7:20:d5:6e:56:f9:
         a7:5c:75:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiRT+VPHFsg2aSF/GBY6ciiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjMyOWYzMDdiOTgyODViNzFkMjJjNzE5N2VjMTliNzAx
ZGVkNjcwHhcNMjMwNjA2MTUyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGRkZGQ3ZTBhNGFhYTBhMDQxZGU5ZmIyNzU0NDMwMTkzZDk4NmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9HsACJIoiEA1JLGMN/eMbtic+r4
pKV+31Hpqc1t33M4+89e32tppANd0ildpxgnB15a+aqKaqKpv46BzsDC2woQhyOX
TXn5g0LEZe9NO+MpSrZ2fAbl/XrEsU/9EAm7MdpSgGBGJ+OvncZu4did1qyWkRIN
5/zvVim4Q/k82oS+eUOM5N2WbwZ7fmv6ztDbSnDqWXoHwQP5mVBfTCLVi/1fJ2wd
Lwrkbp/oGI3HKsb1QsmmoGuJXcH94gBB3nUvXuoE7fr0WEBtcdnPpdgLvjsKj5aR
fyUH0m0Mz7FAixBJTlrWsv9QrJyxcE5pT//8fEaHcu7BVHoabdzd0jebtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFTd3X4KSqoKBB3p+ydUQwGT2YaoMB8GA1UdIwQY
MBaAFFhjKfMHuYKFtx0ixxl+wZtwHe1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0dNcDh3ZTVnb1czSFNMSEdYN0JtM0FkN1djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wZWUyYWItMDdkOS00YTgxLWFiZjAt
ZTBlNGJlNjY5NmY5LzEvVk4zZGZncEtxZ29FSGVuN0oxUkRBWlBaaHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wZWUyYWItMDdkOS00YTgxLWFiZjAtZTBlNGJlNjY5NmY5
LzEvV0dNcDh3ZTVnb1czSFNMSEdYN0JtM0FkN1djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHTSSAAwQC
ucL0MA0GCSqGSIb3DQEBCwUAA4IBAQAV9MNsAlRE2Fshk5pi0PL9pLPZ87E1dbDb
beb/Pleo9+gdfjLOnfgzXgIQLrzaUukx5I7VrkWvMQobyIhaPxRZfqWXPQm6SZ67
Ao4Do31zEUAw8K04YP1d4e9OL+5nx0NLK/9IffiNj+YiNAhcFa7jbbIlbUtVAYc5
F8M/0ucbcW6+cKnRfDNH/yQDmH3MJ9xowPke1t7Cx4NAiASHzfXL+jdSzo9mpz22
qSynTXrWuqT01ymJEKB0LiYuXRveEb7EqkeB2QBrzGPxa05gu7wD7Lir/N2PgIrM
FqLX3eGxhm3eoMYVuDfB36LDeox9qtNcRUZvReG3INVuVvmnXHVW
-----END CERTIFICATE-----