Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yReiHOD6NPGtabCDiDQvt9J82Fk.roa
File:                     yReiHOD6NPGtabCDiDQvt9J82Fk.roa (raw, json)
Hash identifier:          lzRS+tV8qpilw5NLI9KpDB1Jk9HBrYicgGDRyS91wGE=
Subject key identifier:   C9:17:A2:1C:E0:FA:34:F1:AD:69:B0:83:88:34:2F:B7:D2:7C:D8:59
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       018571B64DAEF146D1D336D11AFDDDFACCE8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yReiHOD6NPGtabCDiDQvt9J82Fk.roa
Signing time:             Mon 02 Jan 2023 09:00:50 +0000
ROA not before:           Mon 02 Jan 2023 09:00:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213005
IP address blocks:        185.223.220.0/22 maxlen: 22
                          92.60.34.0/24 maxlen: 24
                          185.211.180.0/22 maxlen: 22
                          185.209.72.0/22 maxlen: 22
                          185.245.34.0/23 maxlen: 23
                          185.214.100.0/22 maxlen: 22
                          185.179.228.0/22 maxlen: 22
                          185.227.128.0/22 maxlen: 22
                          185.189.64.0/22 maxlen: 24
                          185.250.180.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 04 Jun 2023 15:49:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:b6:4d:ae:f1:46:d1:d3:36:d1:1a:fd:dd:fa:cc:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Jan  2 09:00:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c917a21ce0fa34f1ad69b08388342fb7d27cd859
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:3a:ab:21:58:c5:0e:15:04:8e:9c:91:5d:bf:
                    09:ce:05:b9:9b:c0:ee:fc:d2:99:20:7e:71:13:d3:
                    4c:3c:33:f4:b7:4c:6c:38:8d:aa:db:83:e2:af:36:
                    78:5c:94:12:c3:6f:17:ca:20:55:68:60:99:d2:32:
                    12:5c:f0:f4:b1:8b:5f:80:9e:5b:52:c2:b5:06:f1:
                    b2:13:cc:ae:6f:ac:72:b0:a2:fe:61:4f:35:15:19:
                    c3:c9:50:02:63:17:bb:1f:97:4d:31:fc:84:d4:33:
                    58:45:79:35:d4:e4:93:c9:75:7f:6c:92:a4:10:77:
                    e9:38:19:25:e4:c4:96:44:34:2a:0b:5f:09:e7:68:
                    fc:fb:8f:c4:2a:f5:23:71:d6:53:f8:f5:e7:69:8f:
                    c7:f5:05:74:0f:d8:c3:e2:ae:60:f3:09:3d:de:12:
                    5f:1d:c3:87:66:69:b7:ce:ff:96:42:49:a5:21:37:
                    67:20:d1:a7:fd:a9:16:b3:eb:c6:9b:a8:5c:7f:94:
                    2d:10:63:1d:8e:0c:1d:8a:01:9d:66:e1:07:1a:50:
                    1c:e7:9b:97:f6:9d:87:3f:01:d9:34:2f:27:2b:e3:
                    68:8a:d6:91:b1:7a:f7:32:47:b5:5a:ed:5a:dd:d3:
                    05:e6:f8:43:a3:39:a6:6c:37:1a:57:78:8e:8c:90:
                    cb:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:17:A2:1C:E0:FA:34:F1:AD:69:B0:83:88:34:2F:B7:D2:7C:D8:59
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yReiHOD6NPGtabCDiDQvt9J82Fk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.60.34.0/24
                  185.179.228.0/22
                  185.189.64.0/22
                  185.209.72.0/22
                  185.211.180.0/22
                  185.214.100.0/22
                  185.223.220.0/22
                  185.227.128.0/22
                  185.245.34.0/23
                  185.250.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:1e:62:37:53:38:4c:ea:62:fe:fb:a7:6a:d6:79:f7:b7:67:
         d5:2c:ae:07:58:c2:72:64:44:73:74:f6:b8:2c:13:b5:e6:7e:
         46:42:ba:77:35:eb:af:88:a6:0c:fa:00:14:2b:5e:0f:86:18:
         bb:fe:3e:57:10:cf:c9:9a:4e:f5:79:e2:a8:22:6f:5f:ec:37:
         17:e8:6c:48:ed:20:02:31:6e:76:69:47:23:82:b2:1d:dd:ba:
         34:69:f6:ef:cc:2b:d4:c3:71:5f:04:3d:ea:1f:73:86:1b:da:
         6b:34:30:32:1e:37:85:c8:ef:80:4d:0d:7f:1f:65:c3:6c:39:
         d4:2d:45:e9:60:bf:7f:fa:4d:52:29:0e:b4:f6:2c:0e:11:8e:
         63:30:ac:77:49:11:b0:d2:c1:f7:34:11:ab:5c:9d:11:d8:a2:
         ec:ea:77:ef:c3:d6:80:32:08:12:01:2a:a9:58:9b:21:8c:c7:
         86:66:92:9e:13:fa:33:3d:51:d0:32:e1:e3:96:18:72:ba:7d:
         bf:7d:3b:3f:01:18:d5:5b:ea:e3:24:57:ec:5c:5f:b2:9d:cb:
         92:84:58:32:76:d2:49:ef:27:25:6c:d3:e1:ea:6b:b1:f4:fb:
         7a:f9:c5:b0:51:80:5e:72:04:e7:7c:e1:e4:df:8c:cb:90:eb:
         72:6f:2f:ce
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVxtk2u8UbR0zbRGv3d+szoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTE3YTIxY2UwZmEzNGYxYWQ2OWIwODM4ODM0MmZiN2QyN2NkODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjqrIVjFDhUEjpyRXb8JzgW5m8Du
/NKZIH5xE9NMPDP0t0xsOI2q24PirzZ4XJQSw28XyiBVaGCZ0jISXPD0sYtfgJ5b
UsK1BvGyE8yub6xysKL+YU81FRnDyVACYxe7H5dNMfyE1DNYRXk11OSTyXV/bJKk
EHfpOBkl5MSWRDQqC18J52j8+4/EKvUjcdZT+PXnaY/H9QV0D9jD4q5g8wk93hJf
HcOHZmm3zv+WQkmlITdnINGn/akWs+vGm6hcf5QtEGMdjgwdigGdZuEHGlAc55uX
9p2HPwHZNC8nK+NoitaRsXr3Mke1Wu1a3dMF5vhDozmmbDcaV3iOjJDLXwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMkXohzg+jTxrWmwg4g0L7fSfNhZMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveVJlaUhPRDZOUEd0YWJDRGlEUXZ0OUo4MkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAXDwiAwQC
ubPkAwQCub1AAwQCudFIAwQCudO0AwQCudZkAwQCud/cAwQCueOAAwQBufUiAwQA
ufq0MA0GCSqGSIb3DQEBCwUAA4IBAQBRHmI3UzhM6mL++6dq1nn3t2fVLK4HWMJy
ZERzdPa4LBO15n5GQrp3NeuviKYM+gAUK14Phhi7/j5XEM/Jmk71eeKoIm9f7DcX
6GxI7SACMW52aUcjgrId3bo0afbvzCvUw3FfBD3qH3OGG9prNDAyHjeFyO+ATQ1/
H2XDbDnULUXpYL9/+k1SKQ609iwOEY5jMKx3SRGw0sH3NBGrXJ0R2KLs6nfvw9aA
MggSASqpWJshjMeGZpKeE/ozPVHQMuHjlhhyun2/fTs/ARjVW+rjJFfsXF+yncuS
hFgydtJJ7yclbNPh6mux9Pt6+cWwUYBecgTnfOHk34zLkOtyby/O
-----END CERTIFICATE-----