Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/JG-iK-vh8UvB_aRcUGeFxJbU_uc.roa
File:                     JG-iK-vh8UvB_aRcUGeFxJbU_uc.roa (raw, json)
Hash identifier:          vhXo+eFR7pezT3Toj4b34F+1TM5P231Z7PRtTpxkeZo=
Subject key identifier:   24:6F:A2:2B:EB:E1:F1:4B:C1:FD:A4:5C:50:67:85:C4:96:D4:FE:E7
Certificate issuer:       /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial:       018940D1FF79CA809FEA554C6E594EEBF961
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/JG-iK-vh8UvB_aRcUGeFxJbU_uc.roa
Signing time:             Mon 10 Jul 2023 17:20:51 +0000
ROA not before:           Mon 10 Jul 2023 17:20:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13213
IP address blocks:        176.67.160.0/20 maxlen: 24
                          185.7.224.0/22 maxlen: 24
                          176.67.169.0/24 maxlen: 24
                          109.123.64.0/18 maxlen: 24
                          83.170.64.0/18 maxlen: 24
                          82.163.72.0/21 maxlen: 24
                          88.202.224.0/21 maxlen: 24
                          77.92.64.0/19 maxlen: 24
                          31.24.224.0/21 maxlen: 24
                          91.109.240.0/21 maxlen: 24
                          37.123.112.0/21 maxlen: 24
                          46.23.64.0/20 maxlen: 24
                          37.123.114.0/23 maxlen: 23
                          46.23.74.0/24 maxlen: 24
                          88.202.176.0/20 maxlen: 24
                          2a02:2498:8000::/40 maxlen: 40
                          2a02:2498::/32 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:40:d1:ff:79:ca:80:9f:ea:55:4c:6e:59:4e:eb:f9:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
        Validity
            Not Before: Jul 10 17:20:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=246fa22bebe1f14bc1fda45c506785c496d4fee7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9c:86:b8:83:6f:b8:2c:b8:55:30:b3:b9:54:
                    62:9d:3d:f5:bc:36:04:f8:df:2c:c5:42:bc:58:70:
                    67:8c:bf:d5:9c:7e:c9:05:a7:61:b9:62:87:74:39:
                    e4:46:14:07:6a:cc:a9:50:62:21:7a:c2:63:8f:20:
                    fd:c0:b2:4a:8b:25:59:b6:ef:3e:ee:e4:be:7d:db:
                    ce:d8:58:0c:c7:26:3d:49:b1:82:b7:bc:27:14:12:
                    9f:e3:e0:72:fa:7b:09:11:29:b8:0a:86:99:5c:c1:
                    4a:07:bc:7c:0b:a9:cf:ae:2c:e8:0f:b8:68:a7:53:
                    ba:e7:b6:7b:c3:19:41:74:a0:f6:d1:bb:76:9b:b1:
                    3b:02:f2:02:e3:29:6c:5f:0a:8d:c7:96:4e:85:db:
                    01:66:16:45:66:d4:34:a5:96:32:6a:ae:54:a1:16:
                    17:f1:d7:d5:fa:10:0a:d5:65:66:eb:cd:2f:92:6a:
                    7e:6b:97:97:00:86:ce:e8:09:81:c6:91:05:91:61:
                    e9:1c:b6:b2:7a:e9:c0:a1:a8:da:c8:6c:09:bd:c1:
                    55:98:75:de:21:1a:69:19:57:74:9b:51:92:7c:dc:
                    9e:72:62:69:f8:b2:ae:87:99:cf:cd:9b:e3:1f:48:
                    43:65:c3:ae:76:25:69:f9:99:a8:cb:ac:c7:12:1e:
                    e9:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:6F:A2:2B:EB:E1:F1:4B:C1:FD:A4:5C:50:67:85:C4:96:D4:FE:E7
            X509v3 Authority Key Identifier:
                keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/JG-iK-vh8UvB_aRcUGeFxJbU_uc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.24.224.0/21
                  37.123.112.0/21
                  46.23.64.0/20
                  77.92.64.0/19
                  82.163.72.0/21
                  83.170.64.0/18
                  88.202.176.0/20
                  88.202.224.0/21
                  91.109.240.0/21
                  109.123.64.0/18
                  176.67.160.0/20
                  185.7.224.0/22
                IPv6:
                  2a02:2498::/32

    Signature Algorithm: sha256WithRSAEncryption
         67:33:a0:5d:2d:09:41:dc:40:be:f5:6b:56:8d:f5:a0:60:57:
         27:15:1d:fe:03:2d:c9:e5:a0:41:21:b3:72:95:aa:d3:a3:69:
         2f:ff:82:3e:ec:5d:52:f9:b1:ca:d3:06:2c:cd:34:46:dc:79:
         c3:fa:9c:a6:c0:fe:59:36:71:98:20:c9:90:85:5d:f3:43:6d:
         e6:43:4a:f1:b2:f0:b8:ac:00:c6:72:65:1c:57:dc:33:d7:79:
         ee:f7:39:32:48:07:24:af:db:35:92:5f:d4:e6:b4:72:28:c5:
         35:c4:0e:c9:39:41:0f:4b:dd:10:3b:4e:ae:44:02:09:bf:b6:
         64:1a:df:05:38:0f:79:36:d7:e1:b3:03:1a:14:f7:3a:5e:65:
         00:5c:c1:66:c3:2e:6c:fd:50:d2:73:b6:e1:5d:17:bb:12:1d:
         8d:03:a1:78:39:cf:b7:32:ce:d8:a1:9a:6b:8c:cf:97:28:ca:
         ac:99:7e:08:57:18:9a:6e:ef:55:aa:f5:90:11:86:bf:58:0e:
         7b:14:af:e7:e9:66:c2:a5:d5:f1:0c:f6:f5:f5:64:f6:61:09:
         32:1f:86:5e:9e:de:5a:da:e5:56:09:8c:5c:c0:ee:45:5b:db:
         e2:ef:72:31:40:5b:7a:87:2a:e6:83:c9:45:8b:6b:59:e1:63:
         e0:9c:b4:4d
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYlA0f95yoCf6lVMbllO6/lhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjMwNzEwMTcyMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDZmYTIyYmViZTFmMTRiYzFmZGE0NWM1MDY3ODVjNDk2ZDRmZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZyGuINvuCy4VTCzuVRinT31vDYE
+N8sxUK8WHBnjL/VnH7JBadhuWKHdDnkRhQHasypUGIhesJjjyD9wLJKiyVZtu8+
7uS+fdvO2FgMxyY9SbGCt7wnFBKf4+By+nsJESm4CoaZXMFKB7x8C6nPrizoD7ho
p1O657Z7wxlBdKD20bt2m7E7AvIC4ylsXwqNx5ZOhdsBZhZFZtQ0pZYyaq5UoRYX
8dfV+hAK1WVm680vkmp+a5eXAIbO6AmBxpEFkWHpHLayeunAoajayGwJvcFVmHXe
IRppGVd0m1GSfNyecmJp+LKuh5nPzZvjH0hDZcOudiVp+Zmoy6zHEh7pswIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFCRvoivr4fFLwf2kXFBnhcSW1P7nMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvSkctaUstdmg4VXZCX2FSY1VHZUZ4SmJVX3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDHxjgAwQD
JXtwAwQELhdAAwQFTVxAAwQDUqNIAwQGU6pAAwQEWMqwAwQDWMrgAwQDW23wAwQG
bXtAAwQEsEOgAwQCuQfgMA0EAgACMAcDBQAqAiSYMA0GCSqGSIb3DQEBCwUAA4IB
AQBnM6BdLQlB3EC+9WtWjfWgYFcnFR3+Ay3J5aBBIbNylarTo2kv/4I+7F1S+bHK
0wYszTRG3HnD+pymwP5ZNnGYIMmQhV3zQ23mQ0rxsvC4rADGcmUcV9wz13nu9zky
SAckr9s1kl/U5rRyKMU1xA7JOUEPS90QO06uRAIJv7ZkGt8FOA95NtfhswMaFPc6
XmUAXMFmwy5s/VDSc7bhXRe7Eh2NA6F4Oc+3Ms7YoZprjM+XKMqsmX4IVxiabu9V
qvWQEYa/WA57FK/n6WbCpdXxDPb19WT2YQkyH4Zent5a2uVWCYxcwO5FW9vi73Ix
QFt6hyrmg8lFi2tZ4WPgnLRN
-----END CERTIFICATE-----