Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/0wR7mNUmbqlEZ2J65wmeg02_UTw.roa
File:                     0wR7mNUmbqlEZ2J65wmeg02_UTw.roa (raw, json)
Hash identifier:          BHClysFOPyASp2uyHuHL3D60XqAEi0rfw8X4Ni/IzuQ=
Subject key identifier:   D3:04:7B:98:D5:26:6E:A9:44:67:62:7A:E7:09:9E:83:4D:BF:51:3C
Certificate issuer:       /CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Certificate serial:       018A46F74444E276CE260B7C807606D4A460
Authority key identifier: 09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/0wR7mNUmbqlEZ2J65wmeg02_UTw.roa
Signing time:             Wed 30 Aug 2023 15:02:04 +0000
ROA not before:           Wed 30 Aug 2023 15:02:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204139
IP address blocks:        185.129.22.0/23 maxlen: 23
                          185.129.20.0/23 maxlen: 23
                          185.122.124.0/23 maxlen: 23
                          185.122.128.0/23 maxlen: 23
                          185.122.126.0/23 maxlen: 23
                          185.127.44.0/23 maxlen: 23
                          185.127.46.0/23 maxlen: 23
                          185.123.240.0/23 maxlen: 23
                          185.123.242.0/23 maxlen: 23
                          185.123.248.0/22 maxlen: 22
                          185.123.252.0/22 maxlen: 22
                          185.132.10.0/23 maxlen: 23
                          185.132.8.0/23 maxlen: 23
                          185.128.178.0/23 maxlen: 23
                          185.128.176.0/23 maxlen: 23
                          185.116.174.0/24 maxlen: 24
                          185.128.134.0/23 maxlen: 23
                          185.110.2.0/24 maxlen: 24
                          185.110.3.0/24 maxlen: 24
                          185.110.0.0/23 maxlen: 23

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:46:f7:44:44:e2:76:ce:26:0b:7c:80:76:06:d4:a4:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
        Validity
            Not Before: Aug 30 15:02:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d3047b98d5266ea94467627ae7099e834dbf513c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:ce:87:98:04:f1:07:49:6f:37:af:f1:cf:98:
                    2b:77:41:a5:1f:35:e2:63:16:1c:9d:e5:74:dd:bd:
                    99:10:bd:28:17:88:c6:98:79:d0:25:82:7d:be:93:
                    7f:08:8f:f0:20:65:32:d4:b3:66:a5:ed:8a:93:29:
                    fb:a1:da:79:68:33:13:02:43:a0:b4:c6:6f:88:cd:
                    48:10:65:aa:0e:39:43:88:b0:12:0d:bd:51:ec:3e:
                    22:c0:60:13:68:66:84:3c:f8:c9:ea:6e:19:03:f5:
                    7c:a6:75:f0:2f:33:75:87:0a:49:1e:55:36:4a:e0:
                    74:d4:92:5a:c7:6b:aa:dc:3b:1f:73:2a:3a:68:04:
                    d8:7f:6e:bd:82:b7:c3:da:3b:31:d2:1b:66:82:e6:
                    18:7b:9c:f6:bd:ea:30:3e:d4:04:39:f9:d9:ac:94:
                    92:ee:91:e8:e6:fb:85:cf:af:7c:2a:34:96:ca:5b:
                    3d:96:65:17:74:bd:d8:55:95:d6:a2:f9:ab:ba:64:
                    54:de:55:18:78:7b:8d:3e:f1:50:a4:30:b5:54:91:
                    9d:54:ec:3f:22:5a:41:1b:35:63:94:83:3d:60:34:
                    18:b1:13:3f:62:bc:27:84:5d:bc:7f:f1:bb:ac:78:
                    e5:a4:ce:da:24:c9:23:15:eb:97:d5:01:c3:bd:76:
                    05:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:04:7B:98:D5:26:6E:A9:44:67:62:7A:E7:09:9E:83:4D:BF:51:3C
            X509v3 Authority Key Identifier:
                keyid:09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/0wR7mNUmbqlEZ2J65wmeg02_UTw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.110.0.0/22
                  185.116.174.0/24
                  185.122.124.0-185.122.129.255
                  185.123.240.0/22
                  185.123.248.0/21
                  185.127.44.0/22
                  185.128.134.0/23
                  185.128.176.0/22
                  185.129.20.0/22
                  185.132.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:7f:34:30:d8:2e:6c:68:d1:03:e4:3f:f6:f9:d4:4a:f7:71:
         fd:56:5b:b0:26:d1:65:70:45:36:0e:8c:49:9b:93:a4:a1:8c:
         a9:de:ae:33:f4:d8:a2:02:a8:d7:ee:f3:04:db:bf:db:a1:3f:
         4f:20:43:e9:72:79:c9:63:b9:1b:9b:5f:04:7e:7a:6b:f4:93:
         8e:75:04:9e:00:d4:f0:fe:b1:24:b0:95:bb:aa:34:d6:62:1c:
         f5:51:f6:35:48:c0:c5:7c:7e:e2:4b:77:dc:10:ce:92:0e:da:
         a7:7e:51:cf:f0:b5:08:c1:89:2d:a2:de:eb:c7:b9:05:9b:cf:
         b2:65:24:1e:8a:a6:28:a3:b3:17:51:36:b5:b8:69:64:f6:46:
         e6:b5:52:43:82:c5:52:ff:e5:7b:de:c3:28:7e:8a:a9:ac:65:
         40:07:6a:15:cc:e3:77:80:44:57:06:01:c2:0a:60:8f:d4:6d:
         e8:13:87:10:83:42:d2:e1:a6:09:30:35:91:3c:e2:3f:0c:1d:
         f2:76:16:ce:b6:b7:4e:48:47:55:91:e0:02:96:1f:7b:74:55:
         2f:b4:49:94:e5:d9:a5:b7:53:5a:3f:66:84:d5:4c:62:33:06:
         62:31:99:da:f2:c3:2e:0b:f0:e1:ba:5d:bf:be:f3:86:96:ff:
         68:5e:f4:90
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYpG90RE4nbOJgt8gHYG1KRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTJhZjA4Y2Y2ZTEyZTIzMDRmYjNiZGVjNjRjZmJjZWRh
YTg1MjIwHhcNMjMwODMwMTUwMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzA0N2I5OGQ1MjY2ZWE5NDQ2NzYyN2FlNzA5OWU4MzRkYmY1MTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs6HmATxB0lvN6/xz5grd0GlHzXi
YxYcneV03b2ZEL0oF4jGmHnQJYJ9vpN/CI/wIGUy1LNmpe2Kkyn7odp5aDMTAkOg
tMZviM1IEGWqDjlDiLASDb1R7D4iwGATaGaEPPjJ6m4ZA/V8pnXwLzN1hwpJHlU2
SuB01JJax2uq3Dsfcyo6aATYf269grfD2jsx0htmguYYe5z2veowPtQEOfnZrJSS
7pHo5vuFz698KjSWyls9lmUXdL3YVZXWovmrumRU3lUYeHuNPvFQpDC1VJGdVOw/
IlpBGzVjlIM9YDQYsRM/YrwnhF28f/G7rHjlpM7aJMkjFeuX1QHDvXYFfQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFNMEe5jVJm6pRGdieucJnoNNv1E8MB8GA1UdIwQY
MBaAFAnirwjPbhLiME+zvexkz7ztqoUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWIt
NzBhMWFmNTFkZmJlLzEvMHdSN21OVW1icWxFWjJKNjV3bWVnMDJfVVR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWItNzBhMWFmNTFkZmJl
LzEvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCuW4AAwQA
uXSuMAwDBAK5enwDBAG5eoADBAK5e/ADBAO5e/gDBAK5fywDBAG5gIYDBAK5gLAD
BAK5gRQDBAK5hAgwDQYJKoZIhvcNAQELBQADggEBAEV/NDDYLmxo0QPkP/b51Er3
cf1WW7Am0WVwRTYOjEmbk6ShjKnerjP02KICqNfu8wTbv9uhP08gQ+lyecljuRub
XwR+emv0k451BJ4A1PD+sSSwlbuqNNZiHPVR9jVIwMV8fuJLd9wQzpIO2qd+Uc/w
tQjBiS2i3uvHuQWbz7JlJB6KpiijsxdRNrW4aWT2Rua1UkOCxVL/5Xvewyh+iqms
ZUAHahXM43eARFcGAcIKYI/UbegThxCDQtLhpgkwNZE84j8MHfJ2Fs62t05IR1WR
4AKWH3t0VS+0SZTl2aW3U1o/ZoTVTGIzBmIxmdrywy4L8OG6Xb++84aW/2he9JA=
-----END CERTIFICATE-----