Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Epe7uFZ-6IUVXavUMBGb_8xiXHA.roa
File:                     Epe7uFZ-6IUVXavUMBGb_8xiXHA.roa (raw, json)
Hash identifier:          M5m7cCsqXJaujffZkTC8yPuo4KruNMwndmi4vP8td0o=
Subject key identifier:   12:97:BB:B8:56:7E:E8:85:15:5D:AB:D4:30:11:9B:FF:CC:62:5C:70
Certificate issuer:       /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial:       01896499DCD37C65DC41A62B6BA6D74E876E
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Epe7uFZ-6IUVXavUMBGb_8xiXHA.roa
Signing time:             Mon 17 Jul 2023 16:05:52 +0000
ROA not before:           Mon 17 Jul 2023 16:05:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        2.57.148.0/24 maxlen: 24
                          5.133.110.0/24 maxlen: 24
                          45.143.140.0/24 maxlen: 24
                          192.144.16.0/24 maxlen: 24
                          194.59.12.0/24 maxlen: 24
                          45.88.83.0/24 maxlen: 24
                          45.88.82.0/24 maxlen: 24
                          87.247.143.0/24 maxlen: 24
                          45.138.145.0/24 maxlen: 24
                          109.94.217.0/24 maxlen: 24
                          109.94.216.0/24 maxlen: 24
                          109.94.219.0/24 maxlen: 24
                          109.94.218.0/24 maxlen: 24
                          45.136.248.0/24 maxlen: 24
                          45.147.244.0/24 maxlen: 24
                          45.147.245.0/24 maxlen: 24
                          45.132.207.0/24 maxlen: 24
                          45.147.247.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:64:99:dc:d3:7c:65:dc:41:a6:2b:6b:a6:d7:4e:87:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
        Validity
            Not Before: Jul 17 16:05:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1297bbb8567ee885155dabd430119bffcc625c70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:61:97:07:8c:56:79:89:c3:69:58:7e:10:ff:
                    f0:09:27:39:65:47:22:0a:69:21:52:6b:3d:d2:87:
                    fe:e8:26:c0:e4:79:95:c8:73:3f:fb:c9:f1:b4:d6:
                    00:6f:ea:04:b7:7d:e0:4a:e8:dd:d6:7c:18:45:e1:
                    f4:57:97:8c:be:dd:c9:0d:d9:a6:ba:15:78:38:4d:
                    ee:c4:47:ea:77:3a:40:50:6d:24:38:c4:ee:4e:da:
                    cf:20:6d:e7:60:2f:4d:61:35:fd:db:f4:79:c6:b8:
                    77:35:b6:fd:35:a0:81:9c:13:ba:db:27:ef:7a:74:
                    2e:2b:22:0a:ce:8b:c1:e9:96:ad:ce:6e:fb:d0:95:
                    fb:ec:f0:df:65:77:73:fa:4e:8d:f2:ee:97:83:c0:
                    33:af:98:82:5d:39:cb:59:12:f8:7d:de:aa:24:fb:
                    3a:e8:d7:55:37:6c:38:1b:8d:10:ff:77:06:37:d6:
                    da:73:d0:29:9b:ca:9d:8b:b4:5d:dc:45:a4:c1:d3:
                    f8:19:7c:12:97:cc:7e:1d:a1:10:71:06:73:f7:51:
                    4b:1b:dc:af:82:09:2f:0d:76:ca:ed:56:73:53:b2:
                    24:ed:67:e8:d7:83:1d:e0:01:26:4f:9e:c4:38:a0:
                    06:61:d3:54:74:31:97:a2:62:0f:79:5e:ec:f1:c9:
                    ee:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:97:BB:B8:56:7E:E8:85:15:5D:AB:D4:30:11:9B:FF:CC:62:5C:70
            X509v3 Authority Key Identifier:
                keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Epe7uFZ-6IUVXavUMBGb_8xiXHA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.148.0/24
                  5.133.110.0/24
                  45.88.82.0/23
                  45.132.207.0/24
                  45.136.248.0/24
                  45.138.145.0/24
                  45.143.140.0/24
                  45.147.244.0/23
                  45.147.247.0/24
                  87.247.143.0/24
                  109.94.216.0/22
                  192.144.16.0/24
                  194.59.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:0a:71:7f:b8:64:92:3e:31:ff:1d:aa:74:2f:ac:51:6f:ef:
         54:c9:13:22:67:25:16:13:fc:c5:99:55:52:09:6e:f8:4e:b5:
         bc:23:c4:b7:7e:2a:bb:fe:dd:7f:78:00:f0:78:8d:b5:9f:46:
         d2:fc:6c:27:fa:c6:bc:02:9f:49:48:53:65:43:a4:14:9b:ec:
         af:ba:66:25:4a:b3:7b:22:b7:e0:1e:53:aa:0f:a1:a7:61:32:
         d5:1c:ce:5c:b5:c0:d0:fb:f6:d9:72:2e:d8:70:19:33:d7:4b:
         61:cc:78:b4:37:80:0b:83:e8:ce:ab:89:c0:be:3c:4c:f8:17:
         44:46:8d:1e:a2:af:b7:1f:2c:30:fe:b8:53:d4:a2:73:98:d4:
         85:41:d6:1d:32:6a:cf:8a:e5:a5:78:01:ab:1d:6b:67:6b:92:
         db:7e:77:99:56:ce:34:f4:e7:82:dc:c3:8b:40:10:f7:05:62:
         66:2c:7b:93:9f:0d:c5:13:e3:ce:5f:15:41:29:39:f2:9a:f4:
         07:3d:07:ec:9b:7b:db:c2:f5:76:89:a4:91:03:ba:08:68:63:
         f6:7c:60:7c:ef:44:31:b3:1a:68:7c:d6:c7:da:7f:38:f3:64:
         45:43:2b:c1:ac:0c:d8:6b:54:5f:fe:5b:60:fd:00:86:89:6a:
         8e:fd:2b:6a
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYlkmdzTfGXcQaYra6bXToduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjMwNzE3MTYwNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjk3YmJiODU2N2VlODg1MTU1ZGFiZDQzMDExOWJmZmNjNjI1YzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWGXB4xWeYnDaVh+EP/wCSc5ZUci
CmkhUms90of+6CbA5HmVyHM/+8nxtNYAb+oEt33gSujd1nwYReH0V5eMvt3JDdmm
uhV4OE3uxEfqdzpAUG0kOMTuTtrPIG3nYC9NYTX92/R5xrh3Nbb9NaCBnBO62yfv
enQuKyIKzovB6Zatzm770JX77PDfZXdz+k6N8u6Xg8Azr5iCXTnLWRL4fd6qJPs6
6NdVN2w4G40Q/3cGN9bac9Apm8qdi7Rd3EWkwdP4GXwSl8x+HaEQcQZz91FLG9yv
ggkvDXbK7VZzU7Ik7Wfo14Md4AEmT57EOKAGYdNUdDGXomIPeV7s8cnuAQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFBKXu7hWfuiFFV2r1DARm//MYlxwMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvRXBlN3VGWi02SVVWWGF2VU1CR2JfOHhpWEhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAAjmUAwQA
BYVuAwQBLVhSAwQALYTPAwQALYj4AwQALYqRAwQALY+MAwQBLZP0AwQALZP3AwQA
V/ePAwQCbV7YAwQAwJAQAwQAwjsMMA0GCSqGSIb3DQEBCwUAA4IBAQAgCnF/uGSS
PjH/Hap0L6xRb+9UyRMiZyUWE/zFmVVSCW74TrW8I8S3fiq7/t1/eADweI21n0bS
/Gwn+sa8Ap9JSFNlQ6QUm+yvumYlSrN7IrfgHlOqD6GnYTLVHM5ctcDQ+/bZci7Y
cBkz10thzHi0N4ALg+jOq4nAvjxM+BdERo0eoq+3Hyww/rhT1KJzmNSFQdYdMmrP
iuWleAGrHWtna5LbfneZVs409OeC3MOLQBD3BWJmLHuTnw3FE+POXxVBKTnymvQH
PQfsm3vbwvV2iaSRA7oIaGP2fGB870QxsxpofNbH2n8482RFQyvBrAzYa1Rf/ltg
/QCGiWqO/Stq
-----END CERTIFICATE-----