Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/wvmFu86sPG_bNjR7ZRieyGii_1c.roa
File:                     wvmFu86sPG_bNjR7ZRieyGii_1c.roa (raw, json)
Hash identifier:          ftS+Oz7EBFFEqN7/kTObfqy9nwG9kvDXtqoeJZ/SxH8=
Subject key identifier:   C2:F9:85:BB:CE:AC:3C:6F:DB:36:34:7B:65:18:9E:C8:68:A2:FF:57
Certificate issuer:       /CN=480c3b93ff2a34fbfa5ae82556f670340cb5d5c9
Certificate serial:       018870F54F155049A5F98CC2BB73EF7F7BC4
Authority key identifier: 48:0C:3B:93:FF:2A:34:FB:FA:5A:E8:25:56:F6:70:34:0C:B5:D5:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SAw7k_8qNPv6WuglVvZwNAy11ck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/wvmFu86sPG_bNjR7ZRieyGii_1c.roa
Signing time:             Wed 31 May 2023 08:38:24 +0000
ROA not before:           Wed 31 May 2023 08:38:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209365
IP address blocks:        185.206.63.0/24 maxlen: 24
                          185.206.62.0/24 maxlen: 24
                          85.208.100.0/24 maxlen: 24
                          85.208.103.0/24 maxlen: 24
                          85.208.101.0/24 maxlen: 24
                          2a09:85c0:50::/48 maxlen: 48
                          2a09:85c0:40::/48 maxlen: 48
                          2a09:85c0:30::/48 maxlen: 48
                          2a09:85c0:20::/48 maxlen: 48
                          2a09:85c0:10::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:70:f5:4f:15:50:49:a5:f9:8c:c2:bb:73:ef:7f:7b:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=480c3b93ff2a34fbfa5ae82556f670340cb5d5c9
        Validity
            Not Before: May 31 08:38:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c2f985bbceac3c6fdb36347b65189ec868a2ff57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:fc:97:ce:43:1f:13:2d:5f:e3:81:c8:e4:4b:
                    e8:46:a2:d7:cc:d9:16:30:6a:67:da:a5:a6:6a:bd:
                    a1:0c:90:69:5a:7d:81:5b:2a:66:f6:e0:3a:ca:0f:
                    93:c3:4b:fe:5e:15:1c:76:2f:8c:19:0b:16:54:43:
                    a6:ff:71:13:cd:42:15:ad:07:e2:53:25:e4:f1:02:
                    b9:07:9d:f6:d9:1a:dd:5d:00:58:a8:75:f3:bf:74:
                    4b:f0:60:c0:c2:08:e8:5c:eb:84:28:07:1a:07:09:
                    78:69:76:7f:ab:6b:72:f5:0f:ae:9d:29:4f:93:01:
                    c9:17:0b:64:c7:93:58:66:a8:99:c7:bc:85:08:16:
                    96:fd:a6:42:a9:98:f2:83:44:c7:1d:5a:dc:a3:14:
                    3e:48:73:48:e7:75:14:49:8c:a5:cc:21:39:cc:db:
                    f4:bf:50:e9:c5:d1:dc:82:5f:d2:c1:63:89:ac:7a:
                    e0:ae:2f:cd:ae:a6:33:48:12:71:94:9e:cc:09:e6:
                    08:24:40:90:b6:66:14:06:68:71:bb:35:3d:1d:a4:
                    3b:27:31:49:08:b5:d9:a6:64:27:3b:8c:f8:15:e5:
                    93:09:51:11:1e:ea:6c:58:94:5d:55:d9:06:e1:87:
                    78:86:40:48:e0:32:57:0a:b9:a4:70:13:39:9f:d0:
                    67:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:F9:85:BB:CE:AC:3C:6F:DB:36:34:7B:65:18:9E:C8:68:A2:FF:57
            X509v3 Authority Key Identifier:
                keyid:48:0C:3B:93:FF:2A:34:FB:FA:5A:E8:25:56:F6:70:34:0C:B5:D5:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAw7k_8qNPv6WuglVvZwNAy11ck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/wvmFu86sPG_bNjR7ZRieyGii_1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1800a4-50fc-4ff8-9e36-49c6fdbbafb7/1/SAw7k_8qNPv6WuglVvZwNAy11ck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.100.0/23
                  85.208.103.0/24
                  185.206.62.0/23
                IPv6:
                  2a09:85c0:10::/48
                  2a09:85c0:20::/48
                  2a09:85c0:30::/48
                  2a09:85c0:40::/48
                  2a09:85c0:50::/48

    Signature Algorithm: sha256WithRSAEncryption
         14:59:b3:de:a6:a8:34:cc:46:01:04:e8:bd:94:77:87:cb:b8:
         ec:be:31:3a:cb:3f:89:95:b1:4a:ee:2f:d0:2e:5e:88:b4:9d:
         59:a7:17:c0:60:dd:8a:b6:62:5b:08:2b:4a:9e:6c:72:fa:db:
         1f:a3:db:d2:3f:c9:0b:04:ef:a7:ee:f2:d6:27:63:5d:12:e0:
         77:3f:09:53:72:1b:87:ac:ce:ae:03:62:64:bb:0e:5c:54:11:
         1a:3a:d9:c3:c9:a9:9c:60:33:49:19:92:58:39:68:9e:61:66:
         2d:e8:28:cc:0b:2d:f1:65:78:d2:46:42:d1:5c:23:b7:49:9e:
         9f:de:e4:cc:88:34:b9:dc:75:c8:d9:0a:7d:b5:8d:57:6d:03:
         54:98:1e:1e:c1:fd:14:7e:73:56:9d:5b:f6:7c:8e:9f:16:6e:
         cd:51:d2:ef:2d:06:6a:09:f2:36:bc:b1:ab:d7:b4:a7:fd:23:
         de:4d:0c:5e:75:b6:5b:16:c2:40:da:0b:cf:4a:7b:74:c4:1a:
         58:39:36:07:03:9d:30:91:ce:d5:ca:b0:1b:d7:0d:6e:d7:63:
         53:7a:7a:97:67:8d:74:da:20:1f:d5:9b:0e:95:3c:9a:2c:3b:
         bd:cc:93:0e:5e:8e:7a:26:03:c3:8b:8c:5e:34:50:91:fd:fa:
         79:38:b1:03
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYhw9U8VUEml+YzCu3Pvf3vEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MGMzYjkzZmYyYTM0ZmJmYTVhZTgyNTU2ZjY3MDM0MGNi
NWQ1YzkwHhcNMjMwNTMxMDgzODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmY5ODViYmNlYWMzYzZmZGIzNjM0N2I2NTE4OWVjODY4YTJmZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/yXzkMfEy1f44HI5EvoRqLXzNkW
MGpn2qWmar2hDJBpWn2BWypm9uA6yg+Tw0v+XhUcdi+MGQsWVEOm/3ETzUIVrQfi
UyXk8QK5B5322RrdXQBYqHXzv3RL8GDAwgjoXOuEKAcaBwl4aXZ/q2ty9Q+unSlP
kwHJFwtkx5NYZqiZx7yFCBaW/aZCqZjyg0THHVrcoxQ+SHNI53UUSYylzCE5zNv0
v1DpxdHcgl/SwWOJrHrgri/NrqYzSBJxlJ7MCeYIJECQtmYUBmhxuzU9HaQ7JzFJ
CLXZpmQnO4z4FeWTCVERHupsWJRdVdkG4Yd4hkBI4DJXCrmkcBM5n9BnNQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFML5hbvOrDxv2zY0e2UYnshoov9XMB8GA1UdIwQY
MBaAFEgMO5P/KjT7+lroJVb2cDQMtdXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0F3N2tfOHFOUHY2V3VnbFZ2WndOQXkxMWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xODAwYTQtNTBmYy00ZmY4LTllMzYt
NDljNmZkYmJhZmI3LzEvd3ZtRnU4NnNQR19iTmpSN1pSaWV5R2lpXzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xODAwYTQtNTBmYy00ZmY4LTllMzYtNDljNmZkYmJhZmI3
LzEvU0F3N2tfOHFOUHY2V3VnbFZ2WndOQXkxMWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAYBAIAATASAwQBVdBkAwQA
VdBnAwQBuc4+MDMEAgACMC0DBwAqCYXAABADBwAqCYXAACADBwAqCYXAADADBwAq
CYXAAEADBwAqCYXAAFAwDQYJKoZIhvcNAQELBQADggEBABRZs96mqDTMRgEE6L2U
d4fLuOy+MTrLP4mVsUruL9AuXoi0nVmnF8Bg3Yq2YlsIK0qebHL62x+j29I/yQsE
76fu8tYnY10S4Hc/CVNyG4eszq4DYmS7DlxUERo62cPJqZxgM0kZklg5aJ5hZi3o
KMwLLfFleNJGQtFcI7dJnp/e5MyINLncdcjZCn21jVdtA1SYHh7B/RR+c1adW/Z8
jp8Wbs1R0u8tBmoJ8ja8savXtKf9I95NDF51tlsWwkDaC89Ke3TEGlg5NgcDnTCR
ztXKsBvXDW7XY1N6epdnjXTaIB/Vmw6VPJosO73Mkw5ejnomA8OLjF40UJH9+nk4
sQM=
-----END CERTIFICATE-----