Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/33b186-ef42-4517-b32f-5e974377600c/1/LIUTCAnnmPzsx2GT3iu3lHviSeY.roa
File:                     LIUTCAnnmPzsx2GT3iu3lHviSeY.roa (raw, json)
Hash identifier:          gQbgkrmDdWKpOpnv4axPCDycaEI3cv26AGqBYs8iRMw=
Subject key identifier:   2C:85:13:08:09:E7:98:FC:EC:C7:61:93:DE:2B:B7:94:7B:E2:49:E6
Certificate issuer:       /CN=3072cd5df7323957ab87c07f5cdd15c91effc8d5
Certificate serial:       01929ED2F0E309CD2F56DF8005CD7E59D960
Authority key identifier: 30:72:CD:5D:F7:32:39:57:AB:87:C0:7F:5C:DD:15:C9:1E:FF:C8:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MHLNXfcyOVerh8B_XN0VyR7_yNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/33b186-ef42-4517-b32f-5e974377600c/1/LIUTCAnnmPzsx2GT3iu3lHviSeY.roa
Signing time:             Fri 18 Oct 2024 08:51:17 +0000
ROA not before:           Fri 18 Oct 2024 08:51:17 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     58262
IP address blocks:        5.61.24.0/24 maxlen: 24
                          5.61.25.0/24 maxlen: 24
                          5.61.26.0/24 maxlen: 24
                          5.61.28.0/24 maxlen: 24
                          5.61.29.0/24 maxlen: 24
                          5.61.30.0/24 maxlen: 24
                          5.61.31.0/24 maxlen: 24
                          92.119.57.0/24 maxlen: 24
                          92.119.58.0/24 maxlen: 24
                          185.73.112.0/24 maxlen: 24
                          185.73.114.0/24 maxlen: 24
                          2a05:2d80::/48 maxlen: 48
                          2a05:2d80:1::/48 maxlen: 48
Validation:               Failed, certificate revoked on Thu 02 Jan 2025 01:49:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:9e:d2:f0:e3:09:cd:2f:56:df:80:05:cd:7e:59:d9:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3072cd5df7323957ab87c07f5cdd15c91effc8d5
        Validity
            Not Before: Oct 18 08:51:17 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2c85130809e798fcecc76193de2bb7947be249e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ed:13:05:1c:83:c2:2e:d9:ae:a1:5f:0f:5c:
                    21:86:75:d4:2b:dc:7c:28:b8:13:f6:92:c2:4f:e1:
                    b1:75:18:8d:32:d0:5c:7c:ac:c4:cb:4d:4b:13:92:
                    26:d3:6d:90:e0:57:60:50:72:ef:46:69:76:ce:64:
                    93:9c:0b:24:08:a9:37:d6:5f:16:85:dd:8b:29:ee:
                    4d:81:5e:1e:c1:38:e1:73:77:d5:81:33:99:33:81:
                    d2:90:06:46:d0:05:b6:42:8e:4b:51:78:8d:b9:d0:
                    be:54:89:24:93:2f:bd:6b:e3:b5:4b:b9:82:df:8c:
                    f9:f1:b8:3a:68:f4:3e:3a:d2:63:2d:7d:5e:3e:06:
                    83:26:17:86:02:30:f4:9a:15:8c:01:ee:22:33:f1:
                    3f:0c:15:a5:9d:8f:f9:a9:3d:69:c6:ec:1c:91:f7:
                    3d:6f:85:05:7e:c1:7a:55:f2:ad:c8:d2:48:7f:05:
                    e3:80:02:c1:05:93:d8:f0:c3:75:cb:dc:4c:49:0d:
                    64:80:16:8c:e8:92:1c:3f:10:d7:4b:bf:36:e7:89:
                    39:7a:73:e3:01:ac:b9:ac:4c:69:11:08:ef:e7:a9:
                    77:3f:92:31:58:f0:8f:05:aa:77:9b:15:8e:c5:3d:
                    86:99:9c:08:ab:81:d0:b7:26:f8:bc:72:e8:7c:47:
                    15:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:85:13:08:09:E7:98:FC:EC:C7:61:93:DE:2B:B7:94:7B:E2:49:E6
            X509v3 Authority Key Identifier:
                keyid:30:72:CD:5D:F7:32:39:57:AB:87:C0:7F:5C:DD:15:C9:1E:FF:C8:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHLNXfcyOVerh8B_XN0VyR7_yNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/33b186-ef42-4517-b32f-5e974377600c/1/LIUTCAnnmPzsx2GT3iu3lHviSeY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/33b186-ef42-4517-b32f-5e974377600c/1/MHLNXfcyOVerh8B_XN0VyR7_yNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.61.24.0-5.61.26.255
                  5.61.28.0/22
                  92.119.57.0-92.119.58.255
                  185.73.112.0/24
                  185.73.114.0/24
                IPv6:
                  2a05:2d80::/47

    Signature Algorithm: sha256WithRSAEncryption
         71:2e:1e:8f:11:e2:db:1d:78:67:6e:09:f4:a2:db:54:15:3b:
         cc:ab:ad:8f:9a:76:0c:4f:66:09:d7:c9:bc:d4:9c:c5:a9:3e:
         a2:f0:76:d8:e6:98:67:d5:8b:fa:b8:e4:82:56:a8:37:a8:85:
         db:7d:65:80:db:f0:d3:f9:e8:e0:f6:84:91:3c:1e:94:71:3c:
         30:a7:24:dc:ff:fa:e4:7e:c0:5f:65:6d:15:6a:fb:e9:06:70:
         9d:93:ed:cb:45:62:f6:a0:ca:6e:84:6e:b5:74:2b:de:dd:df:
         2b:e4:4e:e4:61:13:0c:d5:b1:a4:f3:ab:2b:f8:3b:e1:e7:ae:
         a4:76:34:87:3f:e0:78:64:86:97:72:70:2e:1a:45:1c:48:06:
         8d:e0:f7:4b:0c:ff:72:f6:88:cb:cc:53:a3:42:e7:8b:3a:38:
         75:77:98:e1:2d:0a:2b:c0:57:b2:2a:23:88:48:4f:93:50:7a:
         0d:ff:a6:3d:7f:91:d5:19:fa:4e:84:0e:71:2b:82:c8:ff:32:
         95:2d:95:85:de:c8:01:53:7f:c1:35:4a:f3:27:6d:b0:ec:15:
         a2:ab:8c:7c:18:00:89:61:b7:63:14:84:99:31:37:d6:39:ff:
         f4:29:07:89:41:ee:66:b1:a5:ac:7f:ec:1b:fc:7d:29:7b:60:
         56:8e:7a:4e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZKe0vDjCc0vVt+ABc1+WdlgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzJjZDVkZjczMjM5NTdhYjg3YzA3ZjVjZGQxNWM5MWVm
ZmM4ZDUwHhcNMjQxMDE4MDg1MTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzg1MTMwODA5ZTc5OGZjZWNjNzYxOTNkZTJiYjc5NDdiZTI0OWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+0TBRyDwi7ZrqFfD1whhnXUK9x8
KLgT9pLCT+GxdRiNMtBcfKzEy01LE5Im022Q4FdgUHLvRml2zmSTnAskCKk31l8W
hd2LKe5NgV4ewTjhc3fVgTOZM4HSkAZG0AW2Qo5LUXiNudC+VIkkky+9a+O1S7mC
34z58bg6aPQ+OtJjLX1ePgaDJheGAjD0mhWMAe4iM/E/DBWlnY/5qT1pxuwckfc9
b4UFfsF6VfKtyNJIfwXjgALBBZPY8MN1y9xMSQ1kgBaM6JIcPxDXS78254k5enPj
Aay5rExpEQjv56l3P5IxWPCPBap3mxWOxT2GmZwIq4HQtyb4vHLofEcVLwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFCyFEwgJ55j87Mdhk94rt5R74knmMB8GA1UdIwQY
MBaAFDByzV33MjlXq4fAf1zdFcke/8jVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhMTlhmY3lPVmVyaDhCX1hOMFZ5UjdfeU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8zM2IxODYtZWY0Mi00NTE3LWIzMmYt
NWU5NzQzNzc2MDBjLzEvTElVVENBbm5tUHpzeDJHVDNpdTNsSHZpU2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8zM2IxODYtZWY0Mi00NTE3LWIzMmYtNWU5NzQzNzc2MDBj
LzEvTUhMTlhmY3lPVmVyaDhCX1hOMFZ5UjdfeU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA0BAIAATAuMAwDBAMFPRgD
BAAFPRoDBAIFPRwwDAMEAFx3OQMEAFx3OgMEALlJcAMEALlJcjAPBAIAAjAJAwcB
KgUtgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBxLh6PEeLbHXhnbgn0ottUFTvMq62P
mnYMT2YJ18m81JzFqT6i8HbY5phn1Yv6uOSCVqg3qIXbfWWA2/DT+ejg9oSRPB6U
cTwwpyTc//rkfsBfZW0VavvpBnCdk+3LRWL2oMpuhG61dCve3d8r5E7kYRMM1bGk
86sr+Dvh566kdjSHP+B4ZIaXcnAuGkUcSAaN4PdLDP9y9ojLzFOjQueLOjh1d5jh
LQorwFeyKiOISE+TUHoN/6Y9f5HVGfpOhA5xK4LI/zKVLZWF3sgBU3/BNUrzJ22w
7BWiq4x8GACJYbdjFISZMTfWOf/0KQeJQe5msaWsf+wb/H0pe2BWjnpO
-----END CERTIFICATE-----