Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/d74urAZTe82OmBQWdPWp8T3JNOM.roa
File:                     d74urAZTe82OmBQWdPWp8T3JNOM.roa (raw, json)
Hash identifier:          0IZaQWcU7TQL8A4zPW/BKKd9PDX0VHGp84oDPfrW810=
Subject key identifier:   77:BE:2E:AC:06:53:7B:CD:8E:98:14:16:74:F5:A9:F1:3D:C9:34:E3
Certificate issuer:       /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial:       0189F8D09D64EA34981B9AF7DF634A3BADC7
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/d74urAZTe82OmBQWdPWp8T3JNOM.roa
Signing time:             Tue 15 Aug 2023 10:49:28 +0000
ROA not before:           Tue 15 Aug 2023 10:49:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36007
IP address blocks:        45.91.171.0/24 maxlen: 24
                          185.53.209.0/24 maxlen: 24
                          103.13.211.0/24 maxlen: 24
                          103.241.66.0/24 maxlen: 24
                          103.45.245.0/24 maxlen: 24
                          103.45.246.0/24 maxlen: 24
                          185.47.172.0/24 maxlen: 24
                          91.223.169.0/24 maxlen: 24
                          91.202.170.0/24 maxlen: 24
                          2a06:c5c0:1700::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 17 Aug 2023 13:18:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f8:d0:9d:64:ea:34:98:1b:9a:f7:df:63:4a:3b:ad:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
        Validity
            Not Before: Aug 15 10:49:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=77be2eac06537bcd8e98141674f5a9f13dc934e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:de:94:7e:89:27:df:fb:7c:d9:16:6f:5b:52:
                    04:db:5f:00:b8:17:d9:c4:21:f9:3a:2a:31:11:79:
                    0e:97:de:b6:ef:45:10:93:9f:18:73:28:8c:32:ae:
                    af:3f:e6:e7:0d:db:eb:4c:bf:b9:c6:fe:e7:b1:06:
                    19:24:9e:36:73:1d:36:f9:8f:90:58:1a:d9:32:54:
                    fa:86:28:02:82:37:ec:65:7a:ec:14:10:a2:9d:00:
                    aa:f8:d1:6f:c0:b5:ba:f6:da:7c:35:a8:78:fd:30:
                    72:2c:7a:df:b6:78:90:b9:61:9f:aa:f7:31:c9:3c:
                    f6:86:69:19:67:d2:01:2b:49:00:54:65:45:aa:7d:
                    d3:fd:15:2a:d4:a4:bf:06:4d:f9:27:ec:a0:c0:01:
                    73:41:ee:15:b4:93:71:62:56:b3:4b:5e:73:7c:98:
                    39:45:34:81:4b:f1:7b:78:6a:b3:06:50:aa:2d:0d:
                    c3:2d:10:f2:ca:71:0f:84:4a:5f:96:06:5a:33:d7:
                    1f:c2:c9:85:0e:87:5f:5b:11:f7:f1:c3:0a:85:4e:
                    e8:d8:db:a5:e3:56:6b:1c:29:2f:ec:1a:66:fe:29:
                    40:50:19:2c:7c:ac:f6:e8:f5:1c:01:a7:fd:64:5d:
                    9b:4a:bb:6b:14:9d:8c:7b:20:a4:c1:55:b6:bb:dd:
                    c6:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:BE:2E:AC:06:53:7B:CD:8E:98:14:16:74:F5:A9:F1:3D:C9:34:E3
            X509v3 Authority Key Identifier:
                keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/d74urAZTe82OmBQWdPWp8T3JNOM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.91.171.0/24
                  91.202.170.0/24
                  91.223.169.0/24
                  103.13.211.0/24
                  103.45.245.0-103.45.246.255
                  103.241.66.0/24
                  185.47.172.0/24
                  185.53.209.0/24
                IPv6:
                  2a06:c5c0:1700::/48

    Signature Algorithm: sha256WithRSAEncryption
         38:53:ea:b4:7f:45:f9:70:50:c7:35:d7:a4:0c:3f:42:a2:bd:
         5f:5c:dd:06:d8:fa:4d:01:6e:4e:0d:dc:ca:69:e0:de:29:68:
         dd:17:86:59:8c:f3:7d:68:ed:57:04:8d:56:bb:1e:b9:d4:f3:
         e2:b6:4f:73:0d:1d:ef:98:cd:ca:3c:28:64:f1:7b:24:2f:71:
         ba:39:3d:82:15:2a:26:57:72:8b:08:ff:d0:42:23:70:84:42:
         b9:d5:f5:f5:94:21:1e:db:9a:13:4f:44:8c:11:86:3a:23:dd:
         fe:99:db:aa:dd:e0:66:7a:a4:c3:1b:36:8b:76:23:39:45:ed:
         41:93:50:ea:54:2e:82:8b:96:6d:a7:08:2e:37:d8:65:cc:36:
         70:33:f4:ed:12:9e:56:11:73:33:e2:ce:47:4b:ec:33:75:01:
         fc:71:af:a7:44:e1:42:6a:f6:96:6f:7e:81:b2:67:75:c7:7b:
         78:39:f3:13:67:5b:15:e4:d5:32:81:27:28:d8:03:e0:45:ba:
         d2:cd:df:74:37:53:89:95:0a:b4:9d:d0:99:12:97:32:03:a7:
         59:14:5a:2b:60:66:a0:04:3d:ea:23:4c:38:24:3b:8c:8c:f8:
         cf:2f:44:2d:7c:a1:73:72:99:f3:12:40:de:09:93:3b:b7:40:
         55:12:82:e4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYn40J1k6jSYG5r332NKO63HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjMwODE1MTA0OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2JlMmVhYzA2NTM3YmNkOGU5ODE0MTY3NGY1YTlmMTNkYzkzNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/d6Ufokn3/t82RZvW1IE218AuBfZ
xCH5OioxEXkOl96270UQk58YcyiMMq6vP+bnDdvrTL+5xv7nsQYZJJ42cx02+Y+Q
WBrZMlT6higCgjfsZXrsFBCinQCq+NFvwLW69tp8Nah4/TByLHrftniQuWGfqvcx
yTz2hmkZZ9IBK0kAVGVFqn3T/RUq1KS/Bk35J+ygwAFzQe4VtJNxYlazS15zfJg5
RTSBS/F7eGqzBlCqLQ3DLRDyynEPhEpflgZaM9cfwsmFDodfWxH38cMKhU7o2Nul
41ZrHCkv7Bpm/ilAUBksfKz26PUcAaf9ZF2bSrtrFJ2MeyCkwVW2u93G8QIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFHe+LqwGU3vNjpgUFnT1qfE9yTTjMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvZDc0dXJBWlRlODJPbUJRV2RQV3A4VDNKTk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA+BAIAATA4AwQALVurAwQA
W8qqAwQAW9+pAwQAZw3TMAwDBABnLfUDBABnLfYDBABn8UIDBAC5L6wDBAC5NdEw
DwQCAAIwCQMHACoGxcAXADANBgkqhkiG9w0BAQsFAAOCAQEAOFPqtH9F+XBQxzXX
pAw/QqK9X1zdBtj6TQFuTg3cymng3ilo3ReGWYzzfWjtVwSNVrseudTz4rZPcw0d
75jNyjwoZPF7JC9xujk9ghUqJldyiwj/0EIjcIRCudX19ZQhHtuaE09EjBGGOiPd
/pnbqt3gZnqkwxs2i3YjOUXtQZNQ6lQugouWbacILjfYZcw2cDP07RKeVhFzM+LO
R0vsM3UB/HGvp0ThQmr2lm9+gbJndcd7eDnzE2dbFeTVMoEnKNgD4EW60s3fdDdT
iZUKtJ3QmRKXMgOnWRRaK2BmoAQ96iNMOCQ7jIz4zy9ELXyhc3KZ8xJA3gmTO7dA
VRKC5A==
-----END CERTIFICATE-----