Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/7rGCelZCi0WNRg8vo7Hemdfe3sw.roa
File:                     7rGCelZCi0WNRg8vo7Hemdfe3sw.roa (raw, json)
Hash identifier:          GkqnwtE5uCYk/MJPEcPIBFV2aLdNFCTNLCiloP2EMBE=
Subject key identifier:   EE:B1:82:7A:56:42:8B:45:8D:46:0F:2F:A3:B1:DE:99:D7:DE:DE:CC
Certificate issuer:       /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial:       018AB5F8D1ACAE2131AE5BB1BAA6DB4F005A
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/7rGCelZCi0WNRg8vo7Hemdfe3sw.roa
Signing time:             Thu 21 Sep 2023 04:21:37 +0000
ROA not before:           Thu 21 Sep 2023 04:21:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        83.147.40.0/22 maxlen: 24
                          83.147.61.0/24 maxlen: 24
                          83.147.4.0/22 maxlen: 24
                          83.147.0.0/22 maxlen: 24
                          83.147.11.0/24 maxlen: 24
                          83.147.9.0/24 maxlen: 24
                          83.147.14.0/24 maxlen: 24
                          83.147.20.0/23 maxlen: 24
                          83.147.23.0/24 maxlen: 24
                          83.147.28.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 01 Oct 2023 06:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b5:f8:d1:ac:ae:21:31:ae:5b:b1:ba:a6:db:4f:00:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
        Validity
            Not Before: Sep 21 04:21:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=eeb1827a56428b458d460f2fa3b1de99d7dedecc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:24:af:3b:8e:04:95:39:3e:83:6d:33:59:28:
                    b4:4c:32:8d:ba:0a:c2:39:a8:86:ef:f1:3d:27:e9:
                    68:a9:d0:fc:9f:87:00:e3:b8:8c:df:ee:e0:d4:18:
                    06:6d:33:99:b3:c7:ba:dd:73:8d:7f:4c:e4:b7:ad:
                    47:26:4c:98:ce:f4:a9:cb:f5:e8:d2:69:fc:1f:cc:
                    32:a0:45:f8:bf:c7:d9:58:79:98:7e:2a:a8:ec:57:
                    58:b0:19:7b:e4:a2:34:da:96:14:32:9e:d6:1e:50:
                    1d:2d:68:bf:cc:4c:29:09:73:f2:91:ae:4f:a8:97:
                    92:7b:da:c0:41:b3:bb:07:07:49:38:3d:fd:38:2f:
                    2f:4c:f6:37:6b:3d:52:84:94:00:e1:00:a5:76:6d:
                    49:6d:db:cf:03:8e:bd:84:d6:8f:b5:96:53:90:be:
                    02:39:66:50:2c:15:40:c5:c0:7d:4b:49:ab:d2:57:
                    ff:cb:3e:b1:af:df:78:92:7a:48:09:c4:73:8e:6e:
                    15:cf:c7:02:fc:2e:29:2e:18:4b:c4:ab:a0:27:23:
                    96:be:99:22:7f:ba:d7:32:f1:f3:d8:3b:37:b7:51:
                    c8:b5:0f:22:58:34:f4:68:41:5d:c9:c8:8d:f9:7c:
                    ee:f4:9d:db:b7:e5:c2:03:04:e7:f4:4a:d0:85:58:
                    30:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:B1:82:7A:56:42:8B:45:8D:46:0F:2F:A3:B1:DE:99:D7:DE:DE:CC
            X509v3 Authority Key Identifier:
                keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/7rGCelZCi0WNRg8vo7Hemdfe3sw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.0.0/21
                  83.147.9.0/24
                  83.147.11.0/24
                  83.147.14.0/24
                  83.147.20.0/23
                  83.147.23.0/24
                  83.147.28.0/22
                  83.147.40.0/22
                  83.147.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:1e:49:2a:81:5c:da:dc:22:01:9a:04:48:9c:26:59:ab:ed:
         d0:d0:c4:b6:ff:30:f0:2e:61:5a:4f:8d:02:78:c6:0d:08:c4:
         56:2d:ce:ef:90:ce:2e:d5:fc:29:98:aa:de:77:b2:18:1c:43:
         c8:90:9c:34:62:55:b8:ee:8e:c4:ef:87:f3:77:2b:4c:5a:47:
         31:14:90:0a:3d:4f:c4:38:1a:33:60:32:e5:58:e1:a8:e0:cc:
         80:37:01:be:e5:5e:b6:66:8a:d0:ee:f6:38:96:38:9b:2f:a3:
         48:ea:ac:71:e7:55:e8:e2:48:fd:b6:61:3e:a2:6f:b4:dc:61:
         a7:cd:10:1a:af:ec:02:66:71:cd:9a:c4:a1:51:38:5f:50:02:
         c4:e0:3d:f8:14:cd:c4:28:e3:b5:94:98:43:07:a3:2d:2e:b4:
         70:e7:01:6c:dc:f4:a9:e7:9f:c9:51:d1:3d:ba:a1:8c:4a:29:
         c2:36:a4:9d:e6:dc:73:3b:af:ef:01:c6:c2:a3:e3:89:66:49:
         78:44:0a:55:6a:25:6b:d1:3b:12:56:80:d7:ef:ce:40:8d:b7:
         e0:5f:5a:3f:9c:19:b8:6f:db:e4:22:ec:1c:89:67:95:10:33:
         29:53:9d:c6:9e:c0:df:8e:96:0c:51:52:b8:3c:b5:6a:26:dc:
         da:4e:cb:c5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYq1+NGsriExrluxuqbbTwBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwOTIxMDQyMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWIxODI3YTU2NDI4YjQ1OGQ0NjBmMmZhM2IxZGU5OWQ3ZGVkZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSSvO44ElTk+g20zWSi0TDKNugrC
OaiG7/E9J+loqdD8n4cA47iM3+7g1BgGbTOZs8e63XONf0zkt61HJkyYzvSpy/Xo
0mn8H8wyoEX4v8fZWHmYfiqo7FdYsBl75KI02pYUMp7WHlAdLWi/zEwpCXPyka5P
qJeSe9rAQbO7BwdJOD39OC8vTPY3az1ShJQA4QCldm1JbdvPA469hNaPtZZTkL4C
OWZQLBVAxcB9S0mr0lf/yz6xr994knpICcRzjm4Vz8cC/C4pLhhLxKugJyOWvpki
f7rXMvHz2Ds3t1HItQ8iWDT0aEFdyciN+Xzu9J3bt+XCAwTn9ErQhVgwtwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFO6xgnpWQotFjUYPL6Ox3pnX3t7MMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvN3JHQ2VsWkNpMFdOUmc4dm83SGVtZGZlM3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDU5MAAwQA
U5MJAwQAU5MLAwQAU5MOAwQBU5MUAwQAU5MXAwQCU5McAwQCU5MoAwQAU5M9MA0G
CSqGSIb3DQEBCwUAA4IBAQCmHkkqgVza3CIBmgRInCZZq+3Q0MS2/zDwLmFaT40C
eMYNCMRWLc7vkM4u1fwpmKred7IYHEPIkJw0YlW47o7E74fzdytMWkcxFJAKPU/E
OBozYDLlWOGo4MyANwG+5V62ZorQ7vY4ljibL6NI6qxx51Xo4kj9tmE+om+03GGn
zRAar+wCZnHNmsShUThfUALE4D34FM3EKOO1lJhDB6MtLrRw5wFs3PSp55/JUdE9
uqGMSinCNqSd5txzO6/vAcbCo+OJZkl4RApVaiVr0TsSVoDX785AjbfgX1o/nBm4
b9vkIuwciWeVEDMpU53GnsDfjpYMUVK4PLVqJtzaTsvF
-----END CERTIFICATE-----