Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/6tBm7FXGbJNNcqo-Da6jRWYajtU.roa
File:                     6tBm7FXGbJNNcqo-Da6jRWYajtU.roa (raw, json)
Hash identifier:          590lKwI1qDnJ7ZJeyBbFqvL56fcfjIZGcXH/XwumLzk=
Subject key identifier:   EA:D0:66:EC:55:C6:6C:93:4D:72:AA:3E:0D:AE:A3:45:66:1A:8E:D5
Certificate issuer:       /CN=ec5ada0dc900a13c83b70ac3f587fb8c2e1df030
Certificate serial:       018CC3B69C6AFE485759A6D033C4EEE3D343
Authority key identifier: EC:5A:DA:0D:C9:00:A1:3C:83:B7:0A:C3:F5:87:FB:8C:2E:1D:F0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7FraDckAoTyDtwrD9Yf7jC4d8DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/6tBm7FXGbJNNcqo-Da6jRWYajtU.roa
Signing time:             Mon 01 Jan 2024 06:29:33 +0000
ROA not before:           Mon 01 Jan 2024 06:29:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51580
IP address blocks:        31.193.16.0/20 maxlen: 24
                          80.66.208.0/20 maxlen: 24
                          145.14.160.0/19 maxlen: 24
                          141.105.152.0/21 maxlen: 24
                          185.121.148.0/22 maxlen: 24
                          178.250.64.0/21 maxlen: 24
                          185.139.28.0/22 maxlen: 24
                          185.5.180.0/22 maxlen: 24
                          194.110.56.0/22 maxlen: 24
                          46.17.152.0/21 maxlen: 24
                          178.218.148.0/22 maxlen: 24
                          185.180.180.0/23 maxlen: 24
                          109.238.16.0/20 maxlen: 24
                          185.55.88.0/22 maxlen: 24
Validation:               Failed, certificate revoked on Wed 26 Jun 2024 15:59:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:9c:6a:fe:48:57:59:a6:d0:33:c4:ee:e3:d3:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ec5ada0dc900a13c83b70ac3f587fb8c2e1df030
        Validity
            Not Before: Jan  1 06:29:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=ead066ec55c66c934d72aa3e0daea345661a8ed5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:44:9e:3f:43:fb:3c:52:a8:1c:41:e3:73:b0:
                    54:4d:1e:53:c1:48:83:d5:96:d2:86:da:1b:e7:31:
                    e3:fa:45:d9:d2:eb:bc:08:8c:eb:39:46:4d:f1:b0:
                    a1:7e:a6:f2:5e:e8:5b:d5:5b:83:3a:22:59:eb:6c:
                    a0:10:82:fb:d8:0c:a4:4b:fb:46:cd:cb:c2:09:2b:
                    c1:e8:69:81:a0:54:2c:77:c3:03:4f:3e:2f:f2:ed:
                    0d:89:b6:97:82:3b:22:34:6d:4a:75:9a:4f:da:88:
                    2a:18:2c:24:d9:88:49:92:b7:7a:d9:8e:43:1b:f5:
                    0c:af:83:53:3b:9b:28:b6:37:d8:50:cf:6f:dc:c4:
                    5d:74:65:bb:cd:23:8e:2a:de:8f:b9:28:58:ce:a1:
                    5c:43:b1:2e:87:68:db:0c:d9:8c:4d:7b:be:69:a9:
                    29:8b:a0:f0:b9:00:22:38:ae:56:53:29:3a:f3:ba:
                    e8:d3:45:8f:be:6e:72:ca:43:39:6c:2d:51:c6:f3:
                    0c:d8:0b:a5:07:f6:98:43:3c:b5:b8:1c:0e:f6:56:
                    36:f3:0d:1b:65:52:5f:52:31:a9:9a:be:77:0c:a5:
                    03:5c:3e:4f:97:45:b1:88:1c:58:91:bd:9f:cb:af:
                    3f:28:8c:0d:91:be:30:99:7f:75:08:ab:7a:6c:2d:
                    fd:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:D0:66:EC:55:C6:6C:93:4D:72:AA:3E:0D:AE:A3:45:66:1A:8E:D5
            X509v3 Authority Key Identifier:
                keyid:EC:5A:DA:0D:C9:00:A1:3C:83:B7:0A:C3:F5:87:FB:8C:2E:1D:F0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7FraDckAoTyDtwrD9Yf7jC4d8DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/6tBm7FXGbJNNcqo-Da6jRWYajtU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ca734b-5a0b-4a03-8131-cfefeaee865e/1/7FraDckAoTyDtwrD9Yf7jC4d8DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.193.16.0/20
                  46.17.152.0/21
                  80.66.208.0/20
                  109.238.16.0/20
                  141.105.152.0/21
                  145.14.160.0/19
                  178.218.148.0/22
                  178.250.64.0/21
                  185.5.180.0/22
                  185.55.88.0/22
                  185.121.148.0/22
                  185.139.28.0/22
                  185.180.180.0/23
                  194.110.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         13:f0:c5:75:0f:a8:a3:6a:d4:d0:fb:11:88:7b:fb:10:b6:07:
         97:b5:01:76:4f:ad:c5:ed:49:d1:ca:fa:ef:3a:25:8e:d5:19:
         20:0c:7a:6d:32:a7:d8:23:6d:d3:27:30:cc:69:d4:d1:2f:ba:
         4e:38:12:b7:34:81:90:92:4d:26:a8:77:93:06:ce:1c:8d:82:
         ab:46:0f:86:b3:51:ac:cd:94:3f:f6:01:40:16:63:e2:63:86:
         9d:e7:2f:22:95:8c:0d:60:65:55:b0:4e:50:e0:17:e5:e2:c1:
         f5:31:78:fe:60:83:d6:9c:52:23:d2:af:d3:79:1d:3a:74:7e:
         96:9a:80:00:74:d9:fb:ec:f4:b6:c6:60:71:d4:b3:3d:ff:dc:
         08:b6:09:5a:ec:79:73:65:08:89:8e:e0:b6:2a:c3:00:dc:32:
         b8:21:50:79:c4:49:7b:1a:f9:c7:e3:3b:66:60:88:90:74:06:
         c5:57:cf:8f:63:92:7e:ca:65:df:5f:e5:47:7d:e8:bc:5b:85:
         12:0e:2a:d7:04:20:73:cf:5e:96:8a:f9:9c:97:eb:68:38:67:
         06:62:0d:f1:ae:5c:fb:45:d9:1f:f2:68:33:e0:ba:ae:21:23:
         73:f5:f8:b1:90:17:0c:8f:6d:14:68:d0:da:1d:06:0a:be:22:
         68:81:ab:4b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzDtpxq/khXWabQM8Tu49NDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNWFkYTBkYzkwMGExM2M4M2I3MGFjM2Y1ODdmYjhjMmUx
ZGYwMzAwHhcNMjQwMTAxMDYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWQwNjZlYzU1YzY2YzkzNGQ3MmFhM2UwZGFlYTM0NTY2MWE4ZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtESeP0P7PFKoHEHjc7BUTR5TwUiD
1ZbShtob5zHj+kXZ0uu8CIzrOUZN8bChfqbyXuhb1VuDOiJZ62ygEIL72AykS/tG
zcvCCSvB6GmBoFQsd8MDTz4v8u0NibaXgjsiNG1KdZpP2ogqGCwk2YhJkrd62Y5D
G/UMr4NTO5sotjfYUM9v3MRddGW7zSOOKt6PuShYzqFcQ7Euh2jbDNmMTXu+aakp
i6DwuQAiOK5WUyk687ro00WPvm5yykM5bC1RxvMM2AulB/aYQzy1uBwO9lY28w0b
ZVJfUjGpmr53DKUDXD5Pl0WxiBxYkb2fy68/KIwNkb4wmX91CKt6bC39hQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFOrQZuxVxmyTTXKqPg2uo0VmGo7VMB8GA1UdIwQY
MBaAFOxa2g3JAKE8g7cKw/WH+4wuHfAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZyYURja0FvVHlEdHdyRDlZZjdqQzRkOERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jYTczNGItNWEwYi00YTAzLTgxMzEt
Y2ZlZmVhZWU4NjVlLzEvNnRCbTdGWEdiSk5OY3FvLURhNmpSV1lhanRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jYTczNGItNWEwYi00YTAzLTgxMzEtY2ZlZmVhZWU4NjVl
LzEvN0ZyYURja0FvVHlEdHdyRDlZZjdqQzRkOERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQEH8EQAwQD
LhGYAwQEUELQAwQEbe4QAwQDjWmYAwQFkQ6gAwQCstqUAwQDsvpAAwQCuQW0AwQC
uTdYAwQCuXmUAwQCuYscAwQBubS0AwQCwm44MA0GCSqGSIb3DQEBCwUAA4IBAQAT
8MV1D6ijatTQ+xGIe/sQtgeXtQF2T63F7UnRyvrvOiWO1RkgDHptMqfYI23TJzDM
adTRL7pOOBK3NIGQkk0mqHeTBs4cjYKrRg+Gs1GszZQ/9gFAFmPiY4ad5y8ilYwN
YGVVsE5Q4Bfl4sH1MXj+YIPWnFIj0q/TeR06dH6WmoAAdNn77PS2xmBx1LM9/9wI
tgla7HlzZQiJjuC2KsMA3DK4IVB5xEl7GvnH4ztmYIiQdAbFV8+PY5J+ymXfX+VH
fei8W4USDirXBCBzz16Wivmcl+toOGcGYg3xrlz7Rdkf8mgz4LquISNz9fixkBcM
j20UaNDaHQYKviJogatL
-----END CERTIFICATE-----