Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/ca510c-b6d1-4eb3-8dd1-498f4c10b655/1/VVTKD2nfazcSw-QL0-S-OsjbiOo.roa
File:                     VVTKD2nfazcSw-QL0-S-OsjbiOo.roa (raw, json)
Hash identifier:          QXZF7cW9UQ+O7kEz1H9vjTcbp6S7HC7cwMuz3dlDyQY=
Subject key identifier:   55:54:CA:0F:69:DF:6B:37:12:C3:E4:0B:D3:E4:BE:3A:C8:DB:88:EA
Certificate issuer:       /CN=ded8582b0243863c572ce25786ccb36ff795b22e
Certificate serial:       018631624097BCFA4D82D8BD4210A49A7F05
Authority key identifier: DE:D8:58:2B:02:43:86:3C:57:2C:E2:57:86:CC:B3:6F:F7:95:B2:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3thYKwJDhjxXLOJXhsyzb_eVsi4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/ca510c-b6d1-4eb3-8dd1-498f4c10b655/1/VVTKD2nfazcSw-QL0-S-OsjbiOo.roa
Signing time:             Wed 08 Feb 2023 14:16:08 +0000
ROA not before:           Wed 08 Feb 2023 14:16:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34605
IP address blocks:        178.218.79.0/24 maxlen: 24
                          45.142.90.0/24 maxlen: 24
                          45.142.88.0/24 maxlen: 24
                          178.218.64.0/24 maxlen: 24
                          178.218.67.0/24 maxlen: 24
                          178.218.66.0/24 maxlen: 24
                          178.218.65.0/24 maxlen: 24
                          178.218.71.0/24 maxlen: 24
                          178.218.70.0/24 maxlen: 24
                          178.218.69.0/24 maxlen: 24
                          178.218.68.0/24 maxlen: 24
                          178.218.74.0/24 maxlen: 24
                          178.218.73.0/24 maxlen: 24
                          178.218.72.0/24 maxlen: 24
                          178.218.78.0/24 maxlen: 24
                          178.218.77.0/24 maxlen: 24
                          178.218.76.0/24 maxlen: 24
                          178.218.75.0/24 maxlen: 24
                          194.126.204.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:31:62:40:97:bc:fa:4d:82:d8:bd:42:10:a4:9a:7f:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ded8582b0243863c572ce25786ccb36ff795b22e
        Validity
            Not Before: Feb  8 14:16:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5554ca0f69df6b3712c3e40bd3e4be3ac8db88ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:0c:71:97:64:2d:9a:7e:e3:82:9a:c8:1f:b6:
                    94:f7:62:24:45:2c:b9:14:46:20:54:d2:19:78:95:
                    b1:06:a5:34:f4:25:01:e5:a3:82:5e:d9:1f:41:76:
                    d3:24:7f:81:8a:d3:78:a7:8f:e7:76:af:ca:cb:d6:
                    f6:32:ad:f9:54:dd:44:f3:73:dc:f4:28:95:f9:5b:
                    c8:74:b4:c7:8f:3f:65:db:11:f3:f1:b4:61:d2:c2:
                    28:4b:03:41:87:d0:6f:09:22:6f:16:3e:6f:88:fc:
                    fb:59:23:c8:cf:a4:aa:bf:4c:da:aa:1b:e8:91:d9:
                    f4:61:54:29:83:fa:f5:e5:8a:ad:a4:6c:6c:87:02:
                    6b:a2:1a:74:33:68:66:f1:bd:b2:54:af:dc:a1:e0:
                    48:18:71:e0:82:cb:b6:06:f3:93:6f:8e:0b:ef:36:
                    c0:ea:2e:f6:7d:2c:6e:76:51:ce:86:89:58:64:c0:
                    e6:47:1a:cf:3f:4a:70:37:3d:a5:e1:f3:63:c9:12:
                    bf:50:98:11:b2:a4:15:e4:14:da:2c:07:6c:bb:f6:
                    e3:fe:a7:e1:99:00:67:03:0d:f1:41:aa:96:13:8c:
                    23:f9:32:30:ec:5f:87:89:88:e7:c7:ef:95:f1:cc:
                    22:75:bc:1f:f6:2b:39:fb:61:61:45:ad:5c:d6:6f:
                    a8:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:54:CA:0F:69:DF:6B:37:12:C3:E4:0B:D3:E4:BE:3A:C8:DB:88:EA
            X509v3 Authority Key Identifier:
                keyid:DE:D8:58:2B:02:43:86:3C:57:2C:E2:57:86:CC:B3:6F:F7:95:B2:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3thYKwJDhjxXLOJXhsyzb_eVsi4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/ca510c-b6d1-4eb3-8dd1-498f4c10b655/1/VVTKD2nfazcSw-QL0-S-OsjbiOo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/ca510c-b6d1-4eb3-8dd1-498f4c10b655/1/3thYKwJDhjxXLOJXhsyzb_eVsi4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.88.0/24
                  45.142.90.0/24
                  178.218.64.0/20
                  194.126.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:85:ee:34:a6:38:49:74:cd:3a:c7:52:4f:8f:4c:79:bf:15:
         4b:9e:b3:d2:ec:d1:ae:b9:ea:1d:64:14:aa:f4:cb:42:bb:14:
         83:ed:46:cb:a3:70:e2:00:e5:05:80:4a:0d:33:f4:fe:58:bc:
         f4:e4:1b:be:da:91:a6:c8:6e:9e:7d:a9:36:03:66:5a:15:35:
         47:d2:7c:1b:1c:fc:95:cf:0f:eb:e9:27:a7:db:95:b2:66:71:
         0a:ce:9d:3d:dd:b3:ee:ba:2d:b7:1f:1c:a2:b9:00:ae:4e:7f:
         b4:9e:76:2a:68:36:a4:c5:0a:cc:1a:58:87:f9:a0:fe:d6:c5:
         f0:7b:2a:2d:2d:5f:5f:f3:70:24:e8:d0:09:f2:06:46:0e:fb:
         33:31:6c:de:4c:7c:93:18:a4:e0:60:10:49:c4:60:59:6a:cd:
         e5:9f:95:44:66:ea:cc:ce:29:32:0a:1d:d1:f9:c0:fa:59:c3:
         c3:c4:19:40:ce:3b:fc:39:95:2a:e8:9d:f6:79:27:83:12:db:
         31:8a:8a:6b:cf:86:8f:23:5c:73:39:d9:0b:84:03:6d:7f:5a:
         76:b4:04:b0:41:74:d9:c8:5a:cb:f1:5d:81:d0:5f:78:7a:35:
         2c:68:5c:43:6d:e3:99:14:c9:b4:2e:fe:6a:9c:79:af:74:e2:
         ed:a4:d5:30
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYxYkCXvPpNgti9QhCkmn8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDg1ODJiMDI0Mzg2M2M1NzJjZTI1Nzg2Y2NiMzZmZjc5
NWIyMmUwHhcNMjMwMjA4MTQxNjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTU0Y2EwZjY5ZGY2YjM3MTJjM2U0MGJkM2U0YmUzYWM4ZGI4OGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAxxl2Qtmn7jgprIH7aU92IkRSy5
FEYgVNIZeJWxBqU09CUB5aOCXtkfQXbTJH+BitN4p4/ndq/Ky9b2Mq35VN1E83Pc
9CiV+VvIdLTHjz9l2xHz8bRh0sIoSwNBh9BvCSJvFj5viPz7WSPIz6Sqv0zaqhvo
kdn0YVQpg/r15YqtpGxshwJrohp0M2hm8b2yVK/coeBIGHHggsu2BvOTb44L7zbA
6i72fSxudlHOholYZMDmRxrPP0pwNz2l4fNjyRK/UJgRsqQV5BTaLAdsu/bj/qfh
mQBnAw3xQaqWE4wj+TIw7F+HiYjnx++V8cwidbwf9is5+2FhRa1c1m+oHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFVUyg9p32s3EsPkC9PkvjrI24jqMB8GA1UdIwQY
MBaAFN7YWCsCQ4Y8VyziV4bMs2/3lbIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3RoWUt3SkRoanhYTE9KWGhzeXpiX2VWc2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jYTUxMGMtYjZkMS00ZWIzLThkZDEt
NDk4ZjRjMTBiNjU1LzEvVlZUS0QybmZhemNTdy1RTDAtUy1Pc2piaU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jYTUxMGMtYjZkMS00ZWIzLThkZDEtNDk4ZjRjMTBiNjU1
LzEvM3RoWUt3SkRoanhYTE9KWGhzeXpiX2VWc2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY5YAwQA
LY5aAwQEstpAAwQAwn7MMA0GCSqGSIb3DQEBCwUAA4IBAQAGhe40pjhJdM06x1JP
j0x5vxVLnrPS7NGuueodZBSq9MtCuxSD7UbLo3DiAOUFgEoNM/T+WLz05Bu+2pGm
yG6efak2A2ZaFTVH0nwbHPyVzw/r6Sen25WyZnEKzp093bPuui23HxyiuQCuTn+0
nnYqaDakxQrMGliH+aD+1sXweyotLV9f83Ak6NAJ8gZGDvszMWzeTHyTGKTgYBBJ
xGBZas3ln5VEZurMzikyCh3R+cD6WcPDxBlAzjv8OZUq6J32eSeDEtsxioprz4aP
I1xzOdkLhANtf1p2tASwQXTZyFrL8V2B0F94ejUsaFxDbeOZFMm0Lv5qnHmvdOLt
pNUw
-----END CERTIFICATE-----