Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/f3wN0x9bXsR9-MnO-X4RnJUNamw.roa
File:                     f3wN0x9bXsR9-MnO-X4RnJUNamw.roa (raw, json)
Hash identifier:          Li9fzHS7Z85pO3HH4fX6GYo9104O6EItxVEQfngjeio=
Subject key identifier:   7F:7C:0D:D3:1F:5B:5E:C4:7D:F8:C9:CE:F9:7E:11:9C:95:0D:6A:6C
Certificate issuer:       /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial:       018CC3B68176C2F4DB3EE31049A486CFD698
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/f3wN0x9bXsR9-MnO-X4RnJUNamw.roa
Signing time:             Mon 01 Jan 2024 06:29:26 +0000
ROA not before:           Mon 01 Jan 2024 06:29:26 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     47952
IP address blocks:        185.82.222.0/24 maxlen: 24
                          185.82.221.0/24 maxlen: 24
                          185.82.220.0/24 maxlen: 24
                          185.82.223.0/24 maxlen: 24
                          91.194.52.0/24 maxlen: 24
                          91.194.54.0/24 maxlen: 24
                          185.201.213.0/24 maxlen: 24
                          185.201.212.0/24 maxlen: 24
                          185.201.214.0/24 maxlen: 24
                          185.201.215.0/24 maxlen: 24
                          2a0a:c4c0:1::/48 maxlen: 48
                          2a0a:c4c0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 29 Feb 2024 10:25:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b6:81:76:c2:f4:db:3e:e3:10:49:a4:86:cf:d6:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
        Validity
            Not Before: Jan  1 06:29:26 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7f7c0dd31f5b5ec47df8c9cef97e119c950d6a6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:e2:1c:48:ef:ec:4d:fd:ad:71:7d:c2:60:67:
                    60:de:d2:3e:42:26:37:20:10:09:39:b8:1c:eb:21:
                    77:cb:53:a3:ce:23:05:8e:65:dd:66:a1:ef:38:98:
                    63:c9:48:5b:fc:6d:e5:9c:df:8f:0b:f1:56:84:f4:
                    a8:3e:be:ff:b3:61:13:eb:71:01:aa:15:a2:50:52:
                    9a:ee:7c:c5:4b:ed:81:02:42:18:a3:87:02:47:a4:
                    c1:47:6c:58:e3:9a:92:32:f7:4d:27:e6:dd:ad:f2:
                    ce:03:6d:e3:5c:2a:1f:48:ff:2e:bb:dd:17:2d:6d:
                    b4:53:08:61:a0:ba:4a:3b:b5:76:31:47:f4:da:25:
                    a9:87:ac:06:11:9c:45:6c:b8:4e:a8:c4:c3:87:cd:
                    ec:43:d8:12:09:1f:3b:02:37:3e:7a:61:3e:1b:f4:
                    94:ef:26:87:a4:f8:ff:1b:28:20:fb:5d:c8:fd:9d:
                    e0:ec:d7:a4:b0:93:5c:81:df:8b:16:15:00:e4:05:
                    f7:bc:f0:df:b1:c6:fc:c6:cd:fc:ba:bd:f6:ec:2e:
                    2d:3c:6d:97:e6:7e:ba:da:1f:f5:69:62:0d:64:0b:
                    6a:d9:b1:13:bc:68:aa:3b:04:46:99:cf:7b:3b:69:
                    04:05:11:26:d5:4b:de:01:1a:7b:8b:82:ff:ee:04:
                    77:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:7C:0D:D3:1F:5B:5E:C4:7D:F8:C9:CE:F9:7E:11:9C:95:0D:6A:6C
            X509v3 Authority Key Identifier:
                keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/f3wN0x9bXsR9-MnO-X4RnJUNamw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.194.52.0/24
                  91.194.54.0/24
                  185.82.220.0/22
                  185.201.212.0/22
                IPv6:
                  2a0a:c4c0::/47

    Signature Algorithm: sha256WithRSAEncryption
         78:37:a9:ac:c7:b9:11:0c:d5:8b:67:4e:fe:7c:27:b0:9d:15:
         4b:b0:03:6e:6c:3c:14:75:3a:98:ba:ca:09:7a:12:68:9d:1b:
         9f:d0:00:9e:0b:ce:f4:fd:7d:ef:7f:76:48:f8:0d:bd:dc:fd:
         90:6d:3f:df:63:3b:1a:2a:33:d6:4a:07:8a:08:c5:70:16:7d:
         15:2a:e1:dc:8c:ab:55:f3:40:58:bc:e5:9a:bb:51:08:38:a1:
         6b:cf:5b:61:f0:5f:cb:16:ba:24:3e:98:66:05:b4:51:8a:d0:
         02:8c:95:73:32:67:8e:4b:1c:9a:de:27:52:06:c3:1d:75:07:
         d7:4c:d5:d9:14:78:06:c1:64:b5:4d:91:e8:8c:10:ee:ee:f3:
         ed:1c:f1:d9:03:0d:e5:e9:f5:27:7c:af:41:6d:f1:20:8c:45:
         ed:73:06:35:00:27:ef:d4:d7:dc:a1:ec:29:ac:27:87:29:e9:
         28:66:55:1a:76:fe:90:d1:ee:32:aa:9e:f9:7d:8e:82:22:a8:
         88:46:00:ab:57:8b:42:5a:9a:83:bc:aa:66:0c:ac:a8:ab:a8:
         d2:47:22:9e:dc:ed:6e:e2:59:23:38:7a:0c:ce:9b:8a:40:ab:
         98:9b:da:84:a8:23:e9:c6:3c:aa:8f:03:12:70:21:a8:be:e0:
         ab:29:e9:7f
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzDtoF2wvTbPuMQSaSGz9aYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzBiNzNiNTFjYmM1MzgwZGQ0YWRiM2Q1YWFmZjRkN2Ez
MzRjNWUwHhcNMjQwMTAxMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjdjMGRkMzFmNWI1ZWM0N2RmOGM5Y2VmOTdlMTE5Yzk1MGQ2YTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeIcSO/sTf2tcX3CYGdg3tI+QiY3
IBAJObgc6yF3y1OjziMFjmXdZqHvOJhjyUhb/G3lnN+PC/FWhPSoPr7/s2ET63EB
qhWiUFKa7nzFS+2BAkIYo4cCR6TBR2xY45qSMvdNJ+bdrfLOA23jXCofSP8uu90X
LW20UwhhoLpKO7V2MUf02iWph6wGEZxFbLhOqMTDh83sQ9gSCR87Ajc+emE+G/SU
7yaHpPj/Gygg+13I/Z3g7NeksJNcgd+LFhUA5AX3vPDfscb8xs38ur327C4tPG2X
5n662h/1aWINZAtq2bETvGiqOwRGmc97O2kEBREm1UveARp7i4L/7gR3iQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFH98DdMfW17EffjJzvl+EZyVDWpsMB8GA1UdIwQY
MBaAFLYwtztRy8U4DdSts9Wq/016M0xeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQt
MGQ0OGU2ODk1ZjEyLzEvZjN3TjB4OWJYc1I5LU1uTy1YNFJuSlVOYW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQtMGQ0OGU2ODk1ZjEy
LzEvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAW8I0AwQA
W8I2AwQCuVLcAwQCucnUMA8EAgACMAkDBwEqCsTAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAHg3qazHuREM1YtnTv58J7CdFUuwA25sPBR1Opi6ygl6EmidG5/QAJ4LzvT9
fe9/dkj4Db3c/ZBtP99jOxoqM9ZKB4oIxXAWfRUq4dyMq1XzQFi85Zq7UQg4oWvP
W2HwX8sWuiQ+mGYFtFGK0AKMlXMyZ45LHJreJ1IGwx11B9dM1dkUeAbBZLVNkeiM
EO7u8+0c8dkDDeXp9Sd8r0Ft8SCMRe1zBjUAJ+/U19yh7CmsJ4cp6ShmVRp2/pDR
7jKqnvl9joIiqIhGAKtXi0JamoO8qmYMrKirqNJHIp7c7W7iWSM4egzOm4pAq5ib
2oSoI+nGPKqPAxJwIai+4Ksp6X8=
-----END CERTIFICATE-----