Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/795098-a2f0-4733-9709-e6eb919d7a02/1/1-erAlEf-PYgQIEgteGOkDVdKOFY.roa
File:                     1-erAlEf-PYgQIEgteGOkDVdKOFY.roa (raw, json)
Hash identifier:          GyEAEMKY9+iFhE6vJYCDodzNGtIHIYcfk7CMKroF1jk=
Subject key identifier:   F9:EA:C0:94:47:FE:3D:88:10:20:48:2D:78:63:A4:0D:57:4A:38:56
Certificate issuer:       /CN=e48da335b072536d58e6b7cdf4cdb16445bcbc33
Certificate serial:       018B708D630EA7B9A959ACE7D88A3EF40D6D
Authority key identifier: E4:8D:A3:35:B0:72:53:6D:58:E6:B7:CD:F4:CD:B1:64:45:BC:BC:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5I2jNbByU21Y5rfN9M2xZEW8vDM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/795098-a2f0-4733-9709-e6eb919d7a02/1/1-erAlEf-PYgQIEgteGOkDVdKOFY.roa
Signing time:             Fri 27 Oct 2023 09:53:15 +0000
ROA not before:           Fri 27 Oct 2023 09:53:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197107
IP address blocks:        185.58.88.0/24 maxlen: 24
                          185.58.89.0/24 maxlen: 24
                          185.58.90.0/24 maxlen: 24
                          185.58.91.0/24 maxlen: 24
                          195.225.64.0/24 maxlen: 24
                          195.225.66.0/24 maxlen: 24
                          178.20.192.0/24 maxlen: 24
                          178.20.196.0/24 maxlen: 24
                          178.20.197.0/24 maxlen: 24
                          178.20.198.0/24 maxlen: 24
                          178.20.199.0/24 maxlen: 24
                          178.20.193.0/24 maxlen: 24
                          178.20.194.0/24 maxlen: 24
                          178.20.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:70:8d:63:0e:a7:b9:a9:59:ac:e7:d8:8a:3e:f4:0d:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e48da335b072536d58e6b7cdf4cdb16445bcbc33
        Validity
            Not Before: Oct 27 09:53:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f9eac09447fe3d881020482d7863a40d574a3856
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c0:2f:fa:e9:8d:30:fb:b9:1b:dd:21:f1:40:
                    34:b4:e3:75:94:a9:22:17:07:20:1e:e0:8c:f0:a2:
                    f0:c7:ff:52:ae:51:49:79:5a:f5:49:66:6c:61:71:
                    f9:f9:01:3f:bc:58:0d:e0:9f:19:a6:3f:0d:38:01:
                    e2:48:78:7c:a6:98:6f:07:8e:4f:ac:61:57:22:24:
                    fd:e1:f0:4d:77:72:cc:c7:17:fa:a5:32:ae:cb:62:
                    4f:52:f6:f5:5f:b5:88:f9:cc:ed:96:62:70:39:1b:
                    8a:d6:b3:87:3a:68:e6:f1:6b:42:fc:80:14:9f:8d:
                    37:29:ee:ea:7f:ae:94:3f:03:a3:ff:c2:b9:9e:3f:
                    fb:05:77:ae:b8:df:a0:de:87:16:1d:a3:90:9a:4e:
                    ed:f0:72:2e:83:03:6e:ef:c4:12:b9:14:64:c8:bb:
                    f6:bb:a3:7b:f5:08:94:dd:9d:ad:94:16:09:a4:8d:
                    bb:af:d2:4f:c5:99:3d:d9:20:0a:7a:2d:5d:e0:57:
                    ee:62:8f:22:cc:e2:b3:49:45:63:75:81:e2:29:a8:
                    2b:d1:0e:3c:ae:7e:48:da:b3:65:d4:a2:4e:a4:e9:
                    04:90:18:aa:05:1b:23:ef:98:de:41:ba:41:4f:90:
                    48:f4:79:db:9a:11:1d:eb:10:7b:4c:13:2e:32:77:
                    39:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:EA:C0:94:47:FE:3D:88:10:20:48:2D:78:63:A4:0D:57:4A:38:56
            X509v3 Authority Key Identifier:
                keyid:E4:8D:A3:35:B0:72:53:6D:58:E6:B7:CD:F4:CD:B1:64:45:BC:BC:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5I2jNbByU21Y5rfN9M2xZEW8vDM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/795098-a2f0-4733-9709-e6eb919d7a02/1/1-erAlEf-PYgQIEgteGOkDVdKOFY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/795098-a2f0-4733-9709-e6eb919d7a02/1/5I2jNbByU21Y5rfN9M2xZEW8vDM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.20.192.0/21
                  185.58.88.0/22
                  195.225.64.0/24
                  195.225.66.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:6e:09:bd:22:88:07:8e:c1:0b:c0:35:59:e7:12:fa:d6:d4:
         02:b7:b3:72:10:a5:3c:38:98:d8:fc:69:e5:d8:2f:a6:e9:52:
         02:53:5a:43:9f:de:e0:02:75:4a:93:f8:d6:94:f6:6b:8d:6d:
         19:98:56:61:b1:5e:26:ca:71:c7:5e:51:17:99:6d:76:9b:1a:
         46:b4:f4:be:2c:38:bf:70:78:1d:7d:0d:76:df:83:3f:e3:55:
         93:17:88:45:23:d4:d0:cb:b8:76:d5:34:5a:d7:76:1c:23:16:
         c3:d2:8b:e1:5e:89:3f:e6:fd:c1:69:be:ba:24:4c:84:80:09:
         13:b1:cc:87:da:ca:d6:4a:5c:93:6e:56:af:38:f1:5b:b8:02:
         dd:72:c7:b4:01:3c:ca:76:42:8b:cf:75:3c:57:60:e0:5b:53:
         7d:c9:e4:af:b1:d1:70:d6:e2:ed:55:a8:60:d9:99:d0:c5:f5:
         b2:c9:f9:30:8f:3c:60:e4:19:a0:a7:02:02:ce:f0:25:88:78:
         b8:5f:b1:ba:7d:4d:55:89:b2:c9:2f:4f:2a:d3:31:1b:33:70:
         09:b8:40:4b:8a:03:4e:ac:94:5b:02:b1:4d:db:31:3f:92:5b:
         81:ec:1e:f4:1b:64:e9:d6:0f:63:f4:7f:69:b0:0c:de:0d:81:
         29:27:70:e2
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYtwjWMOp7mpWazn2Io+9A1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0OGRhMzM1YjA3MjUzNmQ1OGU2YjdjZGY0Y2RiMTY0NDVi
Y2JjMzMwHhcNMjMxMDI3MDk1MzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWVhYzA5NDQ3ZmUzZDg4MTAyMDQ4MmQ3ODYzYTQwZDU3NGEzODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcAv+umNMPu5G90h8UA0tON1lKki
FwcgHuCM8KLwx/9SrlFJeVr1SWZsYXH5+QE/vFgN4J8Zpj8NOAHiSHh8pphvB45P
rGFXIiT94fBNd3LMxxf6pTKuy2JPUvb1X7WI+cztlmJwORuK1rOHOmjm8WtC/IAU
n403Ke7qf66UPwOj/8K5nj/7BXeuuN+g3ocWHaOQmk7t8HIugwNu78QSuRRkyLv2
u6N79QiU3Z2tlBYJpI27r9JPxZk92SAKei1d4FfuYo8izOKzSUVjdYHiKagr0Q48
rn5I2rNl1KJOpOkEkBiqBRsj75jeQbpBT5BI9HnbmhEd6xB7TBMuMnc5mwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPnqwJRH/j2IECBILXhjpA1XSjhWMB8GA1UdIwQY
MBaAFOSNozWwclNtWOa3zfTNsWRFvLwzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUkyak5iQnlVMjFZNXJmTjlNMnhaRVc4dkRNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC83OTUwOTgtYTJmMC00NzMzLTk3MDkt
ZTZlYjkxOWQ3YTAyLzEvMS1lckFsRWYtUFlnUUlFZ3RlR09rRFZkS09GWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvNzk1MDk4LWEyZjAtNDczMy05NzA5LWU2ZWI5MTlkN2Ew
Mi8xLzVJMmpOYkJ5VTIxWTVyZk45TTJ4WkVXOHZETS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEA7IUwAME
Ark6WAMEAMPhQAMEAMPhQjANBgkqhkiG9w0BAQsFAAOCAQEAgG4JvSKIB47BC8A1
WecS+tbUArezchClPDiY2Pxp5dgvpulSAlNaQ5/e4AJ1SpP41pT2a41tGZhWYbFe
Jspxx15RF5ltdpsaRrT0viw4v3B4HX0Ndt+DP+NVkxeIRSPU0Mu4dtU0Wtd2HCMW
w9KL4V6JP+b9wWm+uiRMhIAJE7HMh9rK1kpck25WrzjxW7gC3XLHtAE8ynZCi891
PFdg4FtTfcnkr7HRcNbi7VWoYNmZ0MX1ssn5MI88YOQZoKcCAs7wJYh4uF+xun1N
VYmyyS9PKtMxGzNwCbhAS4oDTqyUWwKxTdsxP5Jbgewe9Btk6dYPY/R/abAM3g2B
KSdw4g==
-----END CERTIFICATE-----