Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/IFgLIdjEfgVI9-jYDSZX7zJSi7w.roa
File:                     IFgLIdjEfgVI9-jYDSZX7zJSi7w.roa (raw, json)
Hash identifier:          moBIZt+4dbBCIvlXr22CV2frms/YZMwRug8Oz/P4cI8=
Subject key identifier:   20:58:0B:21:D8:C4:7E:05:48:F7:E8:D8:0D:26:57:EF:32:52:8B:BC
Certificate issuer:       /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial:       01913A9BF3437EE5427E86DB1A6236B711F9
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/IFgLIdjEfgVI9-jYDSZX7zJSi7w.roa
Signing time:             Sat 10 Aug 2024 04:46:24 +0000
ROA not before:           Sat 10 Aug 2024 04:46:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6424
IP address blocks:        103.243.124.0/22 maxlen: 22
                          146.19.95.0/24 maxlen: 24
                          146.19.249.0/24 maxlen: 24
                          185.112.251.0/24 maxlen: 24
                          188.93.192.0/21 maxlen: 24
                          188.93.196.0/24 maxlen: 24
                          193.109.184.0/21 maxlen: 24
                          2001:b18::/32 maxlen: 48
                          2001:b18:1031::/48 maxlen: 48
                          2a0d:82c0::/29 maxlen: 48
Validation:               Failed, certificate revoked on Sat 10 Aug 2024 04:48:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:3a:9b:f3:43:7e:e5:42:7e:86:db:1a:62:36:b7:11:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
        Validity
            Not Before: Aug 10 04:46:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=20580b21d8c47e0548f7e8d80d2657ef32528bbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a0:d4:9d:50:5b:92:b7:a3:bc:d0:cb:ed:2e:
                    5b:a9:df:de:15:11:74:dd:47:df:49:d3:3a:f5:61:
                    5d:65:70:58:1e:78:c3:28:09:a3:4d:89:9d:b7:b2:
                    4b:50:51:02:45:5f:8e:ef:2c:5e:88:bb:e4:82:25:
                    dd:59:5f:54:ef:5f:93:38:c7:a1:79:56:ba:62:f2:
                    80:cd:f2:37:72:fa:98:91:c7:bb:63:74:a0:1d:68:
                    6a:b0:54:be:2d:b3:90:d7:42:47:3f:d4:71:9e:30:
                    af:fd:5a:42:69:52:bc:9c:2d:b0:f9:3b:b1:f9:63:
                    60:44:ce:b9:b9:03:a7:da:cb:76:f2:d0:67:00:b8:
                    f0:4d:d0:02:ef:bc:50:91:5d:8d:d7:25:88:d0:c5:
                    09:f4:35:da:da:27:d2:8b:66:3f:22:a6:94:fc:9a:
                    1d:0f:95:83:1a:27:86:12:84:4e:8e:13:81:c1:cf:
                    b2:ec:cc:04:40:24:62:3c:e4:d6:a8:63:9a:40:6c:
                    6c:b4:63:79:41:46:ab:ca:e9:6c:f9:f3:43:28:90:
                    1e:72:67:04:22:8f:5b:ef:4b:33:d2:d9:ae:ac:e3:
                    c5:4c:25:0d:9c:e7:cb:b4:2e:e7:f4:df:09:45:5a:
                    21:be:8f:47:68:13:65:ae:56:17:49:ce:83:5f:42:
                    30:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:58:0B:21:D8:C4:7E:05:48:F7:E8:D8:0D:26:57:EF:32:52:8B:BC
            X509v3 Authority Key Identifier:
                keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/IFgLIdjEfgVI9-jYDSZX7zJSi7w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.243.124.0/22
                  146.19.95.0/24
                  146.19.249.0/24
                  185.112.251.0/24
                  188.93.192.0/21
                  193.109.184.0/21
                IPv6:
                  2001:b18::/32
                  2a0d:82c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         68:50:dd:a1:d9:90:bd:3e:4f:4d:33:a7:ab:7f:c1:0c:ef:8c:
         fd:06:9e:d2:4a:46:04:e4:53:1b:3b:98:59:31:42:38:e8:36:
         c9:01:71:43:bf:7c:d6:77:f9:ab:ee:f5:bd:55:75:23:3b:20:
         06:37:2e:56:b3:19:08:34:58:94:f9:17:40:43:b0:ca:04:c9:
         9e:8f:59:11:4d:9c:5e:ea:a0:ad:cb:b6:da:29:19:96:f5:a4:
         ed:4f:bd:c9:fc:56:35:2e:1e:38:ba:10:01:e6:a7:31:68:4f:
         2d:95:8b:fa:a8:a4:09:1f:f9:02:f8:a4:9d:70:c9:8c:bc:48:
         10:1d:15:4a:f7:27:5c:f0:8a:68:f7:f9:05:44:c8:4e:97:e8:
         9c:79:81:4d:96:ad:b0:fc:75:3f:e4:48:51:d5:48:85:2d:8e:
         ef:54:f8:d8:f3:57:4e:7f:e8:b6:df:ce:40:61:39:aa:db:dd:
         0f:03:5a:6b:ca:26:14:cc:b3:fc:78:31:50:14:f4:3b:c6:2a:
         e6:0b:67:c3:11:93:c6:95:12:c2:46:08:9b:d9:bf:cf:5d:8b:
         a4:fe:10:b7:fc:b1:af:66:ba:3a:7b:9d:a1:3a:49:8e:48:0d:
         b1:6c:72:da:75:dd:37:ee:9c:f4:c2:60:b4:35:75:3c:a3:07:
         98:38:79:13
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZE6m/NDfuVCfobbGmI2txH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjQwODEwMDQ0NjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDU4MGIyMWQ4YzQ3ZTA1NDhmN2U4ZDgwZDI2NTdlZjMyNTI4YmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqDUnVBbkrejvNDL7S5bqd/eFRF0
3UffSdM69WFdZXBYHnjDKAmjTYmdt7JLUFECRV+O7yxeiLvkgiXdWV9U71+TOMeh
eVa6YvKAzfI3cvqYkce7Y3SgHWhqsFS+LbOQ10JHP9RxnjCv/VpCaVK8nC2w+Tux
+WNgRM65uQOn2st28tBnALjwTdAC77xQkV2N1yWI0MUJ9DXa2ifSi2Y/IqaU/Jod
D5WDGieGEoROjhOBwc+y7MwEQCRiPOTWqGOaQGxstGN5QUaryuls+fNDKJAecmcE
Io9b70sz0tmurOPFTCUNnOfLtC7n9N8JRVohvo9HaBNlrlYXSc6DX0IwGQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFCBYCyHYxH4FSPfo2A0mV+8yUou8MB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvSUZnTElkakVmZ1ZJOS1qWURTWlg3ekpTaTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCZ/N8AwQA
khNfAwQAkhP5AwQAuXD7AwQDvF3AAwQDwW24MBQEAgACMA4DBQAgAQsYAwUDKg2C
wDANBgkqhkiG9w0BAQsFAAOCAQEAaFDdodmQvT5PTTOnq3/BDO+M/Qae0kpGBORT
GzuYWTFCOOg2yQFxQ7981nf5q+71vVV1IzsgBjcuVrMZCDRYlPkXQEOwygTJno9Z
EU2cXuqgrcu22ikZlvWk7U+9yfxWNS4eOLoQAeanMWhPLZWL+qikCR/5AviknXDJ
jLxIEB0VSvcnXPCKaPf5BUTITpfonHmBTZatsPx1P+RIUdVIhS2O71T42PNXTn/o
tt/OQGE5qtvdDwNaa8omFMyz/HgxUBT0O8Yq5gtnwxGTxpUSwkYIm9m/z12LpP4Q
t/yxr2a6OnudoTpJjkgNsWxy2nXdN+6c9MJgtDV1PKMHmDh5Ew==
-----END CERTIFICATE-----