Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HuQQZI1nnjfWYdSb_2ML6JZaGq8.roa
File:                     HuQQZI1nnjfWYdSb_2ML6JZaGq8.roa (raw, json)
Hash identifier:          GWEtmMHzHcSQg9lX2z+5A5v/EU5zWP2KyEhPjmNw92Q=
Subject key identifier:   1E:E4:10:64:8D:67:9E:37:D6:61:D4:9B:FF:63:0B:E8:96:5A:1A:AF
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       0192E15FDFF0BAB3A7905D060850B616F46F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HuQQZI1nnjfWYdSb_2ML6JZaGq8.roa
Signing time:             Thu 31 Oct 2024 07:00:09 +0000
ROA not before:           Thu 31 Oct 2024 07:00:09 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        31.56.86.0/24 maxlen: 24
                          31.57.162.0/23 maxlen: 23
                          31.57.164.0/23 maxlen: 23
                          31.57.180.0/24 maxlen: 24
                          31.58.41.0/24 maxlen: 24
                          31.58.42.0/24 maxlen: 24
                          31.58.48.0/24 maxlen: 24
                          31.58.50.0/23 maxlen: 24
                          31.58.56.0/23 maxlen: 24
                          31.58.64.0/23 maxlen: 24
                          31.58.136.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 03 Nov 2024 08:14:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:e1:5f:df:f0:ba:b3:a7:90:5d:06:08:50:b6:16:f4:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Oct 31 07:00:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=1ee410648d679e37d661d49bff630be8965a1aaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:99:89:b4:6d:3c:d4:5a:09:56:17:a1:41:61:
                    b6:1e:4f:82:46:e8:df:4c:47:8f:06:fd:52:0f:9f:
                    b7:12:d6:61:9f:c1:ac:5e:a8:ad:b5:87:01:fe:fb:
                    db:bb:cd:ee:31:8b:75:21:6f:2e:60:b3:b8:58:88:
                    69:64:d9:d7:d1:20:f9:3b:c5:bc:c6:3c:ae:88:aa:
                    ac:1c:f6:02:37:db:8f:f9:e7:0d:c7:6f:8d:dc:ef:
                    39:f8:25:51:54:56:55:f7:5e:17:bc:fc:f7:0f:01:
                    a7:8b:18:fa:c3:ff:f7:cf:14:24:8a:fd:40:a5:7c:
                    57:43:ec:fa:93:a4:d7:70:24:f5:e7:ff:96:38:d3:
                    d2:93:54:e1:5b:1a:90:bd:f6:83:9f:87:1f:8c:f1:
                    98:89:65:a5:a0:7b:7d:23:fd:a1:82:06:5f:52:a8:
                    ca:9f:81:e3:06:1a:a1:b4:60:a8:46:1b:1f:ee:f6:
                    86:45:3c:d9:2d:cc:ef:f9:6c:2f:27:a6:fd:8d:66:
                    8b:41:3b:93:b7:88:54:60:d2:34:5c:60:e1:c1:64:
                    bf:f3:29:c8:e3:97:6b:13:d1:6a:8f:f6:1a:fe:e7:
                    a3:f4:2a:e7:80:75:1a:ff:67:a7:57:9c:4e:38:a9:
                    7e:35:4b:4e:8c:88:47:88:95:bf:25:fe:9c:03:1e:
                    5a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:E4:10:64:8D:67:9E:37:D6:61:D4:9B:FF:63:0B:E8:96:5A:1A:AF
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HuQQZI1nnjfWYdSb_2ML6JZaGq8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.56.86.0/24
                  31.57.162.0-31.57.165.255
                  31.57.180.0/24
                  31.58.41.0-31.58.42.255
                  31.58.48.0/24
                  31.58.50.0/23
                  31.58.56.0/23
                  31.58.64.0/23
                  31.58.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:1c:a3:bf:d5:ff:19:fa:57:8a:72:55:b6:44:cd:fd:f1:db:
         66:7a:24:b0:35:3f:ee:4e:2e:3f:be:ab:36:17:52:15:03:e4:
         01:17:15:6d:17:a7:10:7c:7e:e1:91:f9:bb:ad:b3:4c:4b:c4:
         0d:80:ee:be:80:1c:85:42:4d:86:69:1e:84:b2:85:88:8f:41:
         13:2d:e0:10:8c:99:87:81:b3:a9:7a:47:f2:86:ce:61:e5:a4:
         8d:2a:72:d6:dc:f0:03:46:b5:1f:22:7c:3e:b0:21:4b:0f:df:
         f9:46:11:24:11:c1:5d:e5:fa:73:3f:d1:c6:de:7b:10:98:79:
         0e:53:59:22:17:a6:61:4b:c6:a2:ec:39:76:7e:b8:11:05:0f:
         23:8b:c8:d5:86:2c:58:5a:cd:c8:1e:89:f8:bf:4e:36:3e:40:
         19:c3:ef:44:51:ad:e7:f6:85:c1:73:a5:1f:f8:7d:24:42:37:
         1c:4e:60:a5:b6:fb:1b:fe:21:d1:a4:88:f8:ec:38:5c:11:74:
         bc:54:7e:76:db:cd:20:17:5b:eb:97:0f:32:ef:17:96:b9:16:
         d9:00:15:cb:d2:b1:ac:b9:45:ac:46:7d:f4:86:2e:60:7d:5b:
         35:ac:65:90:75:dd:a1:fa:f8:3a:0f:7b:56:fd:f6:48:88:de:
         1d:db:01:5b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZLhX9/wurOnkF0GCFC2FvRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDMxMDcwMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWU0MTA2NDhkNjc5ZTM3ZDY2MWQ0OWJmZjYzMGJlODk2NWExYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JmJtG081FoJVhehQWG2Hk+CRujf
TEePBv1SD5+3EtZhn8GsXqittYcB/vvbu83uMYt1IW8uYLO4WIhpZNnX0SD5O8W8
xjyuiKqsHPYCN9uP+ecNx2+N3O85+CVRVFZV914XvPz3DwGnixj6w//3zxQkiv1A
pXxXQ+z6k6TXcCT15/+WONPSk1ThWxqQvfaDn4cfjPGYiWWloHt9I/2hggZfUqjK
n4HjBhqhtGCoRhsf7vaGRTzZLczv+WwvJ6b9jWaLQTuTt4hUYNI0XGDhwWS/8ynI
45drE9Fqj/Ya/uej9CrngHUa/2enV5xOOKl+NUtOjIhHiJW/Jf6cAx5abwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFB7kEGSNZ5431mHUm/9jC+iWWhqvMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSHVRUVpJMW5uamZXWWRTYl8yTUw2SlphR3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAHzhWMAwD
BAEfOaIDBAEfOaQDBAAfObQwDAMEAB86KQMEAB86KgMEAB86MAMEAR86MgMEAR86
OAMEAR86QAMEAB86iDANBgkqhkiG9w0BAQsFAAOCAQEALByjv9X/GfpXinJVtkTN
/fHbZnoksDU/7k4uP76rNhdSFQPkARcVbRenEHx+4ZH5u62zTEvEDYDuvoAchUJN
hmkehLKFiI9BEy3gEIyZh4GzqXpH8obOYeWkjSpy1tzwA0a1HyJ8PrAhSw/f+UYR
JBHBXeX6cz/Rxt57EJh5DlNZIhemYUvGouw5dn64EQUPI4vI1YYsWFrNyB6J+L9O
Nj5AGcPvRFGt5/aFwXOlH/h9JEI3HE5gpbb7G/4h0aSI+Ow4XBF0vFR+dtvNIBdb
65cPMu8XlrkW2QAVy9KxrLlFrEZ99IYuYH1bNaxlkHXdofr4Og97Vv32SIjeHdsB
Ww==
-----END CERTIFICATE-----