Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/avun5DyhoRZirmC-IccKge8Gvx4.roa
File:                     avun5DyhoRZirmC-IccKge8Gvx4.roa (raw, json)
Hash identifier:          Mqltj+RIeWyfkp6uaNWuvWYfBH4Gp63+si1Wp4RGcWw=
Subject key identifier:   6A:FB:A7:E4:3C:A1:A1:16:62:AE:60:BE:21:C7:0A:81:EF:06:BF:1E
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       0192713CA43076E07C490286423A450C3CB8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/avun5DyhoRZirmC-IccKge8Gvx4.roa
Signing time:             Wed 09 Oct 2024 12:24:12 +0000
ROA not before:           Wed 09 Oct 2024 12:24:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     4766
IP address blocks:        31.56.172.0/24 maxlen: 24
                          31.56.173.0/24 maxlen: 24
                          31.56.242.0/24 maxlen: 24
                          31.56.243.0/24 maxlen: 24
                          31.56.244.0/24 maxlen: 24
                          31.56.245.0/24 maxlen: 24
                          31.57.208.0/20 maxlen: 24
                          217.60.0.0/18 maxlen: 24
                          217.60.1.0/24 maxlen: 24
                          217.60.3.0/24 maxlen: 24
                          217.60.5.0/24 maxlen: 24
                          217.60.7.0/24 maxlen: 24
                          217.60.9.0/24 maxlen: 24
                          217.60.11.0/24 maxlen: 24
                          217.60.13.0/24 maxlen: 24
                          217.60.15.0/24 maxlen: 24
                          217.60.24.0/24 maxlen: 24
                          217.60.25.0/24 maxlen: 24
                          217.60.26.0/24 maxlen: 24
                          217.60.27.0/24 maxlen: 24
                          217.60.28.0/24 maxlen: 24
                          217.60.29.0/24 maxlen: 24
                          217.60.30.0/24 maxlen: 24
                          217.60.31.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 18 Dec 2024 07:06:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:71:3c:a4:30:76:e0:7c:49:02:86:42:3a:45:0c:3c:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Oct  9 12:24:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6afba7e43ca1a11662ae60be21c70a81ef06bf1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:50:d7:64:31:84:1d:99:bc:1d:dd:cb:f6:b1:
                    10:cd:81:d2:23:bb:99:7c:bb:0b:11:d3:86:8b:3b:
                    3b:2c:f6:ba:14:99:34:13:3d:7b:30:c6:b4:4d:50:
                    46:74:23:b4:08:9e:78:d7:87:22:18:2b:bb:96:c1:
                    a8:80:a8:02:cd:2a:3c:7f:3b:ee:88:05:f4:a9:b6:
                    a0:76:f6:4d:9d:66:22:ce:5f:70:31:6a:f6:eb:02:
                    f7:ad:2e:af:10:dd:fe:b7:08:22:29:1c:e0:02:84:
                    42:0d:70:31:e7:7c:73:54:5c:c5:e3:8e:f5:0a:f9:
                    b9:ce:79:31:c2:f8:b5:50:a8:fb:6b:d6:50:a8:af:
                    cd:b3:72:46:95:48:bb:85:77:52:55:8d:33:f7:f8:
                    83:e8:75:cb:9f:62:52:77:c8:e4:a8:bb:06:b6:7d:
                    03:01:ef:fd:f1:e3:65:f2:3e:22:02:5e:ed:95:3b:
                    9c:ae:ce:9a:16:5d:d3:46:ec:73:57:86:6d:5e:b6:
                    a3:58:c9:30:07:3c:48:7f:22:d3:5d:5d:fe:14:45:
                    9a:28:37:ac:2c:da:4e:4c:07:b3:88:65:f8:94:28:
                    44:59:b9:33:97:dc:a7:14:8e:37:b5:11:40:9e:c2:
                    a2:16:d6:4e:45:1f:8f:d4:e4:86:67:33:97:4b:b5:
                    fb:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:FB:A7:E4:3C:A1:A1:16:62:AE:60:BE:21:C7:0A:81:EF:06:BF:1E
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/avun5DyhoRZirmC-IccKge8Gvx4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.56.172.0/23
                  31.56.242.0-31.56.245.255
                  31.57.208.0/20
                  217.60.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         76:67:24:1e:59:64:93:73:e3:7e:b4:58:f7:6a:df:e1:66:8d:
         e1:fb:c8:8b:4c:01:10:c1:aa:4f:0d:2c:45:a5:66:dd:73:c4:
         36:7f:e6:3d:5d:1b:09:b5:dd:69:f0:bb:39:cd:47:d1:f2:86:
         4f:4a:cf:68:4b:70:69:be:18:d5:8d:3a:9a:36:2d:74:20:0c:
         1b:92:2b:21:1a:7a:b0:f2:91:0c:7c:2c:6b:43:2a:95:6c:0f:
         09:23:3b:3f:ed:f4:0d:19:f1:9e:01:8c:70:e9:fb:fa:91:74:
         40:60:45:61:c1:51:aa:da:69:a3:39:29:1a:6c:f4:02:b4:22:
         a0:1d:73:1e:01:d7:4d:7b:c1:61:ac:63:01:de:76:d5:3b:17:
         d7:df:2e:b9:e8:ef:1c:5e:e0:c7:b0:8f:99:23:5c:63:03:8b:
         13:bb:bf:19:ad:98:fa:ac:9a:aa:e9:63:15:a5:d9:39:b3:0c:
         9d:71:8e:1d:14:eb:a5:dd:2f:9c:08:08:f2:1e:c2:3b:f9:0b:
         a9:b0:9b:cf:31:cc:ab:74:68:de:da:0e:c4:d6:df:6b:da:06:
         51:37:48:60:35:80:20:2f:d8:77:96:f8:d3:03:8b:8e:55:b8:
         8f:de:78:a7:f5:81:30:db:57:58:c8:92:8f:78:cb:65:d5:69:
         c1:b7:9b:d6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZJxPKQwduB8SQKGQjpFDDy4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDA5MTIyNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWZiYTdlNDNjYTFhMTE2NjJhZTYwYmUyMWM3MGE4MWVmMDZiZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVDXZDGEHZm8Hd3L9rEQzYHSI7uZ
fLsLEdOGizs7LPa6FJk0Ez17MMa0TVBGdCO0CJ5414ciGCu7lsGogKgCzSo8fzvu
iAX0qbagdvZNnWYizl9wMWr26wL3rS6vEN3+twgiKRzgAoRCDXAx53xzVFzF4471
Cvm5znkxwvi1UKj7a9ZQqK/Ns3JGlUi7hXdSVY0z9/iD6HXLn2JSd8jkqLsGtn0D
Ae/98eNl8j4iAl7tlTucrs6aFl3TRuxzV4ZtXrajWMkwBzxIfyLTXV3+FEWaKDes
LNpOTAeziGX4lChEWbkzl9ynFI43tRFAnsKiFtZORR+P1OSGZzOXS7X7sQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGr7p+Q8oaEWYq5gviHHCoHvBr8eMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYXZ1bjVEeWhvUlppcm1DLUljY0tnZThHdng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBHzisMAwD
BAEfOPIDBAEfOPQDBAQfOdADBAbZPAAwDQYJKoZIhvcNAQELBQADggEBAHZnJB5Z
ZJNz4360WPdq3+FmjeH7yItMARDBqk8NLEWlZt1zxDZ/5j1dGwm13WnwuznNR9Hy
hk9Kz2hLcGm+GNWNOpo2LXQgDBuSKyEaerDykQx8LGtDKpVsDwkjOz/t9A0Z8Z4B
jHDp+/qRdEBgRWHBUaraaaM5KRps9AK0IqAdcx4B1017wWGsYwHedtU7F9ffLrno
7xxe4Mewj5kjXGMDixO7vxmtmPqsmqrpYxWl2TmzDJ1xjh0U66XdL5wICPIewjv5
C6mwm88xzKt0aN7aDsTW32vaBlE3SGA1gCAv2HeW+NMDi45VuI/eeKf1gTDbV1jI
ko94y2XVacG3m9Y=
-----END CERTIFICATE-----