Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bfZI-JTDaM_Ppd8FPpo4US_TcdQ.roa
File:                     bfZI-JTDaM_Ppd8FPpo4US_TcdQ.roa (raw, json)
Hash identifier:          5tHIpHc2e6SQRXSrR0005SK7rgc/5tt51l2g0KdjB+U=
Subject key identifier:   6D:F6:48:F8:94:C3:68:CF:CF:A5:DF:05:3E:9A:38:51:2F:D3:71:D4
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       0190EF6C8453ACAD61B008A6E5C591733B4E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bfZI-JTDaM_Ppd8FPpo4US_TcdQ.roa
Signing time:             Fri 26 Jul 2024 14:23:04 +0000
ROA not before:           Fri 26 Jul 2024 14:23:04 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        31.56.8.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 05 Aug 2024 17:38:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:ef:6c:84:53:ac:ad:61:b0:08:a6:e5:c5:91:73:3b:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Jul 26 14:23:04 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6df648f894c368cfcfa5df053e9a38512fd371d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:6b:40:dd:81:71:67:fd:2f:b5:de:65:55:0a:
                    62:d9:4c:28:8c:4e:c5:d0:31:b6:57:ec:75:1e:65:
                    d4:33:04:8f:45:77:82:2c:4a:68:94:ef:c5:8b:ae:
                    21:db:ac:43:46:4b:d1:3e:77:d2:b5:e9:ab:63:9b:
                    57:f2:58:ba:26:fb:89:09:21:cf:7c:66:7c:b1:58:
                    38:50:de:09:ec:66:ef:4b:19:ae:d4:c1:11:b9:41:
                    c5:80:19:9a:ad:ff:f8:e9:a2:8b:c4:a9:e6:63:d8:
                    37:bf:1b:52:7f:1f:6e:71:23:17:e2:aa:aa:67:92:
                    06:c7:22:e2:1e:4e:c3:89:b8:ff:9b:91:8d:e6:03:
                    9f:4e:55:f9:e0:18:c7:c3:30:b6:eb:cd:da:54:46:
                    da:3a:fc:bf:dd:d5:e0:0b:78:98:c9:a0:e3:8a:cd:
                    68:af:e5:21:b3:68:64:5b:81:86:a7:91:ca:80:2a:
                    d8:47:94:4f:db:60:c5:2c:b0:77:45:2e:5e:a6:8f:
                    f1:c8:65:55:45:8c:dd:50:c7:7d:b1:bf:eb:27:e0:
                    d6:3b:2f:34:13:de:88:04:84:43:e6:6c:f3:aa:43:
                    16:c5:d9:84:0c:05:21:6d:d1:36:fd:2e:73:de:c0:
                    59:c5:35:5a:c1:29:b4:00:eb:f1:67:b0:7a:5e:9d:
                    1c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:F6:48:F8:94:C3:68:CF:CF:A5:DF:05:3E:9A:38:51:2F:D3:71:D4
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bfZI-JTDaM_Ppd8FPpo4US_TcdQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.56.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         8c:ed:79:46:36:e7:76:d6:e7:3e:f1:72:49:7c:44:b5:0f:f8:
         c1:77:8c:32:c2:5b:5b:50:33:83:54:ca:66:70:ae:ae:e1:0c:
         bf:50:85:c6:47:df:b7:b3:64:1a:89:a5:06:30:b8:d4:5b:ab:
         d8:4c:7e:54:23:dc:d0:39:bd:dd:6b:6e:f7:96:66:7d:1f:b2:
         cd:72:dd:5a:d5:a8:6b:a8:0d:00:36:9e:fd:39:83:07:1f:1e:
         0f:8e:1a:1c:6c:5f:97:9e:c3:a1:87:b0:bd:04:f2:3f:3c:22:
         e5:2e:80:bc:f4:7e:a1:8d:35:00:14:28:3b:75:47:c7:be:e0:
         58:0b:d7:c0:f5:42:e0:28:72:84:d5:22:b8:ad:74:bb:07:8e:
         00:c2:8c:99:0e:6e:2d:e7:6f:93:6b:52:2e:d5:1c:33:f9:90:
         3e:6b:2a:d2:6d:df:95:04:55:2e:b3:38:5c:e6:c7:02:0a:6d:
         f0:0c:2d:44:17:0b:2c:65:d9:a7:b3:fc:b0:06:33:62:f0:99:
         30:95:e8:88:3c:85:2a:5d:2b:aa:a2:e3:65:4f:fd:c2:1a:e8:
         cd:e4:26:58:86:18:c7:71:ba:af:1d:9d:bf:b7:5b:e3:f7:e1:
         4b:39:b9:4d:f6:0d:c1:fc:8f:ac:04:3a:d1:c7:b4:0f:3a:be:
         c6:63:72:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDvbIRTrK1hsAim5cWRcztOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwNzI2MTQyMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGY2NDhmODk0YzM2OGNmY2ZhNWRmMDUzZTlhMzg1MTJmZDM3MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGtA3YFxZ/0vtd5lVQpi2UwojE7F
0DG2V+x1HmXUMwSPRXeCLEpolO/Fi64h26xDRkvRPnfStemrY5tX8li6JvuJCSHP
fGZ8sVg4UN4J7GbvSxmu1MERuUHFgBmarf/46aKLxKnmY9g3vxtSfx9ucSMX4qqq
Z5IGxyLiHk7Dibj/m5GN5gOfTlX54BjHwzC2683aVEbaOvy/3dXgC3iYyaDjis1o
r+Uhs2hkW4GGp5HKgCrYR5RP22DFLLB3RS5epo/xyGVVRYzdUMd9sb/rJ+DWOy80
E96IBIRD5mzzqkMWxdmEDAUhbdE2/S5z3sBZxTVawSm0AOvxZ7B6Xp0cXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG32SPiUw2jPz6XfBT6aOFEv03HUMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYmZaSS1KVERhTV9QcGQ4RlBwbzRVU19UY2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDHzgIMA0G
CSqGSIb3DQEBCwUAA4IBAQCM7XlGNud21uc+8XJJfES1D/jBd4wywltbUDODVMpm
cK6u4Qy/UIXGR9+3s2QaiaUGMLjUW6vYTH5UI9zQOb3da273lmZ9H7LNct1a1ahr
qA0ANp79OYMHHx4PjhocbF+XnsOhh7C9BPI/PCLlLoC89H6hjTUAFCg7dUfHvuBY
C9fA9ULgKHKE1SK4rXS7B44AwoyZDm4t52+Ta1Iu1Rwz+ZA+ayrSbd+VBFUuszhc
5scCCm3wDC1EFwssZdmns/ywBjNi8JkwleiIPIUqXSuqouNlT/3CGujN5CZYhhjH
cbqvHZ2/t1vj9+FLOblN9g3B/I+sBDrRx7QPOr7GY3Lb
-----END CERTIFICATE-----
Generated at Mon Aug 5 20:09:37 2024 by rpki-client on console-fra.rpki-client.org