Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pAdAAu_nuN4tuFHFZssftCN-vPY.roa
File:                     pAdAAu_nuN4tuFHFZssftCN-vPY.roa (raw, json)
Hash identifier:          w+4QvjbTr1NfkySNcoQWuMSwXinmGpTgsuegHr9wyx4=
Subject key identifier:   A4:07:40:02:EF:E7:B8:DE:2D:B8:51:C5:66:CB:1F:B4:23:7E:BC:F6
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       0193583072533AB70FFD27D581881FE1E907
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pAdAAu_nuN4tuFHFZssftCN-vPY.roa
Signing time:             Sat 23 Nov 2024 08:43:10 +0000
ROA not before:           Sat 23 Nov 2024 08:43:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        31.56.8.0/21 maxlen: 24
                          31.56.142.0/23 maxlen: 24
                          31.56.148.0/22 maxlen: 24
                          31.58.208.0/24 maxlen: 24
                          31.58.209.0/24 maxlen: 24
                          31.59.136.0/21 maxlen: 24
                          31.59.144.0/21 maxlen: 24
                          31.59.152.0/21 maxlen: 24
                          31.59.160.0/21 maxlen: 24
                          31.59.168.0/21 maxlen: 24
                          217.60.245.0/24 maxlen: 24
                          217.60.248.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 02 Dec 2024 20:59:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:30:72:53:3a:b7:0f:fd:27:d5:81:88:1f:e1:e9:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Nov 23 08:43:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a4074002efe7b8de2db851c566cb1fb4237ebcf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c4:46:6d:ce:74:14:6f:3b:84:6c:88:1d:13:
                    e4:23:d6:23:14:da:ff:f7:62:c4:fe:62:e4:95:a3:
                    4f:f9:ee:4c:2f:70:33:05:d7:cf:cf:99:6b:62:78:
                    45:d0:74:70:37:97:ac:9e:39:cc:95:0f:23:f4:01:
                    fe:68:6d:ef:cd:72:95:07:75:a0:34:14:69:03:50:
                    ae:ea:f9:15:d3:fd:c0:83:6c:e5:59:33:cb:b5:c0:
                    8c:c6:1b:53:b2:03:85:f4:d5:50:0a:a5:0a:7d:34:
                    59:83:ed:f3:e9:78:fd:4b:ba:82:52:b5:88:90:a4:
                    ba:93:a7:4c:ea:63:61:c8:d0:b1:88:29:df:7f:c9:
                    aa:0e:fe:c5:84:d7:c5:20:55:7f:50:ad:07:10:85:
                    45:f3:05:41:be:06:25:a5:a3:e6:4e:60:7c:1e:bd:
                    2c:1a:b5:5c:15:c5:cd:c8:8c:b5:cf:57:da:dc:81:
                    c0:93:18:5c:a2:e3:c3:4e:b2:e1:ae:c8:dd:69:00:
                    e7:a6:b1:96:c1:77:d2:96:15:dd:df:5e:89:e2:67:
                    d5:82:ee:15:0f:6c:09:80:f3:25:f2:28:d2:6a:0f:
                    b1:17:1f:76:38:59:8c:05:49:cf:52:61:b0:ed:01:
                    5a:c4:24:64:7f:16:3c:47:af:35:f3:a2:66:2d:9a:
                    47:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:07:40:02:EF:E7:B8:DE:2D:B8:51:C5:66:CB:1F:B4:23:7E:BC:F6
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pAdAAu_nuN4tuFHFZssftCN-vPY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.56.8.0/21
                  31.56.142.0/23
                  31.56.148.0/22
                  31.58.208.0/23
                  31.59.136.0-31.59.175.255
                  217.60.245.0/24
                  217.60.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:78:87:6d:67:e5:17:4a:ff:50:da:bd:9e:62:00:ea:9c:8e:
         fb:5a:9d:6a:c0:c1:ca:d2:c5:18:94:fd:85:ec:62:26:a1:33:
         93:f5:86:6e:2b:eb:df:0d:d5:8f:0b:97:ba:9b:1a:1a:20:52:
         f3:0b:cc:04:37:19:15:d7:98:93:08:12:b2:7b:9e:85:0a:68:
         61:38:d1:a3:79:ed:55:cd:a1:3a:5d:4e:22:34:cc:26:cc:42:
         4a:76:e5:45:9e:51:2d:9b:c0:97:8d:ad:ba:ae:15:ed:7e:58:
         7c:ac:49:56:fd:be:3d:a5:76:3b:bf:0e:87:f9:75:30:18:c6:
         7b:ab:24:38:42:37:16:7a:46:94:f4:64:36:f1:2d:cf:bf:01:
         05:e0:d5:9f:57:b2:6e:47:e6:ac:9c:79:4d:4b:1b:6f:35:f3:
         50:ce:95:ff:14:9b:39:8e:2a:9a:77:d2:72:e9:78:69:84:f0:
         94:c3:da:17:96:19:71:5a:83:7c:73:92:b9:2c:79:57:66:f6:
         87:61:78:72:41:ba:e4:37:68:ef:95:02:aa:37:38:86:39:6f:
         b5:e0:12:04:cd:d7:e8:ee:ad:ba:26:7e:c0:10:41:24:12:6e:
         83:89:84:8c:29:c7:6e:bf:1d:2a:45:93:71:a0:a8:71:76:95:
         94:91:c6:5e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZNYMHJTOrcP/SfVgYgf4ekHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTIzMDg0MzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDA3NDAwMmVmZTdiOGRlMmRiODUxYzU2NmNiMWZiNDIzN2ViY2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscRGbc50FG87hGyIHRPkI9YjFNr/
92LE/mLklaNP+e5ML3AzBdfPz5lrYnhF0HRwN5esnjnMlQ8j9AH+aG3vzXKVB3Wg
NBRpA1Cu6vkV0/3Ag2zlWTPLtcCMxhtTsgOF9NVQCqUKfTRZg+3z6Xj9S7qCUrWI
kKS6k6dM6mNhyNCxiCnff8mqDv7FhNfFIFV/UK0HEIVF8wVBvgYlpaPmTmB8Hr0s
GrVcFcXNyIy1z1fa3IHAkxhcouPDTrLhrsjdaQDnprGWwXfSlhXd316J4mfVgu4V
D2wJgPMl8ijSag+xFx92OFmMBUnPUmGw7QFaxCRkfxY8R68186JmLZpHIQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKQHQALv57jeLbhRxWbLH7Qjfrz2MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcEFkQUF1X251TjR0dUZIRlpzc2Z0Q04tdlBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQDHzgIAwQB
HziOAwQCHziUAwQBHzrQMAwDBAMfO4gDBAQfO6ADBADZPPUDBADZPPgwDQYJKoZI
hvcNAQELBQADggEBALN4h21n5RdK/1DavZ5iAOqcjvtanWrAwcrSxRiU/YXsYiah
M5P1hm4r698N1Y8Ll7qbGhogUvMLzAQ3GRXXmJMIErJ7noUKaGE40aN57VXNoTpd
TiI0zCbMQkp25UWeUS2bwJeNrbquFe1+WHysSVb9vj2ldju/Dof5dTAYxnurJDhC
NxZ6RpT0ZDbxLc+/AQXg1Z9Xsm5H5qyceU1LG28181DOlf8UmzmOKpp30nLpeGmE
8JTD2heWGXFag3xzkrkseVdm9odheHJBuuQ3aO+VAqo3OIY5b7XgEgTN1+jurbom
fsAQQSQSboOJhIwpx26/HSpFk3GgqHF2lZSRxl4=
-----END CERTIFICATE-----