Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wk1fblhs5zJCabWYSeumCjNfSGU.roa
File:                     wk1fblhs5zJCabWYSeumCjNfSGU.roa (raw, json)
Hash identifier:          DEj/c/nFCBpNMJRA2kKaqiV4uU/UOhK3oZZSQEhkucM=
Subject key identifier:   C2:4D:5F:6E:58:6C:E7:32:42:69:B5:98:49:EB:A6:0A:33:5F:48:65
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       019403886AEA7382344D46C34CD1815C3FB5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wk1fblhs5zJCabWYSeumCjNfSGU.roa
Signing time:             Thu 26 Dec 2024 15:14:19 +0000
ROA not before:           Thu 26 Dec 2024 15:14:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        31.56.8.0/21 maxlen: 24
                          31.56.142.0/23 maxlen: 24
                          31.56.148.0/22 maxlen: 24
                          31.57.184.0/22 maxlen: 24
                          31.59.68.0/24 maxlen: 24
                          31.59.136.0/21 maxlen: 24
                          31.59.144.0/21 maxlen: 24
                          31.59.152.0/21 maxlen: 24
                          31.59.160.0/21 maxlen: 24
                          31.59.168.0/21 maxlen: 24
                          217.60.236.0/24 maxlen: 24
                          217.60.248.0/24 maxlen: 24
                          217.60.253.0/24 maxlen: 24
                          217.60.254.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Thu 02 Jan 2025 17:49:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:03:88:6a:ea:73:82:34:4d:46:c3:4c:d1:81:5c:3f:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Dec 26 15:14:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c24d5f6e586ce7324269b59849eba60a335f4865
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:2b:cd:e1:07:3d:b3:b1:a6:67:5b:25:1e:09:
                    78:d5:a9:bb:9b:b4:00:52:d7:a8:63:30:bd:46:c3:
                    1c:a2:68:40:68:e3:f7:d6:1f:78:5d:46:c6:39:5a:
                    b0:cb:61:09:6d:6e:de:e4:2f:10:19:2f:1d:fd:98:
                    14:60:6a:d2:12:a9:94:7a:8c:ad:7f:0d:0c:03:56:
                    15:69:0c:5b:df:a1:de:50:51:df:2c:ca:32:d1:7a:
                    93:70:57:fa:dd:29:ef:c4:c8:2e:d4:50:b9:50:e9:
                    c6:97:32:26:05:15:d8:71:3a:26:b0:34:3c:2c:f9:
                    8a:7b:ea:de:3d:4c:dc:e6:c2:ef:ac:a6:2a:27:5e:
                    e9:bd:b7:72:29:da:b2:a6:a7:6c:bb:f3:9f:4f:b4:
                    d0:a8:db:39:59:f4:4e:9e:23:28:67:ff:36:38:9b:
                    f7:a8:a8:32:24:ba:fb:03:ed:37:2c:55:f4:b4:c8:
                    5b:30:f6:2b:b3:39:32:04:cf:0c:c8:17:f9:84:13:
                    4b:48:90:b3:54:48:ce:7a:36:5c:75:84:fb:71:0e:
                    64:8e:1c:0b:8b:ed:37:2a:ca:a4:ec:91:25:4f:2a:
                    2a:96:4a:0b:60:59:ea:c0:02:a6:7f:2f:81:fc:ab:
                    ae:44:ae:e8:ed:ff:83:5d:98:76:4d:84:64:b3:78:
                    a3:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:4D:5F:6E:58:6C:E7:32:42:69:B5:98:49:EB:A6:0A:33:5F:48:65
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wk1fblhs5zJCabWYSeumCjNfSGU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.56.8.0/21
                  31.56.142.0/23
                  31.56.148.0/22
                  31.57.184.0/22
                  31.59.68.0/24
                  31.59.136.0-31.59.175.255
                  217.60.236.0/24
                  217.60.248.0/24
                  217.60.253.0-217.60.254.255

    Signature Algorithm: sha256WithRSAEncryption
         2b:5f:04:ac:36:52:1f:2e:3a:f3:fe:70:9c:03:d0:91:0f:4a:
         a6:3a:af:27:db:da:55:22:37:37:b7:4e:e0:7a:f4:e9:0f:7b:
         1d:ba:ce:b3:7a:57:67:c4:2d:75:05:cc:60:7e:32:77:ce:03:
         2a:93:e2:06:31:61:83:2e:4e:5c:91:ee:b4:2f:6e:e3:66:40:
         6e:03:b0:6b:f3:67:93:7b:1c:09:46:bc:17:1d:58:e1:0d:f4:
         10:0d:a0:1c:30:f3:ae:c3:a2:77:2b:46:78:c8:86:f2:d3:a2:
         1e:d7:32:05:fd:7b:5c:f9:60:1a:0f:e6:0c:4b:c1:4e:09:ee:
         be:a3:65:d7:67:3f:71:a5:65:4c:6d:13:0c:5f:65:12:8f:5d:
         ac:21:55:c0:46:85:5c:cd:a2:ad:2e:ec:18:54:e7:07:30:ed:
         d6:ee:38:de:44:f7:2c:e0:1f:78:07:48:60:20:fd:a6:e2:a7:
         bb:53:b4:0d:82:1e:a9:2a:ff:6a:3a:9c:97:26:be:31:f4:52:
         6a:20:e5:4d:50:ec:d7:13:93:05:03:08:ba:b2:71:d6:ca:8e:
         ed:01:31:91:92:1e:1b:a7:14:f6:56:38:b5:5d:5e:d3:81:dd:
         72:04:39:fa:81:91:69:22:22:d8:2e:c1:a0:ec:14:52:90:59:
         86:b7:bf:9c
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQDiGrqc4I0TUbDTNGBXD+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjI2MTUxNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjRkNWY2ZTU4NmNlNzMyNDI2OWI1OTg0OWViYTYwYTMzNWY0ODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyivN4Qc9s7GmZ1slHgl41am7m7QA
UteoYzC9RsMcomhAaOP31h94XUbGOVqwy2EJbW7e5C8QGS8d/ZgUYGrSEqmUeoyt
fw0MA1YVaQxb36HeUFHfLMoy0XqTcFf63SnvxMgu1FC5UOnGlzImBRXYcTomsDQ8
LPmKe+rePUzc5sLvrKYqJ17pvbdyKdqypqdsu/OfT7TQqNs5WfROniMoZ/82OJv3
qKgyJLr7A+03LFX0tMhbMPYrszkyBM8MyBf5hBNLSJCzVEjOejZcdYT7cQ5kjhwL
i+03Ksqk7JElTyoqlkoLYFnqwAKmfy+B/KuuRK7o7f+DXZh2TYRks3ijhQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFMJNX25YbOcyQmm1mEnrpgozX0hlMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvd2sxZmJsaHM1ekpDYWJXWVNldW1Dak5mU0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQDHzgIAwQB
HziOAwQCHziUAwQCHzm4AwQAHztEMAwDBAMfO4gDBAQfO6ADBADZPOwDBADZPPgw
DAMEANk8/QMEANk8/jANBgkqhkiG9w0BAQsFAAOCAQEAK18ErDZSHy468/5wnAPQ
kQ9KpjqvJ9vaVSI3N7dO4Hr06Q97HbrOs3pXZ8QtdQXMYH4yd84DKpPiBjFhgy5O
XJHutC9u42ZAbgOwa/Nnk3scCUa8Fx1Y4Q30EA2gHDDzrsOidytGeMiG8tOiHtcy
Bf17XPlgGg/mDEvBTgnuvqNl12c/caVlTG0TDF9lEo9drCFVwEaFXM2irS7sGFTn
BzDt1u443kT3LOAfeAdIYCD9puKnu1O0DYIeqSr/ajqclya+MfRSaiDlTVDs1xOT
BQMIurJx1sqO7QExkZIeG6cU9lY4tV1e04HdcgQ5+oGRaSIi2C7BoOwUUpBZhre/
nA==
-----END CERTIFICATE-----