Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Fs8WsmsqQSoS6IbymSv-QNpPCDk.roa
File:                     Fs8WsmsqQSoS6IbymSv-QNpPCDk.roa (raw, json)
Hash identifier:          JOMX5RF+jBl0FrJNGOJKA0VY/nrt55SoDAlsXS4dh5s=
Subject key identifier:   16:CF:16:B2:6B:2A:41:2A:12:E8:86:F2:99:2B:FE:40:DA:4F:08:39
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       0195EB42AE82B308AEBE401A4AFD5D05B969
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Fs8WsmsqQSoS6IbymSv-QNpPCDk.roa
Signing time:             Mon 31 Mar 2025 08:12:50 +0000
ROA not before:           Mon 31 Mar 2025 08:12:50 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     215304
IP address blocks:        31.56.69.0/24 maxlen: 24
                          31.56.72.0/24 maxlen: 24
                          31.56.84.0/24 maxlen: 24
                          31.56.202.0/24 maxlen: 24
                          31.57.104.0/24 maxlen: 24
                          31.57.181.0/24 maxlen: 24
                          31.57.188.0/24 maxlen: 24
                          31.57.221.0/24 maxlen: 24
                          31.57.252.0/24 maxlen: 24
                          31.57.253.0/24 maxlen: 24
                          31.58.56.0/23 maxlen: 24
                          31.58.64.0/23 maxlen: 24
                          31.58.88.0/24 maxlen: 24
                          31.58.89.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 31 Mar 2025 14:37:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:eb:42:ae:82:b3:08:ae:be:40:1a:4a:fd:5d:05:b9:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Mar 31 08:12:50 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=16cf16b26b2a412a12e886f2992bfe40da4f0839
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b0:a4:9e:f0:0b:8c:cd:c8:30:c2:75:76:28:
                    a0:4a:ad:e0:e5:29:d1:c6:94:ea:d9:f2:c2:8f:f0:
                    e8:db:65:4b:29:d5:de:ea:b3:30:ba:72:45:51:c8:
                    a9:b0:9a:56:4f:1d:38:05:5b:6f:6a:db:38:6f:c4:
                    29:39:61:c4:6d:3b:a3:9f:cb:2f:a2:c1:6e:c4:aa:
                    de:e1:00:f5:2e:3d:f8:f4:89:1c:da:1d:81:21:24:
                    f3:57:7b:93:51:3f:9b:15:45:55:ae:4d:be:c4:c1:
                    ef:44:be:3e:1e:ab:96:a7:18:34:5a:25:6c:0e:30:
                    13:e4:d7:d3:76:6b:46:1b:c2:60:79:8c:99:cc:bd:
                    34:32:24:d7:26:fe:99:14:42:4b:50:aa:7a:fc:4f:
                    e2:5e:7b:98:9e:05:ec:be:06:70:df:e2:13:ff:5f:
                    1a:be:c1:84:b3:98:93:22:a8:e5:de:22:76:a0:0a:
                    4c:49:64:59:3f:8c:6b:ad:35:49:2e:6c:3a:4a:20:
                    5d:ea:c8:a4:d5:b7:76:df:fd:eb:32:80:cc:c7:de:
                    34:a9:e9:08:3d:2f:e8:91:fe:4b:a9:57:da:a5:57:
                    c4:47:11:d5:e5:e9:87:b7:5d:f4:81:fa:99:ca:ba:
                    aa:3b:8f:75:85:e9:3f:ec:d0:d9:93:14:7c:4d:72:
                    f1:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:CF:16:B2:6B:2A:41:2A:12:E8:86:F2:99:2B:FE:40:DA:4F:08:39
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Fs8WsmsqQSoS6IbymSv-QNpPCDk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.56.69.0/24
                  31.56.72.0/24
                  31.56.84.0/24
                  31.56.202.0/24
                  31.57.104.0/24
                  31.57.181.0/24
                  31.57.188.0/24
                  31.57.221.0/24
                  31.57.252.0/23
                  31.58.56.0/23
                  31.58.64.0/23
                  31.58.88.0/23

    Signature Algorithm: sha256WithRSAEncryption
         24:d4:de:c6:f0:e0:32:83:36:3c:fe:e9:a4:f3:3a:ff:ec:0d:
         1a:48:c6:61:e4:c2:b9:d2:d0:af:92:c1:7c:05:d4:fb:51:bd:
         b9:5f:7f:c5:84:68:12:9b:86:4a:6c:0e:42:ea:f4:01:98:80:
         a2:20:f1:62:6c:0f:65:04:f2:dc:28:f4:34:25:2b:eb:fa:6f:
         08:0b:b5:98:23:8a:7a:e5:3d:d7:f1:f2:49:f6:72:71:c6:3e:
         ab:1e:07:3f:92:2a:bf:12:31:46:7f:96:64:8f:fc:50:6c:40:
         8e:07:cd:30:2c:9c:ed:2a:14:e9:45:b5:96:0b:ec:ed:0d:92:
         50:18:1e:9b:50:a9:38:c6:2f:7a:5e:d6:c2:f4:af:34:5f:c4:
         41:0f:0b:46:1a:2e:94:e0:1e:f8:38:74:fb:c8:60:41:0e:d1:
         41:e0:35:06:7c:7d:c6:c9:fc:7b:14:70:1d:db:eb:6e:75:a7:
         5c:7a:0c:9f:ad:bd:fd:6b:19:da:52:40:9e:a6:f7:ad:de:ad:
         47:57:6f:55:22:1b:91:65:d1:1b:0a:2b:88:99:eb:02:db:fa:
         af:13:27:ce:bb:97:ff:fb:05:6f:72:17:b2:8d:db:40:d6:c0:
         a6:73:3e:7d:bb:4c:9a:8a:de:91:04:62:e2:1e:d1:22:47:98:
         73:9f:30:1d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZXrQq6CswiuvkAaSv1dBblpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzMxMDgxMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmNmMTZiMjZiMmE0MTJhMTJlODg2ZjI5OTJiZmU0MGRhNGYwODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LCknvALjM3IMMJ1diigSq3g5SnR
xpTq2fLCj/Do22VLKdXe6rMwunJFUcipsJpWTx04BVtvats4b8QpOWHEbTujn8sv
osFuxKre4QD1Lj349Ikc2h2BISTzV3uTUT+bFUVVrk2+xMHvRL4+HquWpxg0WiVs
DjAT5NfTdmtGG8JgeYyZzL00MiTXJv6ZFEJLUKp6/E/iXnuYngXsvgZw3+IT/18a
vsGEs5iTIqjl3iJ2oApMSWRZP4xrrTVJLmw6SiBd6sik1bd23/3rMoDMx940qekI
PS/okf5LqVfapVfERxHV5emHt130gfqZyrqqO491hek/7NDZkxR8TXLxbQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBbPFrJrKkEqEuiG8pkr/kDaTwg5MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRnM4V3Ntc3FRU29TNklieW1Tdi1RTnBQQ0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAHzhFAwQA
HzhIAwQAHzhUAwQAHzjKAwQAHzloAwQAHzm1AwQAHzm8AwQAHzndAwQBHzn8AwQB
Hzo4AwQBHzpAAwQBHzpYMA0GCSqGSIb3DQEBCwUAA4IBAQAk1N7G8OAygzY8/umk
8zr/7A0aSMZh5MK50tCvksF8BdT7Ub25X3/FhGgSm4ZKbA5C6vQBmICiIPFibA9l
BPLcKPQ0JSvr+m8IC7WYI4p65T3X8fJJ9nJxxj6rHgc/kiq/EjFGf5Zkj/xQbECO
B80wLJztKhTpRbWWC+ztDZJQGB6bUKk4xi96XtbC9K80X8RBDwtGGi6U4B74OHT7
yGBBDtFB4DUGfH3Gyfx7FHAd2+tudadcegyfrb39axnaUkCepvet3q1HV29VIhuR
ZdEbCiuImesC2/qvEyfOu5f/+wVvcheyjdtA1sCmcz59u0yait6RBGLiHtEiR5hz
nzAd
-----END CERTIFICATE-----
Generated at Mon Apr 28 21:24:08 2025 by rpki-client