Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3x5eb5xuTryaqLr7B8Edv5LG_GY.roa
File:                     3x5eb5xuTryaqLr7B8Edv5LG_GY.roa (raw, json)
Hash identifier:          ZqcG9RPumZPvR0GDEldtx2G/N21LB4m4YUxTBK6I00I=
Subject key identifier:   DF:1E:5E:6F:9C:6E:4E:BC:9A:A8:BA:FB:07:C1:1D:BF:92:C6:FC:66
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       0197B5628808D5E4823850DF034E622E7F14
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3x5eb5xuTryaqLr7B8Edv5LG_GY.roa
Signing time:             Sat 28 Jun 2025 07:13:42 +0000
ROA not before:           Sat 28 Jun 2025 07:13:42 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     174
IP address blocks:        31.56.25.0/24 maxlen: 24
                          31.56.27.0/24 maxlen: 24
                          31.56.28.0/22 maxlen: 24
                          31.56.61.0/24 maxlen: 24
                          31.56.80.0/22 maxlen: 22
                          31.56.92.0/22 maxlen: 22
                          31.56.96.0/22 maxlen: 22
                          31.56.100.0/22 maxlen: 22
                          31.57.119.0/24 maxlen: 24
                          31.57.226.0/24 maxlen: 24
                          31.58.130.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 30 Jun 2025 06:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:62:88:08:d5:e4:82:38:50:df:03:4e:62:2e:7f:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Jun 28 07:13:42 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=df1e5e6f9c6e4ebc9aa8bafb07c11dbf92c6fc66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:8c:f4:a4:0f:e2:d4:b0:41:e6:cf:c0:79:35:
                    54:81:bf:f6:0b:47:b7:fe:8a:10:94:5c:c1:b4:73:
                    b2:52:95:14:26:15:32:ef:2e:9a:09:ee:8b:77:f7:
                    8c:fd:d5:d1:38:50:d7:e3:ae:0d:35:95:8f:ca:fe:
                    55:3d:86:79:73:fd:c6:8a:34:70:59:3d:eb:20:81:
                    e0:a5:68:a0:01:0f:90:64:d3:ed:ff:e4:59:d8:1f:
                    f6:cc:a2:97:4a:4d:57:82:29:83:ce:1b:a3:af:47:
                    ab:1c:16:c4:18:d8:a6:3c:ee:b4:c6:b0:d1:00:b1:
                    24:7b:d4:d6:08:54:00:f2:1b:bd:5c:db:7c:82:5e:
                    8b:d6:70:4e:0b:6b:2c:32:d8:4e:ec:b4:14:13:3d:
                    da:95:bd:77:f4:8a:72:10:91:a9:1c:b7:fe:25:f4:
                    40:51:87:d5:b1:fb:53:34:42:7d:15:e7:af:3d:5f:
                    3f:bd:df:fc:df:4b:d7:f8:09:d0:3b:63:61:fd:62:
                    ce:7d:4d:fa:d6:78:d1:9a:9b:44:90:7b:a5:fb:77:
                    81:b7:fe:99:af:6b:0c:8c:9b:f0:ca:72:c3:fd:e3:
                    e1:56:42:fd:46:5c:37:07:48:af:6f:31:5d:b4:5c:
                    4b:f0:e3:c6:c1:46:17:75:2c:d4:57:3a:7c:38:37:
                    bf:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:1E:5E:6F:9C:6E:4E:BC:9A:A8:BA:FB:07:C1:1D:BF:92:C6:FC:66
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/3x5eb5xuTryaqLr7B8Edv5LG_GY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.56.25.0/24
                  31.56.27.0-31.56.31.255
                  31.56.61.0/24
                  31.56.80.0/22
                  31.56.92.0-31.56.103.255
                  31.57.119.0/24
                  31.57.226.0/24
                  31.58.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:6d:55:ac:0a:6d:64:79:3e:4f:06:73:59:b0:c3:de:75:94:
         bc:c8:50:a1:a3:75:34:49:fb:e6:3c:05:3e:9b:0c:f3:49:f5:
         c2:0c:da:43:1a:da:e6:76:84:a3:31:35:b8:f7:9e:b0:67:fe:
         81:4c:5e:5b:98:cb:82:ad:82:86:09:a0:f9:a5:93:55:5d:4c:
         27:29:be:e6:15:03:4a:e9:b9:5a:83:a5:2c:be:00:ee:fc:c0:
         d4:c3:21:f1:15:de:0d:9c:a1:a0:e7:f2:9c:f8:a3:5c:f3:01:
         a0:64:5f:8c:6f:89:78:95:8a:78:a3:cc:5b:ea:f7:46:dd:e6:
         ac:2a:8d:e5:23:de:18:53:9f:09:1f:66:47:7a:22:44:6e:53:
         0a:b5:7e:8a:1f:37:3f:69:0e:3a:2d:67:e2:11:b5:f7:c4:4d:
         bb:c5:f3:90:29:a7:07:ee:e7:3b:f7:0a:b6:f6:58:68:03:10:
         df:45:36:ab:09:6a:ba:f9:e7:6d:c9:b3:0e:04:f0:68:2b:73:
         25:46:ac:e6:de:e4:de:8e:5f:ca:9f:81:dc:5f:27:d5:a4:49:
         b0:3e:a7:04:06:8e:31:86:c9:db:c1:d6:1c:a4:d5:05:da:f7:
         2b:78:38:da:32:a5:f6:08:2e:a3:66:8e:92:e3:d6:d2:53:79:
         d3:4b:be:d1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZe1YogI1eSCOFDfA05iLn8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjI4MDcxMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjFlNWU2ZjljNmU0ZWJjOWFhOGJhZmIwN2MxMWRiZjkyYzZmYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoz0pA/i1LBB5s/AeTVUgb/2C0e3
/ooQlFzBtHOyUpUUJhUy7y6aCe6Ld/eM/dXROFDX464NNZWPyv5VPYZ5c/3GijRw
WT3rIIHgpWigAQ+QZNPt/+RZ2B/2zKKXSk1XgimDzhujr0erHBbEGNimPO60xrDR
ALEke9TWCFQA8hu9XNt8gl6L1nBOC2ssMthO7LQUEz3alb139IpyEJGpHLf+JfRA
UYfVsftTNEJ9FeevPV8/vd/830vX+AnQO2Nh/WLOfU361njRmptEkHul+3eBt/6Z
r2sMjJvwynLD/ePhVkL9Rlw3B0ivbzFdtFxL8OPGwUYXdSzUVzp8ODe/6wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFN8eXm+cbk68mqi6+wfBHb+SxvxmMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvM3g1ZWI1eHVUcnlhcUxyN0I4RWR2NUxHX0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAHzgZMAwD
BAAfOBsDBAUfOAADBAAfOD0DBAIfOFAwDAMEAh84XAMEAx84YAMEAB85dwMEAB85
4gMEAB86gjANBgkqhkiG9w0BAQsFAAOCAQEAom1VrAptZHk+TwZzWbDD3nWUvMhQ
oaN1NEn75jwFPpsM80n1wgzaQxra5naEozE1uPeesGf+gUxeW5jLgq2Chgmg+aWT
VV1MJym+5hUDSum5WoOlLL4A7vzA1MMh8RXeDZyhoOfynPijXPMBoGRfjG+JeJWK
eKPMW+r3Rt3mrCqN5SPeGFOfCR9mR3oiRG5TCrV+ih83P2kOOi1n4hG198RNu8Xz
kCmnB+7nO/cKtvZYaAMQ30U2qwlquvnnbcmzDgTwaCtzJUas5t7k3o5fyp+B3F8n
1aRJsD6nBAaOMYbJ28HWHKTVBdr3K3g42jKl9gguo2aOkuPW0lN500u+0Q==
-----END CERTIFICATE-----