Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/L4VAHNZ8BtobWXezKRCGb60JUKA.roa
File:                     L4VAHNZ8BtobWXezKRCGb60JUKA.roa (raw, json)
Hash identifier:          mShQtDK1kCf1Fv8367MrKPiblKdAwjPg0RFHTQXESv8=
Subject key identifier:   2F:85:40:1C:D6:7C:06:DA:1B:59:77:B3:29:10:86:6F:AD:09:50:A0
Certificate issuer:       /CN=0811bc50cfed9d02e58196a2c81c988e30ba1260
Certificate serial:       01856DDD3F467F4699E87A2CBE1A41ED82A8
Authority key identifier: 08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/L4VAHNZ8BtobWXezKRCGb60JUKA.roa
Signing time:             Sun 01 Jan 2023 15:04:54 +0000
ROA not before:           Sun 01 Jan 2023 15:04:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20495
IP address blocks:        185.33.119.0/24 maxlen: 32
                          185.33.116.0/24 maxlen: 32
                          185.33.116.0/23 maxlen: 23
                          185.33.118.0/24 maxlen: 32
                          185.33.117.0/24 maxlen: 32
                          185.33.118.0/23 maxlen: 23
                          2a00:cc20::/33 maxlen: 33
                          2a00:cc20:4000::/34 maxlen: 128
                          2a00:cc20::/34 maxlen: 128

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:dd:3f:46:7f:46:99:e8:7a:2c:be:1a:41:ed:82:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0811bc50cfed9d02e58196a2c81c988e30ba1260
        Validity
            Not Before: Jan  1 15:04:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f85401cd67c06da1b5977b32910866fad0950a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:b6:2d:c6:c1:17:ab:8f:dc:0e:21:31:04:ae:
                    5e:c2:8d:56:f9:6d:c7:50:00:77:40:4e:da:1d:f4:
                    76:8c:55:46:ec:8c:b9:b0:ea:74:da:c7:7d:a7:18:
                    1f:16:35:46:3e:77:a8:d8:b7:b6:58:b4:16:f5:97:
                    71:06:c7:f5:14:50:cc:42:68:6e:bb:aa:c0:bc:5c:
                    67:22:13:80:ac:f9:b2:a6:2b:27:ba:20:01:d5:45:
                    10:84:bc:36:c3:8c:89:d3:96:f3:8a:d9:18:7d:97:
                    f7:0b:bb:be:52:5b:d0:78:62:19:c8:cc:67:f5:63:
                    dd:12:cc:7b:77:b6:25:47:97:36:11:26:78:74:8f:
                    26:81:6e:7a:a9:c3:45:7e:a0:a8:e9:94:ec:ab:ba:
                    fc:4f:eb:33:40:49:b5:d5:fc:c4:6e:47:c8:9c:a0:
                    5d:8b:ae:7a:5f:73:7e:79:cd:0e:0b:51:97:f0:64:
                    77:b7:91:ef:5a:6a:4a:86:76:d0:30:01:d2:d7:c5:
                    90:47:af:56:70:7b:45:06:d2:41:fb:3e:d7:6a:a5:
                    8c:d9:81:9b:e3:e5:1e:e1:99:38:53:7d:18:44:f3:
                    d5:a3:7a:fd:d1:85:31:c5:26:f8:93:03:ef:bf:b1:
                    4c:93:14:94:09:dd:43:09:24:7c:3b:29:89:05:a4:
                    af:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:85:40:1C:D6:7C:06:DA:1B:59:77:B3:29:10:86:6F:AD:09:50:A0
            X509v3 Authority Key Identifier:
                keyid:08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/L4VAHNZ8BtobWXezKRCGb60JUKA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.33.116.0/22
                IPv6:
                  2a00:cc20::/33

    Signature Algorithm: sha256WithRSAEncryption
         34:4c:58:18:4a:04:be:92:0b:1f:88:eb:28:f7:09:fa:87:e7:
         86:d6:f1:a8:da:b0:66:67:ed:b3:a7:f7:8d:6d:b4:ba:1d:88:
         36:b8:a0:90:e9:ad:db:9b:27:ba:0b:77:fd:ef:3c:40:40:43:
         8c:8e:51:3c:56:56:6e:bb:9f:05:10:28:ef:a1:d6:7c:d4:0a:
         59:d0:2c:16:1a:1a:7a:33:00:fd:ac:af:36:7c:14:87:43:f5:
         c2:32:30:2e:bc:55:a4:9c:b6:3a:9c:7c:1e:d4:53:80:82:09:
         2e:e8:fd:d8:21:61:f1:7b:6c:b3:b3:6c:f0:39:39:b0:dd:97:
         5a:33:07:ac:dc:40:09:3a:88:79:ea:68:0b:4d:56:7d:c9:9f:
         2c:01:26:b8:cd:bf:9d:6f:36:bd:07:05:76:32:8e:d7:b2:26:
         c3:c8:45:ea:90:e8:ab:b7:8e:38:0e:b2:17:2d:d0:6d:07:13:
         8d:77:3d:44:06:fe:20:51:6a:55:e7:f3:6c:a3:6e:81:bc:86:
         9f:9a:a8:3e:96:66:fe:2e:ee:50:1e:c4:cc:fa:c8:63:70:fc:
         1b:b0:31:2a:54:16:25:54:53:05:fd:59:1a:fa:cc:03:ac:b6:
         c6:3a:0b:4c:33:f1:d3:81:ae:76:ca:f0:d3:e3:6d:98:a7:1c:
         9f:86:d7:de
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVt3T9Gf0aZ6HosvhpB7YKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MTFiYzUwY2ZlZDlkMDJlNTgxOTZhMmM4MWM5ODhlMzBi
YTEyNjAwHhcNMjMwMTAxMTUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjg1NDAxY2Q2N2MwNmRhMWI1OTc3YjMyOTEwODY2ZmFkMDk1MGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLYtxsEXq4/cDiExBK5ewo1W+W3H
UAB3QE7aHfR2jFVG7Iy5sOp02sd9pxgfFjVGPneo2Le2WLQW9ZdxBsf1FFDMQmhu
u6rAvFxnIhOArPmypisnuiAB1UUQhLw2w4yJ05bzitkYfZf3C7u+UlvQeGIZyMxn
9WPdEsx7d7YlR5c2ESZ4dI8mgW56qcNFfqCo6ZTsq7r8T+szQEm11fzEbkfInKBd
i656X3N+ec0OC1GX8GR3t5HvWmpKhnbQMAHS18WQR69WcHtFBtJB+z7XaqWM2YGb
4+Ue4Zk4U30YRPPVo3r90YUxxSb4kwPvv7FMkxSUCd1DCSR8OymJBaSvxQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFC+FQBzWfAbaG1l3sykQhm+tCVCgMB8GA1UdIwQY
MBaAFAgRvFDP7Z0C5YGWosgcmI4wuhJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYzgxOTQtNzZkMS00NjVlLWE3NDYt
ZWU1YTY3NDNiZTU2LzEvTDRWQUhOWjhCdG9iV1hlektSQ0diNjBKVUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYzgxOTQtNzZkMS00NjVlLWE3NDYtZWU1YTY3NDNiZTU2
LzEvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuSF0MA4E
AgACMAgDBgcqAMwgADANBgkqhkiG9w0BAQsFAAOCAQEANExYGEoEvpILH4jrKPcJ
+ofnhtbxqNqwZmfts6f3jW20uh2INrigkOmt25snugt3/e88QEBDjI5RPFZWbruf
BRAo76HWfNQKWdAsFhoaejMA/ayvNnwUh0P1wjIwLrxVpJy2Opx8HtRTgIIJLuj9
2CFh8Xtss7Ns8Dk5sN2XWjMHrNxACTqIeepoC01WfcmfLAEmuM2/nW82vQcFdjKO
17Imw8hF6pDoq7eOOA6yFy3QbQcTjXc9RAb+IFFqVefzbKNugbyGn5qoPpZm/i7u
UB7EzPrIY3D8G7AxKlQWJVRTBf1ZGvrMA6y2xjoLTDPx04Gudsrw0+NtmKccn4bX
3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:51 2024 by rpki-client on console-ams.rpki-client.org