Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1zALmyZacGPP69EZqtm6Wn-28dk.roa
File:                     1zALmyZacGPP69EZqtm6Wn-28dk.roa (raw, json)
Hash identifier:          4a4kI4E1Wx4sAyZ0J1aw9qgLzL9/93C6v7e0z7Eb/O0=
Subject key identifier:   D7:30:0B:9B:26:5A:70:63:CF:EB:D1:19:AA:D9:BA:5A:7F:B6:F1:D9
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018C3ED941D8F32AC02881EF6B216F56FFE1
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1zALmyZacGPP69EZqtm6Wn-28dk.roa
Signing time:             Wed 06 Dec 2023 11:17:54 +0000
ROA not before:           Wed 06 Dec 2023 11:17:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204104
IP address blocks:        85.133.132.0/24 maxlen: 24
                          85.133.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Dec 2023 16:51:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:3e:d9:41:d8:f3:2a:c0:28:81:ef:6b:21:6f:56:ff:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Dec  6 11:17:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7300b9b265a7063cfebd119aad9ba5a7fb6f1d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:78:9c:d5:6e:49:77:1c:dd:dc:6c:8d:84:93:
                    95:f4:5e:7e:97:a2:dc:53:c2:a9:f4:c7:e0:59:e7:
                    f4:1d:4e:2a:bc:ab:45:6b:72:cf:ae:e5:2e:f5:b7:
                    0f:9e:5d:71:23:bf:d8:fc:60:02:f1:8d:23:4f:7b:
                    5e:08:a2:36:ec:22:88:7d:54:1d:fc:c8:b0:74:87:
                    33:2f:4f:80:cc:ec:53:25:47:a3:2d:5e:1d:75:fd:
                    39:10:4b:b3:48:dd:b9:6f:08:ee:72:c9:a6:94:d1:
                    18:b2:52:e2:51:a4:00:82:15:89:76:25:9d:f5:f0:
                    e5:3f:4b:34:e3:a6:e1:9f:5c:c0:42:a3:7e:80:75:
                    00:f8:88:21:22:27:00:74:43:62:65:44:56:91:e5:
                    e0:bd:13:8a:07:95:7d:e9:43:ca:3a:2c:85:7a:ba:
                    a3:93:fc:7f:b6:a7:33:c1:19:06:03:ec:fe:4d:52:
                    87:1d:cd:b5:63:77:b0:09:58:4e:58:a3:1f:49:c3:
                    09:f7:3b:08:19:3e:c1:ef:b8:3b:e7:d5:50:ab:a4:
                    44:f7:19:2d:d9:71:f5:7b:99:73:96:80:be:1a:be:
                    76:fe:e7:9e:d0:1c:21:d3:3f:6d:52:bf:27:83:80:
                    52:d5:20:f7:38:7f:69:d8:42:25:57:88:99:51:38:
                    c3:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:30:0B:9B:26:5A:70:63:CF:EB:D1:19:AA:D9:BA:5A:7F:B6:F1:D9
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1zALmyZacGPP69EZqtm6Wn-28dk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.132.0/24
                  85.133.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:76:04:fe:0e:37:b2:ab:70:b8:55:5c:91:61:48:92:de:fe:
         c8:d6:56:f0:32:cc:26:27:be:15:7c:b6:6d:33:97:a7:b9:98:
         5d:2f:78:3b:c0:a8:20:74:5c:1b:6c:50:56:b8:39:20:b2:18:
         4a:34:57:3e:08:2f:e4:af:91:4c:b7:4f:76:44:13:ef:79:92:
         a0:e2:c0:1b:a1:e0:4c:fa:2b:65:db:31:eb:96:0f:cc:88:ab:
         93:10:96:aa:68:c6:2d:8a:09:41:3a:49:5b:f7:63:38:36:d3:
         91:39:1d:64:17:51:64:28:de:9b:b1:ea:16:e5:f3:66:ca:e0:
         16:6c:ff:74:91:c3:de:32:97:eb:d9:aa:6e:62:33:df:85:3d:
         78:c3:90:87:f5:64:f0:c9:e0:dd:9e:56:0b:ca:e4:f1:11:a9:
         dc:20:a3:b8:48:70:68:c6:b9:fe:ad:41:06:71:12:d1:c2:b6:
         c4:e9:a0:56:c3:26:10:99:0f:fc:1b:88:f2:63:49:da:27:cd:
         24:c0:ea:5d:b2:21:bc:22:b1:8b:8e:00:2e:c8:dc:a3:bd:1e:
         b1:bf:3e:19:24:5f:71:e0:4b:54:68:5e:c5:58:81:f0:3d:49:
         7c:e0:3b:93:90:62:cb:b9:0b:15:47:59:c8:12:08:95:c9:e0:
         9d:87:3f:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw+2UHY8yrAKIHvayFvVv/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMxMjA2MTExNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzMwMGI5YjI2NWE3MDYzY2ZlYmQxMTlhYWQ5YmE1YTdmYjZmMWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnic1W5Jdxzd3GyNhJOV9F5+l6Lc
U8Kp9MfgWef0HU4qvKtFa3LPruUu9bcPnl1xI7/Y/GAC8Y0jT3teCKI27CKIfVQd
/MiwdIczL0+AzOxTJUejLV4ddf05EEuzSN25bwjucsmmlNEYslLiUaQAghWJdiWd
9fDlP0s046bhn1zAQqN+gHUA+IghIicAdENiZURWkeXgvROKB5V96UPKOiyFerqj
k/x/tqczwRkGA+z+TVKHHc21Y3ewCVhOWKMfScMJ9zsIGT7B77g759VQq6RE9xkt
2XH1e5lzloC+Gr52/uee0Bwh0z9tUr8ng4BS1SD3OH9p2EIlV4iZUTjD7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNcwC5smWnBjz+vRGarZulp/tvHZMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMXpBTG15WmFjR1BQNjlFWnF0bTZXbi0yOGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYWEAwQA
VYWmMA0GCSqGSIb3DQEBCwUAA4IBAQBJdgT+Djeyq3C4VVyRYUiS3v7I1lbwMswm
J74VfLZtM5enuZhdL3g7wKggdFwbbFBWuDkgshhKNFc+CC/kr5FMt092RBPveZKg
4sAboeBM+itl2zHrlg/MiKuTEJaqaMYtiglBOklb92M4NtOROR1kF1FkKN6bseoW
5fNmyuAWbP90kcPeMpfr2apuYjPfhT14w5CH9WTwyeDdnlYLyuTxEancIKO4SHBo
xrn+rUEGcRLRwrbE6aBWwyYQmQ/8G4jyY0naJ80kwOpdsiG8IrGLjgAuyNyjvR6x
vz4ZJF9x4EtUaF7FWIHwPUl84DuTkGLLuQsVR1nIEgiVyeCdhz+f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org