Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Bncc1_406f0DLFbD9gFz5PqzPpY.roa
File:                     Bncc1_406f0DLFbD9gFz5PqzPpY.roa (raw, json)
Hash identifier:          so+4MS80h6SXWvmULm8GNAKUku9P/S63S2siAhtRA9w=
Subject key identifier:   06:77:1C:D7:FE:34:E9:FD:03:2C:56:C3:F6:01:73:E4:FA:B3:3E:96
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       01901FF565F9F41FDD53B6DC292520576495
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Bncc1_406f0DLFbD9gFz5PqzPpY.roa
Signing time:             Sun 16 Jun 2024 07:31:34 +0000
ROA not before:           Sun 16 Jun 2024 07:31:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.128.0/17 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.133.0/24 maxlen: 24
                          85.133.134.0/24 maxlen: 24
                          85.133.135.0/24 maxlen: 24
                          85.133.136.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.140.0/24 maxlen: 24
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.147.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.152.0/22 maxlen: 22
                          85.133.152.0/24 maxlen: 24
                          85.133.154.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.164.0/24 maxlen: 24
                          85.133.165.0/24 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.189.0/24 maxlen: 24
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.206.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.208.0/24 maxlen: 24
                          85.133.209.0/24 maxlen: 24
                          85.133.210.0/23 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.212.0/24 maxlen: 24
                          85.133.213.0/24 maxlen: 24
                          85.133.215.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.220.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.224.0/23 maxlen: 24
                          85.133.224.0/24 maxlen: 24
                          85.133.225.0/24 maxlen: 24
                          85.133.226.0/24 maxlen: 24
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.231.0/24 maxlen: 24
                          85.133.232.0/22 maxlen: 22
                          85.133.232.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.248.0/23 maxlen: 24
                          85.133.249.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          185.41.1.0/24 maxlen: 24
                          185.41.2.0/24 maxlen: 24
                          185.41.3.0/24 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 19 Jun 2024 04:49:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1f:f5:65:f9:f4:1f:dd:53:b6:dc:29:25:20:57:64:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Jun 16 07:31:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=06771cd7fe34e9fd032c56c3f60173e4fab33e96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ea:14:95:4a:0e:af:2e:27:6c:ae:94:02:c3:
                    a2:30:3c:7d:dc:3b:24:45:8f:91:27:ff:d4:c8:1b:
                    25:a0:25:1a:99:ba:90:2a:f0:63:4a:f7:1b:93:1c:
                    09:5d:13:e3:54:58:c8:e0:59:91:ba:9a:75:24:50:
                    dc:2a:63:04:9e:3e:97:d4:2e:e3:ea:95:69:95:91:
                    ab:4c:5f:3d:9f:9c:d0:b7:63:3d:a0:58:e4:b4:cb:
                    6a:20:ec:c8:0c:20:00:a0:df:1d:94:e7:9c:72:73:
                    97:a7:41:c0:05:77:46:3a:2f:a2:b9:e2:be:ab:32:
                    e5:a6:82:35:19:83:3e:94:a2:fc:81:13:29:e0:6b:
                    2f:55:1a:87:8c:5e:ec:0d:49:3d:2d:d6:41:04:e6:
                    2b:31:e5:ad:f8:06:e6:cc:21:08:cd:83:a3:ea:37:
                    b2:cf:02:fd:18:2f:d4:de:e7:90:e4:54:63:2b:64:
                    72:62:64:a2:0d:99:97:74:ef:97:31:fc:53:e3:89:
                    24:94:eb:d8:df:af:af:1a:dc:58:a5:26:a9:77:93:
                    c7:04:83:11:2c:a0:fd:c3:64:de:cb:6d:3d:4a:1c:
                    78:7c:b7:98:fa:07:04:54:b7:30:d3:10:63:c0:0d:
                    30:53:05:bd:7a:ae:ef:2b:b1:e8:da:0f:d8:76:6d:
                    d5:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:77:1C:D7:FE:34:E9:FD:03:2C:56:C3:F6:01:73:E4:FA:B3:3E:96
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Bncc1_406f0DLFbD9gFz5PqzPpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                  185.41.1.0-185.41.3.255
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         08:64:bd:e1:b4:50:b8:bc:dc:91:00:89:c4:64:a5:5a:cc:07:
         98:06:1e:bc:8e:2e:f8:d7:1a:33:2a:8e:61:a6:7e:0f:93:5e:
         fc:e9:ba:8f:a1:31:a4:2c:e8:22:60:6e:40:d6:51:09:63:43:
         68:49:0e:05:c7:cc:46:e8:0f:db:a5:fb:ee:61:48:ae:c9:e3:
         4b:1f:df:5e:db:cb:30:1f:ba:b5:b9:21:7d:4a:18:2c:38:2a:
         b9:b5:a5:f8:44:55:0f:fa:2f:b4:9b:10:66:d5:48:ad:42:b0:
         93:ec:01:da:93:52:1c:3e:03:94:7a:ea:ab:cb:71:4d:5d:1f:
         8d:51:7f:d6:72:7f:5f:d9:f3:dd:0f:e4:d6:ed:d8:4d:8c:57:
         1d:42:f8:f8:bc:f4:50:ca:42:90:bf:83:21:07:80:28:2a:6d:
         b9:9d:e8:33:8c:fe:dc:28:9b:60:e8:79:e3:13:e6:ac:78:f6:
         5a:36:44:5d:bb:ca:23:60:12:51:94:88:c0:ac:04:12:c3:4e:
         2e:7e:84:cc:16:14:c9:55:f8:65:57:d0:87:e0:a1:f4:a3:5b:
         07:02:54:f4:0b:2c:6b:ec:ee:06:44:94:ff:e3:cc:ff:8c:cf:
         76:2a:77:16:f9:32:a9:66:5c:5a:58:04:19:63:6c:6c:f6:d7:
         e5:c0:66:7f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZAf9WX59B/dU7bcKSUgV2SVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNjE2MDczMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjc3MWNkN2ZlMzRlOWZkMDMyYzU2YzNmNjAxNzNlNGZhYjMzZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+oUlUoOry4nbK6UAsOiMDx93Dsk
RY+RJ//UyBsloCUambqQKvBjSvcbkxwJXRPjVFjI4FmRupp1JFDcKmMEnj6X1C7j
6pVplZGrTF89n5zQt2M9oFjktMtqIOzIDCAAoN8dlOeccnOXp0HABXdGOi+iueK+
qzLlpoI1GYM+lKL8gRMp4GsvVRqHjF7sDUk9LdZBBOYrMeWt+AbmzCEIzYOj6jey
zwL9GC/U3ueQ5FRjK2RyYmSiDZmXdO+XMfxT44kklOvY36+vGtxYpSapd5PHBIMR
LKD9w2Tey209Shx4fLeY+gcEVLcw0xBjwA0wUwW9eq7vK7Ho2g/Ydm3VYwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAZ3HNf+NOn9AyxWw/YBc+T6sz6WMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvQm5jYzFfNDA2ZjBETEZiRDlnRno1UHF6UHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQHVYWAMAwD
BAC5KQEDBAK5KQAwDQQCAAIwBwMFAyoEh8AwDQYJKoZIhvcNAQELBQADggEBAAhk
veG0ULi83JEAicRkpVrMB5gGHryOLvjXGjMqjmGmfg+TXvzpuo+hMaQs6CJgbkDW
UQljQ2hJDgXHzEboD9ul++5hSK7J40sf317byzAfurW5IX1KGCw4Krm1pfhEVQ/6
L7SbEGbVSK1CsJPsAdqTUhw+A5R66qvLcU1dH41Rf9Zyf1/Z890P5Nbt2E2MVx1C
+Pi89FDKQpC/gyEHgCgqbbmd6DOM/twom2DoeeMT5qx49lo2RF27yiNgElGUiMCs
BBLDTi5+hMwWFMlV+GVX0IfgofSjWwcCVPQLLGvs7gZElP/jzP+Mz3Yqdxb5Mqlm
XFpYBBljbGz21+XAZn8=
-----END CERTIFICATE-----
Generated at Wed Jun 19 09:52:34 2024 by rpki-client on console-ams.rpki-client.org