Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Dh483u9i7n3uW5uYlEfapR4pc4U.roa
File:                     Dh483u9i7n3uW5uYlEfapR4pc4U.roa (raw, json)
Hash identifier:          CUYa5J3zLLUKEfu3MJbw6oJ+SbqTOLGMGJFohiCgtHI=
Subject key identifier:   0E:1E:3C:DE:EF:62:EE:7D:EE:5B:9B:98:94:47:DA:A5:1E:29:73:85
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       01881B8B899E165314AEDEFC180681863890
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Dh483u9i7n3uW5uYlEfapR4pc4U.roa
Signing time:             Sun 14 May 2023 18:35:09 +0000
ROA not before:           Sun 14 May 2023 18:35:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        85.133.146.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 May 2023 14:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:1b:8b:89:9e:16:53:14:ae:de:fc:18:06:81:86:38:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: May 14 18:35:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0e1e3cdeef62ee7dee5b9b989447daa51e297385
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:09:bd:62:93:df:b6:1f:84:ca:ae:ce:77:f6:
                    68:ac:6c:69:a6:32:54:ed:cc:0d:70:ee:b1:8a:75:
                    f6:a6:48:5a:d5:4a:15:e4:19:3d:c3:3d:6c:02:b3:
                    a2:26:c2:27:f0:46:28:a6:d4:c2:1f:b6:73:98:27:
                    d9:15:24:c3:1a:6e:62:61:7a:a5:0f:2f:04:fb:ce:
                    d9:46:d8:ff:33:d1:64:fe:c2:9d:4c:d8:65:c3:5e:
                    0f:0c:7e:cf:99:7b:7f:46:89:b8:64:a0:fe:99:5f:
                    10:0e:42:5e:4e:02:3c:22:76:af:76:7f:4c:c9:63:
                    97:82:05:01:87:5c:83:14:d4:c9:8c:cd:74:6d:de:
                    84:01:e5:05:ee:3a:f7:6e:32:2e:0d:2d:97:78:08:
                    ca:5b:53:69:62:7f:dd:36:67:42:66:dc:62:08:a7:
                    6d:19:7e:35:69:3e:22:4c:82:5b:ff:8c:1b:11:a4:
                    9c:c9:7b:ae:66:0f:4f:f7:fa:6d:e9:50:87:d0:9b:
                    19:6b:0f:e0:5f:7e:73:76:c3:87:d8:7d:0f:9e:16:
                    68:fa:2d:32:a8:e4:af:a3:23:20:8d:13:0b:b0:27:
                    4f:0f:87:45:96:49:8d:2b:49:ec:ef:a6:b7:24:f4:
                    8b:8d:d6:5a:4d:00:ae:1c:0c:c3:f8:62:82:ce:e3:
                    90:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:1E:3C:DE:EF:62:EE:7D:EE:5B:9B:98:94:47:DA:A5:1E:29:73:85
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Dh483u9i7n3uW5uYlEfapR4pc4U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:1b:e6:02:d7:61:6a:81:eb:d8:43:98:74:f3:ac:8c:64:d2:
         6d:43:8c:9d:f5:04:f1:e2:5c:ca:4e:e5:65:8b:4c:30:92:5e:
         26:71:ce:f2:d1:55:89:82:85:8a:bf:da:1f:d3:cb:bd:e2:48:
         c6:11:49:17:aa:a8:5c:c6:09:40:7d:ae:84:2f:31:87:39:cf:
         fe:8c:77:29:66:1a:10:81:bd:b7:2a:52:25:77:ef:c2:68:90:
         ae:ab:f2:23:9e:b6:a5:cf:0b:32:ab:ef:5c:e7:8d:24:29:56:
         69:e5:96:d0:2e:e1:45:27:5c:2e:51:7a:00:f1:e4:3b:18:e0:
         78:fd:c6:b8:aa:1a:4c:5c:7a:c2:73:2d:bf:07:87:d5:92:ff:
         77:e5:6e:db:4e:26:31:df:92:68:cb:e0:7b:06:42:db:2c:10:
         7f:c5:a9:3d:ee:c9:71:08:8b:0e:30:06:7f:f3:08:15:11:60:
         fb:64:ee:71:cc:f9:87:c5:fb:9d:f9:41:2c:bd:f7:94:e5:b1:
         26:89:33:ce:b1:a1:3d:60:2c:1d:9f:1b:c3:a5:60:93:5c:66:
         4a:33:6b:e7:a2:7e:01:8d:6b:5e:d0:e0:af:41:65:bc:b9:7a:
         e9:93:df:89:71:0a:f7:8b:4d:36:bc:ec:0f:9b:ea:c1:95:33:
         36:f3:e3:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgbi4meFlMUrt78GAaBhjiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNTE0MTgzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTFlM2NkZWVmNjJlZTdkZWU1YjliOTg5NDQ3ZGFhNTFlMjk3Mzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgm9YpPfth+Eyq7Od/ZorGxppjJU
7cwNcO6xinX2pkha1UoV5Bk9wz1sArOiJsIn8EYoptTCH7ZzmCfZFSTDGm5iYXql
Dy8E+87ZRtj/M9Fk/sKdTNhlw14PDH7PmXt/Rom4ZKD+mV8QDkJeTgI8Inavdn9M
yWOXggUBh1yDFNTJjM10bd6EAeUF7jr3bjIuDS2XeAjKW1NpYn/dNmdCZtxiCKdt
GX41aT4iTIJb/4wbEaScyXuuZg9P9/pt6VCH0JsZaw/gX35zdsOH2H0PnhZo+i0y
qOSvoyMgjRMLsCdPD4dFlkmNK0ns76a3JPSLjdZaTQCuHAzD+GKCzuOQjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA4ePN7vYu597lubmJRH2qUeKXOFMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvRGg0ODN1OWk3bjN1VzV1WWxFZmFwUjRwYzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYWSMA0G
CSqGSIb3DQEBCwUAA4IBAQAKG+YC12FqgevYQ5h086yMZNJtQ4yd9QTx4lzKTuVl
i0wwkl4mcc7y0VWJgoWKv9of08u94kjGEUkXqqhcxglAfa6ELzGHOc/+jHcpZhoQ
gb23KlIld+/CaJCuq/Ijnralzwsyq+9c540kKVZp5ZbQLuFFJ1wuUXoA8eQ7GOB4
/ca4qhpMXHrCcy2/B4fVkv935W7bTiYx35Joy+B7BkLbLBB/xak97slxCIsOMAZ/
8wgVEWD7ZO5xzPmHxfud+UEsvfeU5bEmiTPOsaE9YCwdnxvDpWCTXGZKM2vnon4B
jWte0OCvQWW8uXrpk9+JcQr3i002vOwPm+rBlTM28+Ok
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org