Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IYXP4Pq1eekyOJSLdhKqEzdevbE.roa
File:                     IYXP4Pq1eekyOJSLdhKqEzdevbE.roa (raw, json)
Hash identifier:          41qVyDiQHufBa97c+vrWd64Kd1RB8ud4a9PZTEh9Ic4=
Subject key identifier:   21:85:CF:E0:FA:B5:79:E9:32:38:94:8B:76:12:AA:13:37:5E:BD:B1
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       0189F9069F23E2A6CE1C0CBE00D966B86A36
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IYXP4Pq1eekyOJSLdhKqEzdevbE.roa
Signing time:             Tue 15 Aug 2023 11:48:28 +0000
ROA not before:           Tue 15 Aug 2023 11:48:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.231.0/24 maxlen: 24
                          85.133.232.0/24 maxlen: 24
                          85.133.233.0/24 maxlen: 24
                          85.133.228.0/24 maxlen: 24
                          85.133.232.0/22 maxlen: 22
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.227.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.240.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.240.0/22 maxlen: 22
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.243.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.241.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.248.0/23 maxlen: 24
                          85.133.249.0/24 maxlen: 24
                          85.133.250.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.178.0/24 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.189.0/24 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.199.0/24 maxlen: 24
                          85.133.196.0/22 maxlen: 22
                          85.133.205.0/24 maxlen: 24
                          85.133.203.0/24 maxlen: 24
                          85.133.204.0/24 maxlen: 24
                          85.133.200.0/22 maxlen: 22
                          85.133.206.0/24 maxlen: 24
                          85.133.200.0/24 maxlen: 24
                          85.133.201.0/24 maxlen: 24
                          85.133.204.0/22 maxlen: 22
                          85.133.202.0/24 maxlen: 24
                          85.133.210.0/23 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.212.0/24 maxlen: 24
                          85.133.213.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.208.0/24 maxlen: 24
                          85.133.209.0/24 maxlen: 24
                          85.133.217.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.215.0/24 maxlen: 24
                          85.133.220.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.225.0/24 maxlen: 24
                          85.133.226.0/24 maxlen: 24
                          85.133.221.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.128.0/17 maxlen: 24
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.134.0/24 maxlen: 24
                          85.133.135.0/24 maxlen: 24
                          85.133.136.0/24 maxlen: 24
                          85.133.133.0/24 maxlen: 24
                          85.133.137.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.140.0/24 maxlen: 24
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.147.0/24 maxlen: 24
                          85.133.152.0/22 maxlen: 22
                          85.133.152.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.153.0/24 maxlen: 24
                          85.133.154.0/24 maxlen: 24
                          85.133.162.0/24 maxlen: 24
                          85.133.163.0/24 maxlen: 24
                          85.133.164.0/24 maxlen: 24
                          85.133.160.0/24 maxlen: 24
                          85.133.161.0/24 maxlen: 24
                          85.133.165.0/24 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          185.41.0.0/24 maxlen: 24
                          185.41.1.0/24 maxlen: 24
                          185.41.2.0/24 maxlen: 24
                          185.41.3.0/24 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sat 26 Aug 2023 13:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f9:06:9f:23:e2:a6:ce:1c:0c:be:00:d9:66:b8:6a:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Aug 15 11:48:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2185cfe0fab579e93238948b7612aa13375ebdb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:6f:79:00:02:98:3a:c7:10:43:e7:f5:b9:dc:
                    24:9b:39:4f:45:af:46:a6:22:24:33:18:c8:33:a9:
                    41:a7:d3:9f:bc:a8:36:6a:cd:5b:8f:c5:0e:30:3e:
                    14:57:4a:05:52:0d:c6:1b:09:e7:bb:de:94:33:97:
                    dc:08:49:3a:b6:d7:85:fd:aa:f5:2b:d1:47:8b:2d:
                    47:f7:fb:f8:86:99:3f:3e:67:60:1a:cc:e5:da:9c:
                    ce:dc:d6:8b:ad:18:56:3c:83:88:0c:42:da:12:54:
                    ba:51:10:40:d0:28:bd:24:92:9a:b8:a2:54:4b:c9:
                    0a:52:49:38:f8:27:22:8c:eb:c1:d6:f0:9b:d6:5d:
                    da:69:84:fb:46:0d:f1:1b:69:c7:8b:d6:c4:04:10:
                    36:e7:af:3a:32:40:53:7d:06:06:39:11:f1:7a:bd:
                    a1:a2:dc:4a:87:2e:bb:22:70:cb:56:92:56:89:20:
                    0f:a2:71:5c:9f:d1:c9:2e:c4:b7:05:33:c1:fb:47:
                    06:7b:a2:54:88:14:a6:5c:b1:c3:b7:5e:cb:df:9c:
                    d8:29:fc:d7:69:1e:26:49:e9:57:d5:c6:1d:78:24:
                    73:ca:d8:96:ef:f6:2d:40:ef:49:a9:18:6a:f3:17:
                    c9:d5:16:d2:71:a0:d7:8d:67:13:fa:90:03:9d:c2:
                    e5:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:85:CF:E0:FA:B5:79:E9:32:38:94:8B:76:12:AA:13:37:5E:BD:B1
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IYXP4Pq1eekyOJSLdhKqEzdevbE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                  185.41.0.0/22
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         29:09:9c:6e:71:b9:cd:57:19:b5:af:94:23:7e:6d:3b:7a:76:
         1a:63:74:7f:00:dd:91:31:f1:68:6b:e6:22:4e:d7:72:75:9b:
         4e:88:46:26:ad:d7:ae:85:0c:be:03:3a:38:71:5d:4f:28:79:
         0c:1a:a9:84:4f:e2:3a:f7:bf:db:84:5c:c4:af:25:1c:f6:e8:
         64:c4:45:ce:cf:b5:b1:d9:a2:63:f7:c3:55:48:86:0b:e9:3d:
         f9:4c:4d:11:44:c3:59:f6:96:b9:ba:79:15:8d:3b:b8:07:84:
         a3:a5:cf:54:90:80:6b:95:13:50:fc:bd:47:7e:c4:fe:8e:08:
         a3:6a:d1:2e:d2:3b:34:60:76:06:ac:92:1c:9a:b8:f2:72:c8:
         88:78:69:88:de:43:80:b5:7c:99:12:db:91:09:c9:22:fd:c0:
         bc:66:59:78:12:9b:64:2e:74:b4:cd:9a:77:8a:22:9d:39:3c:
         58:05:bd:45:d3:83:2b:4b:22:69:65:95:80:b7:2e:7f:b9:6d:
         5f:36:37:f4:ab:03:4a:b1:a7:ca:eb:01:ac:f0:a0:99:eb:dd:
         ad:92:16:6f:f8:22:de:d5:e0:f1:1f:9b:da:8b:e8:93:94:11:
         2c:16:4a:ce:0c:09:3e:fc:4c:b8:6f:6b:6b:93:0f:9e:2a:87:
         06:da:5b:8a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYn5Bp8j4qbOHAy+ANlmuGo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODE1MTE0ODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTg1Y2ZlMGZhYjU3OWU5MzIzODk0OGI3NjEyYWExMzM3NWViZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi295AAKYOscQQ+f1udwkmzlPRa9G
piIkMxjIM6lBp9OfvKg2as1bj8UOMD4UV0oFUg3GGwnnu96UM5fcCEk6tteF/ar1
K9FHiy1H9/v4hpk/PmdgGszl2pzO3NaLrRhWPIOIDELaElS6URBA0Ci9JJKauKJU
S8kKUkk4+CcijOvB1vCb1l3aaYT7Rg3xG2nHi9bEBBA25686MkBTfQYGORHxer2h
otxKhy67InDLVpJWiSAPonFcn9HJLsS3BTPB+0cGe6JUiBSmXLHDt17L35zYKfzX
aR4mSelX1cYdeCRzytiW7/YtQO9JqRhq8xfJ1RbScaDXjWcT+pADncLlxQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCGFz+D6tXnpMjiUi3YSqhM3Xr2xMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSVlYUDRQcTFlZWt5T0pTTGRoS3FFemRldmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQApCZxucbnNVxm1
r5Qjfm07enYaY3R/AN2RMfFoa+YiTtdydZtOiEYmrdeuhQy+Azo4cV1PKHkMGqmE
T+I697/bhFzEryUc9uhkxEXOz7Wx2aJj98NVSIYL6T35TE0RRMNZ9pa5unkVjTu4
B4Sjpc9UkIBrlRNQ/L1HfsT+jgijatEu0js0YHYGrJIcmrjycsiIeGmI3kOAtXyZ
EtuRCcki/cC8Zll4EptkLnS0zZp3iiKdOTxYBb1F04MrSyJpZZWAty5/uW1fNjf0
qwNKsafK6wGs8KCZ692tkhZv+CLe1eDxH5vai+iTlBEsFkrODAk+/Ey4b2trkw+e
KocG2luK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org