Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JO9p4KRnylY1SVnrpeJXB_My3Q8.roa
File:                     JO9p4KRnylY1SVnrpeJXB_My3Q8.roa (raw, json)
Hash identifier:          XFKtWgO8zj2gSfm9gh2frNRcLMEIxi1b7TXhc6MeJPM=
Subject key identifier:   24:EF:69:E0:A4:67:CA:56:35:49:59:EB:A5:E2:57:07:F3:32:DD:0F
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018DA76BE26ED3D7AFA046E34176C11FABD0
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JO9p4KRnylY1SVnrpeJXB_My3Q8.roa
Signing time:             Wed 14 Feb 2024 11:41:21 +0000
ROA not before:           Wed 14 Feb 2024 11:41:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.128.0/17 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.133.0/24 maxlen: 24
                          85.133.134.0/24 maxlen: 24
                          85.133.135.0/24 maxlen: 24
                          85.133.136.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.140.0/24 maxlen: 24
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.147.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.152.0/22 maxlen: 22
                          85.133.152.0/24 maxlen: 24
                          85.133.154.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.164.0/24 maxlen: 24
                          85.133.165.0/24 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.189.0/24 maxlen: 24
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.206.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.209.0/24 maxlen: 24
                          85.133.210.0/23 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.212.0/24 maxlen: 24
                          85.133.213.0/24 maxlen: 24
                          85.133.218.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.220.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.224.0/24 maxlen: 24
                          85.133.225.0/24 maxlen: 24
                          85.133.226.0/24 maxlen: 24
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.231.0/24 maxlen: 24
                          85.133.232.0/22 maxlen: 22
                          85.133.232.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.240.0/22 maxlen: 22
                          85.133.240.0/24 maxlen: 24
                          85.133.243.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.248.0/23 maxlen: 24
                          85.133.249.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          185.41.0.0/24 maxlen: 24
                          185.41.1.0/24 maxlen: 24
                          185.41.2.0/24 maxlen: 24
                          185.41.3.0/24 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sun 18 Feb 2024 07:34:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a7:6b:e2:6e:d3:d7:af:a0:46:e3:41:76:c1:1f:ab:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Feb 14 11:41:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=24ef69e0a467ca56354959eba5e25707f332dd0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:f8:fb:e3:4e:30:6b:29:3b:30:cf:d0:0d:4d:
                    51:ad:78:aa:8c:bc:dd:3c:63:b3:1d:c7:66:06:da:
                    f7:7d:e5:c8:67:94:54:9a:28:1e:cc:53:81:19:2e:
                    81:a4:af:f8:8d:3f:e9:da:a5:6c:6a:4b:d8:2f:ef:
                    9b:f4:f6:72:0d:7d:4a:0f:76:46:48:6d:f9:29:28:
                    fa:9a:2c:fe:09:66:28:7a:cb:fa:fe:b1:b3:79:d7:
                    3c:e9:00:d4:5e:ee:80:ed:c1:c5:c4:7b:43:f7:c4:
                    d7:14:b6:95:00:0e:e9:a1:34:3d:80:7b:78:28:8e:
                    b2:61:ff:f8:f0:e9:e5:1e:29:ad:25:cd:47:72:67:
                    83:34:05:c2:86:16:28:16:b4:2a:fd:a4:27:cd:bb:
                    36:ea:06:8d:fc:b3:e0:e3:bd:98:b9:c2:52:91:31:
                    06:d9:26:6e:a0:18:4d:e9:ab:4a:e4:8e:aa:85:dc:
                    3e:e2:7b:be:15:74:a6:1f:c3:cf:ce:91:90:e8:3c:
                    ef:05:7e:62:09:27:4b:bb:c9:ee:25:e3:f7:ec:2a:
                    1a:e6:5f:e2:3c:90:20:42:55:7a:ad:41:eb:d6:0d:
                    33:9d:17:9e:ef:b5:74:ae:96:5d:f8:9e:36:f1:c3:
                    77:4d:e0:cd:99:5a:ac:45:ab:9e:68:15:97:04:62:
                    36:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:EF:69:E0:A4:67:CA:56:35:49:59:EB:A5:E2:57:07:F3:32:DD:0F
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/JO9p4KRnylY1SVnrpeJXB_My3Q8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                  185.41.0.0/22
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         0d:f8:5d:c6:60:18:1c:7c:eb:bd:72:5d:a1:41:de:39:f7:21:
         90:f5:0d:ad:b4:a9:d7:60:22:5a:ef:2b:3e:62:35:e9:7b:bf:
         bb:8b:5c:07:67:54:de:da:7f:d5:74:6a:de:c0:fe:f7:e8:bb:
         69:af:ee:47:4e:09:08:38:29:36:0d:92:3d:e6:29:a0:a6:2b:
         5d:a7:8b:07:ae:ea:8a:62:27:bd:1b:be:a8:98:56:1e:64:0c:
         e2:d1:b7:b2:53:59:e2:c4:a0:6a:e9:8f:af:87:2b:e2:1f:bd:
         60:4e:61:d1:36:40:6a:ca:cb:5c:4d:1b:26:ad:58:f8:42:81:
         8b:7a:2f:7f:7e:32:74:9a:00:fd:0a:5f:af:9d:0a:2f:de:22:
         b5:ec:95:b7:b4:58:b7:9b:6a:06:ed:20:e0:44:7b:a9:7a:30:
         2f:e6:d0:e4:26:02:98:99:91:8e:f0:bf:02:0b:dc:4a:49:c6:
         6f:d5:07:67:a3:7a:87:e6:c8:bb:19:88:34:be:d6:a1:0f:72:
         f0:9d:da:55:f0:98:2f:ab:c9:eb:78:ac:5c:8b:33:f1:eb:5a:
         ee:0b:c3:6f:ac:cb:8f:2f:33:bd:a2:86:1c:80:4f:41:6f:53:
         e2:b3:0a:c1:67:c4:c7:64:fd:a1:6e:d8:55:14:41:eb:ee:cb:
         72:60:40:28
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2na+Ju09evoEbjQXbBH6vQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjE0MTE0MTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGVmNjllMGE0NjdjYTU2MzU0OTU5ZWJhNWUyNTcwN2YzMzJkZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfj7404wayk7MM/QDU1RrXiqjLzd
PGOzHcdmBtr3feXIZ5RUmigezFOBGS6BpK/4jT/p2qVsakvYL++b9PZyDX1KD3ZG
SG35KSj6miz+CWYoesv6/rGzedc86QDUXu6A7cHFxHtD98TXFLaVAA7poTQ9gHt4
KI6yYf/48OnlHimtJc1HcmeDNAXChhYoFrQq/aQnzbs26gaN/LPg472YucJSkTEG
2SZuoBhN6atK5I6qhdw+4nu+FXSmH8PPzpGQ6DzvBX5iCSdLu8nuJeP37Coa5l/i
PJAgQlV6rUHr1g0znRee77V0rpZd+J428cN3TeDNmVqsRaueaBWXBGI26wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCTvaeCkZ8pWNUlZ66XiVwfzMt0PMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSk85cDRLUm55bFkxU1ZucnBlSlhCX015M1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAN+F3GYBgcfOu9
cl2hQd459yGQ9Q2ttKnXYCJa7ys+YjXpe7+7i1wHZ1Te2n/VdGrewP736Ltpr+5H
TgkIOCk2DZI95imgpitdp4sHruqKYie9G76omFYeZAzi0beyU1nixKBq6Y+vhyvi
H71gTmHRNkBqystcTRsmrVj4QoGLei9/fjJ0mgD9Cl+vnQov3iK17JW3tFi3m2oG
7SDgRHupejAv5tDkJgKYmZGO8L8CC9xKScZv1Qdno3qH5si7GYg0vtahD3LwndpV
8Jgvq8nreKxcizPx61ruC8NvrMuPLzO9ooYcgE9Bb1PiswrBZ8THZP2hbthVFEHr
7styYEAo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org