Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/KMpVY95-Stiqwoabl6wYPQDuu0k.roa
File:                     KMpVY95-Stiqwoabl6wYPQDuu0k.roa (raw, json)
Hash identifier:          P9s0SPl0eAL4yCJZVS+1dOV9DB65V9jVbZpAQH2wt9k=
Subject key identifier:   28:CA:55:63:DE:7E:4A:D8:AA:C2:86:9B:97:AC:18:3D:00:EE:BB:49
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018DA1627A709B14294491B16255BC2DF693
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/KMpVY95-Stiqwoabl6wYPQDuu0k.roa
Signing time:             Tue 13 Feb 2024 07:33:22 +0000
ROA not before:           Tue 13 Feb 2024 07:33:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48147
IP address blocks:        85.133.137.0/24 maxlen: 24
                          85.133.153.0/24 maxlen: 24
                          85.133.178.0/23 maxlen: 24
                          85.133.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 16 Mar 2024 18:26:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a1:62:7a:70:9b:14:29:44:91:b1:62:55:bc:2d:f6:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Feb 13 07:33:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=28ca5563de7e4ad8aac2869b97ac183d00eebb49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:84:fa:02:e3:b4:76:b0:2a:b8:9a:ae:83:15:
                    34:8c:34:2a:c6:50:91:2d:f4:6a:7b:b1:c2:5c:0b:
                    4d:7e:24:21:5e:3b:f5:2b:76:5f:00:80:a0:8a:87:
                    42:46:76:e1:c6:e6:fa:5d:c0:16:97:cd:43:6f:5f:
                    eb:03:d0:91:e3:9c:bf:e6:66:ac:78:02:95:a7:3d:
                    28:cf:ed:7f:7a:17:0e:9b:62:7f:ed:a3:fe:e0:19:
                    52:ac:53:9d:3b:aa:29:f9:3b:72:9e:b9:46:5c:e3:
                    fd:d9:c4:4a:21:c2:d0:31:73:5e:ac:7e:eb:16:44:
                    c5:16:af:35:68:a6:74:16:96:06:37:f9:55:dd:06:
                    07:cc:df:f9:fa:32:99:fb:de:b6:78:fb:cd:36:0c:
                    a0:2e:70:29:98:0c:85:f3:5e:99:80:4e:3d:b4:64:
                    84:c5:d5:30:d7:64:e6:b8:64:e2:c7:77:2d:e1:19:
                    b8:d0:98:fd:7f:fb:a0:f5:a2:79:41:9d:be:5d:52:
                    0c:8d:27:7b:db:b0:4f:b7:7f:11:bf:1c:68:32:a0:
                    0f:3f:44:aa:7c:05:3d:62:a8:69:e0:90:ac:e7:2f:
                    1a:a1:29:7f:a8:42:2f:a3:25:85:27:dd:98:1c:19:
                    1d:55:69:2a:43:4f:be:49:23:3e:a7:42:f5:82:26:
                    92:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:CA:55:63:DE:7E:4A:D8:AA:C2:86:9B:97:AC:18:3D:00:EE:BB:49
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/KMpVY95-Stiqwoabl6wYPQDuu0k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.137.0/24
                  85.133.153.0/24
                  85.133.178.0/23
                  85.133.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:92:03:40:b6:b5:3a:3f:46:32:6d:64:c4:4f:fd:1b:6a:72:
         c6:1d:05:51:b5:ce:56:ab:ee:89:b1:66:87:a1:a2:da:81:c2:
         9d:ab:a3:06:95:e0:85:6e:d3:55:bd:ce:71:3a:e9:ec:62:45:
         3e:5f:1d:ff:96:6e:7e:e4:4e:29:3f:01:6a:fd:3e:e4:aa:eb:
         84:4f:83:87:11:4d:62:23:97:be:dc:43:3d:dd:10:af:af:24:
         1c:75:26:b1:18:e5:2e:5a:b3:4d:cc:e1:02:ba:e1:76:96:aa:
         5b:6b:60:c0:bf:20:14:ad:6c:24:55:b4:a3:e2:ee:e9:32:ae:
         a5:4b:e3:89:e4:8f:24:c0:6e:62:1f:1b:72:76:ce:e3:49:2a:
         19:35:8b:78:87:38:90:99:7f:cc:5a:16:f1:48:c7:54:ee:dd:
         ca:0e:65:55:fe:bc:35:5a:83:29:f1:bb:d0:9d:9b:76:e4:76:
         ae:72:f0:10:a7:fd:99:19:b8:3f:00:ce:95:ef:b8:08:d7:79:
         12:b9:05:da:3f:ca:b3:f5:e0:03:a3:f4:7b:d4:23:f7:9a:d7:
         71:6f:4b:21:c6:11:2a:e1:72:f9:5b:eb:ec:1b:82:4f:f4:ff:
         03:5e:28:cc:02:a9:d5:c6:da:4d:3a:d8:c8:fc:1e:f8:73:d4:
         00:53:0a:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2hYnpwmxQpRJGxYlW8LfaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjEzMDczMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNhNTU2M2RlN2U0YWQ4YWFjMjg2OWI5N2FjMTgzZDAwZWViYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoT6AuO0drAquJqugxU0jDQqxlCR
LfRqe7HCXAtNfiQhXjv1K3ZfAICgiodCRnbhxub6XcAWl81Db1/rA9CR45y/5mas
eAKVpz0oz+1/ehcOm2J/7aP+4BlSrFOdO6op+TtynrlGXOP92cRKIcLQMXNerH7r
FkTFFq81aKZ0FpYGN/lV3QYHzN/5+jKZ+962ePvNNgygLnApmAyF816ZgE49tGSE
xdUw12TmuGTix3ct4Rm40Jj9f/ug9aJ5QZ2+XVIMjSd727BPt38RvxxoMqAPP0Sq
fAU9Yqhp4JCs5y8aoSl/qEIvoyWFJ92YHBkdVWkqQ0++SSM+p0L1giaSdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCjKVWPefkrYqsKGm5esGD0A7rtJMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvS01wVlk5NS1TdGlxd29hYmw2d1lQUUR1dTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYWJAwQA
VYWZAwQBVYWyAwQAVYXxMA0GCSqGSIb3DQEBCwUAA4IBAQBxkgNAtrU6P0YybWTE
T/0banLGHQVRtc5Wq+6JsWaHoaLagcKdq6MGleCFbtNVvc5xOunsYkU+Xx3/lm5+
5E4pPwFq/T7kquuET4OHEU1iI5e+3EM93RCvryQcdSaxGOUuWrNNzOECuuF2lqpb
a2DAvyAUrWwkVbSj4u7pMq6lS+OJ5I8kwG5iHxtyds7jSSoZNYt4hziQmX/MWhbx
SMdU7t3KDmVV/rw1WoMp8bvQnZt25HaucvAQp/2ZGbg/AM6V77gI13kSuQXaP8qz
9eADo/R71CP3mtdxb0shxhEq4XL5W+vsG4JP9P8DXijMAqnVxtpNOtjI/B74c9QA
Uwoi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org