Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/LdkSh_G8kpWIXGMnvNYMI1Vc3B4.roa
File:                     LdkSh_G8kpWIXGMnvNYMI1Vc3B4.roa (raw, json)
Hash identifier:          N1so5jKKfLGskLZS4fSutY7wdE0epp7JhBiNJ8PvLTQ=
Subject key identifier:   2D:D9:12:87:F1:BC:92:95:88:5C:63:27:BC:D6:0C:23:55:5C:DC:1E
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       01877BDEA5F76FFED534866A05F4B3F66814
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/LdkSh_G8kpWIXGMnvNYMI1Vc3B4.roa
Signing time:             Thu 13 Apr 2023 18:26:41 +0000
ROA not before:           Thu 13 Apr 2023 18:26:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.228.0/24 maxlen: 24
                          85.133.231.0/24 maxlen: 24
                          85.133.232.0/24 maxlen: 24
                          85.133.233.0/24 maxlen: 24
                          85.133.228.0/22 maxlen: 22
                          85.133.232.0/22 maxlen: 22
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.227.0/24 maxlen: 24
                          85.133.238.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.236.0/22 maxlen: 22
                          85.133.240.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.240.0/22 maxlen: 22
                          85.133.237.0/24 maxlen: 24
                          85.133.234.0/24 maxlen: 24
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.242.0/24 maxlen: 24
                          85.133.243.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.241.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.248.0/22 maxlen: 22
                          85.133.249.0/24 maxlen: 24
                          85.133.250.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          85.133.179.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.189.0/24 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.194.0/24 maxlen: 24
                          85.133.196.0/22 maxlen: 22
                          85.133.203.0/24 maxlen: 24
                          85.133.204.0/24 maxlen: 24
                          85.133.200.0/22 maxlen: 22
                          85.133.206.0/24 maxlen: 24
                          85.133.200.0/24 maxlen: 24
                          85.133.201.0/24 maxlen: 24
                          85.133.204.0/22 maxlen: 22
                          85.133.210.0/24 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.208.0/22 maxlen: 22
                          85.133.212.0/24 maxlen: 24
                          85.133.213.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.209.0/24 maxlen: 24
                          85.133.217.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.215.0/24 maxlen: 24
                          85.133.216.0/24 maxlen: 24
                          85.133.220.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.226.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.132.0/22 maxlen: 22
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.128.0/17 maxlen: 24
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.134.0/24 maxlen: 24
                          85.133.136.0/22 maxlen: 22
                          85.133.133.0/24 maxlen: 24
                          85.133.137.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.143.0/24 maxlen: 24
                          85.133.140.0/24 maxlen: 24
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.146.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.147.0/24 maxlen: 24
                          85.133.152.0/22 maxlen: 22
                          85.133.152.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.156.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.156.0/22 maxlen: 22
                          85.133.154.0/24 maxlen: 24
                          85.133.160.0/22 maxlen: 22
                          85.133.162.0/24 maxlen: 24
                          85.133.163.0/24 maxlen: 24
                          85.133.164.0/22 maxlen: 24
                          85.133.160.0/24 maxlen: 24
                          85.133.161.0/24 maxlen: 24
                          85.133.165.0/24 maxlen: 24
                          85.133.166.0/24 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Fri 14 Apr 2023 16:46:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7b:de:a5:f7:6f:fe:d5:34:86:6a:05:f4:b3:f6:68:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Apr 13 18:26:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2dd91287f1bc9295885c6327bcd60c23555cdc1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:9b:92:a3:28:ae:28:72:26:f1:58:eb:dc:64:
                    76:17:41:dd:b2:8c:91:c6:c8:21:68:92:77:ff:a2:
                    f6:64:be:88:99:5c:cd:f3:66:e6:da:31:fe:9f:7f:
                    c3:c7:3a:ea:35:29:19:70:e8:fe:b2:43:58:9f:03:
                    1a:17:5b:0c:c6:43:2d:fc:af:30:95:f1:47:0d:4a:
                    60:72:fe:d2:dc:e9:24:1a:94:91:51:05:94:10:b7:
                    b2:c3:c4:2d:9b:fb:9b:81:69:c1:e7:7d:67:ea:47:
                    f7:84:03:63:78:be:70:85:f1:b2:c7:7f:cb:90:e4:
                    55:9c:1e:e4:11:74:d9:72:56:9d:2c:7f:51:ce:04:
                    8f:fa:a5:39:e4:52:91:df:bd:de:3f:4f:02:7a:a5:
                    83:02:6f:94:93:6d:b5:bb:4f:ac:df:0a:60:1f:5d:
                    38:67:54:e0:c5:02:ea:6c:d9:eb:aa:b3:01:29:d7:
                    26:17:4b:79:29:04:3c:23:b9:18:28:c8:c2:7a:d2:
                    c1:a0:ed:b5:b2:d8:9a:17:b4:ec:55:71:6d:07:dc:
                    90:3d:fc:ab:2f:88:2c:fd:67:25:ad:75:f3:bf:42:
                    33:52:4b:dc:4e:b2:cb:62:78:28:20:c4:f7:8d:ae:
                    3f:aa:cb:53:d7:35:71:ab:f8:6b:0e:dc:61:8f:f6:
                    3e:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:D9:12:87:F1:BC:92:95:88:5C:63:27:BC:D6:0C:23:55:5C:DC:1E
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/LdkSh_G8kpWIXGMnvNYMI1Vc3B4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         1a:5e:67:47:f6:ed:cd:72:06:d8:fa:da:68:95:b8:03:c8:73:
         98:19:96:41:f8:02:ce:35:d1:2b:50:d7:90:6a:df:63:67:b4:
         c5:69:95:3a:44:55:82:29:a3:b2:3b:c2:2f:77:fa:9f:f4:5b:
         4d:79:f7:d2:23:b0:7b:1c:a0:7b:4c:c4:94:09:11:45:b5:f9:
         d7:8c:a8:12:0b:21:4e:db:86:d6:b0:1b:40:dd:89:e2:e8:10:
         c1:88:df:61:88:7d:07:dd:b5:9c:c4:31:68:03:d2:3e:95:0c:
         09:49:5b:f0:4d:0a:44:3f:77:03:9b:89:56:a8:55:7c:d2:5c:
         32:71:1f:f4:5b:82:8a:4c:71:11:9d:7c:54:f7:68:d8:6f:93:
         62:26:dc:47:a9:d9:3a:bb:87:d1:29:fe:6c:4a:02:1b:a1:d9:
         87:d9:1a:de:e1:86:0c:57:4d:c9:97:fc:45:7c:75:86:71:74:
         9d:f0:34:dd:cf:31:88:18:56:35:af:9f:e8:d1:32:76:99:06:
         f1:5e:54:39:81:a7:be:6e:b0:78:64:27:9d:ec:c9:34:26:cd:
         8e:de:31:d0:e6:d5:41:35:fa:cc:d8:a7:85:51:a8:ba:52:a6:
         c6:c7:8b:6f:18:9c:97:7c:9a:10:ab:8f:19:78:f5:ad:b1:68:
         11:b4:d5:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYd73qX3b/7VNIZqBfSz9mgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDEzMTgyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ5MTI4N2YxYmM5Mjk1ODg1YzYzMjdiY2Q2MGMyMzU1NWNkYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpuSoyiuKHIm8Vjr3GR2F0HdsoyR
xsghaJJ3/6L2ZL6ImVzN82bm2jH+n3/DxzrqNSkZcOj+skNYnwMaF1sMxkMt/K8w
lfFHDUpgcv7S3OkkGpSRUQWUELeyw8Qtm/ubgWnB531n6kf3hANjeL5whfGyx3/L
kORVnB7kEXTZcladLH9RzgSP+qU55FKR373eP08CeqWDAm+Uk221u0+s3wpgH104
Z1TgxQLqbNnrqrMBKdcmF0t5KQQ8I7kYKMjCetLBoO21stiaF7TsVXFtB9yQPfyr
L4gs/WclrXXzv0IzUkvcTrLLYngoIMT3ja4/qstT1zVxq/hrDtxhj/Y+TQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC3ZEofxvJKViFxjJ7zWDCNVXNweMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvTGRrU2hfRzhrcFdJWEdNbnZOWU1JMVZjM0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAaXmdH9u3NcgbY+tpolbgD
yHOYGZZB+ALONdErUNeQat9jZ7TFaZU6RFWCKaOyO8Ivd/qf9FtNeffSI7B7HKB7
TMSUCRFFtfnXjKgSCyFO24bWsBtA3Yni6BDBiN9hiH0H3bWcxDFoA9I+lQwJSVvw
TQpEP3cDm4lWqFV80lwycR/0W4KKTHERnXxU92jYb5NiJtxHqdk6u4fRKf5sSgIb
odmH2Rre4YYMV03Jl/xFfHWGcXSd8DTdzzGIGFY1r5/o0TJ2mQbxXlQ5gae+brB4
ZCed7Mk0Js2O3jHQ5tVBNfrM2KeFUai6UqbGx4tvGJyXfJoQq48ZePWtsWgRtNVI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org