Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QLtD1oAeqNs-AW83JCoPRrx4inA.roa
File:                     QLtD1oAeqNs-AW83JCoPRrx4inA.roa (raw, json)
Hash identifier:          eu+eHu+NUDD0DZDRHg7hXIRHWZjsQa7ofMY8bsPbN5g=
Subject key identifier:   40:BB:43:D6:80:1E:A8:DB:3E:01:6F:37:24:2A:0F:46:BC:78:8A:70
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       0189F8341028C69F5FC93DADE3CEE85FF3BB
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QLtD1oAeqNs-AW83JCoPRrx4inA.roa
Signing time:             Tue 15 Aug 2023 07:58:28 +0000
ROA not before:           Tue 15 Aug 2023 07:58:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60707
IP address blocks:        85.133.174.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 15 Aug 2023 11:48:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f8:34:10:28:c6:9f:5f:c9:3d:ad:e3:ce:e8:5f:f3:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Aug 15 07:58:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=40bb43d6801ea8db3e016f37242a0f46bc788a70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:82:55:23:76:33:48:6b:4b:bc:f1:2f:67:c8:
                    c5:13:c5:82:37:85:97:48:85:55:cf:b5:7f:c7:3d:
                    e7:6a:6a:b2:e4:80:bf:aa:8a:0a:63:c4:d1:76:26:
                    60:c0:06:b8:f1:23:88:fb:f4:e1:29:52:6e:08:a9:
                    b8:2e:2b:50:ad:a6:f4:66:c1:64:ff:90:01:e1:35:
                    bb:a2:6c:52:39:37:65:58:a2:17:8d:0c:fa:e3:ea:
                    07:32:12:40:54:03:54:11:eb:c3:fb:d3:aa:39:7f:
                    9c:41:c9:1c:35:f5:cc:21:6c:ba:21:37:e3:85:65:
                    50:82:fe:a1:df:06:b8:7c:d5:ff:cf:93:a8:dc:62:
                    74:04:aa:ec:e9:4e:02:ef:97:97:32:79:d1:ae:ce:
                    ae:54:c8:45:92:ef:8e:f0:b8:a5:60:8a:ef:a6:9f:
                    67:fe:0c:32:5b:23:62:52:ac:f9:ea:6c:c2:b3:5c:
                    0e:65:95:24:f1:10:fc:41:91:2e:95:44:98:a6:f9:
                    b7:cc:2b:67:30:da:82:22:48:5c:4f:7d:98:af:2a:
                    56:98:82:04:02:a7:c5:22:a5:6f:cc:14:65:01:d9:
                    fe:6c:dd:82:a9:5e:ad:61:89:a6:97:07:b1:50:fb:
                    8e:7f:21:8b:2f:75:99:e1:72:05:46:8c:f7:c1:43:
                    a1:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:BB:43:D6:80:1E:A8:DB:3E:01:6F:37:24:2A:0F:46:BC:78:8A:70
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QLtD1oAeqNs-AW83JCoPRrx4inA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.174.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:e2:d7:f3:ca:d4:f3:ba:42:6f:8d:11:d6:5d:6d:73:0c:e3:
         2e:b4:11:52:77:0a:8b:4c:ec:1f:bb:b0:10:26:d8:17:c3:30:
         96:04:71:28:2d:42:85:16:a1:25:cb:35:05:df:37:2f:d6:53:
         10:81:e0:81:a8:7d:8f:ce:ae:a8:d5:44:96:6a:7d:df:8b:ab:
         30:cb:e6:a4:f9:62:77:96:83:b8:5e:5a:20:44:99:43:ef:86:
         37:95:c4:fc:18:b0:a9:24:1c:34:e4:73:40:8e:32:06:fc:04:
         19:f0:6c:c0:65:87:24:e0:2d:9d:01:a5:e5:b6:47:ef:15:99:
         c5:e9:a9:a7:c3:50:61:cd:e2:f2:f8:2c:b0:6f:9b:b1:4e:f0:
         21:e3:03:a4:6d:04:8f:8e:13:25:b0:aa:f7:75:db:e8:b2:7b:
         bb:e3:75:f9:5e:28:75:b3:a0:a2:cd:8d:1a:48:1b:e3:be:45:
         a4:65:a1:83:68:3f:ba:e9:29:58:b1:84:1a:48:f2:df:02:e3:
         c1:69:3e:98:ac:b2:dd:e9:eb:66:b9:25:87:fa:5f:c4:64:4c:
         22:86:1a:e8:6c:e9:14:7f:36:f0:a7:22:51:91:63:19:a9:72:
         76:bb:15:3d:b0:7d:64:ba:8a:98:9e:10:7c:ac:57:25:bb:ac:
         ee:2d:0e:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn4NBAoxp9fyT2t487oX/O7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODE1MDc1ODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGJiNDNkNjgwMWVhOGRiM2UwMTZmMzcyNDJhMGY0NmJjNzg4YTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4JVI3YzSGtLvPEvZ8jFE8WCN4WX
SIVVz7V/xz3namqy5IC/qooKY8TRdiZgwAa48SOI+/ThKVJuCKm4LitQrab0ZsFk
/5AB4TW7omxSOTdlWKIXjQz64+oHMhJAVANUEevD+9OqOX+cQckcNfXMIWy6ITfj
hWVQgv6h3wa4fNX/z5Oo3GJ0BKrs6U4C75eXMnnRrs6uVMhFku+O8LilYIrvpp9n
/gwyWyNiUqz56mzCs1wOZZUk8RD8QZEulUSYpvm3zCtnMNqCIkhcT32YrypWmIIE
AqfFIqVvzBRlAdn+bN2CqV6tYYmmlwexUPuOfyGLL3WZ4XIFRoz3wUOhPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEC7Q9aAHqjbPgFvNyQqD0a8eIpwMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvUUx0RDFvQWVxTnMtQVc4M0pDb1BScng0aW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYWuMA0G
CSqGSIb3DQEBCwUAA4IBAQBj4tfzytTzukJvjRHWXW1zDOMutBFSdwqLTOwfu7AQ
JtgXwzCWBHEoLUKFFqElyzUF3zcv1lMQgeCBqH2Pzq6o1USWan3fi6swy+ak+WJ3
loO4XlogRJlD74Y3lcT8GLCpJBw05HNAjjIG/AQZ8GzAZYck4C2dAaXltkfvFZnF
6amnw1BhzeLy+Cywb5uxTvAh4wOkbQSPjhMlsKr3ddvosnu743X5Xih1s6CizY0a
SBvjvkWkZaGDaD+66SlYsYQaSPLfAuPBaT6YrLLd6etmuSWH+l/EZEwihhrobOkU
fzbwpyJRkWMZqXJ2uxU9sH1kuoqYnhB8rFclu6zuLQ5g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org