Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QWP3z1B-GCtXYwgOMYDXYamzOyo.roa
File:                     QWP3z1B-GCtXYwgOMYDXYamzOyo.roa (raw, json)
Hash identifier:          /EggA0guoosHtZ81aJh0XtMPzpR78ujtbhTpOyiPnsg=
Subject key identifier:   41:63:F7:CF:50:7E:18:2B:57:63:08:0E:31:80:D7:61:A9:B3:3B:2A
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018779B69422E5013BFBCD2E5C1159BA7A60
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QWP3z1B-GCtXYwgOMYDXYamzOyo.roa
Signing time:             Thu 13 Apr 2023 08:23:41 +0000
ROA not before:           Thu 13 Apr 2023 08:23:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.228.0/24 maxlen: 24
                          85.133.231.0/24 maxlen: 24
                          85.133.232.0/24 maxlen: 24
                          85.133.233.0/24 maxlen: 24
                          85.133.228.0/22 maxlen: 22
                          85.133.232.0/22 maxlen: 22
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.227.0/24 maxlen: 24
                          85.133.238.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.236.0/22 maxlen: 22
                          85.133.240.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.240.0/22 maxlen: 22
                          85.133.237.0/24 maxlen: 24
                          85.133.234.0/24 maxlen: 24
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.242.0/24 maxlen: 24
                          85.133.243.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.241.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.248.0/22 maxlen: 22
                          85.133.249.0/24 maxlen: 24
                          85.133.250.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.189.0/24 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.194.0/24 maxlen: 24
                          85.133.196.0/22 maxlen: 22
                          85.133.203.0/24 maxlen: 24
                          85.133.204.0/24 maxlen: 24
                          85.133.200.0/22 maxlen: 22
                          85.133.206.0/24 maxlen: 24
                          85.133.200.0/24 maxlen: 24
                          85.133.201.0/24 maxlen: 24
                          85.133.204.0/22 maxlen: 22
                          85.133.210.0/24 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.208.0/22 maxlen: 22
                          85.133.212.0/24 maxlen: 24
                          85.133.213.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.209.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.220.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.226.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.132.0/22 maxlen: 22
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.128.0/17 maxlen: 24
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.134.0/24 maxlen: 24
                          85.133.136.0/22 maxlen: 22
                          85.133.133.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.143.0/24 maxlen: 24
                          85.133.140.0/24 maxlen: 24
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.146.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.147.0/24 maxlen: 24
                          85.133.152.0/22 maxlen: 22
                          85.133.152.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.156.0/22 maxlen: 22
                          85.133.154.0/24 maxlen: 24
                          85.133.160.0/22 maxlen: 22
                          85.133.162.0/24 maxlen: 24
                          85.133.163.0/24 maxlen: 24
                          85.133.164.0/22 maxlen: 24
                          85.133.160.0/24 maxlen: 24
                          85.133.161.0/24 maxlen: 24
                          85.133.166.0/24 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 13 Apr 2023 18:22:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:79:b6:94:22:e5:01:3b:fb:cd:2e:5c:11:59:ba:7a:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Apr 13 08:23:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4163f7cf507e182b5763080e3180d761a9b33b2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:58:a8:b2:3b:70:52:a3:21:b2:16:75:0a:15:
                    70:8e:11:3e:39:b2:93:4a:c2:44:7c:bb:4b:08:90:
                    90:27:dd:3d:56:e0:72:cc:c9:9e:6d:76:45:8f:79:
                    df:e1:a0:88:59:1b:7a:02:e5:bd:57:07:39:ee:7f:
                    77:62:19:e1:a4:e0:2d:4f:48:76:d5:e7:2a:f6:e7:
                    fb:21:c7:59:7e:0d:14:54:8d:3d:ea:b2:bd:b5:ac:
                    f0:8b:54:c6:3c:07:e1:66:14:80:4a:02:28:14:09:
                    48:17:0b:6a:3c:76:f2:05:b0:28:13:51:91:d6:cd:
                    12:b1:98:df:98:e8:4a:93:68:25:d8:a7:0a:67:7b:
                    da:e7:48:09:1f:4b:f7:76:71:0f:5a:e6:d0:75:9a:
                    0c:4a:64:48:d9:a6:14:69:f0:ca:2e:87:3f:a8:b3:
                    d1:40:98:8f:dd:c9:34:54:d3:b0:6e:27:5e:26:95:
                    14:c4:f2:aa:f5:e2:7a:e3:95:a9:90:bf:7b:da:46:
                    c5:f9:3d:be:b4:45:1d:92:2e:03:4f:b5:87:85:ac:
                    74:c4:49:1a:0d:12:71:06:a8:bb:d6:06:5d:7d:92:
                    47:17:cf:ce:cc:4f:43:8b:74:46:83:01:60:66:24:
                    b1:54:7e:91:3c:05:ce:b0:5e:2d:03:da:d3:16:c9:
                    8d:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:63:F7:CF:50:7E:18:2B:57:63:08:0E:31:80:D7:61:A9:B3:3B:2A
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/QWP3z1B-GCtXYwgOMYDXYamzOyo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         22:bb:cf:c6:e3:5e:c2:6c:cd:87:97:b0:f5:5a:f2:bb:61:b2:
         9e:85:49:02:9d:49:98:2a:21:92:12:4d:bf:b6:0b:f8:12:9c:
         23:62:b5:b9:2f:3a:73:6d:ef:7d:70:15:98:b5:35:66:36:6e:
         f3:58:35:5b:ce:0b:19:64:44:69:ef:6f:94:39:40:29:ca:04:
         3a:e2:51:e9:8a:cc:2d:81:71:27:12:5e:32:1c:2e:c1:7f:92:
         36:ec:af:da:b1:e8:d8:c0:b1:e8:5f:7c:3d:cc:de:da:89:22:
         97:3d:aa:8d:41:e5:18:3f:47:6f:2d:d5:85:90:08:70:be:eb:
         19:3e:12:83:65:92:6b:fe:94:4c:e8:89:c5:3d:21:d2:68:3f:
         93:1d:56:b6:50:9d:a1:e3:5f:6c:56:52:86:32:b3:90:2b:cb:
         82:c9:0e:73:91:f8:dd:47:c2:71:14:4b:f4:32:b4:a6:85:95:
         0f:85:e7:e4:07:3e:c0:58:b1:92:0a:92:30:02:a8:1a:cb:91:
         c4:67:c5:fc:7e:3a:da:61:77:2f:1f:75:eb:e8:a7:3f:a3:7c:
         06:c4:13:94:eb:e0:78:61:7c:06:ac:3c:e6:41:04:8f:ed:9c:
         59:d0:94:70:b2:12:12:cf:6a:0c:09:ac:1a:ab:7e:3b:5a:99:
         98:9f:54:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYd5tpQi5QE7+80uXBFZunpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDEzMDgyMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTYzZjdjZjUwN2UxODJiNTc2MzA4MGUzMTgwZDc2MWE5YjMzYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFiosjtwUqMhshZ1ChVwjhE+ObKT
SsJEfLtLCJCQJ909VuByzMmebXZFj3nf4aCIWRt6AuW9Vwc57n93YhnhpOAtT0h2
1ecq9uf7IcdZfg0UVI096rK9tazwi1TGPAfhZhSASgIoFAlIFwtqPHbyBbAoE1GR
1s0SsZjfmOhKk2gl2KcKZ3va50gJH0v3dnEPWubQdZoMSmRI2aYUafDKLoc/qLPR
QJiP3ck0VNOwbideJpUUxPKq9eJ645WpkL972kbF+T2+tEUdki4DT7WHhax0xEka
DRJxBqi71gZdfZJHF8/OzE9Di3RGgwFgZiSxVH6RPAXOsF4tA9rTFsmNPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEFj989QfhgrV2MIDjGA12GpszsqMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvUVdQM3oxQi1HQ3RYWXdnT01ZRFhZYW16T3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAiu8/G417CbM2Hl7D1WvK7
YbKehUkCnUmYKiGSEk2/tgv4EpwjYrW5Lzpzbe99cBWYtTVmNm7zWDVbzgsZZERp
72+UOUApygQ64lHpiswtgXEnEl4yHC7Bf5I27K/asejYwLHoX3w9zN7aiSKXPaqN
QeUYP0dvLdWFkAhwvusZPhKDZZJr/pRM6InFPSHSaD+THVa2UJ2h419sVlKGMrOQ
K8uCyQ5zkfjdR8JxFEv0MrSmhZUPhefkBz7AWLGSCpIwAqgay5HEZ8X8fjraYXcv
H3Xr6Kc/o3wGxBOU6+B4YXwGrDzmQQSP7ZxZ0JRwshISz2oMCawaq347WpmYn1R3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org