Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/XQjNAAc6oTJuhQrik0LNLBcSj2o.roa
File:                     XQjNAAc6oTJuhQrik0LNLBcSj2o.roa (raw, json)
Hash identifier:          Mvp64LEMtQGQGYe9HMPunXoUifz4XcKV8DY6TYnClf4=
Subject key identifier:   5D:08:CD:00:07:3A:A1:32:6E:85:0A:E2:93:42:CD:2C:17:12:8F:6A
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018DA30EF236619B2EC59DAEFAEAE1483DB2
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/XQjNAAc6oTJuhQrik0LNLBcSj2o.roa
Signing time:             Tue 13 Feb 2024 15:21:22 +0000
ROA not before:           Tue 13 Feb 2024 15:21:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     44947
IP address blocks:        85.133.200.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 22 Feb 2024 14:40:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a3:0e:f2:36:61:9b:2e:c5:9d:ae:fa:ea:e1:48:3d:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Feb 13 15:21:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5d08cd00073aa1326e850ae29342cd2c17128f6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:d6:61:a0:a4:bb:48:df:34:d4:ff:b6:78:cb:
                    61:14:04:7a:47:60:fd:d4:52:9e:90:52:37:58:95:
                    e2:28:3e:87:69:30:49:51:67:ce:e4:b0:eb:ef:c2:
                    30:f0:2e:a6:2b:6e:cf:4e:a9:d0:33:fe:c3:b4:30:
                    46:98:c3:52:85:04:8e:aa:9c:f9:9e:37:17:5e:e4:
                    c5:90:5f:ee:51:81:7d:8b:01:88:9a:b1:27:b8:c5:
                    fd:61:f2:80:d3:6e:96:c5:22:9a:28:27:b9:cf:b4:
                    ae:9e:4f:53:5f:31:bd:2a:29:7c:54:21:71:19:14:
                    41:bc:90:ff:cc:88:df:0a:2d:73:2a:cd:45:43:cb:
                    3b:8b:c0:00:ab:92:f5:f3:71:b6:b6:c1:28:aa:f3:
                    c1:9d:a2:53:72:aa:b1:ff:5c:71:ae:17:4a:b9:c1:
                    95:e8:90:14:50:6a:f7:61:54:4d:75:18:e9:87:f5:
                    2f:6b:1a:1c:76:bc:2b:c1:1a:d0:c7:bb:b2:24:4d:
                    1d:6d:c1:fc:8d:d6:67:01:ec:2d:d1:6e:6e:00:ab:
                    9a:c9:30:5c:8c:72:9d:8d:62:b2:a3:9a:b4:d4:34:
                    1b:d8:77:ad:ab:52:01:c5:3b:de:68:9c:cd:de:41:
                    ce:ff:4b:16:10:53:21:0b:52:91:cf:2f:5c:18:65:
                    6e:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:08:CD:00:07:3A:A1:32:6E:85:0A:E2:93:42:CD:2C:17:12:8F:6A
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/XQjNAAc6oTJuhQrik0LNLBcSj2o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b5:d6:37:d6:d1:3b:38:a7:bf:07:86:28:6b:27:fa:98:54:c8:
         0b:fe:07:48:a4:ff:6b:75:51:20:38:73:64:fb:8f:68:5f:50:
         3e:a2:67:74:5a:23:44:57:b2:9c:79:97:dd:9e:65:fd:73:97:
         90:87:66:ea:92:ba:02:31:20:9f:a0:a3:a0:f9:68:8c:13:e5:
         ee:a9:fb:e8:43:4e:a5:6f:e0:58:f3:27:5c:6b:3c:1a:89:1b:
         a4:cb:86:89:6b:9e:85:0c:82:be:e6:39:48:8b:b4:62:f6:ad:
         6e:64:e4:b2:fe:f1:56:cb:f2:cd:76:a7:00:57:ae:c9:0c:59:
         2f:cb:84:62:f5:ef:87:30:a4:dc:48:70:6f:96:b8:a5:3f:0a:
         5d:1b:91:e2:63:4b:24:0f:c1:fb:f9:10:1a:dd:f4:6c:85:8b:
         b6:8b:1d:f5:b8:5f:94:68:fd:0a:0c:c5:89:12:bd:85:f5:0e:
         d1:38:af:d9:31:f9:ec:8f:6d:57:db:57:11:ce:c1:dd:f4:d0:
         f9:a8:b9:47:77:10:04:40:5d:9b:61:e9:d8:01:ee:5d:02:3b:
         65:46:de:23:2e:b1:4d:aa:22:4c:63:9b:ef:a5:cc:7c:9a:6e:
         68:16:f9:d9:71:e0:3c:8c:61:a8:92:56:15:0b:0a:6f:2e:ca:
         f9:cd:a3:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2jDvI2YZsuxZ2u+urhSD2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjEzMTUyMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDA4Y2QwMDA3M2FhMTMyNmU4NTBhZTI5MzQyY2QyYzE3MTI4ZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9ZhoKS7SN801P+2eMthFAR6R2D9
1FKekFI3WJXiKD6HaTBJUWfO5LDr78Iw8C6mK27PTqnQM/7DtDBGmMNShQSOqpz5
njcXXuTFkF/uUYF9iwGImrEnuMX9YfKA026WxSKaKCe5z7Sunk9TXzG9Kil8VCFx
GRRBvJD/zIjfCi1zKs1FQ8s7i8AAq5L183G2tsEoqvPBnaJTcqqx/1xxrhdKucGV
6JAUUGr3YVRNdRjph/UvaxocdrwrwRrQx7uyJE0dbcH8jdZnAewt0W5uAKuayTBc
jHKdjWKyo5q01DQb2Hetq1IBxTveaJzN3kHO/0sWEFMhC1KRzy9cGGVuTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0IzQAHOqEyboUK4pNCzSwXEo9qMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvWFFqTkFBYzZvVEp1aFFyaWswTE5MQmNTajJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVYXIMA0G
CSqGSIb3DQEBCwUAA4IBAQC11jfW0Ts4p78HhihrJ/qYVMgL/gdIpP9rdVEgOHNk
+49oX1A+omd0WiNEV7KceZfdnmX9c5eQh2bqkroCMSCfoKOg+WiME+XuqfvoQ06l
b+BY8ydcazwaiRuky4aJa56FDIK+5jlIi7Ri9q1uZOSy/vFWy/LNdqcAV67JDFkv
y4Ri9e+HMKTcSHBvlrilPwpdG5HiY0skD8H7+RAa3fRshYu2ix31uF+UaP0KDMWJ
Er2F9Q7ROK/ZMfnsj21X21cRzsHd9ND5qLlHdxAEQF2bYenYAe5dAjtlRt4jLrFN
qiJMY5vvpcx8mm5oFvnZceA8jGGoklYVCwpvLsr5zaMZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org