Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/cWGh5lkl3tSCj1OQ9Eii4YI6LvU.roa
File:                     cWGh5lkl3tSCj1OQ9Eii4YI6LvU.roa (raw, json)
Hash identifier:          6hIDxkiIMS8BoBTao/8PpbyXDYlozwYELKCCnGXt/Ew=
Subject key identifier:   71:61:A1:E6:59:25:DE:D4:82:8F:53:90:F4:48:A2:E1:82:3A:2E:F5
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018760C17F7E4E3DA074C85C675540FA79C9
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/cWGh5lkl3tSCj1OQ9Eii4YI6LvU.roa
Signing time:             Sat 08 Apr 2023 12:05:06 +0000
ROA not before:           Sat 08 Apr 2023 12:05:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52209
IP address blocks:        85.133.227.0/24 maxlen: 24
                          85.133.228.0/24 maxlen: 24
                          85.133.233.0/24 maxlen: 24
                          85.133.237.0/24 maxlen: 24
                          85.133.238.0/24 maxlen: 24
                          85.133.234.0/24 maxlen: 24
                          85.133.241.0/24 maxlen: 24
                          85.133.242.0/24 maxlen: 24
                          85.133.250.0/24 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.194.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.143.0/24 maxlen: 24
                          85.133.166.0/24 maxlen: 24
                          85.133.160.0/24 maxlen: 24
                          85.133.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 13 Apr 2023 07:42:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:60:c1:7f:7e:4e:3d:a0:74:c8:5c:67:55:40:fa:79:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Apr  8 12:05:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7161a1e65925ded4828f5390f448a2e1823a2ef5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:03:6a:c0:c2:b0:9c:d0:5d:91:06:d1:ea:2c:
                    59:63:08:2c:3d:99:cc:75:f5:21:66:ff:58:e6:9d:
                    86:c2:c4:72:f0:05:d2:6b:19:85:ff:f9:7b:af:e4:
                    0b:72:25:4b:c7:29:ca:40:18:39:2e:3e:ee:0a:30:
                    5e:be:3e:57:d7:33:37:f8:3d:6a:f1:64:bc:76:eb:
                    16:82:66:ef:80:e9:dc:6a:28:cb:60:e9:c0:6d:bf:
                    6c:71:f8:92:4e:e3:d2:02:6f:08:6a:12:16:93:e6:
                    15:0e:dc:f1:68:d8:fb:ca:e8:cc:0b:89:cd:c6:79:
                    03:8d:07:1e:13:5c:6f:63:88:f4:19:23:69:2e:5a:
                    16:95:54:20:ef:82:8c:06:9a:7b:e5:d0:cb:80:c3:
                    46:df:01:cc:ed:1b:0a:c0:b6:0b:7b:9f:a8:81:1b:
                    17:ee:40:d8:84:dd:06:7e:92:fe:2d:48:82:cc:62:
                    dc:f6:3a:dc:66:cd:84:97:fb:db:bf:d4:89:90:fd:
                    6f:1e:7a:e5:2a:72:ac:ed:a9:c2:dd:29:97:cb:6f:
                    9c:ae:b5:b5:bb:16:50:91:14:a5:ad:2c:7f:4f:74:
                    c2:a3:67:40:0f:b7:66:2e:5e:4b:5b:f6:bf:4b:fa:
                    a4:37:82:55:29:69:f2:a2:ee:81:9e:73:02:6f:5c:
                    8b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:61:A1:E6:59:25:DE:D4:82:8F:53:90:F4:48:A2:E1:82:3A:2E:F5
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/cWGh5lkl3tSCj1OQ9Eii4YI6LvU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.143.0/24
                  85.133.160.0/23
                  85.133.166.0/24
                  85.133.174.0/24
                  85.133.194.0/24
                  85.133.219.0/24
                  85.133.227.0-85.133.228.255
                  85.133.233.0-85.133.234.255
                  85.133.237.0-85.133.238.255
                  85.133.241.0-85.133.242.255
                  85.133.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:13:44:96:e0:4c:5e:f1:1b:3c:bb:00:7b:70:b3:9d:d6:1b:
         83:b7:fe:90:ae:c6:4e:77:12:6a:c4:15:9e:46:fa:3a:9d:5c:
         44:d4:5a:e4:eb:54:78:5b:be:33:e8:35:b1:2d:7b:c4:a4:ed:
         26:03:e4:8a:1e:d5:2c:5d:19:9b:6d:90:18:96:59:c6:d3:2e:
         88:0d:10:8a:49:99:e0:4b:ba:95:e1:8b:4a:b0:dd:e1:d6:8e:
         40:ee:9b:13:db:ab:de:b9:1a:36:df:00:bb:67:1a:f3:a9:10:
         be:d1:cb:d8:8c:52:f7:f7:f9:24:b1:cc:0b:06:54:a0:22:c6:
         ab:28:31:bf:2c:cb:e4:30:8d:97:fa:dd:e5:cd:22:69:84:38:
         65:d5:3b:88:22:11:43:65:2b:9e:0a:91:a3:f9:22:07:99:ea:
         0d:7b:63:16:c0:20:85:88:96:c0:6f:7f:37:41:f8:5e:69:61:
         d6:18:27:93:45:c7:fd:d8:df:d7:27:e4:b1:31:bf:a8:bd:48:
         aa:61:eb:30:a2:8d:ec:bd:6c:ee:ca:ea:37:58:e4:f2:b5:eb:
         10:1e:63:36:0e:bb:b1:ec:60:5c:0f:7e:d4:94:54:c9:cc:8f:
         7a:42:62:af:10:d0:41:a0:03:76:a2:9c:55:14:e9:d5:df:1e:
         36:23:f6:ec
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYdgwX9+Tj2gdMhcZ1VA+nnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDA4MTIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTYxYTFlNjU5MjVkZWQ0ODI4ZjUzOTBmNDQ4YTJlMTgyM2EyZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwNqwMKwnNBdkQbR6ixZYwgsPZnM
dfUhZv9Y5p2GwsRy8AXSaxmF//l7r+QLciVLxynKQBg5Lj7uCjBevj5X1zM3+D1q
8WS8dusWgmbvgOncaijLYOnAbb9scfiSTuPSAm8IahIWk+YVDtzxaNj7yujMC4nN
xnkDjQceE1xvY4j0GSNpLloWlVQg74KMBpp75dDLgMNG3wHM7RsKwLYLe5+ogRsX
7kDYhN0GfpL+LUiCzGLc9jrcZs2El/vbv9SJkP1vHnrlKnKs7anC3SmXy2+crrW1
uxZQkRSlrSx/T3TCo2dAD7dmLl5LW/a/S/qkN4JVKWnyou6BnnMCb1yLIwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFHFhoeZZJd7Ugo9TkPRIouGCOi71MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvY1dHaDVsa2wzdFNDajFPUTlFaWk0WUk2THZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAVYWPAwQB
VYWgAwQAVYWmAwQAVYWuAwQAVYXCAwQAVYXbMAwDBABVheMDBABVheQwDAMEAFWF
6QMEAFWF6jAMAwQAVYXtAwQAVYXuMAwDBABVhfEDBABVhfIDBABVhfowDQYJKoZI
hvcNAQELBQADggEBAJATRJbgTF7xGzy7AHtws53WG4O3/pCuxk53EmrEFZ5G+jqd
XETUWuTrVHhbvjPoNbEte8Sk7SYD5Ioe1SxdGZttkBiWWcbTLogNEIpJmeBLupXh
i0qw3eHWjkDumxPbq965GjbfALtnGvOpEL7Ry9iMUvf3+SSxzAsGVKAixqsoMb8s
y+QwjZf63eXNImmEOGXVO4giEUNlK54KkaP5IgeZ6g17YxbAIIWIlsBvfzdB+F5p
YdYYJ5NFx/3Y39cn5LExv6i9SKph6zCijey9bO7K6jdY5PK16xAeYzYOu7HsYFwP
ftSUVMnMj3pCYq8Q0EGgA3ainFUU6dXfHjYj9uw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org