Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/f93SwHIZeN5MwFfu9lsXI1-UdHw.roa
File:                     f93SwHIZeN5MwFfu9lsXI1-UdHw.roa (raw, json)
Hash identifier:          H8HjuXV+/1KcwplycV8xKr5O1PelfGdng12rA3CGzUI=
Subject key identifier:   7F:DD:D2:C0:72:19:78:DE:4C:C0:57:EE:F6:5B:17:23:5F:94:74:7C
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018DA315598FD9DF3AA9948CFF8AB0E00482
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/f93SwHIZeN5MwFfu9lsXI1-UdHw.roa
Signing time:             Tue 13 Feb 2024 15:28:21 +0000
ROA not before:           Tue 13 Feb 2024 15:28:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.128.0/17 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.133.0/24 maxlen: 24
                          85.133.134.0/24 maxlen: 24
                          85.133.135.0/24 maxlen: 24
                          85.133.136.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.140.0/24 maxlen: 24
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.147.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.152.0/22 maxlen: 22
                          85.133.152.0/24 maxlen: 24
                          85.133.154.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.164.0/24 maxlen: 24
                          85.133.165.0/24 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.189.0/24 maxlen: 24
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.206.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.209.0/24 maxlen: 24
                          85.133.210.0/23 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.212.0/24 maxlen: 24
                          85.133.213.0/24 maxlen: 24
                          85.133.218.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.220.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.224.0/24 maxlen: 24
                          85.133.225.0/24 maxlen: 24
                          85.133.226.0/24 maxlen: 24
                          85.133.227.0/24 maxlen: 24
                          85.133.228.0/24 maxlen: 24
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.231.0/24 maxlen: 24
                          85.133.232.0/22 maxlen: 22
                          85.133.232.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.240.0/22 maxlen: 22
                          85.133.240.0/24 maxlen: 24
                          85.133.243.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.248.0/23 maxlen: 24
                          85.133.249.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          185.41.0.0/24 maxlen: 24
                          185.41.1.0/24 maxlen: 24
                          185.41.2.0/24 maxlen: 24
                          185.41.3.0/24 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 14 Feb 2024 11:41:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:a3:15:59:8f:d9:df:3a:a9:94:8c:ff:8a:b0:e0:04:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Feb 13 15:28:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7fddd2c0721978de4cc057eef65b17235f94747c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:41:29:98:14:08:78:e2:25:84:9d:e6:32:ec:
                    5b:09:b6:95:21:6a:06:73:fd:55:b1:29:3b:34:a9:
                    a9:46:38:64:0a:bb:c3:2d:7c:61:bc:15:2c:6b:58:
                    99:8f:c1:12:ec:c0:4a:04:ca:1d:42:79:e7:74:2e:
                    72:16:82:78:59:f3:60:90:a5:ea:39:fb:c0:61:ab:
                    70:e0:47:f6:fc:1e:07:78:63:07:5a:20:3e:8d:54:
                    fc:34:cd:8f:27:bf:20:97:25:12:3e:fd:41:6e:e1:
                    b9:89:a0:43:36:3c:8c:3d:e1:0c:4b:6d:e6:65:ec:
                    89:fa:8f:1b:e7:98:d6:bd:e7:71:a6:7c:13:6f:cc:
                    34:cd:e3:c6:e4:63:bd:26:e5:ef:eb:ec:fa:2f:39:
                    b9:a2:c5:22:29:7a:6d:6f:9b:61:25:f9:fc:52:4d:
                    ea:11:81:59:66:fb:a8:4e:17:dd:8c:10:0f:73:5b:
                    f0:99:af:4b:da:e4:67:1e:5a:33:a8:19:3f:53:84:
                    f9:09:fe:93:df:bb:76:ef:6c:21:fc:0c:68:89:ee:
                    3c:63:55:94:dc:ba:cb:0b:a3:e1:ff:32:35:d3:bb:
                    24:0f:e3:e6:54:b1:15:10:de:c3:be:87:b9:00:71:
                    83:51:90:4e:9c:9d:71:78:ea:9f:24:38:1a:7c:7c:
                    76:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:DD:D2:C0:72:19:78:DE:4C:C0:57:EE:F6:5B:17:23:5F:94:74:7C
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/f93SwHIZeN5MwFfu9lsXI1-UdHw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                  185.41.0.0/22
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         55:e4:7c:e9:ff:20:13:7b:bc:46:2d:55:30:fe:f4:02:b3:58:
         47:d5:a0:e7:9f:ef:20:06:3a:c7:e8:2b:4e:f1:f1:b5:b9:5b:
         64:c9:ca:47:44:00:fb:7a:02:30:a5:dd:7d:98:6c:08:c4:02:
         46:cc:c9:cd:98:7c:77:0b:e4:8d:a1:f6:12:ef:f5:98:e7:c4:
         90:a3:a9:75:7c:59:8a:cd:d2:ef:13:e3:85:1e:37:ab:e8:b2:
         c8:a2:b3:9c:7a:f1:14:85:81:d6:4a:27:87:bb:c6:ed:ff:13:
         be:93:01:ad:95:30:33:b3:05:68:e7:e3:41:cc:0e:fc:e6:db:
         eb:4b:c6:0d:a9:c1:66:d0:18:68:e1:83:16:85:50:58:b1:64:
         74:dc:c5:e9:39:16:06:c4:21:30:ca:b3:6f:7e:6c:95:bc:ee:
         40:ae:23:f1:7d:43:4e:86:bf:c6:6a:bb:7c:1c:b5:84:7c:a1:
         a1:e6:16:62:76:fe:2e:61:db:a8:b2:b3:b8:9d:b8:f0:38:90:
         96:2e:7f:de:8b:9d:84:4c:29:c0:a9:bf:bc:98:1f:0c:a8:05:
         7d:b1:cb:52:f3:07:2a:51:45:5c:05:e6:56:3c:91:a7:4b:6f:
         4d:a5:3d:25:0a:64:d3:02:45:e7:6f:3b:e1:bd:5b:ef:ce:98:
         5f:ae:66:1d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2jFVmP2d86qZSM/4qw4ASCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjEzMTUyODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmRkZDJjMDcyMTk3OGRlNGNjMDU3ZWVmNjViMTcyMzVmOTQ3NDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkEpmBQIeOIlhJ3mMuxbCbaVIWoG
c/1VsSk7NKmpRjhkCrvDLXxhvBUsa1iZj8ES7MBKBModQnnndC5yFoJ4WfNgkKXq
OfvAYatw4Ef2/B4HeGMHWiA+jVT8NM2PJ78glyUSPv1BbuG5iaBDNjyMPeEMS23m
ZeyJ+o8b55jWvedxpnwTb8w0zePG5GO9JuXv6+z6Lzm5osUiKXptb5thJfn8Uk3q
EYFZZvuoThfdjBAPc1vwma9L2uRnHlozqBk/U4T5Cf6T37t272wh/Axoie48Y1WU
3LrLC6Ph/zI107skD+PmVLEVEN7Dvoe5AHGDUZBOnJ1xeOqfJDgafHx27QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH/d0sByGXjeTMBX7vZbFyNflHR8MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZjkzU3dISVplTjVNd0ZmdTlsc1hJMS1VZEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBV5Hzp/yATe7xG
LVUw/vQCs1hH1aDnn+8gBjrH6CtO8fG1uVtkycpHRAD7egIwpd19mGwIxAJGzMnN
mHx3C+SNofYS7/WY58SQo6l1fFmKzdLvE+OFHjer6LLIorOcevEUhYHWSieHu8bt
/xO+kwGtlTAzswVo5+NBzA785tvrS8YNqcFm0Bho4YMWhVBYsWR03MXpORYGxCEw
yrNvfmyVvO5AriPxfUNOhr/Gart8HLWEfKGh5hZidv4uYduosrO4nbjwOJCWLn/e
i52ETCnAqb+8mB8MqAV9sctS8wcqUUVcBeZWPJGnS29NpT0lCmTTAkXnbzvhvVvv
zphfrmYd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org