Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/h-4khUle82K8h2_nrOYLa0jVB88.roa
File:                     h-4khUle82K8h2_nrOYLa0jVB88.roa (raw, json)
Hash identifier:          Gh4UUzc2GKMoxY8HPjyv8iquGU52tbkYp9LT2lV1rj0=
Subject key identifier:   87:EE:24:85:49:5E:F3:62:BC:87:6F:E7:AC:E6:0B:6B:48:D5:07:CF
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       01879DE239A1BF53AAE71D4FD0DF40A0364C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/h-4khUle82K8h2_nrOYLa0jVB88.roa
Signing time:             Thu 20 Apr 2023 08:57:41 +0000
ROA not before:           Thu 20 Apr 2023 08:57:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.231.0/24 maxlen: 24
                          85.133.232.0/24 maxlen: 24
                          85.133.228.0/22 maxlen: 22
                          85.133.228.0/24 maxlen: 24
                          85.133.232.0/22 maxlen: 22
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.227.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.236.0/22 maxlen: 22
                          85.133.240.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.240.0/22 maxlen: 22
                          85.133.237.0/24 maxlen: 24
                          85.133.234.0/24 maxlen: 24
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.242.0/24 maxlen: 24
                          85.133.243.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.248.0/22 maxlen: 22
                          85.133.249.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.189.0/24 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.196.0/22 maxlen: 22
                          85.133.203.0/24 maxlen: 24
                          85.133.204.0/24 maxlen: 24
                          85.133.200.0/22 maxlen: 22
                          85.133.206.0/24 maxlen: 24
                          85.133.200.0/24 maxlen: 24
                          85.133.201.0/24 maxlen: 24
                          85.133.204.0/22 maxlen: 22
                          85.133.210.0/24 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.212.0/24 maxlen: 24
                          85.133.213.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.209.0/24 maxlen: 24
                          85.133.220.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.226.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.132.0/22 maxlen: 22
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.128.0/17 maxlen: 24
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.134.0/24 maxlen: 24
                          85.133.136.0/22 maxlen: 22
                          85.133.133.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.143.0/24 maxlen: 24
                          85.133.140.0/24 maxlen: 24
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.146.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.147.0/24 maxlen: 24
                          85.133.152.0/22 maxlen: 22
                          85.133.152.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.156.0/22 maxlen: 22
                          85.133.154.0/24 maxlen: 24
                          85.133.160.0/22 maxlen: 22
                          85.133.162.0/24 maxlen: 24
                          85.133.163.0/24 maxlen: 24
                          85.133.164.0/22 maxlen: 24
                          85.133.160.0/24 maxlen: 24
                          85.133.161.0/24 maxlen: 24
                          85.133.166.0/24 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 24 Apr 2023 11:56:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9d:e2:39:a1:bf:53:aa:e7:1d:4f:d0:df:40:a0:36:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Apr 20 08:57:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=87ee2485495ef362bc876fe7ace60b6b48d507cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:f3:54:15:5b:ff:18:3d:83:14:55:58:7e:3b:
                    c7:1e:a1:6c:aa:19:cb:70:f0:4e:43:41:db:3a:c9:
                    29:c7:48:ed:ef:91:7a:71:9d:c2:e5:fe:28:82:46:
                    64:76:f9:e2:41:5c:0a:4d:4c:7c:16:74:f5:0b:88:
                    29:7c:6c:0d:71:85:0e:28:fc:4f:ff:20:82:d4:11:
                    bc:2a:43:b4:f3:83:28:63:09:56:9e:43:6a:ab:6a:
                    c4:b7:e7:d4:49:e9:72:3b:0b:a1:fd:4b:76:43:67:
                    40:be:26:80:63:3c:9a:c0:9a:60:86:37:4a:98:2e:
                    61:d4:62:49:e9:33:94:cd:3a:13:75:30:0f:ee:36:
                    c7:e0:ab:1c:f0:97:91:81:17:42:0d:26:cd:b3:d4:
                    07:b9:94:ab:e6:f9:f9:e5:27:dc:ca:49:77:d6:db:
                    26:30:fc:96:d8:77:9c:17:b1:cd:98:c8:51:ed:f7:
                    ec:ea:2b:ec:7e:b5:57:b9:5a:48:91:c0:0a:21:9d:
                    e6:eb:43:98:3d:c3:7f:b2:a6:0f:b2:24:f5:1f:3a:
                    73:a3:1b:ad:84:22:de:83:c7:24:62:3d:3a:a2:22:
                    c7:5a:68:b1:17:8f:d1:00:23:65:3a:b7:9c:9c:2f:
                    72:a8:25:44:47:dc:05:85:06:64:4d:fd:02:15:d7:
                    7c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:EE:24:85:49:5E:F3:62:BC:87:6F:E7:AC:E6:0B:6B:48:D5:07:CF
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/h-4khUle82K8h2_nrOYLa0jVB88.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         87:1f:07:d6:c0:b1:39:a0:23:c9:59:0a:3a:5a:6d:85:b5:d8:
         75:4d:b3:ea:f1:73:bf:b8:26:94:79:c3:ee:89:1a:35:85:12:
         44:af:c2:ed:27:19:01:8f:ad:0d:e5:ab:95:37:e8:ed:3c:c0:
         da:f7:92:61:5d:7a:4b:86:d4:e7:f0:48:73:2c:b7:42:47:4d:
         5c:55:c2:de:bb:d1:2e:14:d0:a0:42:8b:9b:c3:18:57:1d:d1:
         64:51:16:fb:58:00:34:dc:7b:21:c4:c3:96:b6:e1:3f:7a:04:
         80:18:18:2f:b5:8a:3d:2f:8b:25:72:8a:08:f6:9b:40:c9:74:
         e0:3a:cb:0c:d8:10:5f:95:bf:15:40:a6:38:03:45:f8:d7:da:
         6e:92:cd:74:a9:3a:df:25:d0:49:16:ba:f2:6d:bf:6f:b5:b9:
         38:42:c6:87:b8:13:0c:00:b7:61:95:48:84:ba:1b:c6:97:db:
         e5:10:60:c3:b8:e0:76:2f:f9:97:2e:77:00:40:47:a8:2b:e5:
         a9:31:4c:42:b4:68:25:a3:1d:b4:a0:bc:59:0a:b8:c7:c4:3d:
         34:01:89:7e:a6:82:15:32:7d:6d:66:a7:0d:bf:94:e8:bb:ae:
         21:16:c7:e7:29:a4:cf:ab:b9:7d:c2:71:ca:f0:51:6c:25:95:
         bc:40:70:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYed4jmhv1Oq5x1P0N9AoDZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDIwMDg1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2VlMjQ4NTQ5NWVmMzYyYmM4NzZmZTdhY2U2MGI2YjQ4ZDUwN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/NUFVv/GD2DFFVYfjvHHqFsqhnL
cPBOQ0HbOskpx0jt75F6cZ3C5f4ogkZkdvniQVwKTUx8FnT1C4gpfGwNcYUOKPxP
/yCC1BG8KkO084MoYwlWnkNqq2rEt+fUSelyOwuh/Ut2Q2dAviaAYzyawJpghjdK
mC5h1GJJ6TOUzToTdTAP7jbH4Ksc8JeRgRdCDSbNs9QHuZSr5vn55Sfcykl31tsm
MPyW2HecF7HNmMhR7ffs6ivsfrVXuVpIkcAKIZ3m60OYPcN/sqYPsiT1Hzpzoxut
hCLeg8ckYj06oiLHWmixF4/RACNlOrecnC9yqCVER9wFhQZkTf0CFdd8GwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIfuJIVJXvNivIdv56zmC2tI1QfPMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvaC00a2hVbGU4Mks4aDJfbnJPWUxhMGpWQjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCHHwfWwLE5oCPJWQo6Wm2F
tdh1TbPq8XO/uCaUecPuiRo1hRJEr8LtJxkBj60N5auVN+jtPMDa95JhXXpLhtTn
8EhzLLdCR01cVcLeu9EuFNCgQoubwxhXHdFkURb7WAA03HshxMOWtuE/egSAGBgv
tYo9L4slcooI9ptAyXTgOssM2BBflb8VQKY4A0X419puks10qTrfJdBJFrrybb9v
tbk4QsaHuBMMALdhlUiEuhvGl9vlEGDDuOB2L/mXLncAQEeoK+WpMUxCtGglox20
oLxZCrjHxD00AYl+poIVMn1tZqcNv5Tou64hFsfnKaTPq7l9wnHK8FFsJZW8QHD8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org