Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/p1zAKemcykiLWk16sNkQCy4PNMc.roa
File:                     p1zAKemcykiLWk16sNkQCy4PNMc.roa (raw, json)
Hash identifier:          CtRXWbq9F0Esh4dZvx8NbLijLRMB5CAwNonAUBpxG9I=
Subject key identifier:   A7:5C:C0:29:E9:9C:CA:48:8B:5A:4D:7A:B0:D9:10:0B:2E:0F:34:C7
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       01896E2C586750B3AB249F0D01BC07F0D1B6
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/p1zAKemcykiLWk16sNkQCy4PNMc.roa
Signing time:             Wed 19 Jul 2023 12:42:27 +0000
ROA not before:           Wed 19 Jul 2023 12:42:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.231.0/24 maxlen: 24
                          85.133.232.0/24 maxlen: 24
                          85.133.233.0/24 maxlen: 24
                          85.133.228.0/24 maxlen: 24
                          85.133.232.0/22 maxlen: 22
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.227.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.240.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.240.0/22 maxlen: 22
                          85.133.237.0/24 maxlen: 24
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.242.0/24 maxlen: 24
                          85.133.243.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.241.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.253.0/24 maxlen: 24
                          85.133.248.0/22 maxlen: 22
                          85.133.249.0/24 maxlen: 24
                          85.133.250.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          85.133.179.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.178.0/24 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.189.0/24 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.199.0/24 maxlen: 24
                          85.133.196.0/22 maxlen: 22
                          85.133.203.0/24 maxlen: 24
                          85.133.204.0/24 maxlen: 24
                          85.133.205.0/24 maxlen: 24
                          85.133.200.0/22 maxlen: 22
                          85.133.206.0/24 maxlen: 24
                          85.133.200.0/24 maxlen: 24
                          85.133.201.0/24 maxlen: 24
                          85.133.204.0/22 maxlen: 22
                          85.133.210.0/24 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.212.0/24 maxlen: 24
                          85.133.213.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.208.0/24 maxlen: 24
                          85.133.209.0/24 maxlen: 24
                          85.133.217.0/24 maxlen: 24
                          85.133.218.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.215.0/24 maxlen: 24
                          85.133.216.0/24 maxlen: 24
                          85.133.220.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.226.0/24 maxlen: 24
                          85.133.221.0/24 maxlen: 24
                          85.133.222.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.128.0/17 maxlen: 24
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.134.0/24 maxlen: 24
                          85.133.133.0/24 maxlen: 24
                          85.133.137.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.143.0/24 maxlen: 24
                          85.133.140.0/24 maxlen: 24
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.147.0/24 maxlen: 24
                          85.133.152.0/22 maxlen: 22
                          85.133.152.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.156.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.153.0/24 maxlen: 24
                          85.133.154.0/24 maxlen: 24
                          85.133.162.0/24 maxlen: 24
                          85.133.163.0/24 maxlen: 24
                          85.133.160.0/24 maxlen: 24
                          85.133.161.0/24 maxlen: 24
                          85.133.165.0/24 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          185.41.0.0/24 maxlen: 24
                          185.41.1.0/24 maxlen: 24
                          185.41.2.0/24 maxlen: 24
                          185.41.3.0/24 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 19 Jul 2023 13:43:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:6e:2c:58:67:50:b3:ab:24:9f:0d:01:bc:07:f0:d1:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Jul 19 12:42:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a75cc029e99cca488b5a4d7ab0d9100b2e0f34c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:4c:5b:52:1d:d2:c6:17:f2:e6:fe:3d:ad:e1:
                    5c:e0:c8:45:b2:15:3e:33:3f:a6:ab:28:f6:6a:02:
                    35:ff:e6:1b:61:84:f0:33:e2:74:dc:a7:b0:d2:8c:
                    0a:2a:37:32:91:4b:fe:43:d9:be:cf:db:9d:2e:44:
                    b1:8c:ca:87:72:c6:2d:de:a9:fb:52:dd:4b:e2:01:
                    84:fb:f2:d6:ee:23:24:c5:82:5f:69:0a:e6:96:1b:
                    77:17:79:1d:50:ca:96:5a:ee:11:4c:2a:62:96:37:
                    50:10:27:ad:ee:ca:12:e7:48:1f:a9:ac:fd:1f:08:
                    20:13:41:67:27:87:da:20:b9:e6:d0:da:b4:15:df:
                    8f:52:3b:4a:63:24:13:c5:c6:e7:8c:9c:33:ec:fa:
                    f9:4e:d3:b8:d0:9a:b7:21:47:8a:d9:b8:44:55:e1:
                    9b:cf:ea:5d:fa:18:3e:de:e2:f8:3a:2b:ef:b5:d4:
                    6a:08:c6:86:68:76:2b:d1:d6:aa:28:c2:a9:dc:41:
                    6d:3a:76:cc:64:9a:82:be:31:7e:b5:7d:7c:5c:71:
                    c1:54:b8:5b:1c:a6:d8:74:de:1d:7b:e4:e1:15:3a:
                    00:dd:5d:63:f3:e6:32:e5:3e:85:f3:ec:a2:c1:f9:
                    c9:ab:53:a8:6e:ee:54:ef:2f:b2:b3:a9:c8:3f:eb:
                    71:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:5C:C0:29:E9:9C:CA:48:8B:5A:4D:7A:B0:D9:10:0B:2E:0F:34:C7
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/p1zAKemcykiLWk16sNkQCy4PNMc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                  185.41.0.0/22
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         43:06:ee:a1:db:36:8a:b6:49:e2:8f:3d:3d:d6:2a:c3:70:35:
         e8:70:f3:84:e4:39:e4:f5:9a:40:41:83:4f:ca:c3:b8:99:81:
         a8:aa:a7:14:91:ee:1f:21:5f:40:5e:1e:14:2a:9a:f2:41:7d:
         3d:7f:90:de:35:35:35:99:cb:59:c2:39:37:2a:f9:97:4e:54:
         67:7f:93:ab:58:a0:b2:c9:d0:d1:70:81:ab:fb:30:d7:bc:06:
         e5:53:bd:86:ef:4b:53:57:ba:5e:ac:db:6f:7c:79:6b:a7:36:
         04:a9:af:90:55:5d:19:88:e1:8a:16:ce:6c:07:c3:a1:7d:d8:
         21:ff:e7:84:85:80:ac:b4:ab:1f:30:e9:ff:f7:88:67:79:00:
         35:5a:f1:f0:67:9a:97:94:64:49:68:17:ef:27:02:91:44:a0:
         47:c8:50:44:53:68:4e:89:b5:d5:f0:58:f8:b5:ed:16:61:d7:
         ff:04:55:18:52:55:b2:5b:69:e6:64:21:4a:8e:05:f2:14:3c:
         17:e6:e9:03:a7:40:6c:9d:49:5b:6f:d7:96:29:90:74:5b:d8:
         1e:77:6f:ce:8c:0b:2a:0e:a2:05:c0:e4:cc:0f:96:29:50:27:
         18:0a:0b:d9:86:45:4c:34:63:b4:ac:0c:bc:9e:8e:e6:a0:fe:
         95:57:27:53
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYluLFhnULOrJJ8NAbwH8NG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNzE5MTI0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzVjYzAyOWU5OWNjYTQ4OGI1YTRkN2FiMGQ5MTAwYjJlMGYzNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuExbUh3Sxhfy5v49reFc4MhFshU+
Mz+mqyj2agI1/+YbYYTwM+J03Kew0owKKjcykUv+Q9m+z9udLkSxjMqHcsYt3qn7
Ut1L4gGE+/LW7iMkxYJfaQrmlht3F3kdUMqWWu4RTCpiljdQECet7soS50gfqaz9
HwggE0FnJ4faILnm0Nq0Fd+PUjtKYyQTxcbnjJwz7Pr5TtO40Jq3IUeK2bhEVeGb
z+pd+hg+3uL4OivvtdRqCMaGaHYr0daqKMKp3EFtOnbMZJqCvjF+tX18XHHBVLhb
HKbYdN4de+ThFToA3V1j8+Yy5T6F8+yiwfnJq1Oobu5U7y+ys6nIP+txAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKdcwCnpnMpIi1pNerDZEAsuDzTHMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcDF6QUtlbWN5a2lMV2sxNnNOa1FDeTRQTk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBDBu6h2zaKtkni
jz091irDcDXocPOE5Dnk9ZpAQYNPysO4mYGoqqcUke4fIV9AXh4UKpryQX09f5De
NTU1mctZwjk3KvmXTlRnf5OrWKCyydDRcIGr+zDXvAblU72G70tTV7perNtvfHlr
pzYEqa+QVV0ZiOGKFs5sB8Ohfdgh/+eEhYCstKsfMOn/94hneQA1WvHwZ5qXlGRJ
aBfvJwKRRKBHyFBEU2hOibXV8Fj4te0WYdf/BFUYUlWyW2nmZCFKjgXyFDwX5ukD
p0BsnUlbb9eWKZB0W9ged2/OjAsqDqIFwOTMD5YpUCcYCgvZhkVMNGO0rAy8no7m
oP6VVydT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org