Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/p_FJx6LTaFUWaceLuyBgl5Wu7Ks.roa
File:                     p_FJx6LTaFUWaceLuyBgl5Wu7Ks.roa (raw, json)
Hash identifier:          w+TCZgdPkqpqw588rU9eUMMe296kVDJt3LyTIy8aOj8=
Subject key identifier:   A7:F1:49:C7:A2:D3:68:55:16:69:C7:8B:BB:20:60:97:95:AE:EC:AB
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018D9DB9E37DEFE947685812AB4F720663B5
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/p_FJx6LTaFUWaceLuyBgl5Wu7Ks.roa
Signing time:             Mon 12 Feb 2024 14:30:21 +0000
ROA not before:           Mon 12 Feb 2024 14:30:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.128.0/17 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.133.0/24 maxlen: 24
                          85.133.134.0/24 maxlen: 24
                          85.133.135.0/24 maxlen: 24
                          85.133.136.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.140.0/24 maxlen: 24
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.147.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.152.0/22 maxlen: 22
                          85.133.152.0/24 maxlen: 24
                          85.133.153.0/24 maxlen: 24
                          85.133.154.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.156.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.164.0/24 maxlen: 24
                          85.133.165.0/24 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.189.0/24 maxlen: 24
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.200.0/24 maxlen: 24
                          85.133.201.0/24 maxlen: 24
                          85.133.202.0/24 maxlen: 24
                          85.133.203.0/24 maxlen: 24
                          85.133.204.0/24 maxlen: 24
                          85.133.205.0/24 maxlen: 24
                          85.133.206.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.209.0/24 maxlen: 24
                          85.133.210.0/23 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.212.0/24 maxlen: 24
                          85.133.213.0/24 maxlen: 24
                          85.133.217.0/24 maxlen: 24
                          85.133.218.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.220.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.224.0/24 maxlen: 24
                          85.133.225.0/24 maxlen: 24
                          85.133.226.0/24 maxlen: 24
                          85.133.227.0/24 maxlen: 24
                          85.133.228.0/24 maxlen: 24
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.231.0/24 maxlen: 24
                          85.133.232.0/22 maxlen: 22
                          85.133.232.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.240.0/22 maxlen: 22
                          85.133.240.0/24 maxlen: 24
                          85.133.243.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.248.0/23 maxlen: 24
                          85.133.249.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          185.41.0.0/24 maxlen: 24
                          185.41.1.0/24 maxlen: 24
                          185.41.2.0/24 maxlen: 24
                          185.41.3.0/24 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 13 Feb 2024 07:33:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:9d:b9:e3:7d:ef:e9:47:68:58:12:ab:4f:72:06:63:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Feb 12 14:30:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a7f149c7a2d368551669c78bbb20609795aeecab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:9d:65:be:33:dc:15:0d:55:da:0a:83:22:9e:
                    3c:d8:02:26:ec:82:a9:cb:07:4c:21:c4:bd:34:2d:
                    2d:9b:9b:13:6d:04:40:e4:35:8c:45:c7:4e:0c:2c:
                    97:9e:06:29:80:fc:63:68:29:6e:65:9e:39:65:63:
                    67:55:8a:a4:6a:bd:6b:c2:b8:23:99:ab:d1:db:aa:
                    d0:88:53:15:9a:e8:d0:a7:68:8b:78:d2:b0:36:b3:
                    4b:81:00:98:11:1a:55:b7:99:2e:dd:51:b4:31:5d:
                    ec:9c:ac:45:21:80:cf:df:bb:01:75:66:02:8e:d0:
                    1c:67:5f:67:4c:52:52:4e:69:41:45:6a:46:2d:70:
                    d8:8b:91:d4:b2:a4:d2:70:ec:d3:13:30:81:51:c5:
                    24:37:60:db:f1:fb:cf:af:b6:55:89:16:1b:04:1f:
                    fe:8b:ff:70:c1:52:6d:9e:5a:dd:b7:ac:c9:ba:df:
                    be:38:33:95:70:e9:f6:6b:43:c0:7e:bf:e2:9d:2e:
                    4f:cc:10:00:28:39:12:48:6e:60:9f:65:d9:e1:45:
                    b1:8d:27:47:54:00:95:4d:f2:f1:c7:8c:a3:d8:88:
                    01:6b:e3:bf:cb:fe:23:71:aa:69:f9:d3:15:6c:02:
                    5b:42:93:8b:4e:db:9e:41:15:6f:c1:6b:fb:6e:b8:
                    57:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:F1:49:C7:A2:D3:68:55:16:69:C7:8B:BB:20:60:97:95:AE:EC:AB
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/p_FJx6LTaFUWaceLuyBgl5Wu7Ks.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                  185.41.0.0/22
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         59:65:c8:5b:5c:66:e4:a1:da:df:15:1d:e0:46:5d:b5:93:d2:
         68:75:f0:01:cf:79:0c:e9:99:9a:7b:1b:09:5d:21:1f:f3:c9:
         5b:4d:fc:30:40:43:37:a3:4d:46:76:87:c2:8b:a6:2e:33:3a:
         2d:32:d9:bd:96:d6:c2:43:c1:d4:5b:df:40:79:fe:31:f4:61:
         af:59:2b:35:72:02:eb:4f:5c:0a:f8:2d:ca:8e:f9:60:a5:6d:
         35:33:9a:bb:8b:ab:08:52:18:b0:14:08:5e:7b:31:41:dc:f5:
         37:fa:cc:d8:88:f4:e4:f2:d6:d9:e0:a8:39:d1:82:f5:49:79:
         3e:6d:67:a4:f4:f2:37:02:8a:48:93:74:a8:87:dd:54:3c:e2:
         85:97:8d:57:da:25:3f:e2:7d:5b:47:e8:62:8a:6e:48:a7:e5:
         59:54:1f:34:75:2a:29:1c:fa:9c:b4:ab:46:d6:d4:db:96:c4:
         20:8c:34:87:b7:c0:81:fc:d9:0b:9a:d0:19:5b:0b:d6:cd:e1:
         7a:81:a7:4f:f3:a6:a1:b1:79:da:e3:21:bf:48:82:8d:a2:f1:
         32:b8:76:d7:03:7f:c2:b9:ba:9f:e0:f6:d8:d5:75:7b:07:95:
         9a:c9:7d:44:f7:0d:d3:30:c3:14:d7:e0:62:28:8f:d1:8f:7f:
         eb:20:12:ee
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2dueN97+lHaFgSq09yBmO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjEyMTQzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2YxNDljN2EyZDM2ODU1MTY2OWM3OGJiYjIwNjA5Nzk1YWVlY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZ1lvjPcFQ1V2gqDIp482AIm7IKp
ywdMIcS9NC0tm5sTbQRA5DWMRcdODCyXngYpgPxjaCluZZ45ZWNnVYqkar1rwrgj
mavR26rQiFMVmujQp2iLeNKwNrNLgQCYERpVt5ku3VG0MV3snKxFIYDP37sBdWYC
jtAcZ19nTFJSTmlBRWpGLXDYi5HUsqTScOzTEzCBUcUkN2Db8fvPr7ZViRYbBB/+
i/9wwVJtnlrdt6zJut++ODOVcOn2a0PAfr/inS5PzBAAKDkSSG5gn2XZ4UWxjSdH
VACVTfLxx4yj2IgBa+O/y/4jcapp+dMVbAJbQpOLTtueQRVvwWv7brhXGQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKfxScei02hVFmnHi7sgYJeVruyrMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcF9GSng2TFRhRlVXYWNlTHV5QmdsNVd1N0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBZZchbXGbkodrf
FR3gRl21k9JodfABz3kM6ZmaexsJXSEf88lbTfwwQEM3o01GdofCi6YuMzotMtm9
ltbCQ8HUW99Aef4x9GGvWSs1cgLrT1wK+C3KjvlgpW01M5q7i6sIUhiwFAheezFB
3PU3+szYiPTk8tbZ4Kg50YL1SXk+bWek9PI3AopIk3Soh91UPOKFl41X2iU/4n1b
R+hiim5Ip+VZVB80dSopHPqctKtG1tTblsQgjDSHt8CB/NkLmtAZWwvWzeF6gadP
86ahsXna4yG/SIKNovEyuHbXA3/Cubqf4PbY1XV7B5WayX1E9w3TMMMU1+BiKI/R
j3/rIBLu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org