Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/qiLWhbyjC_4ci_Tet3S4RIhsOiQ.roa
File:                     qiLWhbyjC_4ci_Tet3S4RIhsOiQ.roa (raw, json)
Hash identifier:          z16qCurgCVlyQuFHRkaQp7UtK6vpM+tbHIT8ayLvwjY=
Subject key identifier:   AA:22:D6:85:BC:A3:0B:FE:1C:8B:F4:DE:B7:74:B8:44:88:6C:3A:24
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       0186073AABCA982857C22F8C7AA889ABEC5B
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/qiLWhbyjC_4ci_Tet3S4RIhsOiQ.roa
Signing time:             Tue 31 Jan 2023 09:48:50 +0000
ROA not before:           Tue 31 Jan 2023 09:48:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52209
IP address blocks:        85.133.227.0/24 maxlen: 24
                          85.133.228.0/24 maxlen: 24
                          85.133.233.0/24 maxlen: 24
                          85.133.237.0/24 maxlen: 24
                          85.133.238.0/24 maxlen: 24
                          85.133.234.0/24 maxlen: 24
                          85.133.241.0/24 maxlen: 24
                          85.133.242.0/24 maxlen: 24
                          85.133.250.0/24 maxlen: 24
                          85.133.253.0/24 maxlen: 24
                          85.133.179.0/24 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.178.0/24 maxlen: 24
                          85.133.194.0/24 maxlen: 24
                          85.133.199.0/24 maxlen: 24
                          85.133.205.0/24 maxlen: 24
                          85.133.208.0/24 maxlen: 24
                          85.133.217.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.221.0/24 maxlen: 24
                          85.133.132.0/24 maxlen: 24
                          85.133.135.0/24 maxlen: 24
                          85.133.137.0/24 maxlen: 24
                          85.133.143.0/24 maxlen: 24
                          85.133.151.0/24 maxlen: 24
                          85.133.153.0/24 maxlen: 24
                          85.133.156.0/24 maxlen: 24
                          85.133.165.0/24 maxlen: 24
                          85.133.166.0/24 maxlen: 24
                          85.133.160.0/24 maxlen: 24
                          85.133.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Feb 2023 15:10:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:07:3a:ab:ca:98:28:57:c2:2f:8c:7a:a8:89:ab:ec:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Jan 31 09:48:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aa22d685bca30bfe1c8bf4deb774b844886c3a24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:a1:f0:d1:bb:77:10:43:db:60:62:d6:2b:92:
                    dc:34:69:53:27:17:4d:c2:8c:2b:82:ae:0b:bc:3b:
                    eb:bd:b2:d7:2b:94:52:81:48:3c:0c:8e:96:91:9e:
                    18:34:51:73:20:11:f3:de:96:6d:fa:65:81:3e:b3:
                    03:d7:47:e4:27:50:54:e3:98:47:5d:3d:7d:b7:43:
                    11:f2:06:82:d4:77:23:66:97:35:c3:db:d4:1a:85:
                    c7:c0:ca:bd:b2:4c:23:ae:cd:6f:19:81:98:cb:55:
                    0a:43:d5:5b:5e:fa:4d:df:c5:26:98:d7:f7:b3:d6:
                    f9:4d:14:5a:24:75:99:57:df:44:d7:7d:4a:44:14:
                    95:48:37:69:a8:52:50:eb:97:6d:b7:c4:33:4e:66:
                    fc:fb:99:e2:ca:45:5f:be:2c:9d:71:4f:07:c4:c0:
                    b8:f1:90:ed:e5:6c:af:21:97:07:b4:68:a6:d1:e8:
                    9b:fb:20:55:7e:4a:10:ee:e6:89:22:19:a6:ca:cc:
                    9f:61:b5:a7:12:a2:1f:a4:5a:d5:66:3e:e3:7c:ca:
                    39:4d:82:fe:5e:b4:5f:41:ac:93:2f:de:66:6d:db:
                    c1:1d:68:c6:4c:dc:56:7c:b1:93:73:6f:b4:bd:98:
                    32:ae:b2:93:a6:9d:f4:81:33:2f:13:61:4f:95:0f:
                    c5:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:22:D6:85:BC:A3:0B:FE:1C:8B:F4:DE:B7:74:B8:44:88:6C:3A:24
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/qiLWhbyjC_4ci_Tet3S4RIhsOiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.132.0/24
                  85.133.135.0/24
                  85.133.137.0/24
                  85.133.143.0/24
                  85.133.151.0/24
                  85.133.153.0/24
                  85.133.156.0/24
                  85.133.160.0/23
                  85.133.165.0-85.133.166.255
                  85.133.174.0/24
                  85.133.178.0/23
                  85.133.194.0/24
                  85.133.199.0/24
                  85.133.205.0/24
                  85.133.208.0/24
                  85.133.217.0/24
                  85.133.219.0/24
                  85.133.221.0/24
                  85.133.227.0-85.133.228.255
                  85.133.233.0-85.133.234.255
                  85.133.237.0-85.133.238.255
                  85.133.241.0-85.133.242.255
                  85.133.250.0/24
                  85.133.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:ac:96:9b:dd:81:04:d2:c1:d9:9e:f0:92:4e:ce:3b:d6:b0:
         9d:53:9a:3e:ff:9d:30:f6:98:84:e4:bb:28:90:87:d6:60:f9:
         4f:6e:2c:cd:f5:86:33:d8:b1:8d:52:d5:b7:af:56:8f:84:b6:
         3f:5a:cf:3b:0a:28:ba:0e:ac:b2:95:01:76:6e:3f:04:a4:33:
         af:3f:b6:dd:02:76:41:b2:ea:45:56:e7:b7:66:b9:fa:30:8e:
         88:ed:90:93:af:2d:f3:81:0e:6b:a3:92:3a:52:b8:b4:5d:f5:
         9b:07:74:29:60:85:83:71:95:e8:b5:cb:56:2b:a9:6c:88:0f:
         9c:ae:71:ef:47:bf:50:5a:82:cf:e0:1a:6c:71:f2:7d:61:02:
         1b:a1:44:b3:73:3a:df:1d:cc:80:57:e6:cb:07:6d:38:e4:1f:
         ff:be:25:a2:b4:b7:7c:87:9b:46:7b:32:3c:69:6f:b7:66:3d:
         0c:21:da:99:fa:e8:be:d6:dc:00:f9:3b:cc:35:f8:a2:e4:88:
         90:4c:ac:bb:4b:97:07:5f:f0:27:cf:9a:2d:10:ca:d0:02:af:
         24:8c:38:ef:60:ac:c9:f9:ee:55:9d:89:fe:3d:82:59:2f:9d:
         02:e2:1b:cb:cc:75:eb:31:93:26:38:d8:26:78:27:c3:0f:dd:
         60:f7:74:ca
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAYYHOqvKmChXwi+MeqiJq+xbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwMTMxMDk0ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTIyZDY4NWJjYTMwYmZlMWM4YmY0ZGViNzc0Yjg0NDg4NmMzYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaHw0bt3EEPbYGLWK5LcNGlTJxdN
wowrgq4LvDvrvbLXK5RSgUg8DI6WkZ4YNFFzIBHz3pZt+mWBPrMD10fkJ1BU45hH
XT19t0MR8gaC1HcjZpc1w9vUGoXHwMq9skwjrs1vGYGYy1UKQ9VbXvpN38UmmNf3
s9b5TRRaJHWZV99E131KRBSVSDdpqFJQ65dtt8QzTmb8+5niykVfviydcU8HxMC4
8ZDt5WyvIZcHtGim0eib+yBVfkoQ7uaJIhmmysyfYbWnEqIfpFrVZj7jfMo5TYL+
XrRfQayTL95mbdvBHWjGTNxWfLGTc2+0vZgyrrKTpp30gTMvE2FPlQ/FfQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFKoi1oW8owv+HIv03rd0uESIbDokMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcWlMV2hieWpDXzRjaV9UZXQzUzRSSWhzT2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBABV
hYQDBABVhYcDBABVhYkDBABVhY8DBABVhZcDBABVhZkDBABVhZwDBAFVhaAwDAME
AFWFpQMEAFWFpgMEAFWFrgMEAVWFsgMEAFWFwgMEAFWFxwMEAFWFzQMEAFWF0AME
AFWF2QMEAFWF2wMEAFWF3TAMAwQAVYXjAwQAVYXkMAwDBABVhekDBABVheowDAME
AFWF7QMEAFWF7jAMAwQAVYXxAwQAVYXyAwQAVYX6AwQAVYX9MA0GCSqGSIb3DQEB
CwUAA4IBAQCOrJab3YEE0sHZnvCSTs471rCdU5o+/50w9piE5LsokIfWYPlPbizN
9YYz2LGNUtW3r1aPhLY/Ws87Cii6DqyylQF2bj8EpDOvP7bdAnZBsupFVue3Zrn6
MI6I7ZCTry3zgQ5ro5I6Uri0XfWbB3QpYIWDcZXotctWK6lsiA+crnHvR79QWoLP
4BpscfJ9YQIboUSzczrfHcyAV+bLB2045B//viWitLd8h5tGezI8aW+3Zj0MIdqZ
+ui+1twA+TvMNfii5IiQTKy7S5cHX/Anz5otEMrQAq8kjDjvYKzJ+e5VnYn+PYJZ
L50C4hvLzHXrMZMmONgmeCfDD91g93TK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org