Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/qucP4XjsGyBHHymO08CLLw-6rYY.roa
File:                     qucP4XjsGyBHHymO08CLLw-6rYY.roa (raw, json)
Hash identifier:          N9cJ71V3ZU1v/QdDfw6G58TKT0+CPxJanNLHthlYFWs=
Subject key identifier:   AA:E7:0F:E1:78:EC:1B:20:47:1F:29:8E:D3:C0:8B:2F:0F:BA:AD:86
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018748A65B0A0EA94FC7F6F96206A1065987
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/qucP4XjsGyBHHymO08CLLw-6rYY.roa
Signing time:             Mon 03 Apr 2023 19:44:34 +0000
ROA not before:           Mon 03 Apr 2023 19:44:34 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52209
IP address blocks:        85.133.227.0/24 maxlen: 24
                          85.133.228.0/24 maxlen: 24
                          85.133.233.0/24 maxlen: 24
                          85.133.237.0/24 maxlen: 24
                          85.133.238.0/24 maxlen: 24
                          85.133.234.0/24 maxlen: 24
                          85.133.241.0/24 maxlen: 24
                          85.133.242.0/24 maxlen: 24
                          85.133.250.0/24 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.194.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.143.0/24 maxlen: 24
                          85.133.166.0/24 maxlen: 24
                          85.133.160.0/24 maxlen: 24
                          85.133.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Apr 2023 14:20:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:48:a6:5b:0a:0e:a9:4f:c7:f6:f9:62:06:a1:06:59:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Apr  3 19:44:34 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aae70fe178ec1b20471f298ed3c08b2f0fbaad86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:98:e3:86:3c:49:0c:02:14:5d:76:f4:ea:3c:
                    7e:b3:d2:44:26:9d:c8:04:bd:a2:d5:4c:ab:d2:27:
                    ec:3f:c5:b7:85:48:30:c2:ff:e8:db:21:40:f6:3f:
                    e8:b0:f4:54:6a:15:6f:71:53:31:5a:87:84:dd:63:
                    66:08:a1:b8:93:6a:1c:40:31:54:9b:9d:ae:d3:f1:
                    f5:a3:b0:c4:dd:b0:a9:96:26:e8:63:5b:01:b9:6c:
                    5e:4e:0b:db:89:a5:43:23:a4:55:7e:da:a5:92:6c:
                    0e:76:8f:21:5c:f3:7a:24:f5:66:8e:64:3d:84:0a:
                    66:40:5e:e4:2a:82:05:67:c5:a0:86:42:17:18:52:
                    f0:97:fe:8c:98:6b:af:25:ed:8a:b8:34:1c:d4:f6:
                    29:c3:fa:f9:15:2d:08:78:71:a8:3c:d9:25:96:40:
                    37:1e:fa:8a:1b:01:61:f7:2b:a8:21:1b:f0:51:b4:
                    9b:68:e4:a8:56:e4:4f:0b:b2:01:47:2c:0c:d9:1f:
                    b7:bc:d1:74:20:63:8a:77:74:cd:75:bb:65:f0:f2:
                    fe:ca:30:44:3c:58:d9:d4:af:97:87:b5:87:f8:97:
                    48:72:aa:06:d2:79:27:c3:00:9e:18:0a:0e:f9:0e:
                    cd:61:56:1b:89:56:73:df:c6:43:6a:d6:ff:68:92:
                    f5:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:E7:0F:E1:78:EC:1B:20:47:1F:29:8E:D3:C0:8B:2F:0F:BA:AD:86
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/qucP4XjsGyBHHymO08CLLw-6rYY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.143.0/24
                  85.133.160.0/23
                  85.133.166.0/24
                  85.133.174.0/24
                  85.133.194.0/24
                  85.133.219.0/24
                  85.133.227.0-85.133.228.255
                  85.133.233.0-85.133.234.255
                  85.133.237.0-85.133.238.255
                  85.133.241.0-85.133.242.255
                  85.133.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:6a:2c:27:be:a1:d7:f4:87:fe:89:1c:e3:74:34:fe:87:96:
         ed:bc:02:05:52:d2:27:be:92:b2:5e:f7:1e:78:94:59:19:44:
         51:65:be:8e:5d:77:d6:87:7e:b0:b8:df:1a:56:52:28:5a:2e:
         6e:ae:5b:d8:85:25:4e:49:c9:5b:75:08:b2:20:8b:c3:9d:87:
         94:7e:5a:09:ba:ce:ac:b9:2d:64:47:e1:69:db:55:01:c3:2c:
         dd:24:60:43:44:10:78:9c:66:e3:43:18:e3:5c:1f:49:36:40:
         ef:52:c8:07:c9:d6:cc:5b:e1:42:25:0f:6a:54:c5:b2:a8:30:
         5e:80:fc:18:a3:43:53:8c:6a:45:91:41:09:c6:f9:3e:62:e7:
         14:2e:25:8f:df:ef:55:06:fe:7b:d1:77:13:a0:b4:fa:e0:27:
         33:3b:23:66:61:7f:f5:e7:1b:a9:07:7c:e5:2e:5b:fb:12:1b:
         84:ba:2d:21:58:38:17:a0:9a:70:27:27:e5:cd:46:38:ca:54:
         bd:89:f0:5d:04:b5:ac:cb:ef:67:8a:8a:92:27:9c:33:78:dc:
         5b:da:20:02:a9:28:84:27:f0:30:ff:f4:cb:ed:45:d9:87:dd:
         91:21:a3:73:00:8c:42:7b:ff:61:e1:47:1e:d7:ab:37:39:98:
         b6:0a:ba:9e
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYdIplsKDqlPx/b5YgahBlmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDAzMTk0NDM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWU3MGZlMTc4ZWMxYjIwNDcxZjI5OGVkM2MwOGIyZjBmYmFhZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJjjhjxJDAIUXXb06jx+s9JEJp3I
BL2i1Uyr0ifsP8W3hUgwwv/o2yFA9j/osPRUahVvcVMxWoeE3WNmCKG4k2ocQDFU
m52u0/H1o7DE3bCpliboY1sBuWxeTgvbiaVDI6RVftqlkmwOdo8hXPN6JPVmjmQ9
hApmQF7kKoIFZ8WghkIXGFLwl/6MmGuvJe2KuDQc1PYpw/r5FS0IeHGoPNkllkA3
HvqKGwFh9yuoIRvwUbSbaOSoVuRPC7IBRywM2R+3vNF0IGOKd3TNdbtl8PL+yjBE
PFjZ1K+Xh7WH+JdIcqoG0nknwwCeGAoO+Q7NYVYbiVZz38ZDatb/aJL1aQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFKrnD+F47BsgRx8pjtPAiy8Puq2GMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcXVjUDRYanNHeUJISHltTzA4Q0xMdy02cllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAVYWPAwQB
VYWgAwQAVYWmAwQAVYWuAwQAVYXCAwQAVYXbMAwDBABVheMDBABVheQwDAMEAFWF
6QMEAFWF6jAMAwQAVYXtAwQAVYXuMAwDBABVhfEDBABVhfIDBABVhfowDQYJKoZI
hvcNAQELBQADggEBAHdqLCe+odf0h/6JHON0NP6Hlu28AgVS0ie+krJe9x54lFkZ
RFFlvo5dd9aHfrC43xpWUihaLm6uW9iFJU5JyVt1CLIgi8Odh5R+Wgm6zqy5LWRH
4WnbVQHDLN0kYENEEHicZuNDGONcH0k2QO9SyAfJ1sxb4UIlD2pUxbKoMF6A/Bij
Q1OMakWRQQnG+T5i5xQuJY/f71UG/nvRdxOgtPrgJzM7I2Zhf/XnG6kHfOUuW/sS
G4S6LSFYOBegmnAnJ+XNRjjKVL2J8F0EtazL72eKipInnDN43FvaIAKpKIQn8DD/
9MvtRdmH3ZEho3MAjEJ7/2HhRx7Xqzc5mLYKup4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org