Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s0c4fjS16x2c8aD9Li9hJYZWNqQ.roa
File:                     s0c4fjS16x2c8aD9Li9hJYZWNqQ.roa (raw, json)
Hash identifier:          ZqSyMoAZijU6/DsFsSHav20RiVlOcneQ3GynPjx87Rc=
Subject key identifier:   B3:47:38:7E:34:B5:EB:1D:9C:F1:A0:FD:2E:2F:61:25:86:56:36:A4
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018988405D318FAD42AB54F42F5E9DBCE6BB
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s0c4fjS16x2c8aD9Li9hJYZWNqQ.roa
Signing time:             Mon 24 Jul 2023 14:14:26 +0000
ROA not before:           Mon 24 Jul 2023 14:14:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60707
IP address blocks:        85.133.227.0/24 maxlen: 24
                          85.133.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 11 Aug 2023 07:53:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:88:40:5d:31:8f:ad:42:ab:54:f4:2f:5e:9d:bc:e6:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Jul 24 14:14:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b347387e34b5eb1d9cf1a0fd2e2f6125865636a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1a:50:b8:4d:3f:a1:72:7c:2b:63:0a:f7:08:
                    d6:45:65:5d:7a:37:f1:d0:3e:55:b6:c3:2c:7b:90:
                    0e:ae:9b:54:16:27:2b:ea:75:51:b6:a5:a6:fd:b2:
                    d5:8a:5e:8d:98:3a:c2:9a:8d:23:45:3d:aa:4b:10:
                    fd:82:3c:9c:5f:1f:6b:78:98:95:87:d0:15:2d:00:
                    04:06:eb:9b:de:6d:b6:e0:4e:be:61:85:1e:46:3a:
                    bb:55:37:53:6d:c2:7b:50:78:64:b0:c1:30:07:4f:
                    e6:e4:54:2d:1d:f6:46:ca:75:f5:29:31:33:41:ad:
                    84:81:d4:0c:05:4c:84:38:d3:db:29:e6:d2:21:1f:
                    a1:8e:17:e0:7f:58:89:4d:ba:34:50:f9:92:d6:ea:
                    63:df:e1:41:c7:de:51:63:1b:b8:cf:8b:02:9f:f5:
                    64:ea:e2:4e:60:00:97:3e:82:9b:ed:4e:01:a2:be:
                    9d:5c:e3:0c:db:5f:b3:1c:29:51:9b:5e:e1:e4:5c:
                    ef:c8:c6:96:a6:40:ec:9d:15:d2:20:d7:fb:e7:7a:
                    52:19:08:b1:64:ae:00:6e:11:31:c7:11:a4:f3:cd:
                    16:31:62:e7:f6:cb:ae:61:37:fd:71:20:c5:75:d3:
                    32:57:c3:07:0c:da:ba:63:93:75:d9:cc:ce:08:d8:
                    01:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:47:38:7E:34:B5:EB:1D:9C:F1:A0:FD:2E:2F:61:25:86:56:36:A4
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s0c4fjS16x2c8aD9Li9hJYZWNqQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.135.0/24
                  85.133.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:34:3d:a4:64:87:9a:7c:90:81:0d:0a:fc:c7:50:f4:16:31:
         0d:c4:b7:65:d3:38:85:24:e1:9d:d6:25:49:45:b4:b6:be:90:
         fb:4e:4b:56:1c:42:bb:f3:77:d3:10:90:c6:29:10:2b:8f:e4:
         6a:c2:78:b7:70:c2:89:97:f8:0d:65:f2:0b:b4:45:ce:95:72:
         a1:ce:e1:b6:94:a1:95:5e:af:e6:21:15:d9:0f:e1:41:93:63:
         23:30:19:3a:19:8b:3b:c0:18:17:e1:1e:cb:b2:b6:de:78:46:
         53:b0:45:e9:4b:86:9e:f0:e0:51:9f:9f:59:e3:18:d2:e2:55:
         17:91:94:93:ee:6e:83:12:95:a5:ca:fc:4e:51:90:bf:78:cd:
         db:4b:57:2b:a9:65:f7:56:8c:95:70:32:7e:3e:dc:fb:19:be:
         ca:b9:22:79:f8:9d:96:ec:65:75:94:aa:c2:42:35:9c:9c:aa:
         9e:40:74:66:16:76:18:1d:56:62:e0:2c:95:16:92:b1:c3:62:
         5b:9c:e3:b2:24:b8:92:9b:c7:ba:c5:4e:85:0e:b3:0f:1c:5f:
         30:fc:37:96:a1:cd:09:d1:de:f0:d5:28:c6:c0:54:ed:c5:de:
         b5:1a:0b:3c:04:ec:c5:e3:59:be:52:36:a0:0d:7f:b8:4d:ab:
         41:e9:f3:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmIQF0xj61Cq1T0L16dvOa7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNzI0MTQxNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzQ3Mzg3ZTM0YjVlYjFkOWNmMWEwZmQyZTJmNjEyNTg2NTYzNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxpQuE0/oXJ8K2MK9wjWRWVdejfx
0D5VtsMse5AOrptUFicr6nVRtqWm/bLVil6NmDrCmo0jRT2qSxD9gjycXx9reJiV
h9AVLQAEBuub3m224E6+YYUeRjq7VTdTbcJ7UHhksMEwB0/m5FQtHfZGynX1KTEz
Qa2EgdQMBUyEONPbKebSIR+hjhfgf1iJTbo0UPmS1upj3+FBx95RYxu4z4sCn/Vk
6uJOYACXPoKb7U4Bor6dXOMM21+zHClRm17h5FzvyMaWpkDsnRXSINf753pSGQix
ZK4AbhExxxGk880WMWLn9suuYTf9cSDFddMyV8MHDNq6Y5N12czOCNgB/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLNHOH40tesdnPGg/S4vYSWGVjakMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvczBjNGZqUzE2eDJjOGFEOUxpOWhKWVpXTnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYWHAwQA
VYXjMA0GCSqGSIb3DQEBCwUAA4IBAQBpND2kZIeafJCBDQr8x1D0FjENxLdl0ziF
JOGd1iVJRbS2vpD7TktWHEK783fTEJDGKRArj+Rqwni3cMKJl/gNZfILtEXOlXKh
zuG2lKGVXq/mIRXZD+FBk2MjMBk6GYs7wBgX4R7LsrbeeEZTsEXpS4ae8OBRn59Z
4xjS4lUXkZST7m6DEpWlyvxOUZC/eM3bS1crqWX3VoyVcDJ+Ptz7Gb7KuSJ5+J2W
7GV1lKrCQjWcnKqeQHRmFnYYHVZi4CyVFpKxw2JbnOOyJLiSm8e6xU6FDrMPHF8w
/DeWoc0J0d7w1SjGwFTtxd61Ggs8BOzF41m+UjagDX+4TatB6fNL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org