Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s2XI-RL7TqmD_hSiRNGFiJS_Mk8.roa
File:                     s2XI-RL7TqmD_hSiRNGFiJS_Mk8.roa (raw, json)
Hash identifier:          YPK3FbIWHAPFRPr8AmXyI8R36HBH/TpmWjYzDjYW4Zs=
Subject key identifier:   B3:65:C8:F9:12:FB:4E:A9:83:FE:14:A2:44:D1:85:88:94:BF:32:4F
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018780A97599DE73C038A23467F4911DED63
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s2XI-RL7TqmD_hSiRNGFiJS_Mk8.roa
Signing time:             Fri 14 Apr 2023 16:46:41 +0000
ROA not before:           Fri 14 Apr 2023 16:46:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        85.133.216.0/24 maxlen: 24
                          85.133.146.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 20 Apr 2023 08:57:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:80:a9:75:99:de:73:c0:38:a2:34:67:f4:91:1d:ed:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Apr 14 16:46:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b365c8f912fb4ea983fe14a244d1858894bf324f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:30:ec:7f:d4:a5:b3:cd:2a:ff:95:1b:fa:c2:
                    2e:c2:fb:17:e3:c9:24:24:79:64:3d:dd:45:1b:b7:
                    d7:e1:78:59:f5:fb:ee:a1:eb:15:e3:cf:6c:b1:c1:
                    62:31:5b:3c:df:c1:e1:8b:35:a6:5f:af:fd:d6:52:
                    c0:d6:dd:42:80:c1:f3:47:cf:91:41:01:6e:be:9f:
                    34:97:5b:c2:cd:7f:85:d7:69:49:f5:5b:53:6a:c3:
                    8e:50:2d:da:d1:ce:46:20:46:45:8a:d1:69:11:79:
                    5d:9a:ba:9b:4e:e9:43:e2:61:df:cc:f8:37:5b:ab:
                    51:a4:95:45:b2:64:25:f3:c1:c9:4c:e3:25:76:8c:
                    ab:ad:42:fc:dd:b0:a7:dd:6f:d6:da:12:4c:5b:98:
                    f5:b0:c7:62:79:97:72:af:24:31:d8:8e:72:fc:56:
                    bd:e3:b5:b4:cd:1f:4c:2e:88:4a:bc:8a:bd:c5:1f:
                    f8:80:9a:76:19:9b:62:6a:3a:01:29:c1:c1:53:b8:
                    68:dc:e8:56:f1:0d:dd:2a:7f:09:2b:3b:e2:06:db:
                    69:28:be:18:8c:e4:f6:c8:67:0a:52:65:b5:24:f0:
                    50:7c:09:dd:6f:71:f3:b6:ba:1c:0b:84:54:c0:c9:
                    57:b3:5a:74:02:c7:c9:ac:01:25:d2:73:39:ba:81:
                    02:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:65:C8:F9:12:FB:4E:A9:83:FE:14:A2:44:D1:85:88:94:BF:32:4F
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/s2XI-RL7TqmD_hSiRNGFiJS_Mk8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.146.0/24
                  85.133.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:98:a6:bc:ff:5a:44:7b:0a:da:38:65:37:92:ad:16:e3:d0:
         50:ef:22:52:25:41:ac:3f:ee:2d:a7:f3:a1:f4:e1:d5:cd:8f:
         0a:1f:51:1f:44:fa:24:cd:3e:a1:a5:82:b5:2d:24:28:58:05:
         c7:2f:71:70:3b:99:0d:76:1d:d0:67:5f:f4:64:8e:db:85:49:
         1f:26:0a:8b:7a:fc:53:d3:af:1d:76:4f:7a:a0:80:d5:a0:bc:
         d1:3b:a6:76:f6:75:01:23:00:e1:69:a5:06:08:1e:df:56:68:
         a4:ba:07:b2:e4:8b:9a:46:59:d5:dd:b4:1e:2e:ad:cb:55:e2:
         4e:88:22:18:9d:fe:8a:39:21:20:bd:e1:43:01:b9:d7:1d:23:
         7a:d1:0c:59:c5:ad:11:af:43:69:c7:9b:b1:6b:b6:5b:13:28:
         27:23:a0:15:ea:39:ec:fb:35:2a:1a:b2:23:cd:70:05:e6:fb:
         de:ea:49:f0:af:4b:55:4f:7c:16:82:31:83:b1:21:d8:10:e3:
         8f:aa:8a:a0:8f:4a:f5:de:ad:b5:2c:7f:a4:3a:26:3c:b4:d6:
         66:c5:ba:b4:2f:23:71:31:0e:f6:f7:0d:03:63:bf:ee:b9:73:
         81:00:69:f2:f2:9e:2a:72:d6:7a:30:5a:db:8f:a9:c2:ad:7d:
         25:68:60:d3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeAqXWZ3nPAOKI0Z/SRHe1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDE0MTY0NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzY1YzhmOTEyZmI0ZWE5ODNmZTE0YTI0NGQxODU4ODk0YmYzMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjDsf9Sls80q/5Ub+sIuwvsX48kk
JHlkPd1FG7fX4XhZ9fvuoesV489sscFiMVs838HhizWmX6/91lLA1t1CgMHzR8+R
QQFuvp80l1vCzX+F12lJ9VtTasOOUC3a0c5GIEZFitFpEXldmrqbTulD4mHfzPg3
W6tRpJVFsmQl88HJTOMldoyrrUL83bCn3W/W2hJMW5j1sMdieZdyryQx2I5y/Fa9
47W0zR9MLohKvIq9xR/4gJp2GZtiajoBKcHBU7ho3OhW8Q3dKn8JKzviBttpKL4Y
jOT2yGcKUmW1JPBQfAndb3HztrocC4RUwMlXs1p0AsfJrAEl0nM5uoECtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLNlyPkS+06pg/4UokTRhYiUvzJPMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvczJYSS1STDdUcW1EX2hTaVJOR0ZpSlNfTWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYWSAwQA
VYXYMA0GCSqGSIb3DQEBCwUAA4IBAQCcmKa8/1pEewraOGU3kq0W49BQ7yJSJUGs
P+4tp/Oh9OHVzY8KH1EfRPokzT6hpYK1LSQoWAXHL3FwO5kNdh3QZ1/0ZI7bhUkf
JgqLevxT068ddk96oIDVoLzRO6Z29nUBIwDhaaUGCB7fVmikugey5IuaRlnV3bQe
Lq3LVeJOiCIYnf6KOSEgveFDAbnXHSN60QxZxa0Rr0Npx5uxa7ZbEygnI6AV6jns
+zUqGrIjzXAF5vve6knwr0tVT3wWgjGDsSHYEOOPqoqgj0r13q21LH+kOiY8tNZm
xbq0LyNxMQ729w0DY7/uuXOBAGny8p4qctZ6MFrbj6nCrX0laGDT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org