Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/u048Oc9X4saQxSowOxWGXRsS6w0.roa
File:                     u048Oc9X4saQxSowOxWGXRsS6w0.roa (raw, json)
Hash identifier:          yR9AuvCPO+W7iL7XWc2EjobwZozZyZnYf1eQut9bUIM=
Subject key identifier:   BB:4E:3C:39:CF:57:E2:C6:90:C5:2A:30:3B:15:86:5D:1B:12:EB:0D
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018D75109EBCBC0AAE4E66BF3767DB3DCFFF
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/u048Oc9X4saQxSowOxWGXRsS6w0.roa
Signing time:             Sun 04 Feb 2024 17:00:39 +0000
ROA not before:           Sun 04 Feb 2024 17:00:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     48147
IP address blocks:        85.133.137.0/24 maxlen: 24
                          85.133.153.0/24 maxlen: 24
                          85.133.178.0/23 maxlen: 24
                          85.133.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 12 Feb 2024 14:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:75:10:9e:bc:bc:0a:ae:4e:66:bf:37:67:db:3d:cf:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Feb  4 17:00:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=bb4e3c39cf57e2c690c52a303b15865d1b12eb0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:f2:b5:88:29:8f:47:5c:1c:07:7e:2b:bc:20:
                    83:b8:76:89:1a:0c:10:bf:5c:37:d8:fc:6b:a4:94:
                    0c:8e:b6:29:02:31:58:93:ec:25:41:1a:d2:41:63:
                    88:1b:a1:3a:bc:fd:59:8a:4a:37:2d:f7:99:ca:aa:
                    35:07:40:b9:81:e2:98:fc:c3:ff:5a:ad:50:b2:67:
                    76:00:78:c4:88:fc:81:bc:be:cc:61:5e:91:36:69:
                    a2:4f:a0:ef:5d:64:01:1a:e8:e2:a1:68:2c:49:04:
                    a2:e5:51:0a:c1:9b:a7:7d:d0:f1:64:27:e0:e5:8a:
                    cd:48:46:d8:2d:f2:c6:d1:60:80:51:52:c0:f2:9e:
                    2a:73:f6:a3:39:92:5e:1d:f1:53:14:55:1f:01:9c:
                    53:1d:18:a2:3c:a8:e0:3f:29:0b:a3:c2:b5:41:d9:
                    47:70:f9:58:56:3f:2b:f3:a4:db:29:01:52:e7:62:
                    b0:cb:6b:47:d7:06:28:5a:28:21:77:0e:17:3a:0d:
                    8c:b8:6f:91:2b:8c:2e:bb:84:ba:f7:75:fa:f9:0b:
                    da:5e:b2:89:39:60:51:1b:6d:12:ce:2b:89:25:74:
                    c2:02:02:3f:1c:64:ea:60:e4:fc:13:e9:6b:e7:8f:
                    e4:fe:68:48:b7:03:af:8c:91:e0:7e:e2:5a:fd:33:
                    40:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:4E:3C:39:CF:57:E2:C6:90:C5:2A:30:3B:15:86:5D:1B:12:EB:0D
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/u048Oc9X4saQxSowOxWGXRsS6w0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.137.0/24
                  85.133.153.0/24
                  85.133.178.0/23
                  85.133.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:9a:ad:0f:ba:82:ff:7e:9e:c3:55:d6:17:87:ec:0b:97:bb:
         d7:94:36:df:ad:cd:7a:8f:16:83:f3:6b:57:8e:68:76:fe:1b:
         f6:05:6e:c7:30:0e:e8:ae:91:87:63:dd:fd:73:d0:e5:82:54:
         9a:2f:e6:13:63:53:84:5e:14:1d:b7:43:e2:61:83:b6:4e:83:
         f5:a7:04:af:93:65:b4:af:d6:f8:0d:ea:8c:e7:94:5b:5a:ad:
         74:b4:73:6b:96:08:bc:28:8d:84:fc:ad:3c:49:90:93:7d:a3:
         f6:e1:81:bd:e4:f5:88:3e:9f:9c:8f:34:ca:64:b8:2e:f6:40:
         65:1c:04:cf:d8:19:3a:51:82:64:a7:7b:0b:de:37:6d:e3:8f:
         84:0e:27:da:de:41:65:67:31:4f:2d:1d:14:8d:3e:68:42:1b:
         34:58:bb:ec:22:9a:f5:47:e9:dc:28:49:4a:10:d2:16:06:fe:
         6d:a2:f9:3d:e0:30:b0:c5:80:2c:8a:4b:51:bc:86:62:a2:7f:
         64:9c:79:81:65:af:a6:8a:a2:d1:bc:e8:9e:9e:bd:4c:f1:97:
         b3:94:53:75:47:0d:d3:f9:aa:e2:9b:b1:39:97:de:c2:46:58:
         77:2a:ce:8e:91:4d:13:a9:0f:56:84:d7:d6:7b:c7:4e:60:88:
         33:bb:33:88
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY11EJ68vAquTma/N2fbPc//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMjA0MTcwMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjRlM2MzOWNmNTdlMmM2OTBjNTJhMzAzYjE1ODY1ZDFiMTJlYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/K1iCmPR1wcB34rvCCDuHaJGgwQ
v1w32PxrpJQMjrYpAjFYk+wlQRrSQWOIG6E6vP1Ziko3LfeZyqo1B0C5geKY/MP/
Wq1Qsmd2AHjEiPyBvL7MYV6RNmmiT6DvXWQBGujioWgsSQSi5VEKwZunfdDxZCfg
5YrNSEbYLfLG0WCAUVLA8p4qc/ajOZJeHfFTFFUfAZxTHRiiPKjgPykLo8K1QdlH
cPlYVj8r86TbKQFS52Kwy2tH1wYoWighdw4XOg2MuG+RK4wuu4S693X6+QvaXrKJ
OWBRG20SziuJJXTCAgI/HGTqYOT8E+lr54/k/mhItwOvjJHgfuJa/TNAVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLtOPDnPV+LGkMUqMDsVhl0bEusNMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvdTA0OE9jOVg0c2FReFNvd094V0dYUnNTNncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYWJAwQA
VYWZAwQBVYWyAwQAVYXxMA0GCSqGSIb3DQEBCwUAA4IBAQAWmq0PuoL/fp7DVdYX
h+wLl7vXlDbfrc16jxaD82tXjmh2/hv2BW7HMA7orpGHY939c9DlglSaL+YTY1OE
XhQdt0PiYYO2ToP1pwSvk2W0r9b4DeqM55RbWq10tHNrlgi8KI2E/K08SZCTfaP2
4YG95PWIPp+cjzTKZLgu9kBlHATP2Bk6UYJkp3sL3jdt44+EDifa3kFlZzFPLR0U
jT5oQhs0WLvsIpr1R+ncKElKENIWBv5tovk94DCwxYAsiktRvIZion9knHmBZa+m
iqLRvOienr1M8ZezlFN1Rw3T+arim7E5l97CRlh3Ks6OkU0TqQ9WhNfWe8dOYIgz
uzOI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org