Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wpG2RXE4PhevliSSrIqYUd2xtpw.roa
File:                     wpG2RXE4PhevliSSrIqYUd2xtpw.roa (raw, json)
Hash identifier:          J6GmaCjuVsUBHwqs/SePI5BvLDDPi+BxmGL/cb0WbPg=
Subject key identifier:   C2:91:B6:45:71:38:3E:17:AF:96:24:92:AC:8A:98:51:DD:B1:B6:9C
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       0189A71613A4AD8A5446F72B8311AC4C5F13
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wpG2RXE4PhevliSSrIqYUd2xtpw.roa
Signing time:             Sun 30 Jul 2023 13:56:29 +0000
ROA not before:           Sun 30 Jul 2023 13:56:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39074
IP address blocks:        85.133.231.0/24 maxlen: 24
                          85.133.232.0/24 maxlen: 24
                          85.133.232.0/22 maxlen: 22
                          85.133.229.0/24 maxlen: 24
                          85.133.230.0/24 maxlen: 24
                          85.133.239.0/24 maxlen: 24
                          85.133.240.0/24 maxlen: 24
                          85.133.235.0/24 maxlen: 24
                          85.133.240.0/22 maxlen: 22
                          85.133.245.0/24 maxlen: 24
                          85.133.246.0/24 maxlen: 24
                          85.133.243.0/24 maxlen: 24
                          85.133.244.0/24 maxlen: 24
                          85.133.247.0/24 maxlen: 24
                          85.133.248.0/23 maxlen: 24
                          85.133.249.0/24 maxlen: 24
                          85.133.251.0/24 maxlen: 24
                          85.133.252.0/22 maxlen: 22
                          85.133.254.0/24 maxlen: 24
                          85.133.255.0/24 maxlen: 24
                          85.133.176.0/22 maxlen: 24
                          85.133.178.0/24 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.184.0/22 maxlen: 24
                          85.133.180.0/22 maxlen: 24
                          85.133.189.0/24 maxlen: 24
                          85.133.188.0/22 maxlen: 22
                          85.133.192.0/22 maxlen: 22
                          85.133.196.0/24 maxlen: 24
                          85.133.197.0/24 maxlen: 24
                          85.133.196.0/22 maxlen: 22
                          85.133.203.0/24 maxlen: 24
                          85.133.204.0/24 maxlen: 24
                          85.133.200.0/22 maxlen: 22
                          85.133.206.0/24 maxlen: 24
                          85.133.200.0/24 maxlen: 24
                          85.133.201.0/24 maxlen: 24
                          85.133.204.0/22 maxlen: 22
                          85.133.210.0/23 maxlen: 24
                          85.133.211.0/24 maxlen: 24
                          85.133.212.0/24 maxlen: 24
                          85.133.213.0/24 maxlen: 24
                          85.133.207.0/24 maxlen: 24
                          85.133.212.0/22 maxlen: 22
                          85.133.209.0/24 maxlen: 24
                          85.133.217.0/24 maxlen: 24
                          85.133.218.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.215.0/24 maxlen: 24
                          85.133.220.0/24 maxlen: 24
                          85.133.220.0/22 maxlen: 22
                          85.133.226.0/24 maxlen: 24
                          85.133.221.0/24 maxlen: 24
                          85.133.222.0/24 maxlen: 24
                          85.133.223.0/24 maxlen: 24
                          85.133.224.0/22 maxlen: 22
                          85.133.130.0/24 maxlen: 24
                          85.133.131.0/24 maxlen: 24
                          85.133.128.0/17 maxlen: 24
                          85.133.128.0/24 maxlen: 24
                          85.133.129.0/24 maxlen: 24
                          85.133.128.0/22 maxlen: 22
                          85.133.134.0/24 maxlen: 24
                          85.133.133.0/24 maxlen: 24
                          85.133.137.0/24 maxlen: 24
                          85.133.138.0/24 maxlen: 24
                          85.133.139.0/24 maxlen: 24
                          85.133.144.0/22 maxlen: 22
                          85.133.144.0/24 maxlen: 24
                          85.133.145.0/24 maxlen: 24
                          85.133.140.0/22 maxlen: 22
                          85.133.141.0/24 maxlen: 24
                          85.133.142.0/24 maxlen: 24
                          85.133.140.0/24 maxlen: 24
                          85.133.148.0/24 maxlen: 24
                          85.133.149.0/24 maxlen: 24
                          85.133.150.0/24 maxlen: 24
                          85.133.148.0/22 maxlen: 22
                          85.133.147.0/24 maxlen: 24
                          85.133.152.0/22 maxlen: 22
                          85.133.152.0/24 maxlen: 24
                          85.133.158.0/24 maxlen: 24
                          85.133.159.0/24 maxlen: 24
                          85.133.155.0/24 maxlen: 24
                          85.133.157.0/24 maxlen: 24
                          85.133.154.0/24 maxlen: 24
                          85.133.162.0/24 maxlen: 24
                          85.133.163.0/24 maxlen: 24
                          85.133.165.0/24 maxlen: 24
                          85.133.172.0/22 maxlen: 24
                          85.133.172.0/24 maxlen: 24
                          85.133.168.0/22 maxlen: 24
                          185.41.0.0/24 maxlen: 24
                          185.41.1.0/24 maxlen: 24
                          185.41.2.0/24 maxlen: 24
                          185.41.3.0/24 maxlen: 24
                          2a04:87c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 02 Aug 2023 11:07:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:a7:16:13:a4:ad:8a:54:46:f7:2b:83:11:ac:4c:5f:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Jul 30 13:56:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c291b64571383e17af962492ac8a9851ddb1b69c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:8f:80:02:71:5e:1c:06:9f:91:7f:84:b2:87:
                    50:79:5d:50:41:dd:53:b1:45:05:df:a0:5d:ae:03:
                    15:e7:b3:80:68:07:34:d6:3b:a9:84:00:ea:18:7f:
                    5a:d5:7f:a2:8f:91:42:9a:bc:c6:4c:58:e9:0a:ab:
                    96:31:c5:f5:57:92:c2:e6:bf:16:d6:38:e7:a9:b4:
                    35:df:f1:9a:ea:7e:70:89:f9:29:20:1a:ce:52:c8:
                    94:1f:ee:55:6d:97:6c:8b:6f:e3:19:65:94:2f:d4:
                    4e:62:12:98:35:6c:49:66:e3:0b:e8:72:2e:fb:01:
                    6b:08:d5:55:72:1d:14:84:86:d7:43:89:8d:dc:fb:
                    10:3e:49:29:a0:7c:d5:08:e1:c4:0e:8b:1a:12:a8:
                    93:17:5c:77:25:92:15:af:13:10:ca:cf:2c:28:83:
                    2b:a8:4b:33:60:3a:3e:dd:08:c9:c1:38:2c:d9:10:
                    4e:59:49:b3:59:5f:e4:6c:38:3f:e7:f3:ae:fc:a7:
                    40:1f:57:42:32:54:03:30:0f:4b:9a:7a:07:3b:4b:
                    d3:65:87:db:03:3a:4b:d1:7e:11:3f:30:b3:80:2f:
                    43:b6:4b:30:26:7e:51:ba:e3:cf:d6:df:33:52:d1:
                    d6:c3:b1:12:59:21:49:89:d9:09:55:a3:5d:6c:19:
                    b3:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:91:B6:45:71:38:3E:17:AF:96:24:92:AC:8A:98:51:DD:B1:B6:9C
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/wpG2RXE4PhevliSSrIqYUd2xtpw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.128.0/17
                  185.41.0.0/22
                IPv6:
                  2a04:87c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         60:1f:14:18:6d:a8:47:e9:dd:32:ef:e3:da:10:8d:86:5a:94:
         cc:4b:17:70:52:57:d4:9a:b7:4a:43:af:32:7a:00:a2:1c:52:
         d2:68:3b:07:69:a9:63:d3:29:b6:7d:ff:4b:2a:b0:5b:9c:9f:
         0d:ee:65:c6:88:de:d8:ae:e0:9f:6b:d1:37:7e:03:3d:a7:26:
         50:e1:2e:42:ab:3b:73:65:49:18:b1:c7:db:4d:f1:32:d5:94:
         9f:82:a9:34:fd:96:ba:c1:ed:8d:64:58:34:31:cf:18:a4:97:
         1c:58:e5:cb:1c:62:a4:d0:32:a8:a0:81:73:e9:f0:f0:20:c0:
         6d:74:65:7c:d0:7c:87:5e:ef:88:54:f8:10:e2:a6:dd:29:b1:
         c4:34:11:97:b4:1d:3d:24:be:c3:1d:b7:2e:28:9e:52:bd:fe:
         f5:72:b6:bc:16:b1:84:0c:9c:2e:cd:50:b2:c2:b9:44:51:bb:
         d0:19:a8:60:e9:1a:6c:70:3e:a6:bd:9a:5f:8d:b9:a3:4f:4f:
         91:f3:81:8e:62:e7:5d:93:c4:f5:ab:24:f6:51:d2:87:a1:e8:
         d1:16:06:54:79:95:57:47:23:4b:dd:39:09:d3:76:ac:fb:df:
         e5:cc:3b:38:83:c6:66:2b:61:1b:3d:de:1b:17:a3:d6:47:35:
         fe:44:20:5a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYmnFhOkrYpURvcrgxGsTF8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNzMwMTM1NjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjkxYjY0NTcxMzgzZTE3YWY5NjI0OTJhYzhhOTg1MWRkYjFiNjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04+AAnFeHAafkX+EsodQeV1QQd1T
sUUF36BdrgMV57OAaAc01juphADqGH9a1X+ij5FCmrzGTFjpCquWMcX1V5LC5r8W
1jjnqbQ13/Ga6n5wifkpIBrOUsiUH+5VbZdsi2/jGWWUL9ROYhKYNWxJZuML6HIu
+wFrCNVVch0UhIbXQ4mN3PsQPkkpoHzVCOHEDosaEqiTF1x3JZIVrxMQys8sKIMr
qEszYDo+3QjJwTgs2RBOWUmzWV/kbDg/5/Ou/KdAH1dCMlQDMA9LmnoHO0vTZYfb
AzpL0X4RPzCzgC9DtkswJn5RuuPP1t8zUtHWw7ESWSFJidkJVaNdbBmzmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMKRtkVxOD4Xr5YkkqyKmFHdsbacMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvd3BHMlJYRTRQaGV2bGlTU3JJcVlVZDJ4dHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBgHxQYbahH6d0y
7+PaEI2GWpTMSxdwUlfUmrdKQ68yegCiHFLSaDsHaalj0ym2ff9LKrBbnJ8N7mXG
iN7YruCfa9E3fgM9pyZQ4S5CqztzZUkYscfbTfEy1ZSfgqk0/Za6we2NZFg0Mc8Y
pJccWOXLHGKk0DKooIFz6fDwIMBtdGV80HyHXu+IVPgQ4qbdKbHENBGXtB09JL7D
HbcuKJ5Svf71cra8FrGEDJwuzVCywrlEUbvQGahg6RpscD6mvZpfjbmjT0+R84GO
Yuddk8T1qyT2UdKHoejRFgZUeZVXRyNL3TkJ03as+9/lzDs4g8ZmK2EbPd4bF6PW
RzX+RCBa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org