Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/U1tuDBhJWqxA1vJ3qDTeKnUSSmE.roa
File:                     U1tuDBhJWqxA1vJ3qDTeKnUSSmE.roa (raw, json)
Hash identifier:          36jeg8lX2hCLld8z5/yCAcjHqD8EubbUX0Wyf8+GphI=
Subject key identifier:   53:5B:6E:0C:18:49:5A:AC:40:D6:F2:77:A8:34:DE:2A:75:12:4A:61
Certificate issuer:       /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial:       0185CB2034980D9B413A1B63EBEDE873525F
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/U1tuDBhJWqxA1vJ3qDTeKnUSSmE.roa
Signing time:             Thu 19 Jan 2023 17:42:43 +0000
ROA not before:           Thu 19 Jan 2023 17:42:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35913
IP address blocks:        85.153.16.0/22 maxlen: 22
                          85.153.22.0/24 maxlen: 24
                          85.153.23.0/24 maxlen: 24
                          85.153.20.0/24 maxlen: 24
                          85.153.21.0/24 maxlen: 24
                          85.153.31.0/24 maxlen: 24
                          85.153.30.0/24 maxlen: 24
                          85.153.28.0/24 maxlen: 24
                          85.153.44.0/24 maxlen: 24
                          85.153.47.0/24 maxlen: 24
                          85.153.45.0/24 maxlen: 24
                          85.153.46.0/24 maxlen: 24
                          85.153.57.0/24 maxlen: 24
                          85.115.206.0/24 maxlen: 24
                          85.115.205.0/24 maxlen: 24
                          85.153.76.0/22 maxlen: 22
                          85.153.74.0/24 maxlen: 24
                          85.153.75.0/24 maxlen: 24
                          85.153.96.0/22 maxlen: 22
                          85.153.104.0/22 maxlen: 22
                          85.153.112.0/24 maxlen: 24
                          85.153.116.0/24 maxlen: 24
                          85.153.117.0/24 maxlen: 24
                          85.153.114.0/24 maxlen: 24
                          85.153.115.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Feb 2023 16:46:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:cb:20:34:98:0d:9b:41:3a:1b:63:eb:ed:e8:73:52:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
        Validity
            Not Before: Jan 19 17:42:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=535b6e0c18495aac40d6f277a834de2a75124a61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b0:71:ad:15:cb:6e:44:18:f8:56:be:51:b2:
                    7d:f0:df:ae:cc:d3:38:5f:bf:00:2b:0b:46:47:3f:
                    03:d6:f6:13:4c:d6:fd:67:46:d4:56:98:78:7a:45:
                    c5:86:57:bc:1f:84:be:79:08:76:4f:3a:2b:5b:5f:
                    35:fb:17:80:64:00:58:5e:97:ae:3e:6f:8c:29:f4:
                    b9:61:52:92:2e:e7:14:cd:15:19:99:07:75:82:1a:
                    6c:d7:ab:be:38:ea:18:e6:e0:e1:e8:65:56:c3:a0:
                    b8:bd:9b:70:be:96:28:27:a9:54:d4:7a:58:4c:0c:
                    b5:9f:40:15:f3:42:1f:9b:1b:56:00:9d:b2:b6:74:
                    1b:ca:50:66:12:51:f4:57:29:e8:1d:f2:a0:0b:4d:
                    60:3e:e7:f8:85:80:dc:6f:e6:34:1f:1e:7f:a0:4e:
                    f1:bf:68:3e:24:83:d8:a6:d6:a3:da:30:3c:2d:83:
                    8b:f1:38:80:bd:9a:c1:7e:78:f8:dd:b4:5a:d5:39:
                    f0:a8:70:b0:27:26:39:e3:23:86:fe:62:62:7d:f7:
                    70:a3:a9:53:f2:ab:c0:3b:fc:2a:f0:94:78:4b:3c:
                    3d:97:97:e9:7d:28:93:72:74:83:1b:ce:9b:e1:e5:
                    58:eb:01:f8:1a:b7:b5:cf:34:a0:1c:fc:98:21:42:
                    67:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:5B:6E:0C:18:49:5A:AC:40:D6:F2:77:A8:34:DE:2A:75:12:4A:61
            X509v3 Authority Key Identifier:
                keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/U1tuDBhJWqxA1vJ3qDTeKnUSSmE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.115.205.0-85.115.206.255
                  85.153.16.0/21
                  85.153.28.0/24
                  85.153.30.0/23
                  85.153.44.0/22
                  85.153.57.0/24
                  85.153.74.0-85.153.79.255
                  85.153.96.0/22
                  85.153.104.0/22
                  85.153.112.0/24
                  85.153.114.0-85.153.117.255

    Signature Algorithm: sha256WithRSAEncryption
         64:f2:72:b3:e0:79:2c:9e:e6:1b:dd:66:61:44:62:ae:01:8d:
         8a:fe:58:a3:b3:18:7e:21:6e:23:88:15:0e:86:82:0a:c3:ec:
         3a:d1:7a:14:9a:ad:78:eb:46:4e:f3:59:a7:1a:41:c9:53:e9:
         20:d1:75:f2:f6:9a:22:f8:5e:52:a8:7e:ba:03:85:80:99:1b:
         ba:2d:df:d4:06:a3:f9:a0:d3:cc:27:31:c1:f9:51:b3:01:da:
         51:90:7f:bc:9a:95:f5:17:17:b2:86:8f:aa:da:8d:9d:d2:d8:
         db:12:7d:81:82:48:6f:6b:88:63:32:ae:6f:d0:fd:4e:70:ce:
         5c:37:9c:d3:93:0c:cb:93:24:78:6d:04:0b:59:ba:48:0c:0a:
         16:f4:3b:a5:d5:f5:2f:01:de:91:be:62:49:9e:71:d4:c1:93:
         13:e0:10:6a:f5:b0:9c:c7:6d:e8:1a:fc:19:f3:35:36:9e:8c:
         53:9a:eb:50:45:54:81:39:d1:48:9f:6f:cc:3e:8a:21:a5:06:
         a5:6d:a3:14:78:63:e0:b7:18:59:a5:41:25:5d:c9:be:db:6e:
         5d:71:ef:ed:b8:eb:a4:09:6a:40:34:88:ab:17:d7:a7:e6:61:
         3e:e0:7b:ac:c5:9d:50:3a:cd:cc:0d:36:2b:1f:ca:b9:b8:a6:
         01:0a:0d:8b
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYXLIDSYDZtBOhtj6+3oc1JfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwMTE5MTc0MjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzViNmUwYzE4NDk1YWFjNDBkNmYyNzdhODM0ZGUyYTc1MTI0YTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbBxrRXLbkQY+Fa+UbJ98N+uzNM4
X78AKwtGRz8D1vYTTNb9Z0bUVph4ekXFhle8H4S+eQh2TzorW181+xeAZABYXpeu
Pm+MKfS5YVKSLucUzRUZmQd1ghps16u+OOoY5uDh6GVWw6C4vZtwvpYoJ6lU1HpY
TAy1n0AV80IfmxtWAJ2ytnQbylBmElH0VynoHfKgC01gPuf4hYDcb+Y0Hx5/oE7x
v2g+JIPYptaj2jA8LYOL8TiAvZrBfnj43bRa1TnwqHCwJyY54yOG/mJiffdwo6lT
8qvAO/wq8JR4Szw9l5fpfSiTcnSDG86b4eVY6wH4Gre1zzSgHPyYIUJnfwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFFNbbgwYSVqsQNbyd6g03ip1EkphMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvVTF0dURCaEpXcXhBMXZKM3FEVGVLblVTU21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaMAwDBABVc80D
BABVc84DBANVmRADBABVmRwDBAFVmR4DBAJVmSwDBABVmTkwDAMEAVWZSgMEBFWZ
QAMEAlWZYAMEAlWZaAMEAFWZcDAMAwQBVZlyAwQBVZl0MA0GCSqGSIb3DQEBCwUA
A4IBAQBk8nKz4HksnuYb3WZhRGKuAY2K/lijsxh+IW4jiBUOhoIKw+w60XoUmq14
60ZO81mnGkHJU+kg0XXy9poi+F5SqH66A4WAmRu6Ld/UBqP5oNPMJzHB+VGzAdpR
kH+8mpX1Fxeyho+q2o2d0tjbEn2Bgkhva4hjMq5v0P1OcM5cN5zTkwzLkyR4bQQL
WbpIDAoW9Dul1fUvAd6RvmJJnnHUwZMT4BBq9bCcx23oGvwZ8zU2noxTmutQRVSB
OdFIn2/MPoohpQalbaMUeGPgtxhZpUElXcm+225dce/tuOukCWpANIirF9en5mE+
4HusxZ1QOs3MDTYrH8q5uKYBCg2L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:43 2024 by rpki-client on console-fra.rpki-client.org