Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/tSU4E86H-_ehKHE7vkoUmG-0pi8.roa
File:                     tSU4E86H-_ehKHE7vkoUmG-0pi8.roa (raw, json)
Hash identifier:          0cn4dK62Yx+0QMkbDanGW5X9A5oPd+1HcjdEtcrsQNY=
Subject key identifier:   B5:25:38:13:CE:87:FB:F7:A1:28:71:3B:BE:4A:14:98:6F:B4:A6:2F
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018751C9D57E80E9ACEE010E4562EF5EE38A
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/tSU4E86H-_ehKHE7vkoUmG-0pi8.roa
Signing time:             Wed 05 Apr 2023 14:19:54 +0000
ROA not before:           Wed 05 Apr 2023 14:19:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52209
IP address blocks:        85.133.227.0/24 maxlen: 24
                          85.133.228.0/24 maxlen: 24
                          85.133.233.0/24 maxlen: 24
                          85.133.237.0/24 maxlen: 24
                          85.133.238.0/24 maxlen: 24
                          85.133.234.0/24 maxlen: 24
                          85.133.241.0/24 maxlen: 24
                          85.133.242.0/24 maxlen: 24
                          85.133.250.0/24 maxlen: 24
                          85.133.174.0/24 maxlen: 24
                          85.133.194.0/24 maxlen: 24
                          85.133.219.0/24 maxlen: 24
                          85.133.143.0/24 maxlen: 24
                          85.133.151.0/24 maxlen: 24
                          85.133.153.0/24 maxlen: 24
                          85.133.166.0/24 maxlen: 24
                          85.133.160.0/24 maxlen: 24
                          85.133.161.0/24 maxlen: 24
                          185.41.0.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 08 Apr 2023 12:05:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:51:c9:d5:7e:80:e9:ac:ee:01:0e:45:62:ef:5e:e3:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Apr  5 14:19:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b5253813ce87fbf7a128713bbe4a14986fb4a62f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b3:be:1b:82:93:a7:ea:5f:45:60:af:1b:21:
                    53:ba:81:87:9b:ac:61:79:2c:e6:24:c9:31:bd:49:
                    49:7d:47:28:b5:19:90:21:c4:08:41:1e:ef:a4:01:
                    21:00:18:2d:3d:97:a6:c4:1d:68:08:7d:bc:cb:01:
                    38:8d:7b:01:54:13:6c:b7:c2:be:43:16:e3:a3:fc:
                    97:7b:c0:ab:2f:70:00:af:50:df:44:62:b4:6c:3d:
                    fd:9b:b5:63:42:0d:4a:fa:8b:28:a5:57:bf:a3:1e:
                    41:01:f0:ab:3b:e9:dd:2b:1e:f4:81:6a:a8:b0:16:
                    40:ea:10:40:a5:66:46:19:fb:b7:a0:e7:a6:3e:ff:
                    d9:57:30:da:7a:2e:8f:32:16:ea:5c:7c:e8:ce:95:
                    ee:73:27:93:a9:2b:0a:9e:df:1d:bf:22:22:70:08:
                    a0:2e:d4:2c:37:6e:fd:1b:a7:ca:4c:8d:2b:63:82:
                    6b:a6:37:5d:17:bd:32:4c:78:67:99:c1:c2:a9:cb:
                    9a:10:76:ee:9f:5d:f1:8d:f2:1c:96:1b:0b:5e:e1:
                    68:27:e1:c3:c8:17:b7:4b:9c:66:9f:07:95:0b:08:
                    d6:b4:25:1b:3c:6d:c4:a1:40:ab:5d:bd:6a:a1:aa:
                    88:83:ab:32:9f:29:4d:d4:98:a1:48:3d:9b:c0:62:
                    07:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:25:38:13:CE:87:FB:F7:A1:28:71:3B:BE:4A:14:98:6F:B4:A6:2F
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/tSU4E86H-_ehKHE7vkoUmG-0pi8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.143.0/24
                  85.133.151.0/24
                  85.133.153.0/24
                  85.133.160.0/23
                  85.133.166.0/24
                  85.133.174.0/24
                  85.133.194.0/24
                  85.133.219.0/24
                  85.133.227.0-85.133.228.255
                  85.133.233.0-85.133.234.255
                  85.133.237.0-85.133.238.255
                  85.133.241.0-85.133.242.255
                  85.133.250.0/24
                  185.41.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:75:59:45:54:6f:9a:10:5e:91:a6:71:74:ba:dd:d7:27:50:
         f9:7b:01:55:a1:1a:5b:cc:67:45:81:83:00:46:07:18:a9:ee:
         59:0c:1c:75:60:14:66:5a:d5:e4:32:4f:5f:d5:32:6b:14:86:
         53:57:de:40:5e:d9:34:ad:5f:56:fa:0f:fc:05:62:26:2c:04:
         0a:6c:62:9f:8c:54:ef:28:3e:8e:1e:f9:c2:d8:ee:ac:86:92:
         9d:d8:1b:32:f8:c0:bf:25:04:d8:46:59:b1:72:b0:bd:ed:3d:
         74:13:bd:ec:d3:e4:5a:3f:0b:97:27:7e:ea:2a:08:cc:17:a4:
         01:4e:94:09:78:56:83:ce:18:ba:a8:53:45:63:0f:be:55:61:
         b1:85:11:53:f5:ee:8c:70:05:47:3d:1a:e9:6a:35:bd:53:25:
         1b:c6:8a:a6:b6:f5:16:5b:bd:09:3d:3c:62:82:2c:f4:7e:b3:
         01:11:db:45:ca:ba:00:16:04:73:42:14:75:6a:a9:92:77:50:
         ab:db:a9:81:a2:dd:14:e9:d4:93:7d:a2:27:dd:db:5d:8d:70:
         30:dc:f4:da:97:9b:0d:c3:8d:c4:07:f9:1d:74:db:6e:98:95:
         70:98:00:3c:54:ef:34:22:8e:46:d5:6a:17:0b:69:09:d9:d9:
         b0:22:0c:55
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYdRydV+gOms7gEORWLvXuOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDA1MTQxOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTI1MzgxM2NlODdmYmY3YTEyODcxM2JiZTRhMTQ5ODZmYjRhNjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubO+G4KTp+pfRWCvGyFTuoGHm6xh
eSzmJMkxvUlJfUcotRmQIcQIQR7vpAEhABgtPZemxB1oCH28ywE4jXsBVBNst8K+
Qxbjo/yXe8CrL3AAr1DfRGK0bD39m7VjQg1K+osopVe/ox5BAfCrO+ndKx70gWqo
sBZA6hBApWZGGfu3oOemPv/ZVzDaei6PMhbqXHzozpXucyeTqSsKnt8dvyIicAig
LtQsN279G6fKTI0rY4JrpjddF70yTHhnmcHCqcuaEHbun13xjfIclhsLXuFoJ+HD
yBe3S5xmnweVCwjWtCUbPG3EoUCrXb1qoaqIg6synylN1JihSD2bwGIHCQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFLUlOBPOh/v3oShxO75KFJhvtKYvMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvdFNVNEU4NkgtX2VoS0hFN3Zrb1VtRy0wcGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAFWFjwME
AFWFlwMEAFWFmQMEAVWFoAMEAFWFpgMEAFWFrgMEAFWFwgMEAFWF2zAMAwQAVYXj
AwQAVYXkMAwDBABVhekDBABVheowDAMEAFWF7QMEAFWF7jAMAwQAVYXxAwQAVYXy
AwQAVYX6AwQCuSkAMA0GCSqGSIb3DQEBCwUAA4IBAQBOdVlFVG+aEF6RpnF0ut3X
J1D5ewFVoRpbzGdFgYMARgcYqe5ZDBx1YBRmWtXkMk9f1TJrFIZTV95AXtk0rV9W
+g/8BWImLAQKbGKfjFTvKD6OHvnC2O6shpKd2Bsy+MC/JQTYRlmxcrC97T10E73s
0+RaPwuXJ37qKgjMF6QBTpQJeFaDzhi6qFNFYw++VWGxhRFT9e6McAVHPRrpajW9
UyUbxoqmtvUWW70JPTxigiz0frMBEdtFyroAFgRzQhR1aqmSd1Cr26mBot0U6dST
faIn3dtdjXAw3PTal5sNw43EB/kddNtumJVwmAA8VO80Io5G1WoXC2kJ2dmwIgxV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org