Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/11JgQ9iolcxKJWvvdhUqSVfovnI.roa
File:                     11JgQ9iolcxKJWvvdhUqSVfovnI.roa (raw, json)
Hash identifier:          EelZelUCfIgVmEEoLjzD7DxcJG3x1nEq7RM9r5utuj4=
Subject key identifier:   D7:52:60:43:D8:A8:95:CC:4A:25:6B:EF:76:15:2A:49:57:E8:BE:72
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       01874C426EEA9A5C34178C89A5173B3031DC
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/11JgQ9iolcxKJWvvdhUqSVfovnI.roa
Signing time:             Tue 04 Apr 2023 12:33:54 +0000
ROA not before:           Tue 04 Apr 2023 12:33:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212815
IP address blocks:        5.105.168.0/24 maxlen: 24
                          5.105.65.0/24 maxlen: 24
                          5.105.81.0/24 maxlen: 24
                          5.105.96.0/24 maxlen: 24
                          5.105.230.0/24 maxlen: 24
                          5.105.19.0/24 maxlen: 24
                          5.105.24.0/24 maxlen: 24
                          5.105.25.0/24 maxlen: 24
                          5.105.247.0/24 maxlen: 24
                          5.105.33.0/24 maxlen: 24
                          5.105.40.0/24 maxlen: 24
                          5.105.43.0/24 maxlen: 24
                          5.105.50.0/24 maxlen: 24
                          5.105.57.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 20 Apr 2023 12:15:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:4c:42:6e:ea:9a:5c:34:17:8c:89:a5:17:3b:30:31:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Apr  4 12:33:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7526043d8a895cc4a256bef76152a4957e8be72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:80:b5:03:ad:fd:50:c5:87:c4:a6:1b:97:d8:
                    cf:83:25:98:02:f5:98:04:db:0b:aa:ba:23:b9:c9:
                    17:5a:42:c9:4d:fd:6f:6c:4c:54:aa:77:71:f1:d4:
                    a7:3a:f6:5c:f3:23:bf:94:68:e5:57:37:fc:8b:7e:
                    0b:06:41:57:e8:41:82:ca:76:fc:17:45:03:9d:71:
                    ba:c4:ae:4f:4c:32:f6:ef:fa:a0:f5:8e:7c:fe:1e:
                    8c:7a:34:c6:55:06:96:55:ab:7c:f2:47:6d:ca:eb:
                    53:cf:cc:dd:57:9a:b4:56:10:34:86:8b:1c:b8:c8:
                    bc:4d:45:e2:73:42:97:4a:a0:a1:f5:b4:84:b2:f5:
                    9e:c8:70:2f:e2:99:bb:b3:db:ec:b1:a2:48:d7:a5:
                    f2:6e:08:db:42:d6:21:0c:48:ef:64:bc:3f:d2:d0:
                    d5:9d:06:93:ac:51:81:7b:9d:0e:3d:64:29:37:65:
                    68:1b:a4:6b:82:3e:6c:9c:c5:2e:41:45:b3:84:93:
                    e6:3e:54:34:8d:0a:2b:22:0f:95:aa:90:2b:35:28:
                    52:10:7d:02:ac:48:9d:60:95:d5:e4:2d:d5:bc:4b:
                    77:6f:72:b9:b5:26:cf:4e:92:cb:04:c4:67:c9:97:
                    65:c3:7d:c6:52:7c:1b:9d:bc:b7:b1:f6:e7:95:55:
                    54:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:52:60:43:D8:A8:95:CC:4A:25:6B:EF:76:15:2A:49:57:E8:BE:72
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/11JgQ9iolcxKJWvvdhUqSVfovnI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.19.0/24
                  5.105.24.0/23
                  5.105.33.0/24
                  5.105.40.0/24
                  5.105.43.0/24
                  5.105.50.0/24
                  5.105.57.0/24
                  5.105.65.0/24
                  5.105.81.0/24
                  5.105.96.0/24
                  5.105.168.0/24
                  5.105.230.0/24
                  5.105.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:d0:1c:e5:5d:a2:2b:f6:d0:41:da:49:cd:53:ef:dd:37:c8:
         64:f9:87:d7:55:37:15:ab:74:7e:ca:88:bc:74:f2:6a:52:b1:
         24:e7:49:aa:18:45:0f:d6:89:ed:cb:5a:84:57:8e:a7:0c:e5:
         47:c3:04:71:86:0f:48:b3:b1:be:68:a3:41:b4:98:8a:90:62:
         17:57:b3:ee:59:5b:a0:81:9d:d2:d5:7f:53:05:79:5b:04:6b:
         9c:b5:de:d0:df:80:1b:4a:01:62:a0:49:c0:de:bd:b3:3b:e8:
         5f:27:16:3d:fb:b8:10:c3:e2:21:28:4b:f1:4f:d2:ed:cc:e6:
         2e:10:1b:03:7c:10:07:f4:59:da:d4:55:d3:8b:1f:f0:68:aa:
         a2:0f:60:50:77:17:8f:15:be:6e:52:0f:8f:29:c6:19:3b:30:
         3c:fa:ae:0a:9c:d5:80:1d:3a:7b:68:1e:ca:a0:29:28:54:a9:
         af:fc:f8:37:45:cd:a2:e1:e3:d1:1e:cd:d0:4f:13:62:f2:e9:
         90:b0:b5:3f:a5:fc:95:7d:77:dc:5b:bd:79:f6:de:14:e6:66:
         a2:6d:43:a7:b7:07:4d:d4:c6:e4:f0:ba:23:c0:7a:02:47:b7:
         22:64:09:4b:be:67:7c:29:ef:20:ed:fb:7e:94:b3:d0:bc:21:
         c2:a0:0d:5b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYdMQm7qmlw0F4yJpRc7MDHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNDA0MTIzMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzUyNjA0M2Q4YTg5NWNjNGEyNTZiZWY3NjE1MmE0OTU3ZThiZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4C1A639UMWHxKYbl9jPgyWYAvWY
BNsLqrojuckXWkLJTf1vbExUqndx8dSnOvZc8yO/lGjlVzf8i34LBkFX6EGCynb8
F0UDnXG6xK5PTDL27/qg9Y58/h6MejTGVQaWVat88kdtyutTz8zdV5q0VhA0hosc
uMi8TUXic0KXSqCh9bSEsvWeyHAv4pm7s9vssaJI16XybgjbQtYhDEjvZLw/0tDV
nQaTrFGBe50OPWQpN2VoG6Rrgj5snMUuQUWzhJPmPlQ0jQorIg+VqpArNShSEH0C
rEidYJXV5C3VvEt3b3K5tSbPTpLLBMRnyZdlw33GUnwbnby3sfbnlVVUKQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNdSYEPYqJXMSiVr73YVKklX6L5yMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMTFKZ1E5aW9sY3hLSld2dmRoVXFTVmZvdm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABWkTAwQB
BWkYAwQABWkhAwQABWkoAwQABWkrAwQABWkyAwQABWk5AwQABWlBAwQABWlRAwQA
BWlgAwQABWmoAwQABWnmAwQABWn3MA0GCSqGSIb3DQEBCwUAA4IBAQAi0BzlXaIr
9tBB2knNU+/dN8hk+YfXVTcVq3R+yoi8dPJqUrEk50mqGEUP1onty1qEV46nDOVH
wwRxhg9Is7G+aKNBtJiKkGIXV7PuWVuggZ3S1X9TBXlbBGuctd7Q34AbSgFioEnA
3r2zO+hfJxY9+7gQw+IhKEvxT9LtzOYuEBsDfBAH9Fna1FXTix/waKqiD2BQdxeP
Fb5uUg+PKcYZOzA8+q4KnNWAHTp7aB7KoCkoVKmv/Pg3Rc2i4ePRHs3QTxNi8umQ
sLU/pfyVfXfcW7159t4U5maibUOntwdN1Mbk8LojwHoCR7ciZAlLvmd8Ke8g7ft+
lLPQvCHCoA1b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:26 2024 by rpki-client on console-fra.rpki-client.org