Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1DGce9x-PwQrtLj92yk0GU1DijI.roa
File:                     1DGce9x-PwQrtLj92yk0GU1DijI.roa (raw, json)
Hash identifier:          jFkjxy6foZ2I1X8ZVxQA8/1aA8e4o1P3XKWQgTtIaw4=
Subject key identifier:   D4:31:9C:7B:DC:7E:3F:04:2B:B4:B8:FD:DB:29:34:19:4D:43:8A:32
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0186C67C80AF8ED10FEC20410EB7CF1270B5
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1DGce9x-PwQrtLj92yk0GU1DijI.roa
Signing time:             Thu 09 Mar 2023 13:08:13 +0000
ROA not before:           Thu 09 Mar 2023 13:08:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204384
IP address blocks:        5.105.124.0/24 maxlen: 24
                          5.105.139.0/24 maxlen: 24
                          5.105.138.0/24 maxlen: 24
                          5.105.143.0/24 maxlen: 24
                          5.105.142.0/24 maxlen: 24
                          5.105.157.0/24 maxlen: 24
                          5.105.165.0/24 maxlen: 24
                          5.105.162.0/24 maxlen: 24
                          5.105.69.0/24 maxlen: 24
                          5.105.68.0/24 maxlen: 24
                          5.105.80.0/24 maxlen: 24
                          5.105.104.0/24 maxlen: 24
                          5.105.102.0/24 maxlen: 24
                          5.105.112.0/24 maxlen: 24
                          5.105.115.0/24 maxlen: 24
                          5.105.114.0/24 maxlen: 24
                          5.105.113.0/24 maxlen: 24
                          5.105.240.0/24 maxlen: 24
                          5.105.239.0/24 maxlen: 24
                          5.105.244.0/24 maxlen: 24
                          5.105.245.0/24 maxlen: 24
                          5.105.249.0/24 maxlen: 24
                          5.105.248.0/24 maxlen: 24
                          5.105.247.0/24 maxlen: 24
                          5.105.186.0/24 maxlen: 24
                          5.105.187.0/24 maxlen: 24
                          193.46.210.0/24 maxlen: 24
                          5.105.199.0/24 maxlen: 24
                          5.105.198.0/24 maxlen: 24
                          5.105.202.0/24 maxlen: 24
                          5.105.206.0/24 maxlen: 24
                          5.105.203.0/24 maxlen: 24
                          5.105.207.0/24 maxlen: 24
                          5.105.215.0/24 maxlen: 24
                          5.105.214.0/24 maxlen: 24
                          5.105.226.0/24 maxlen: 24
                          5.105.19.0/24 maxlen: 24
                          5.105.42.0/24 maxlen: 24
                          5.105.59.0/24 maxlen: 24
                          5.105.63.0/24 maxlen: 24
                          5.180.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 10 Mar 2023 08:02:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:c6:7c:80:af:8e:d1:0f:ec:20:41:0e:b7:cf:12:70:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Mar  9 13:08:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4319c7bdc7e3f042bb4b8fddb2934194d438a32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:27:60:6d:a7:c1:68:d3:5c:53:d8:a9:25:7a:
                    fa:ac:53:c4:86:d3:69:3c:3b:c4:6c:55:a8:af:1b:
                    70:38:9a:88:54:bc:09:d8:a9:3f:af:09:fb:c0:ea:
                    1c:c9:c1:67:a2:75:ee:d6:a5:91:de:a7:db:00:38:
                    a7:5f:81:07:99:db:d9:91:c7:2c:ad:68:13:14:61:
                    ec:d3:3b:23:2b:06:2a:05:6f:ef:cc:f8:63:6a:61:
                    ff:4d:34:f5:29:75:d6:af:73:3e:52:45:7a:3d:73:
                    ad:14:39:45:1d:55:67:a6:cf:9c:d8:84:f2:ea:9f:
                    35:26:4c:fd:30:38:b3:4c:eb:04:b7:76:95:58:cc:
                    1e:36:4b:f5:7a:0c:ae:cf:43:1f:d4:55:37:ea:c9:
                    82:67:59:01:f4:1a:d6:93:48:c2:04:7f:fc:62:ef:
                    a6:1e:43:84:24:39:91:e0:13:40:6e:c0:8d:c3:d6:
                    f0:05:ea:23:38:2a:ad:70:00:de:ef:20:f3:d5:61:
                    be:75:70:20:f9:31:52:71:59:79:72:c0:30:de:41:
                    c4:fd:14:68:b7:07:f6:19:86:9d:6b:8d:81:a3:4b:
                    ff:c1:f6:a8:6e:9d:25:fa:6c:d7:72:f2:a7:d1:54:
                    fe:97:aa:11:44:00:2b:8e:ab:0d:61:a7:7b:2d:32:
                    60:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:31:9C:7B:DC:7E:3F:04:2B:B4:B8:FD:DB:29:34:19:4D:43:8A:32
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/1DGce9x-PwQrtLj92yk0GU1DijI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.19.0/24
                  5.105.42.0/24
                  5.105.59.0/24
                  5.105.63.0/24
                  5.105.68.0/23
                  5.105.80.0/24
                  5.105.102.0/24
                  5.105.104.0/24
                  5.105.112.0/22
                  5.105.124.0/24
                  5.105.138.0/23
                  5.105.142.0/23
                  5.105.157.0/24
                  5.105.162.0/24
                  5.105.165.0/24
                  5.105.186.0/23
                  5.105.198.0/23
                  5.105.202.0/23
                  5.105.206.0/23
                  5.105.214.0/23
                  5.105.226.0/24
                  5.105.239.0-5.105.240.255
                  5.105.244.0/23
                  5.105.247.0-5.105.249.255
                  5.180.176.0/24
                  193.46.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:2e:19:07:4a:2a:d6:95:03:dc:53:cf:72:53:6c:5c:b9:49:
         b0:86:e2:e8:76:38:93:49:80:3d:b3:35:ad:4a:c5:54:c2:34:
         96:68:a4:01:2c:07:15:05:8b:c6:42:fe:04:b9:db:da:b4:76:
         83:60:36:9a:c8:a9:f9:1e:72:ee:76:05:90:2a:9a:1f:81:50:
         85:4f:90:12:d9:40:a4:39:3f:c1:40:95:a6:ac:da:7b:0c:94:
         88:6a:19:4e:20:6a:52:85:20:31:62:2e:a4:0c:fd:a2:24:2e:
         b7:12:b0:2b:f9:23:b3:c5:9c:91:bc:77:a2:c8:ab:1c:57:cf:
         3a:d9:6a:98:e8:90:9f:ba:11:db:06:bf:2c:3d:b2:e5:4a:fa:
         b0:13:22:ab:ce:79:0f:a3:2e:6f:19:d5:07:44:dc:e2:f4:e9:
         63:82:f9:70:04:40:08:f3:c9:94:53:a7:e2:4e:b3:89:e4:d0:
         72:1a:b2:9e:2b:02:61:48:e7:b9:b9:7d:36:b5:1e:ac:dd:23:
         8f:32:3e:da:23:23:7a:d4:b3:7b:05:49:11:7d:95:34:de:45:
         de:01:44:02:fd:55:f7:e0:d2:00:e9:9a:9c:63:e6:43:44:22:
         92:4e:85:51:b8:c5:06:8d:ec:9e:d7:7c:50:37:05:9e:4c:5b:
         1b:c0:9d:5c
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYbGfICvjtEP7CBBDrfPEnC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzA5MTMwODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDMxOWM3YmRjN2UzZjA0MmJiNGI4ZmRkYjI5MzQxOTRkNDM4YTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSdgbafBaNNcU9ipJXr6rFPEhtNp
PDvEbFWorxtwOJqIVLwJ2Kk/rwn7wOocycFnonXu1qWR3qfbADinX4EHmdvZkccs
rWgTFGHs0zsjKwYqBW/vzPhjamH/TTT1KXXWr3M+UkV6PXOtFDlFHVVnps+c2ITy
6p81Jkz9MDizTOsEt3aVWMweNkv1egyuz0Mf1FU36smCZ1kB9BrWk0jCBH/8Yu+m
HkOEJDmR4BNAbsCNw9bwBeojOCqtcADe7yDz1WG+dXAg+TFScVl5csAw3kHE/RRo
twf2GYada42Bo0v/wfaobp0l+mzXcvKn0VT+l6oRRAArjqsNYad7LTJg1wIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFNQxnHvcfj8EK7S4/dspNBlNQ4oyMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMURHY2U5eC1Qd1FydExqOTJ5azBHVTFEaWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAAF
aRMDBAAFaSoDBAAFaTsDBAAFaT8DBAEFaUQDBAAFaVADBAAFaWYDBAAFaWgDBAIF
aXADBAAFaXwDBAEFaYoDBAEFaY4DBAAFaZ0DBAAFaaIDBAAFaaUDBAEFaboDBAEF
acYDBAEFacoDBAEFac4DBAEFadYDBAAFaeIwDAMEAAVp7wMEAAVp8AMEAQVp9DAM
AwQABWn3AwQBBWn4AwQABbSwAwQAwS7SMA0GCSqGSIb3DQEBCwUAA4IBAQBQLhkH
SirWlQPcU89yU2xcuUmwhuLodjiTSYA9szWtSsVUwjSWaKQBLAcVBYvGQv4Eudva
tHaDYDaayKn5HnLudgWQKpofgVCFT5AS2UCkOT/BQJWmrNp7DJSIahlOIGpShSAx
Yi6kDP2iJC63ErAr+SOzxZyRvHeiyKscV8862WqY6JCfuhHbBr8sPbLlSvqwEyKr
znkPoy5vGdUHRNzi9OljgvlwBEAI88mUU6fiTrOJ5NByGrKeKwJhSOe5uX02tR6s
3SOPMj7aIyN61LN7BUkRfZU03kXeAUQC/VX34NIA6ZqcY+ZDRCKSToVRuMUGjeye
13xQNwWeTFsbwJ1c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:55 2024 by rpki-client on console-ams.rpki-client.org