Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/20Qw4Pd_hEiMkl-l-AjQM4fy7HI.roa
File:                     20Qw4Pd_hEiMkl-l-AjQM4fy7HI.roa (raw, json)
Hash identifier:          gb8Q8EmbbABoRksrmxQQ2fMEpDxNaLSTJ1/961L4hvw=
Subject key identifier:   DB:44:30:E0:F7:7F:84:48:8C:92:5F:A5:F8:08:D0:33:87:F2:EC:72
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       018814C5B8E7266C399CDE85BE51317F4143
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/20Qw4Pd_hEiMkl-l-AjQM4fy7HI.roa
Signing time:             Sat 13 May 2023 11:01:22 +0000
ROA not before:           Sat 13 May 2023 11:01:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198587
IP address blocks:        5.105.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:14:c5:b8:e7:26:6c:39:9c:de:85:be:51:31:7f:41:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: May 13 11:01:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db4430e0f77f84488c925fa5f808d03387f2ec72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:4b:84:0e:52:d3:a5:59:0a:51:0e:7b:b8:a1:
                    ca:f8:28:b7:35:f3:10:3e:d6:b3:33:c4:e6:93:a7:
                    96:eb:6a:fb:a4:bd:53:a0:ac:9a:09:ca:ee:ca:a2:
                    34:91:b3:ba:77:ce:b1:ff:59:61:72:bd:7f:7b:f1:
                    65:7e:eb:60:2e:da:03:02:7f:08:82:97:29:8f:58:
                    74:8e:e4:69:de:df:66:14:12:e0:f3:05:66:7e:9f:
                    0a:63:bc:92:6e:30:59:78:9d:d1:73:89:ac:ac:cf:
                    6f:31:2e:31:8d:f4:55:1a:e2:49:91:3b:cb:d4:de:
                    8d:90:54:9c:98:15:2c:a1:31:23:46:2c:ae:3a:5e:
                    b0:27:ed:42:81:8d:87:b1:2a:3d:75:5e:6a:f5:a9:
                    f2:d3:4d:92:3e:3f:18:81:48:30:6b:8f:49:44:c3:
                    ff:1d:f0:7f:e4:31:55:d2:6c:a6:92:65:1a:2e:29:
                    35:84:c2:55:59:44:44:13:ed:2b:df:7a:b9:bc:c2:
                    09:13:1d:48:c0:8b:5e:d0:8f:8e:03:1d:ec:2f:65:
                    f6:52:36:ed:5c:1d:63:7b:61:df:e3:c8:ff:ef:e6:
                    a1:c6:b1:1f:69:14:82:b0:ea:42:3b:9c:7b:1b:87:
                    aa:75:d3:49:79:fc:31:ed:ce:66:81:35:b5:cb:d8:
                    b4:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:44:30:E0:F7:7F:84:48:8C:92:5F:A5:F8:08:D0:33:87:F2:EC:72
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/20Qw4Pd_hEiMkl-l-AjQM4fy7HI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:8a:a5:78:a5:17:0f:6f:4f:2c:bf:ce:7e:f0:35:5e:34:32:
         4d:39:7f:7b:d8:dd:c7:b1:08:3c:20:08:52:8a:79:1a:fc:4a:
         b9:7a:9b:0d:45:54:d8:8e:94:c9:77:0a:09:88:b4:8b:1b:c0:
         59:c9:56:1d:57:f0:01:02:85:8f:e3:c4:f7:6c:82:e1:28:3c:
         4f:f8:06:ab:00:03:cf:f5:d1:7e:ac:f8:df:37:51:94:1b:f3:
         ec:2f:b9:0e:fd:18:73:25:e6:fe:f4:90:2a:1c:4b:81:07:e9:
         e3:66:c3:ac:68:cd:0a:41:b9:c1:98:e4:ad:6b:49:ea:23:65:
         c9:04:68:ef:95:eb:23:58:67:a4:2b:32:20:e2:47:63:dc:31:
         12:b9:37:0f:e4:7e:9e:3f:34:05:bb:73:6e:94:ed:0a:9a:d8:
         fd:e1:54:ac:3f:f9:46:04:1b:c4:fc:81:cc:2a:a2:f5:9f:9c:
         e2:c9:a9:57:1b:e6:83:c4:9c:6b:e4:4c:23:71:d0:45:1c:0a:
         e2:0d:53:37:8c:08:8d:f8:74:a8:a3:4e:72:4c:7a:43:2c:72:
         56:a6:ec:be:cc:3f:6e:68:62:13:f0:b2:a3:56:6b:37:76:cf:
         e9:ef:d1:f9:4e:99:d0:6d:73:9f:95:5b:71:e4:4a:1a:a8:08:
         15:af:4b:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgUxbjnJmw5nN6FvlExf0FDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTEzMTEwMTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQ0MzBlMGY3N2Y4NDQ4OGM5MjVmYTVmODA4ZDAzMzg3ZjJlYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0uEDlLTpVkKUQ57uKHK+Ci3NfMQ
PtazM8Tmk6eW62r7pL1ToKyaCcruyqI0kbO6d86x/1lhcr1/e/FlfutgLtoDAn8I
gpcpj1h0juRp3t9mFBLg8wVmfp8KY7ySbjBZeJ3Rc4msrM9vMS4xjfRVGuJJkTvL
1N6NkFScmBUsoTEjRiyuOl6wJ+1CgY2HsSo9dV5q9any002SPj8YgUgwa49JRMP/
HfB/5DFV0mymkmUaLik1hMJVWUREE+0r33q5vMIJEx1IwIte0I+OAx3sL2X2Ujbt
XB1je2Hf48j/7+ahxrEfaRSCsOpCO5x7G4eqddNJefwx7c5mgTW1y9i0qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtEMOD3f4RIjJJfpfgI0DOH8uxyMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMjBRdzRQZF9oRWlNa2wtbC1BalFNNGZ5N0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWkKMA0G
CSqGSIb3DQEBCwUAA4IBAQATiqV4pRcPb08sv85+8DVeNDJNOX972N3HsQg8IAhS
inka/Eq5epsNRVTYjpTJdwoJiLSLG8BZyVYdV/ABAoWP48T3bILhKDxP+AarAAPP
9dF+rPjfN1GUG/PsL7kO/RhzJeb+9JAqHEuBB+njZsOsaM0KQbnBmOSta0nqI2XJ
BGjvlesjWGekKzIg4kdj3DESuTcP5H6ePzQFu3NulO0Kmtj94VSsP/lGBBvE/IHM
KqL1n5ziyalXG+aDxJxr5EwjcdBFHAriDVM3jAiN+HSoo05yTHpDLHJWpuy+zD9u
aGIT8LKjVms3ds/p79H5TpnQbXOflVtx5EoaqAgVr0uV
-----END CERTIFICATE-----
Generated at Tue Sep 19 11:05:47 2023 by rpki-client on console-ams.rpki-client.org