Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/36GFXZXTSKSO4x5GN7C82eYbtI8.roa
File:                     36GFXZXTSKSO4x5GN7C82eYbtI8.roa (raw, json)
Hash identifier:          KIt1gPLc5OBvCVYxSzhLbN22w0E3AQJ9M97OCXe0MDQ=
Subject key identifier:   DF:A1:85:5D:95:D3:48:A4:8E:E3:1E:46:37:B0:BC:D9:E6:1B:B4:8F
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       018A65CD9B93DE5D6EB2E354C1DD68AEAB18
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/36GFXZXTSKSO4x5GN7C82eYbtI8.roa
Signing time:             Tue 05 Sep 2023 14:44:48 +0000
ROA not before:           Tue 05 Sep 2023 14:44:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        5.105.128.0/24 maxlen: 24
                          5.105.160.0/24 maxlen: 24
                          5.105.89.0/24 maxlen: 24
                          5.105.86.0/24 maxlen: 24
                          5.105.88.0/24 maxlen: 24
                          5.105.87.0/24 maxlen: 24
                          5.105.110.0/24 maxlen: 24
                          5.105.114.0/23 maxlen: 24
                          5.105.22.0/24 maxlen: 24
                          5.105.248.0/23 maxlen: 24
                          5.105.250.0/24 maxlen: 24
                          5.105.251.0/24 maxlen: 24
                          5.105.255.0/24 maxlen: 24
                          5.105.254.0/24 maxlen: 24
                          5.105.176.0/24 maxlen: 24
                          5.105.191.0/24 maxlen: 24
                          5.105.190.0/24 maxlen: 24
                          5.105.192.0/24 maxlen: 24
                          5.105.194.0/24 maxlen: 24
                          5.105.206.0/24 maxlen: 24
                          5.105.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Sep 2023 10:33:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:65:cd:9b:93:de:5d:6e:b2:e3:54:c1:dd:68:ae:ab:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Sep  5 14:44:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dfa1855d95d348a48ee31e4637b0bcd9e61bb48f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:06:40:7f:4b:78:5a:d1:d2:c3:69:3d:6b:ec:
                    f5:61:1e:86:97:4d:47:9d:cf:f2:14:29:43:7e:f1:
                    15:ab:a9:0f:b0:bf:13:1d:c1:7e:93:79:fe:60:e9:
                    08:12:ba:d0:2f:12:ac:8b:7e:ae:cb:5c:a3:14:d2:
                    4e:b8:99:be:a7:e0:28:43:8c:21:da:db:68:48:e1:
                    99:5b:6b:e4:46:c4:45:43:fd:10:ee:19:9f:6d:69:
                    48:b8:17:d0:fb:e2:8b:08:a3:d3:07:b6:58:90:27:
                    16:ef:ab:50:5f:14:7c:94:3a:c5:0c:a4:3c:c1:6d:
                    83:81:fc:6f:eb:9f:a2:3e:e5:37:af:85:4c:ee:96:
                    80:8d:f1:09:ba:f1:f0:e8:9a:cc:87:f5:17:8b:ca:
                    73:4b:ac:a3:b0:f7:bc:8b:51:cd:bc:fe:b5:0b:bb:
                    17:82:b3:4f:6d:90:7a:a2:a2:38:61:9d:e7:24:d7:
                    5b:47:da:84:33:84:f0:7a:a6:ee:09:4a:84:9a:78:
                    19:1b:4d:e4:c6:ef:e7:71:cf:be:08:19:62:1a:b9:
                    b6:ba:ae:1c:a8:64:e9:21:e8:6e:dd:38:fd:a5:cd:
                    08:68:e4:46:37:24:cf:da:59:c9:a0:df:dd:39:a6:
                    18:8b:43:3a:09:b8:c5:19:a7:2d:f1:34:f8:5f:24:
                    d4:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:A1:85:5D:95:D3:48:A4:8E:E3:1E:46:37:B0:BC:D9:E6:1B:B4:8F
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/36GFXZXTSKSO4x5GN7C82eYbtI8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.3.0/24
                  5.105.22.0/24
                  5.105.86.0-5.105.89.255
                  5.105.110.0/24
                  5.105.114.0/23
                  5.105.128.0/24
                  5.105.160.0/24
                  5.105.176.0/24
                  5.105.190.0-5.105.192.255
                  5.105.194.0/24
                  5.105.206.0/24
                  5.105.248.0/22
                  5.105.254.0/23

    Signature Algorithm: sha256WithRSAEncryption
         99:93:78:fd:ca:8d:05:2c:43:fc:3a:00:c6:76:68:f6:8c:d2:
         0e:b8:a7:9f:7d:af:c7:f5:83:97:23:74:b8:f7:d5:e3:69:44:
         31:f5:a6:d9:4d:c2:70:46:2f:9f:5d:47:43:e0:35:5a:c0:d8:
         11:da:97:d9:cf:c9:bf:f7:0e:a3:b1:76:21:18:2d:bf:4a:ce:
         80:ea:89:f1:d3:a6:1b:d1:da:46:72:b1:4d:05:6b:5d:2e:9f:
         ef:16:83:c9:4b:9d:cb:23:d9:80:45:d0:a9:eb:d0:7f:b6:b1:
         2b:e4:e6:91:57:9e:30:b9:45:a3:1c:ac:62:27:ad:98:49:03:
         5a:d5:b9:53:e3:3a:16:ab:3f:37:f4:69:53:ab:9e:bf:e3:75:
         54:a6:06:8c:cd:c2:aa:d3:ff:cc:7b:aa:9f:1d:81:e6:f1:9a:
         0b:5b:29:bb:d4:f4:7b:44:bd:31:26:70:34:de:00:87:33:b5:
         cf:93:84:9e:50:21:33:7a:52:b6:9a:55:39:ad:d2:ed:6f:c1:
         44:8b:6a:ff:e7:5a:3a:c3:73:4e:c7:be:d6:88:0c:6f:92:ca:
         1c:05:4a:aa:d1:03:7a:78:52:60:13:43:8e:4f:81:59:55:12:
         52:93:bc:5d:54:e1:b7:b2:9a:6b:9b:eb:92:70:ee:1c:dd:1f:
         dc:72:69:0b
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYplzZuT3l1usuNUwd1orqsYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwOTA1MTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmExODU1ZDk1ZDM0OGE0OGVlMzFlNDYzN2IwYmNkOWU2MWJiNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgZAf0t4WtHSw2k9a+z1YR6Gl01H
nc/yFClDfvEVq6kPsL8THcF+k3n+YOkIErrQLxKsi36uy1yjFNJOuJm+p+AoQ4wh
2ttoSOGZW2vkRsRFQ/0Q7hmfbWlIuBfQ++KLCKPTB7ZYkCcW76tQXxR8lDrFDKQ8
wW2Dgfxv65+iPuU3r4VM7paAjfEJuvHw6JrMh/UXi8pzS6yjsPe8i1HNvP61C7sX
grNPbZB6oqI4YZ3nJNdbR9qEM4TweqbuCUqEmngZG03kxu/ncc++CBliGrm2uq4c
qGTpIehu3Tj9pc0IaORGNyTP2lnJoN/dOaYYi0M6CbjFGact8TT4XyTUnQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFN+hhV2V00ikjuMeRjewvNnmG7SPMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvMzZHRlhaWFRTS1NPNHg1R043QzgyZVlidEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQABWkDAwQA
BWkWMAwDBAEFaVYDBAEFaVgDBAAFaW4DBAEFaXIDBAAFaYADBAAFaaADBAAFabAw
DAMEAQVpvgMEAAVpwAMEAAVpwgMEAAVpzgMEAgVp+AMEAQVp/jANBgkqhkiG9w0B
AQsFAAOCAQEAmZN4/cqNBSxD/DoAxnZo9ozSDrinn32vx/WDlyN0uPfV42lEMfWm
2U3CcEYvn11HQ+A1WsDYEdqX2c/Jv/cOo7F2IRgtv0rOgOqJ8dOmG9HaRnKxTQVr
XS6f7xaDyUudyyPZgEXQqevQf7axK+TmkVeeMLlFoxysYietmEkDWtW5U+M6Fqs/
N/RpU6uev+N1VKYGjM3CqtP/zHuqnx2B5vGaC1spu9T0e0S9MSZwNN4AhzO1z5OE
nlAhM3pStppVOa3S7W/BRItq/+daOsNzTse+1ogMb5LKHAVKqtEDenhSYBNDjk+B
WVUSUpO8XVTht7Kaa5vrknDuHN0f3HJpCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:26 2024 by rpki-client on console-fra.rpki-client.org