Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3BFSS-ufKqYMfRHDFRgf2JIum6U.roa
File:                     3BFSS-ufKqYMfRHDFRgf2JIum6U.roa (raw, json)
Hash identifier:          A6XMbCqTr/VeOaZy7ie7obeGihxKGYGmFcdFHbuxG10=
Subject key identifier:   DC:11:52:4B:EB:9F:2A:A6:0C:7D:11:C3:15:18:1F:D8:92:2E:9B:A5
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       018722BCE24C4EC8D6D4874864AE1B6FAF9C
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3BFSS-ufKqYMfRHDFRgf2JIum6U.roa
Signing time:             Mon 27 Mar 2023 11:03:36 +0000
ROA not before:           Mon 27 Mar 2023 11:03:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204384
IP address blocks:        5.105.124.0/24 maxlen: 24
                          5.105.127.0/24 maxlen: 24
                          5.105.139.0/24 maxlen: 24
                          5.105.138.0/24 maxlen: 24
                          5.105.143.0/24 maxlen: 24
                          5.105.142.0/24 maxlen: 24
                          5.105.157.0/24 maxlen: 24
                          5.105.165.0/24 maxlen: 24
                          5.105.162.0/24 maxlen: 24
                          5.105.168.0/24 maxlen: 24
                          5.105.170.0/24 maxlen: 24
                          5.105.172.0/24 maxlen: 24
                          5.105.69.0/24 maxlen: 24
                          5.105.68.0/24 maxlen: 24
                          5.105.66.0/24 maxlen: 24
                          5.105.82.0/24 maxlen: 24
                          5.105.104.0/24 maxlen: 24
                          5.105.102.0/24 maxlen: 24
                          5.105.112.0/24 maxlen: 24
                          5.105.118.0/24 maxlen: 24
                          5.105.115.0/24 maxlen: 24
                          5.105.114.0/24 maxlen: 24
                          5.105.113.0/24 maxlen: 24
                          5.105.228.0/24 maxlen: 24
                          5.105.240.0/24 maxlen: 24
                          5.105.239.0/24 maxlen: 24
                          5.105.244.0/24 maxlen: 24
                          5.105.245.0/24 maxlen: 24
                          5.105.249.0/24 maxlen: 24
                          5.105.248.0/24 maxlen: 24
                          5.105.247.0/24 maxlen: 24
                          5.105.186.0/24 maxlen: 24
                          5.105.187.0/24 maxlen: 24
                          193.46.210.0/24 maxlen: 24
                          5.105.199.0/24 maxlen: 24
                          5.105.198.0/24 maxlen: 24
                          5.105.197.0/24 maxlen: 24
                          5.105.202.0/24 maxlen: 24
                          5.105.206.0/24 maxlen: 24
                          5.105.203.0/24 maxlen: 24
                          5.105.207.0/24 maxlen: 24
                          5.105.216.0/24 maxlen: 24
                          5.105.215.0/24 maxlen: 24
                          5.105.218.0/24 maxlen: 24
                          5.105.226.0/24 maxlen: 24
                          5.105.31.0/24 maxlen: 24
                          5.105.51.0/24 maxlen: 24
                          5.180.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 29 Mar 2023 07:22:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:22:bc:e2:4c:4e:c8:d6:d4:87:48:64:ae:1b:6f:af:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Mar 27 11:03:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dc11524beb9f2aa60c7d11c315181fd8922e9ba5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:e5:f3:71:17:85:d9:96:67:6b:97:51:09:22:
                    58:0d:77:14:85:db:a7:86:d0:89:c7:fd:d7:b9:50:
                    c9:31:3f:76:de:f7:c2:7f:82:4f:6c:90:30:e7:a4:
                    30:ca:19:d3:df:20:b4:35:c8:6a:1b:d6:ec:b8:9a:
                    4f:95:df:bc:b5:9a:3f:5e:a5:4f:22:e9:61:4d:27:
                    80:7b:78:94:91:ef:19:4f:4c:e2:a5:a6:00:70:1d:
                    1e:9d:24:b1:67:67:99:52:b3:bb:db:ee:c7:82:31:
                    2a:09:0c:bd:89:63:b0:da:5b:e3:51:5d:44:ec:1c:
                    75:7e:2e:09:a1:61:d6:df:ae:cd:f0:23:d9:e4:09:
                    fa:c4:57:fa:99:74:c6:d8:db:aa:62:0c:96:f3:fa:
                    ef:19:56:f7:9d:ad:e6:b8:48:24:6e:98:99:24:96:
                    85:06:5d:23:21:fc:a7:9e:c1:16:d7:b9:82:d7:2e:
                    5f:fc:63:49:ec:ea:6d:23:52:c2:5a:12:13:75:b4:
                    21:37:7f:99:02:9b:47:54:f2:4d:a6:c2:7d:b4:d2:
                    aa:ef:e8:9f:3f:73:eb:08:ca:36:b8:07:3c:1d:f4:
                    4d:0c:7b:fe:03:d5:0f:b0:4d:db:1e:bb:47:0e:c7:
                    e1:d7:5a:4b:5e:5e:4c:86:eb:19:3c:cc:b6:aa:1f:
                    17:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:11:52:4B:EB:9F:2A:A6:0C:7D:11:C3:15:18:1F:D8:92:2E:9B:A5
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3BFSS-ufKqYMfRHDFRgf2JIum6U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.31.0/24
                  5.105.51.0/24
                  5.105.66.0/24
                  5.105.68.0/23
                  5.105.82.0/24
                  5.105.102.0/24
                  5.105.104.0/24
                  5.105.112.0/22
                  5.105.118.0/24
                  5.105.124.0/24
                  5.105.127.0/24
                  5.105.138.0/23
                  5.105.142.0/23
                  5.105.157.0/24
                  5.105.162.0/24
                  5.105.165.0/24
                  5.105.168.0/24
                  5.105.170.0/24
                  5.105.172.0/24
                  5.105.186.0/23
                  5.105.197.0-5.105.199.255
                  5.105.202.0/23
                  5.105.206.0/23
                  5.105.215.0-5.105.216.255
                  5.105.218.0/24
                  5.105.226.0/24
                  5.105.228.0/24
                  5.105.239.0-5.105.240.255
                  5.105.244.0/23
                  5.105.247.0-5.105.249.255
                  5.180.176.0/24
                  193.46.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:56:e1:3d:ff:e5:51:f2:c2:d8:ce:4f:df:6e:5e:db:e6:f5:
         d2:f7:39:53:56:9d:36:fd:23:fc:80:ff:56:1b:0a:96:ac:40:
         e6:d0:e1:27:f8:70:52:69:31:96:50:c5:68:f1:66:20:3b:dc:
         78:b0:4e:31:77:ea:d7:6d:94:00:bc:21:b9:fe:b2:65:4b:e4:
         5a:5e:52:83:f3:d1:19:15:00:5f:a7:e6:e6:16:33:03:75:38:
         dd:85:9e:42:79:c4:e5:9c:90:81:cb:d6:f9:10:8e:69:27:84:
         84:a4:54:96:f8:99:9e:79:51:af:bf:5b:97:ed:f8:52:d4:2e:
         1e:8c:30:ff:72:c9:f0:40:39:a9:c8:1a:21:a8:7d:b9:6c:b3:
         c9:5b:6a:98:b5:4d:b9:05:42:a5:70:8d:04:5e:1b:67:49:c8:
         c2:0c:c1:13:8e:6b:de:07:4c:2a:ba:c6:a2:64:0c:2c:05:61:
         74:2c:d4:7e:6e:f9:f5:d6:6b:03:0c:50:cf:98:10:0e:d6:c4:
         50:c0:d0:97:d9:02:bb:74:82:3f:b0:3a:2f:a3:78:89:84:63:
         c3:a0:8b:08:11:27:d8:b0:17:2f:7b:f6:ce:c2:6c:98:1c:a1:
         25:37:50:af:1d:f5:ef:5d:7e:07:bd:cb:a5:8c:d5:53:2c:b9:
         00:6e:8c:7c
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYcivOJMTsjW1IdIZK4bb6+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzI3MTEwMzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzExNTI0YmViOWYyYWE2MGM3ZDExYzMxNTE4MWZkODkyMmU5YmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uXzcReF2ZZna5dRCSJYDXcUhdun
htCJx/3XuVDJMT923vfCf4JPbJAw56QwyhnT3yC0NchqG9bsuJpPld+8tZo/XqVP
IulhTSeAe3iUke8ZT0zipaYAcB0enSSxZ2eZUrO72+7HgjEqCQy9iWOw2lvjUV1E
7Bx1fi4JoWHW367N8CPZ5An6xFf6mXTG2NuqYgyW8/rvGVb3na3muEgkbpiZJJaF
Bl0jIfynnsEW17mC1y5f/GNJ7OptI1LCWhITdbQhN3+ZAptHVPJNpsJ9tNKq7+if
P3PrCMo2uAc8HfRNDHv+A9UPsE3bHrtHDsfh11pLXl5MhusZPMy2qh8X6wIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFNwRUkvrnyqmDH0RwxUYH9iSLpulMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvM0JGU1MtdWZLcVlNZlJIREZSZ2YySkl1bTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBAAF
aR8DBAAFaTMDBAAFaUIDBAEFaUQDBAAFaVIDBAAFaWYDBAAFaWgDBAIFaXADBAAF
aXYDBAAFaXwDBAAFaX8DBAEFaYoDBAEFaY4DBAAFaZ0DBAAFaaIDBAAFaaUDBAAF
aagDBAAFaaoDBAAFaawDBAEFabowDAMEAAVpxQMEAwVpwAMEAQVpygMEAQVpzjAM
AwQABWnXAwQABWnYAwQABWnaAwQABWniAwQABWnkMAwDBAAFae8DBAAFafADBAEF
afQwDAMEAAVp9wMEAQVp+AMEAAW0sAMEAMEu0jANBgkqhkiG9w0BAQsFAAOCAQEA
TVbhPf/lUfLC2M5P325e2+b10vc5U1adNv0j/ID/VhsKlqxA5tDhJ/hwUmkxllDF
aPFmIDvceLBOMXfq122UALwhuf6yZUvkWl5Sg/PRGRUAX6fm5hYzA3U43YWeQnnE
5ZyQgcvW+RCOaSeEhKRUlviZnnlRr79bl+34UtQuHoww/3LJ8EA5qcgaIah9uWyz
yVtqmLVNuQVCpXCNBF4bZ0nIwgzBE45r3gdMKrrGomQMLAVhdCzUfm759dZrAwxQ
z5gQDtbEUMDQl9kCu3SCP7A6L6N4iYRjw6CLCBEn2LAXL3v2zsJsmByhJTdQrx31
711+B73LpYzVUyy5AG6MfA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:55 2024 by rpki-client on console-ams.rpki-client.org