Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/7CKNdmNQT4jL3wSpKILoNkDi_Qg.roa
File:                     7CKNdmNQT4jL3wSpKILoNkDi_Qg.roa (raw, json)
Hash identifier:          IV5Zd8FHOGAmwVO8NYb9g0zAFo65jrxhF+Eb29OXt14=
Subject key identifier:   EC:22:8D:76:63:50:4F:88:CB:DF:04:A9:28:82:E8:36:40:E2:FD:08
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       01878E50F020C242CCC632BEC41A7458A55F
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/7CKNdmNQT4jL3wSpKILoNkDi_Qg.roa
Signing time:             Mon 17 Apr 2023 08:24:41 +0000
ROA not before:           Mon 17 Apr 2023 08:24:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204384
IP address blocks:        5.105.124.0/24 maxlen: 24
                          5.105.127.0/24 maxlen: 24
                          5.105.139.0/24 maxlen: 24
                          5.105.138.0/24 maxlen: 24
                          5.105.143.0/24 maxlen: 24
                          5.105.142.0/24 maxlen: 24
                          5.105.157.0/24 maxlen: 24
                          5.105.165.0/24 maxlen: 24
                          5.105.162.0/24 maxlen: 24
                          5.105.170.0/24 maxlen: 24
                          5.105.172.0/24 maxlen: 24
                          5.105.69.0/24 maxlen: 24
                          5.105.68.0/24 maxlen: 24
                          5.105.77.0/24 maxlen: 24
                          5.105.82.0/24 maxlen: 24
                          5.105.94.0/24 maxlen: 24
                          5.105.104.0/24 maxlen: 24
                          5.105.102.0/24 maxlen: 24
                          5.105.112.0/24 maxlen: 24
                          5.105.118.0/24 maxlen: 24
                          5.105.115.0/24 maxlen: 24
                          5.105.114.0/24 maxlen: 24
                          5.105.113.0/24 maxlen: 24
                          5.105.228.0/24 maxlen: 24
                          5.105.240.0/24 maxlen: 24
                          5.105.239.0/24 maxlen: 24
                          5.105.244.0/24 maxlen: 24
                          5.105.245.0/24 maxlen: 24
                          5.105.249.0/24 maxlen: 24
                          5.105.248.0/24 maxlen: 24
                          5.105.186.0/24 maxlen: 24
                          5.105.185.0/24 maxlen: 24
                          5.105.187.0/24 maxlen: 24
                          193.46.210.0/24 maxlen: 24
                          5.105.199.0/24 maxlen: 24
                          5.105.198.0/24 maxlen: 24
                          5.105.197.0/24 maxlen: 24
                          5.105.202.0/24 maxlen: 24
                          5.105.206.0/24 maxlen: 24
                          5.105.203.0/24 maxlen: 24
                          5.105.207.0/24 maxlen: 24
                          5.105.216.0/24 maxlen: 24
                          5.105.215.0/24 maxlen: 24
                          5.105.218.0/24 maxlen: 24
                          5.105.31.0/24 maxlen: 24
                          5.105.30.0/24 maxlen: 24
                          5.105.64.0/24 maxlen: 24
                          5.180.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 18 Apr 2023 10:55:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:8e:50:f0:20:c2:42:cc:c6:32:be:c4:1a:74:58:a5:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Apr 17 08:24:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ec228d7663504f88cbdf04a92882e83640e2fd08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:6d:4d:9b:1c:09:22:0d:b4:ba:cf:73:06:b7:
                    f3:d9:02:50:cd:27:db:43:0f:c5:37:81:62:1b:78:
                    39:c7:a1:00:8f:bd:90:82:f8:0e:bf:82:10:94:45:
                    68:52:9d:72:cf:64:33:4b:4e:3c:13:ae:c0:2d:32:
                    e0:ce:56:e7:88:19:40:e6:0b:29:9d:cf:51:7d:ac:
                    54:be:4a:d5:59:e2:da:32:30:1c:ff:ed:81:3e:92:
                    9b:68:62:b5:e6:f9:b5:d1:62:b7:ba:dd:dc:c8:8a:
                    d3:b7:5c:66:26:08:4f:dc:ae:a8:a4:15:60:7f:b6:
                    18:42:59:01:04:03:39:e4:87:7a:6f:79:ce:db:2d:
                    12:a9:a8:ab:73:5d:fb:54:82:ce:3f:e1:54:f7:2d:
                    94:85:32:1b:61:bb:07:0b:9e:fd:d2:e5:35:a2:1b:
                    35:cf:46:66:38:bb:5b:fa:aa:12:42:f1:1f:46:3e:
                    41:c8:1c:cf:3d:74:8b:87:82:8b:9b:e1:cb:10:b4:
                    68:07:78:b8:49:94:35:3d:1b:7d:b7:35:08:74:5f:
                    be:00:d4:6a:e3:23:3c:48:63:65:9a:2a:a9:f1:c6:
                    73:50:eb:7a:e3:2a:17:92:e2:16:71:8a:46:10:86:
                    9e:62:c8:c1:0b:39:bb:79:b4:22:05:06:2e:c8:f9:
                    96:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:22:8D:76:63:50:4F:88:CB:DF:04:A9:28:82:E8:36:40:E2:FD:08
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/7CKNdmNQT4jL3wSpKILoNkDi_Qg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.30.0/23
                  5.105.64.0/24
                  5.105.68.0/23
                  5.105.77.0/24
                  5.105.82.0/24
                  5.105.94.0/24
                  5.105.102.0/24
                  5.105.104.0/24
                  5.105.112.0/22
                  5.105.118.0/24
                  5.105.124.0/24
                  5.105.127.0/24
                  5.105.138.0/23
                  5.105.142.0/23
                  5.105.157.0/24
                  5.105.162.0/24
                  5.105.165.0/24
                  5.105.170.0/24
                  5.105.172.0/24
                  5.105.185.0-5.105.187.255
                  5.105.197.0-5.105.199.255
                  5.105.202.0/23
                  5.105.206.0/23
                  5.105.215.0-5.105.216.255
                  5.105.218.0/24
                  5.105.228.0/24
                  5.105.239.0-5.105.240.255
                  5.105.244.0/23
                  5.105.248.0/23
                  5.180.176.0/24
                  193.46.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cd:0a:28:c7:b8:2e:4d:40:f2:f1:9c:f2:87:6a:f3:24:ab:73:
         05:04:b0:86:2c:69:5f:08:c4:03:d0:51:fd:dc:5e:29:bc:b5:
         8f:36:ab:e7:de:ac:1f:3a:00:c2:8a:bf:f9:b0:d4:16:2a:c8:
         ed:66:e6:30:a5:1f:eb:40:d4:85:0e:90:ec:f2:a0:de:ad:eb:
         a9:fb:0a:08:77:88:9a:73:1b:6f:72:be:1d:f6:56:80:23:60:
         44:5a:e8:6c:d8:5f:11:72:40:e9:c0:2e:98:4b:95:7b:b8:7c:
         65:50:37:a4:4e:30:7d:76:3a:18:d1:85:ae:0a:d7:50:33:b0:
         f3:ca:c0:82:e9:21:ac:8d:8c:97:d3:57:c1:7a:dd:af:86:f8:
         54:60:16:f0:b3:bf:82:78:8c:39:30:73:48:96:fe:af:f5:7d:
         c9:1b:1a:80:03:37:19:69:1e:6b:0a:6e:ab:db:f7:44:14:ec:
         34:1f:27:65:b7:84:04:e2:68:97:48:46:30:07:b1:c4:08:be:
         db:fc:83:60:78:a3:31:49:30:5b:90:aa:99:d7:03:d9:fd:99:
         7c:95:94:36:37:80:7a:fb:bf:21:9f:e5:1e:0d:f6:d8:f0:ed:
         d4:48:a4:2c:33:4f:c9:0c:15:87:f0:7f:e0:44:e8:2f:6a:b0:
         15:7b:fa:31
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAYeOUPAgwkLMxjK+xBp0WKVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNDE3MDgyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzIyOGQ3NjYzNTA0Zjg4Y2JkZjA0YTkyODgyZTgzNjQwZTJmZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlG1NmxwJIg20us9zBrfz2QJQzSfb
Qw/FN4FiG3g5x6EAj72QgvgOv4IQlEVoUp1yz2QzS048E67ALTLgzlbniBlA5gsp
nc9RfaxUvkrVWeLaMjAc/+2BPpKbaGK15vm10WK3ut3cyIrTt1xmJghP3K6opBVg
f7YYQlkBBAM55Id6b3nO2y0Sqairc137VILOP+FU9y2UhTIbYbsHC5790uU1ohs1
z0ZmOLtb+qoSQvEfRj5ByBzPPXSLh4KLm+HLELRoB3i4SZQ1PRt9tzUIdF++ANRq
4yM8SGNlmiqp8cZzUOt64yoXkuIWcYpGEIaeYsjBCzm7ebQiBQYuyPmWwQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFOwijXZjUE+Iy98EqSiC6DZA4v0IMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvN0NLTmRtTlFUNGpMM3dTcEtJTG9Oa0RpX1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBAEF
aR4DBAAFaUADBAEFaUQDBAAFaU0DBAAFaVIDBAAFaV4DBAAFaWYDBAAFaWgDBAIF
aXADBAAFaXYDBAAFaXwDBAAFaX8DBAEFaYoDBAEFaY4DBAAFaZ0DBAAFaaIDBAAF
aaUDBAAFaaoDBAAFaawwDAMEAAVpuQMEAgVpuDAMAwQABWnFAwQDBWnAAwQBBWnK
AwQBBWnOMAwDBAAFadcDBAAFadgDBAAFadoDBAAFaeQwDAMEAAVp7wMEAAVp8AME
AQVp9AMEAQVp+AMEAAW0sAMEAMEu0jANBgkqhkiG9w0BAQsFAAOCAQEAzQoox7gu
TUDy8Zzyh2rzJKtzBQSwhixpXwjEA9BR/dxeKby1jzar596sHzoAwoq/+bDUFirI
7WbmMKUf60DUhQ6Q7PKg3q3rqfsKCHeImnMbb3K+HfZWgCNgRFrobNhfEXJA6cAu
mEuVe7h8ZVA3pE4wfXY6GNGFrgrXUDOw88rAgukhrI2Ml9NXwXrdr4b4VGAW8LO/
gniMOTBzSJb+r/V9yRsagAM3GWkeawpuq9v3RBTsNB8nZbeEBOJol0hGMAexxAi+
2/yDYHijMUkwW5CqmdcD2f2ZfJWUNjeAevu/IZ/lHg322PDt1EikLDNPyQwVh/B/
4EToL2qwFXv6MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:26 2024 by rpki-client on console-fra.rpki-client.org