Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/AzrUxyZH_8lD59a_06QIsUBDBM4.roa
File:                     AzrUxyZH_8lD59a_06QIsUBDBM4.roa (raw, json)
Hash identifier:          sMqUqy9xO7QeJMyG0pOW3pP9QrDt82PXNcVS06MZ3+0=
Subject key identifier:   03:3A:D4:C7:26:47:FF:C9:43:E7:D6:BF:D3:A4:08:B1:40:43:04:CE
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       018A66E12DEB464009FB7483F46DA309A163
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/AzrUxyZH_8lD59a_06QIsUBDBM4.roa
Signing time:             Tue 05 Sep 2023 19:45:47 +0000
ROA not before:           Tue 05 Sep 2023 19:45:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25369
IP address blocks:        5.105.130.0/24 maxlen: 24
                          5.105.79.0/24 maxlen: 24
                          5.105.91.0/24 maxlen: 24
                          5.105.90.0/24 maxlen: 24
                          5.105.92.0/24 maxlen: 24
                          5.105.93.0/24 maxlen: 24
                          5.105.108.0/24 maxlen: 24
                          5.105.38.0/24 maxlen: 24
                          217.67.64.0/22 maxlen: 22
                          5.105.39.0/24 maxlen: 24
                          5.105.204.0/24 maxlen: 24
                          5.105.223.0/24 maxlen: 24
                          5.105.222.0/24 maxlen: 24
                          5.105.224.0/24 maxlen: 24
                          5.105.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Sep 2023 11:39:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:66:e1:2d:eb:46:40:09:fb:74:83:f4:6d:a3:09:a1:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Sep  5 19:45:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=033ad4c72647ffc943e7d6bfd3a408b1404304ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:64:e7:89:59:9c:88:e8:2d:35:6c:e3:bf:6d:
                    e1:3a:ea:12:e3:09:d1:0c:91:4d:fc:19:75:74:c5:
                    d0:c5:d9:66:8f:c3:36:31:41:32:e0:62:61:45:37:
                    a9:ea:31:f5:53:f2:58:79:9a:a4:39:ec:71:35:ff:
                    03:a4:f1:cc:5e:ad:0d:9f:17:54:7c:fa:16:23:09:
                    b6:e3:b4:0a:d6:93:f3:8d:60:a6:81:66:6a:93:6d:
                    19:d7:eb:77:e3:be:45:9a:e1:87:1e:61:6a:64:18:
                    93:7e:b7:f3:a3:fb:0d:1b:6b:71:1f:28:4d:21:cd:
                    13:72:cd:28:c4:90:b7:89:e1:a9:c8:88:04:0c:48:
                    b5:76:54:f3:4b:d9:9c:7c:58:ec:8d:b9:d7:8d:24:
                    00:8c:e1:a4:6f:70:6d:f3:23:d4:e9:7c:05:e8:ea:
                    87:28:97:0e:f9:e3:0a:42:e4:5e:97:e2:fb:b0:7e:
                    e0:9d:d9:ad:6b:aa:20:aa:0f:91:80:55:cc:11:65:
                    0d:f0:15:ad:48:bf:69:87:6e:7d:61:98:ee:0f:76:
                    b0:69:9c:08:08:f4:94:bf:da:27:51:6d:e9:df:d1:
                    50:ee:73:c7:61:d8:3e:5f:6b:3a:28:fc:0d:34:aa:
                    a2:45:59:cb:d1:c2:d4:f9:1e:93:00:9a:dd:20:0d:
                    0f:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:3A:D4:C7:26:47:FF:C9:43:E7:D6:BF:D3:A4:08:B1:40:43:04:CE
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/AzrUxyZH_8lD59a_06QIsUBDBM4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.38.0/23
                  5.105.79.0/24
                  5.105.90.0-5.105.93.255
                  5.105.108.0/24
                  5.105.130.0/24
                  5.105.204.0/24
                  5.105.222.0-5.105.225.255
                  217.67.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9d:ec:2d:3d:0d:ec:b0:5b:81:d8:cf:1b:b1:8d:97:89:19:b1:
         6a:70:ef:d2:c0:cb:cc:4c:af:2a:1e:75:39:33:bf:71:f5:f2:
         35:7e:41:1b:08:4c:a8:5b:05:de:6d:86:45:d8:54:43:ca:fb:
         62:e0:01:4f:47:7e:2a:b6:b9:06:44:bf:12:c0:e6:10:61:63:
         b6:a0:df:d4:ff:cd:aa:86:7d:e8:61:a4:bf:93:71:9a:34:7a:
         3f:d6:5a:95:70:57:f0:84:65:af:7d:36:e1:fb:76:94:18:2a:
         e8:65:40:c7:3a:35:d9:dd:63:74:cb:93:1e:59:d4:9e:7a:b4:
         c6:3d:50:e6:6c:e7:b7:8e:df:1e:22:04:63:5e:9b:1d:3c:6e:
         c4:a1:4f:9a:a6:d3:f7:5a:1d:dd:b8:a9:3c:22:c6:4c:37:b2:
         f4:04:18:7d:a1:f8:6c:f5:28:94:8e:1b:80:c0:fe:95:c9:9c:
         fc:40:74:0a:f7:42:f0:a5:0f:ae:68:fc:9f:c8:85:53:f8:90:
         ad:57:64:69:84:89:39:2b:e6:5c:c3:80:45:b8:48:fa:a1:cc:
         b8:40:e6:39:32:97:87:25:bc:fb:1f:2a:90:07:e4:80:d4:12:
         e8:f0:be:e7:18:20:2b:08:2b:25:e1:d5:38:29:54:6d:92:a8:
         ae:e7:66:f3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYpm4S3rRkAJ+3SD9G2jCaFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwOTA1MTk0NTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzNhZDRjNzI2NDdmZmM5NDNlN2Q2YmZkM2E0MDhiMTQwNDMwNGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mTniVmciOgtNWzjv23hOuoS4wnR
DJFN/Bl1dMXQxdlmj8M2MUEy4GJhRTep6jH1U/JYeZqkOexxNf8DpPHMXq0NnxdU
fPoWIwm247QK1pPzjWCmgWZqk20Z1+t3475FmuGHHmFqZBiTfrfzo/sNG2txHyhN
Ic0Tcs0oxJC3ieGpyIgEDEi1dlTzS9mcfFjsjbnXjSQAjOGkb3Bt8yPU6XwF6OqH
KJcO+eMKQuRel+L7sH7gndmta6ogqg+RgFXMEWUN8BWtSL9ph259YZjuD3awaZwI
CPSUv9onUW3p39FQ7nPHYdg+X2s6KPwNNKqiRVnL0cLU+R6TAJrdIA0PqQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFAM61McmR//JQ+fWv9OkCLFAQwTOMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvQXpyVXh5WkhfOGxENTlhXzA2UUlzVUJEQk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBBWkmAwQA
BWlPMAwDBAEFaVoDBAEFaVwDBAAFaWwDBAAFaYIDBAAFacwwDAMEAQVp3gMEAQVp
4AMEAtlDQDANBgkqhkiG9w0BAQsFAAOCAQEAnewtPQ3ssFuB2M8bsY2XiRmxanDv
0sDLzEyvKh51OTO/cfXyNX5BGwhMqFsF3m2GRdhUQ8r7YuABT0d+Kra5BkS/EsDm
EGFjtqDf1P/NqoZ96GGkv5NxmjR6P9ZalXBX8IRlr3024ft2lBgq6GVAxzo12d1j
dMuTHlnUnnq0xj1Q5mznt47fHiIEY16bHTxuxKFPmqbT91od3bipPCLGTDey9AQY
faH4bPUolI4bgMD+lcmc/EB0CvdC8KUPrmj8n8iFU/iQrVdkaYSJOSvmXMOARbhI
+qHMuEDmOTKXhyW8+x8qkAfkgNQS6PC+5xggKwgrJeHVOClUbZKorudm8w==
-----END CERTIFICATE-----