Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/F_2zMS0XO9j2LpynDcBXQR1HESw.roa
File:                     F_2zMS0XO9j2LpynDcBXQR1HESw.roa (raw, json)
Hash identifier:          MUkYaO8V4Hn5d7R9DyM6IIUyOC3IWzqPAa6uHknm4FA=
Subject key identifier:   17:FD:B3:31:2D:17:3B:D8:F6:2E:9C:A7:0D:C0:57:41:1D:47:11:2C
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       01882EB68723462E6C512F101951D437BC70
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/F_2zMS0XO9j2LpynDcBXQR1HESw.roa
Signing time:             Thu 18 May 2023 11:54:54 +0000
ROA not before:           Thu 18 May 2023 11:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138687
IP address blocks:        5.105.62.0/24 maxlen: 24
                          5.105.117.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 08 Jun 2023 15:39:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:2e:b6:87:23:46:2e:6c:51:2f:10:19:51:d4:37:bc:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: May 18 11:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=17fdb3312d173bd8f62e9ca70dc057411d47112c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:51:50:7b:8d:41:71:0b:78:2f:44:77:3d:a3:
                    38:f9:5c:e0:3b:64:6f:2e:02:ea:dd:55:fb:c2:d9:
                    c1:96:a1:ea:48:28:13:f5:f1:5b:d1:98:a3:4a:61:
                    84:d5:d6:a6:8d:61:b4:4b:b8:7b:46:8b:89:b9:3e:
                    7f:90:4d:3d:f6:b1:b7:37:5c:04:1d:c9:7e:60:8c:
                    16:ad:65:b1:ef:77:2c:60:29:89:7e:82:39:7c:68:
                    bc:8e:81:70:35:1f:04:99:58:39:79:95:ea:b5:2b:
                    8f:cb:d2:40:05:1a:b7:f6:79:d0:67:d9:83:ef:91:
                    9f:dc:6b:da:e0:e3:a5:c3:79:c8:7d:ae:81:d8:d9:
                    b0:91:51:cc:65:83:1d:96:44:27:78:94:c3:b0:f4:
                    f2:f0:14:17:85:5d:81:7e:7e:e8:63:55:72:88:0d:
                    19:dc:95:df:5e:31:a9:be:29:f1:d6:0f:27:ab:e4:
                    01:7a:a8:fc:21:d4:c1:c0:6a:09:a1:ca:dd:7b:70:
                    e6:52:c2:a0:ad:cd:08:f5:a0:f8:b6:63:8b:9a:13:
                    aa:ba:28:17:8e:ca:5a:a6:7b:1f:f9:16:90:89:05:
                    e0:6b:26:29:a2:27:b2:13:fc:57:99:75:58:b8:3c:
                    94:90:ba:00:01:a1:2e:11:f5:a6:51:f8:92:79:3c:
                    1d:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:FD:B3:31:2D:17:3B:D8:F6:2E:9C:A7:0D:C0:57:41:1D:47:11:2C
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/F_2zMS0XO9j2LpynDcBXQR1HESw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.62.0/24
                  5.105.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cb:db:da:41:a3:68:3b:b3:56:32:9b:8d:60:b0:6f:36:68:3d:
         dd:14:24:c7:a8:3b:a9:53:b8:db:e1:64:49:34:14:f7:57:14:
         e2:90:13:94:4d:e6:97:01:50:4d:da:be:2b:2c:a0:b0:2b:57:
         77:fa:39:9f:0e:57:1a:02:9f:c8:e7:ec:b4:21:0a:ca:be:3c:
         b7:19:8b:42:7c:b9:97:27:df:56:ea:dc:51:8c:f8:a9:4f:5b:
         2e:01:90:96:e2:3f:a3:18:be:11:31:81:85:51:32:24:60:b8:
         c9:ff:f5:e0:ce:98:a8:03:f2:be:7e:1f:1c:42:a6:8f:17:d8:
         38:cd:bc:13:f8:a6:34:b1:87:25:8c:46:7e:e2:21:70:78:09:
         47:34:06:89:a1:d7:48:3c:e5:d0:98:dd:1a:62:b6:1f:9d:28:
         0c:26:ce:52:47:9f:e9:a7:17:ce:7b:7a:fe:c1:e6:99:1a:ba:
         2d:b6:8e:88:b3:6d:4c:c7:6d:db:a3:04:fa:81:e2:48:0c:f5:
         ca:c2:59:f3:e2:f8:02:c0:1d:b3:e5:35:49:39:01:e7:b4:7c:
         30:b5:16:da:95:7e:fd:83:8c:f9:f6:72:ce:d0:dd:9f:e5:1a:
         62:6a:7e:d1:1b:d4:27:86:3c:37:03:b6:80:2b:89:bd:3b:d4:
         22:73:73:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgutocjRi5sUS8QGVHUN7xwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTE4MTE1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2ZkYjMzMTJkMTczYmQ4ZjYyZTljYTcwZGMwNTc0MTFkNDcxMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVFQe41BcQt4L0R3PaM4+VzgO2Rv
LgLq3VX7wtnBlqHqSCgT9fFb0ZijSmGE1damjWG0S7h7RouJuT5/kE099rG3N1wE
Hcl+YIwWrWWx73csYCmJfoI5fGi8joFwNR8EmVg5eZXqtSuPy9JABRq39nnQZ9mD
75Gf3Gva4OOlw3nIfa6B2NmwkVHMZYMdlkQneJTDsPTy8BQXhV2Bfn7oY1VyiA0Z
3JXfXjGpvinx1g8nq+QBeqj8IdTBwGoJocrde3DmUsKgrc0I9aD4tmOLmhOquigX
jspapnsf+RaQiQXgayYpoieyE/xXmXVYuDyUkLoAAaEuEfWmUfiSeTwdjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBf9szEtFzvY9i6cpw3AV0EdRxEsMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvRl8yek1TMFhPOWoyTHB5bkRjQlhRUjFIRVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWk+AwQA
BWl1MA0GCSqGSIb3DQEBCwUAA4IBAQDL29pBo2g7s1Yym41gsG82aD3dFCTHqDup
U7jb4WRJNBT3VxTikBOUTeaXAVBN2r4rLKCwK1d3+jmfDlcaAp/I5+y0IQrKvjy3
GYtCfLmXJ99W6txRjPipT1suAZCW4j+jGL4RMYGFUTIkYLjJ//XgzpioA/K+fh8c
QqaPF9g4zbwT+KY0sYcljEZ+4iFweAlHNAaJoddIPOXQmN0aYrYfnSgMJs5SR5/p
pxfOe3r+weaZGrotto6Is21Mx23bowT6geJIDPXKwlnz4vgCwB2z5TVJOQHntHww
tRbalX79g4z59nLO0N2f5Rpian7RG9Qnhjw3A7aAK4m9O9Qic3Nv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:56 2024 by rpki-client on console-ams.rpki-client.org