Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/IMnpmWNOSwPF6-nRadIL41trd0w.roa
File:                     IMnpmWNOSwPF6-nRadIL41trd0w.roa (raw, json)
Hash identifier:          5J3WWrY8yPOuDc7jYQ+8J0Ey0UWirFMuANaVoypS9HQ=
Subject key identifier:   20:C9:E9:99:63:4E:4B:03:C5:EB:E9:D1:69:D2:0B:E3:5B:6B:77:4C
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0188B8FC9F48BB0DB98945CBF597DC892569
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/IMnpmWNOSwPF6-nRadIL41trd0w.roa
Signing time:             Wed 14 Jun 2023 08:19:03 +0000
ROA not before:           Wed 14 Jun 2023 08:19:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21082
IP address blocks:        5.105.128.0/24 maxlen: 24
                          5.105.75.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 22 Jun 2023 13:51:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b8:fc:9f:48:bb:0d:b9:89:45:cb:f5:97:dc:89:25:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Jun 14 08:19:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=20c9e999634e4b03c5ebe9d169d20be35b6b774c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:8d:78:bb:65:03:b4:c2:13:0c:84:10:82:9b:
                    39:2a:83:b1:b9:8c:88:90:78:d0:1c:0f:0a:f9:de:
                    60:5d:26:f6:95:23:48:a7:fb:37:43:20:c4:15:b1:
                    0a:4d:83:30:25:f2:04:4a:31:45:ba:c9:a7:b2:5d:
                    55:32:a0:39:df:01:57:35:3f:c2:9b:2e:61:ec:c5:
                    df:44:36:44:d9:11:aa:c7:03:e7:54:e5:84:8c:56:
                    00:89:bb:0e:53:d4:c3:e3:5c:51:fa:d5:39:5f:6c:
                    a4:03:dc:da:a4:e4:f1:ac:3a:fe:92:7b:78:0f:16:
                    6e:22:c9:b9:05:fb:cd:97:6c:d0:d0:ba:3c:37:7c:
                    6f:4f:72:85:29:6f:55:07:5b:bb:6d:1c:be:8f:96:
                    20:01:0c:55:dd:3f:af:cd:43:51:75:57:cb:d4:94:
                    48:e8:05:23:3e:6d:03:9b:86:1b:f5:57:03:0f:64:
                    f4:71:04:5d:be:9e:a2:b8:c5:15:8d:86:9d:a0:37:
                    50:c1:c2:08:1f:ae:f2:0d:a7:bc:b2:8b:46:08:55:
                    56:5f:b5:72:b0:71:73:de:c0:b3:e1:f7:b1:b6:67:
                    d5:48:fb:93:3e:91:92:7e:f7:04:66:5f:24:43:01:
                    fb:f8:2e:1e:97:2c:e2:5d:86:9a:a3:c2:5a:a9:51:
                    7b:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:C9:E9:99:63:4E:4B:03:C5:EB:E9:D1:69:D2:0B:E3:5B:6B:77:4C
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/IMnpmWNOSwPF6-nRadIL41trd0w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.75.0/24
                  5.105.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:26:b6:86:14:67:a3:ee:bb:5f:e7:f7:37:b1:15:4b:a3:20:
         5c:76:a6:6b:ac:c6:9a:4c:e8:e1:f8:8c:5b:6e:77:75:fa:45:
         6a:03:0d:ac:67:56:4e:e4:32:91:09:24:db:8b:d5:67:11:be:
         c8:df:84:e1:ac:e2:b7:7d:9a:c4:f3:ec:96:e5:c5:36:2f:d5:
         fb:0d:2d:76:5a:11:01:65:e6:d6:f3:66:82:64:13:20:7e:c2:
         aa:cf:7e:4c:9a:80:e8:4a:60:f5:34:9d:61:24:5c:8d:7a:76:
         b8:16:be:e0:6e:69:2d:24:79:22:53:09:8f:eb:03:0c:b7:f1:
         24:df:11:a0:58:5d:b7:7f:d5:97:70:49:e7:42:59:4c:f5:de:
         71:c8:b8:7f:74:7c:fd:b7:8e:fd:cd:7b:d4:6e:1a:e3:52:bb:
         07:3b:8d:c0:c8:e5:52:74:74:6a:88:7a:81:17:eb:f0:82:61:
         15:13:8c:d2:ea:df:6c:11:96:22:75:e1:c3:fe:0a:33:5b:ce:
         f8:82:ed:10:8d:bb:69:df:84:5f:ed:4b:79:84:05:99:61:6d:
         50:14:9f:de:76:93:bc:85:86:36:d5:fa:43:7e:d0:a4:09:68:
         bd:9c:05:cc:73:e9:2c:ee:ec:aa:b6:61:3c:32:c9:70:62:66:
         a7:db:82:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYi4/J9Iuw25iUXL9ZfciSVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjE0MDgxOTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGM5ZTk5OTYzNGU0YjAzYzVlYmU5ZDE2OWQyMGJlMzViNmI3NzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApI14u2UDtMITDIQQgps5KoOxuYyI
kHjQHA8K+d5gXSb2lSNIp/s3QyDEFbEKTYMwJfIESjFFusmnsl1VMqA53wFXNT/C
my5h7MXfRDZE2RGqxwPnVOWEjFYAibsOU9TD41xR+tU5X2ykA9zapOTxrDr+knt4
DxZuIsm5BfvNl2zQ0Lo8N3xvT3KFKW9VB1u7bRy+j5YgAQxV3T+vzUNRdVfL1JRI
6AUjPm0Dm4Yb9VcDD2T0cQRdvp6iuMUVjYadoDdQwcIIH67yDae8sotGCFVWX7Vy
sHFz3sCz4fextmfVSPuTPpGSfvcEZl8kQwH7+C4elyziXYaao8JaqVF78QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCDJ6ZljTksDxevp0WnSC+Nba3dMMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvSU1ucG1XTk9Td1BGNi1uUmFkSUw0MXRyZDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWlLAwQA
BWmAMA0GCSqGSIb3DQEBCwUAA4IBAQDEJraGFGej7rtf5/c3sRVLoyBcdqZrrMaa
TOjh+Ixbbnd1+kVqAw2sZ1ZO5DKRCSTbi9VnEb7I34ThrOK3fZrE8+yW5cU2L9X7
DS12WhEBZebW82aCZBMgfsKqz35MmoDoSmD1NJ1hJFyNena4Fr7gbmktJHkiUwmP
6wMMt/Ek3xGgWF23f9WXcEnnQllM9d5xyLh/dHz9t479zXvUbhrjUrsHO43AyOVS
dHRqiHqBF+vwgmEVE4zS6t9sEZYideHD/gozW874gu0Qjbtp34Rf7Ut5hAWZYW1Q
FJ/edpO8hYY21fpDftCkCWi9nAXMc+ks7uyqtmE8MslwYman24J4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:27 2024 by rpki-client on console-fra.rpki-client.org