Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Knx1KdngCKG_g3amr0bY-nsgbFU.roa
File:                     Knx1KdngCKG_g3amr0bY-nsgbFU.roa (raw, json)
Hash identifier:          1YoPO6o0CNb52dO54Spnjs1KSiX6LSqyTA1NXKGoNIM=
Subject key identifier:   2A:7C:75:29:D9:E0:08:A1:BF:83:76:A6:AF:46:D8:FA:7B:20:6C:55
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0187DB11B47359A56A89B3FB7947922A313A
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Knx1KdngCKG_g3amr0bY-nsgbFU.roa
Signing time:             Tue 02 May 2023 06:06:23 +0000
ROA not before:           Tue 02 May 2023 06:06:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204384
IP address blocks:        5.105.139.0/24 maxlen: 24
                          5.105.138.0/24 maxlen: 24
                          5.105.143.0/24 maxlen: 24
                          5.105.142.0/24 maxlen: 24
                          5.105.158.0/24 maxlen: 24
                          5.105.165.0/24 maxlen: 24
                          5.105.162.0/24 maxlen: 24
                          5.105.170.0/24 maxlen: 24
                          5.105.69.0/24 maxlen: 24
                          5.105.68.0/24 maxlen: 24
                          5.105.77.0/24 maxlen: 24
                          5.105.76.0/24 maxlen: 24
                          5.105.94.0/24 maxlen: 24
                          5.105.104.0/24 maxlen: 24
                          5.105.112.0/24 maxlen: 24
                          5.105.118.0/24 maxlen: 24
                          5.105.115.0/24 maxlen: 24
                          5.105.114.0/24 maxlen: 24
                          5.105.113.0/24 maxlen: 24
                          5.105.228.0/24 maxlen: 24
                          5.105.240.0/24 maxlen: 24
                          5.105.239.0/24 maxlen: 24
                          5.105.244.0/24 maxlen: 24
                          5.105.245.0/24 maxlen: 24
                          5.105.249.0/24 maxlen: 24
                          5.105.248.0/24 maxlen: 24
                          5.105.247.0/24 maxlen: 24
                          5.105.186.0/24 maxlen: 24
                          5.105.185.0/24 maxlen: 24
                          5.105.187.0/24 maxlen: 24
                          193.46.210.0/24 maxlen: 24
                          5.105.199.0/24 maxlen: 24
                          5.105.198.0/24 maxlen: 24
                          5.105.202.0/24 maxlen: 24
                          5.105.206.0/24 maxlen: 24
                          5.105.203.0/24 maxlen: 24
                          5.105.207.0/24 maxlen: 24
                          5.105.215.0/24 maxlen: 24
                          5.105.31.0/24 maxlen: 24
                          5.105.34.0/24 maxlen: 24
                          5.105.64.0/24 maxlen: 24
                          5.180.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 May 2023 07:33:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:db:11:b4:73:59:a5:6a:89:b3:fb:79:47:92:2a:31:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: May  2 06:06:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2a7c7529d9e008a1bf8376a6af46d8fa7b206c55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:a2:f7:ba:be:64:8a:ed:62:89:7e:06:28:ba:
                    8f:86:e1:b4:f1:77:3f:0a:8d:36:41:f3:7a:11:58:
                    81:86:45:2a:00:bd:aa:e8:26:45:97:b3:8b:25:d9:
                    9d:94:d8:72:2c:b5:39:d5:da:b4:22:d8:ad:e1:83:
                    05:64:bf:55:0d:91:0b:46:dd:b7:c4:4e:3a:8a:20:
                    9c:67:e5:b9:9b:da:6f:cf:91:7e:a5:4c:0b:75:0e:
                    95:b2:4c:b9:c4:5e:b0:93:1e:2e:bc:5e:a3:e5:51:
                    67:06:93:67:33:c9:6b:94:8a:f7:c4:4c:3f:86:b4:
                    87:47:08:2c:5e:4a:02:32:3d:27:06:d8:4c:82:1d:
                    fd:c8:0f:3d:2e:7c:41:62:ba:ce:03:c5:20:f7:c2:
                    40:53:2c:d1:fc:c3:e3:6e:19:02:b7:5d:d2:a4:79:
                    71:61:53:76:5d:b7:3d:d1:a4:2f:43:f7:a2:8a:20:
                    2b:91:49:e6:bc:d2:21:0f:eb:03:49:41:ae:15:d1:
                    d0:b6:dc:2f:3c:1c:0c:80:37:39:d3:6c:9d:e7:ab:
                    05:a9:45:00:c1:74:c8:f2:ec:d9:19:e7:16:8f:24:
                    c1:f6:7e:e2:31:a1:11:50:e4:6c:e9:bc:e4:ee:91:
                    40:01:00:73:cd:06:c5:f1:ae:7e:1c:4c:cf:b3:26:
                    53:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:7C:75:29:D9:E0:08:A1:BF:83:76:A6:AF:46:D8:FA:7B:20:6C:55
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Knx1KdngCKG_g3amr0bY-nsgbFU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.31.0/24
                  5.105.34.0/24
                  5.105.64.0/24
                  5.105.68.0/23
                  5.105.76.0/23
                  5.105.94.0/24
                  5.105.104.0/24
                  5.105.112.0/22
                  5.105.118.0/24
                  5.105.138.0/23
                  5.105.142.0/23
                  5.105.158.0/24
                  5.105.162.0/24
                  5.105.165.0/24
                  5.105.170.0/24
                  5.105.185.0-5.105.187.255
                  5.105.198.0/23
                  5.105.202.0/23
                  5.105.206.0/23
                  5.105.215.0/24
                  5.105.228.0/24
                  5.105.239.0-5.105.240.255
                  5.105.244.0/23
                  5.105.247.0-5.105.249.255
                  5.180.176.0/24
                  193.46.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:42:cd:9e:85:ea:15:44:0f:aa:e0:88:08:dd:c0:7e:25:80:
         f2:47:76:1b:c6:fe:c9:6a:3d:72:b5:a3:6b:9f:2b:cb:1c:c2:
         43:42:58:73:d4:5b:aa:0f:ae:7b:43:20:03:1b:5f:2d:e2:a1:
         ee:23:27:b7:99:05:f8:9c:80:e4:d6:19:ec:d6:52:e7:23:18:
         8f:a3:f6:e3:7e:3b:63:2b:2f:64:32:fb:ae:1c:66:23:9a:c2:
         7d:63:7e:17:89:6c:e7:29:ae:c9:38:b7:bd:4c:b8:97:d8:6c:
         ba:e8:73:8a:24:92:4b:cc:fc:94:f0:3d:58:92:b3:e9:db:81:
         19:81:99:53:19:19:69:c8:74:89:6d:9d:5c:ec:30:67:21:fb:
         d7:4e:19:39:4d:6c:2b:f4:08:8f:2f:fd:5e:a5:19:76:f3:1e:
         e6:6a:ec:7b:f7:bc:35:25:2f:88:68:52:1f:45:dd:91:ec:ef:
         b9:31:dd:25:e1:89:24:71:87:99:15:1c:c9:56:1c:d4:11:c5:
         38:3c:d2:77:0d:ad:40:6a:0c:12:79:fd:1a:7b:5d:44:20:72:
         06:08:13:07:fc:9c:f7:b4:17:ed:b3:a2:52:02:b8:25:52:00:
         71:80:36:e4:52:1c:79:0a:b0:85:c0:17:6f:67:42:94:a9:28:
         91:13:cf:fb
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYfbEbRzWaVqibP7eUeSKjE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTAyMDYwNjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdjNzUyOWQ5ZTAwOGExYmY4Mzc2YTZhZjQ2ZDhmYTdiMjA2YzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKL3ur5kiu1iiX4GKLqPhuG08Xc/
Co02QfN6EViBhkUqAL2q6CZFl7OLJdmdlNhyLLU51dq0Itit4YMFZL9VDZELRt23
xE46iiCcZ+W5m9pvz5F+pUwLdQ6Vsky5xF6wkx4uvF6j5VFnBpNnM8lrlIr3xEw/
hrSHRwgsXkoCMj0nBthMgh39yA89LnxBYrrOA8Ug98JAUyzR/MPjbhkCt13SpHlx
YVN2Xbc90aQvQ/eiiiArkUnmvNIhD+sDSUGuFdHQttwvPBwMgDc502yd56sFqUUA
wXTI8uzZGecWjyTB9n7iMaERUORs6bzk7pFAAQBzzQbF8a5+HEzPsyZT7wIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFCp8dSnZ4Aihv4N2pq9G2Pp7IGxVMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvS254MUtkbmdDS0dfZzNhbXIwYlktbnNnYkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAAF
aR8DBAAFaSIDBAAFaUADBAEFaUQDBAEFaUwDBAAFaV4DBAAFaWgDBAIFaXADBAAF
aXYDBAEFaYoDBAEFaY4DBAAFaZ4DBAAFaaIDBAAFaaUDBAAFaaowDAMEAAVpuQME
AgVpuAMEAQVpxgMEAQVpygMEAQVpzgMEAAVp1wMEAAVp5DAMAwQABWnvAwQABWnw
AwQBBWn0MAwDBAAFafcDBAEFafgDBAAFtLADBADBLtIwDQYJKoZIhvcNAQELBQAD
ggEBAKtCzZ6F6hVED6rgiAjdwH4lgPJHdhvG/slqPXK1o2ufK8scwkNCWHPUW6oP
rntDIAMbXy3ioe4jJ7eZBficgOTWGezWUucjGI+j9uN+O2MrL2Qy+64cZiOawn1j
fheJbOcprsk4t71MuJfYbLroc4okkkvM/JTwPViSs+nbgRmBmVMZGWnIdIltnVzs
MGch+9dOGTlNbCv0CI8v/V6lGXbzHuZq7Hv3vDUlL4hoUh9F3ZHs77kx3SXhiSRx
h5kVHMlWHNQRxTg80ncNrUBqDBJ5/Rp7XUQgcgYIEwf8nPe0F+2zolICuCVSAHGA
NuRSHHkKsIXAF29nQpSpKJETz/s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:27 2024 by rpki-client on console-fra.rpki-client.org