Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/MGhSiQWuJc-mNGrPsr9DeqWgH8s.roa
File:                     MGhSiQWuJc-mNGrPsr9DeqWgH8s.roa (raw, json)
Hash identifier:          bN+Kuoiy7Yc57P0+wUgZnorTU84RNUsfQT9lf91vDXE=
Subject key identifier:   30:68:52:89:05:AE:25:CF:A6:34:6A:CF:B2:BF:43:7A:A5:A0:1F:CB
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       018806148C94D618A363FC4D4C83BF03C9CC
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/MGhSiQWuJc-mNGrPsr9DeqWgH8s.roa
Signing time:             Wed 10 May 2023 14:33:09 +0000
ROA not before:           Wed 10 May 2023 14:33:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6830
IP address blocks:        5.105.227.0/24 maxlen: 24
                          5.105.137.0/24 maxlen: 24
                          5.105.52.0/22 maxlen: 22
                          5.105.103.0/24 maxlen: 24
                          5.105.100.0/24 maxlen: 24
                          5.105.219.0/24 maxlen: 24
                          5.105.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 24 Jun 2023 12:54:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:06:14:8c:94:d6:18:a3:63:fc:4d:4c:83:bf:03:c9:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: May 10 14:33:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3068528905ae25cfa6346acfb2bf437aa5a01fcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:42:9c:8f:1f:fa:04:e1:54:53:26:8e:9b:b4:
                    a6:72:c0:7d:38:7b:25:26:f3:78:bc:96:73:d6:a4:
                    53:9a:4a:47:6f:72:9e:c6:45:60:ab:0b:b7:dd:ff:
                    1a:79:f8:9b:99:d1:e6:1e:21:f4:d5:8b:e8:4a:e2:
                    08:28:43:42:fa:c5:7a:82:7f:7e:14:f0:7d:dd:2f:
                    37:88:38:3d:36:71:03:79:7d:ae:2f:0d:2a:ac:25:
                    63:26:75:b9:9d:26:9e:c2:1b:33:1e:73:1f:f6:e9:
                    9b:db:5a:08:1b:c7:8b:f4:47:e8:e6:a3:5c:5b:e0:
                    a0:3c:31:97:61:d9:2d:de:f3:17:f6:a5:cf:61:eb:
                    d6:96:e9:57:2a:91:a0:10:97:b6:91:a1:d1:5f:b4:
                    b3:2f:8a:64:61:ba:83:52:bc:e4:64:9d:83:cf:de:
                    14:ca:bc:e4:e6:be:f4:dc:17:25:ff:13:42:66:1f:
                    df:9e:83:ad:85:2a:27:21:78:7b:5b:d8:68:b2:e3:
                    21:0a:65:4b:3a:dc:67:8d:fe:fa:63:73:07:75:aa:
                    ef:97:1f:1c:ad:7a:16:7d:64:fc:58:51:4b:c5:ee:
                    87:17:04:97:b5:37:44:c2:8c:d4:a4:e5:18:c5:00:
                    f6:2a:63:a0:a4:03:95:94:ed:18:63:c4:f0:fe:3f:
                    2c:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:68:52:89:05:AE:25:CF:A6:34:6A:CF:B2:BF:43:7A:A5:A0:1F:CB
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/MGhSiQWuJc-mNGrPsr9DeqWgH8s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.52.0/22
                  5.105.100.0/24
                  5.105.103.0/24
                  5.105.106.0/24
                  5.105.137.0/24
                  5.105.219.0/24
                  5.105.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:95:fd:13:16:95:18:2b:3f:ed:48:ed:9d:47:15:9b:c4:2b:
         6e:ea:9a:70:2e:6c:59:6f:25:8e:20:ed:c6:fc:ff:17:51:92:
         9e:69:c9:81:b8:9f:d6:fa:ce:6e:c4:95:06:e3:73:4a:59:dc:
         4f:81:0a:44:29:cd:36:82:70:5b:d7:53:aa:37:25:6a:82:ed:
         98:a7:bd:27:84:48:f0:f1:fe:b7:b8:99:58:10:0c:a6:d1:86:
         e5:75:76:14:d1:37:db:fc:9d:a5:07:56:39:7b:aa:eb:64:98:
         7f:e1:95:a8:4d:90:c7:bf:a1:fa:97:78:b8:b2:e2:e7:e1:f1:
         fc:eb:a0:ca:1f:68:32:35:4e:04:b2:41:ab:c0:5c:57:00:0a:
         b0:64:6b:aa:dc:c3:cf:21:e4:92:43:77:40:ed:4b:30:d0:a6:
         cf:2f:45:89:35:99:8f:f2:05:fd:36:b0:3e:30:16:f4:f2:e5:
         f3:2d:18:2a:4e:a6:d5:a7:10:02:5a:db:18:9b:ca:e5:ec:06:
         71:d3:5f:3a:f1:fc:18:ef:7f:6b:28:72:18:cf:2e:37:78:a0:
         e2:47:0a:b4:22:eb:7f:e0:60:ef:17:d8:da:76:fa:59:fe:a6:
         31:a3:de:16:85:9c:30:dc:28:cf:0a:9a:37:ff:e4:74:78:41:
         05:4d:93:57
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYgGFIyU1hijY/xNTIO/A8nMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTEwMTQzMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY4NTI4OTA1YWUyNWNmYTYzNDZhY2ZiMmJmNDM3YWE1YTAxZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUKcjx/6BOFUUyaOm7SmcsB9OHsl
JvN4vJZz1qRTmkpHb3KexkVgqwu33f8aefibmdHmHiH01YvoSuIIKENC+sV6gn9+
FPB93S83iDg9NnEDeX2uLw0qrCVjJnW5nSaewhszHnMf9umb21oIG8eL9Efo5qNc
W+CgPDGXYdkt3vMX9qXPYevWlulXKpGgEJe2kaHRX7SzL4pkYbqDUrzkZJ2Dz94U
yrzk5r703Bcl/xNCZh/fnoOthSonIXh7W9hosuMhCmVLOtxnjf76Y3MHdarvlx8c
rXoWfWT8WFFLxe6HFwSXtTdEwozUpOUYxQD2KmOgpAOVlO0YY8Tw/j8stwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDBoUokFriXPpjRqz7K/Q3qloB/LMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvTUdoU2lRV3VKYy1tTkdyUHNyOURlcVdnSDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBWk0AwQA
BWlkAwQABWlnAwQABWlqAwQABWmJAwQABWnbAwQABWnjMA0GCSqGSIb3DQEBCwUA
A4IBAQBzlf0TFpUYKz/tSO2dRxWbxCtu6ppwLmxZbyWOIO3G/P8XUZKeacmBuJ/W
+s5uxJUG43NKWdxPgQpEKc02gnBb11OqNyVqgu2Yp70nhEjw8f63uJlYEAym0Ybl
dXYU0Tfb/J2lB1Y5e6rrZJh/4ZWoTZDHv6H6l3i4suLn4fH866DKH2gyNU4EskGr
wFxXAAqwZGuq3MPPIeSSQ3dA7Usw0KbPL0WJNZmP8gX9NrA+MBb08uXzLRgqTqbV
pxACWtsYm8rl7AZx01868fwY739rKHIYzy43eKDiRwq0Iut/4GDvF9jadvpZ/qYx
o94WhZww3CjPCpo3/+R0eEEFTZNX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:56 2024 by rpki-client on console-ams.rpki-client.org