Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/RZ8ZlBN68ZXyCcrIriquu4waj6U.roa
File:                     RZ8ZlBN68ZXyCcrIriquu4waj6U.roa (raw, json)
Hash identifier:          HyLNVjO/X3Fin8OfmV/Tyr7lZLj2KoGYVgV94khKysM=
Subject key identifier:   45:9F:19:94:13:7A:F1:95:F2:09:CA:C8:AE:2A:AE:BB:8C:1A:8F:A5
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0187C6BD3620A55F5E9296CAE40B273452B3
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/RZ8ZlBN68ZXyCcrIriquu4waj6U.roa
Signing time:             Fri 28 Apr 2023 07:21:41 +0000
ROA not before:           Fri 28 Apr 2023 07:21:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        5.105.172.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 May 2023 06:06:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c6:bd:36:20:a5:5f:5e:92:96:ca:e4:0b:27:34:52:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Apr 28 07:21:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=459f1994137af195f209cac8ae2aaebb8c1a8fa5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f0:67:81:fe:ff:bb:56:a8:39:9d:a1:06:1e:
                    4c:38:6d:23:b9:74:87:29:61:37:89:70:f1:a0:a1:
                    aa:24:6e:06:99:ee:58:99:ba:b8:b0:9d:b4:74:16:
                    e5:f6:93:88:ba:57:06:20:8c:b2:2b:3c:cc:8d:68:
                    99:90:38:18:50:c0:27:b0:79:5c:f8:f9:a8:6f:8e:
                    58:90:b4:51:db:2e:27:90:6d:18:e1:e1:66:d1:06:
                    d4:c7:41:d1:6b:ed:3e:b3:09:a5:b0:41:38:8c:2e:
                    7c:99:bd:48:16:0b:e3:42:1d:c7:65:ae:a1:72:56:
                    f7:b2:10:b6:11:d9:27:f3:ca:df:7e:da:02:bd:93:
                    ca:14:50:30:50:7f:96:ca:a8:dd:e3:e0:56:60:b4:
                    0b:77:e2:59:10:99:86:9f:b8:98:fb:69:e6:7f:2b:
                    ee:61:ef:8f:be:e8:4d:fc:ec:f5:f6:8e:ba:53:7a:
                    8d:6f:aa:c9:21:c4:0a:ef:79:cb:7c:04:91:05:7d:
                    96:fb:4f:e2:f4:f8:5f:12:94:c6:dc:5b:70:d5:13:
                    41:28:c0:04:ab:0a:40:17:9b:c2:49:b0:5b:88:fb:
                    c5:7a:16:34:af:c9:4c:08:ed:7f:cf:35:80:b2:7f:
                    1c:83:e6:ca:29:8f:93:ae:30:21:29:21:a5:4b:90:
                    e0:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:9F:19:94:13:7A:F1:95:F2:09:CA:C8:AE:2A:AE:BB:8C:1A:8F:A5
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/RZ8ZlBN68ZXyCcrIriquu4waj6U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:6a:8a:38:02:de:5d:15:4e:35:51:69:b8:4e:6a:c5:17:ec:
         ee:47:c3:d8:fb:85:bc:4a:5d:ce:5e:2d:9d:13:51:c8:80:c9:
         d1:2c:10:e3:ec:2a:5e:10:ab:a6:d6:21:42:ef:85:3d:bd:1b:
         89:15:ad:d2:81:a0:c6:cb:0a:f9:03:c3:71:a8:02:64:68:aa:
         5c:9d:e9:f3:65:40:1d:27:a3:38:d9:63:58:09:84:e0:dd:4f:
         e5:c3:2c:09:fa:13:b0:99:13:fc:4c:86:f7:a2:c7:d6:15:f3:
         88:3c:99:67:3f:35:3c:e4:7c:23:87:90:16:b6:51:99:fc:ca:
         2d:71:e0:9d:1a:ea:58:d7:d7:cb:6b:a6:f3:70:ed:fa:4f:f0:
         9e:6f:42:d4:44:a2:3a:9a:eb:dc:0e:4b:59:58:1b:ac:a1:df:
         6b:35:81:d3:1f:e5:3a:0f:1d:f7:f6:83:f6:bd:00:64:e5:ac:
         32:ba:93:bd:8f:cb:1e:55:d4:87:8c:00:cb:83:ed:ae:a9:7e:
         06:70:df:aa:09:8c:c6:64:22:43:63:54:95:fb:f0:ab:af:f3:
         96:09:95:bd:0c:c0:1a:bf:1d:d3:f9:ac:fb:c4:e8:50:5b:f0:
         8a:ad:e6:8d:3e:40:09:28:1b:ab:a8:6e:19:31:16:32:69:2b:
         3f:cc:74:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfGvTYgpV9ekpbK5AsnNFKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNDI4MDcyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTlmMTk5NDEzN2FmMTk1ZjIwOWNhYzhhZTJhYWViYjhjMWE4ZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfBngf7/u1aoOZ2hBh5MOG0juXSH
KWE3iXDxoKGqJG4Gme5Ymbq4sJ20dBbl9pOIulcGIIyyKzzMjWiZkDgYUMAnsHlc
+Pmob45YkLRR2y4nkG0Y4eFm0QbUx0HRa+0+swmlsEE4jC58mb1IFgvjQh3HZa6h
clb3shC2Edkn88rfftoCvZPKFFAwUH+Wyqjd4+BWYLQLd+JZEJmGn7iY+2nmfyvu
Ye+PvuhN/Oz19o66U3qNb6rJIcQK73nLfASRBX2W+0/i9PhfEpTG3Ftw1RNBKMAE
qwpAF5vCSbBbiPvFehY0r8lMCO1/zzWAsn8cg+bKKY+TrjAhKSGlS5Dg1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEWfGZQTevGV8gnKyK4qrruMGo+lMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvUlo4WmxCTjY4Wlh5Q2NySXJpcXV1NHdhajZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWmsMA0G
CSqGSIb3DQEBCwUAA4IBAQA4aoo4At5dFU41UWm4TmrFF+zuR8PY+4W8Sl3OXi2d
E1HIgMnRLBDj7CpeEKum1iFC74U9vRuJFa3SgaDGywr5A8NxqAJkaKpcnenzZUAd
J6M42WNYCYTg3U/lwywJ+hOwmRP8TIb3osfWFfOIPJlnPzU85Hwjh5AWtlGZ/Mot
ceCdGupY19fLa6bzcO36T/Ceb0LURKI6muvcDktZWBusod9rNYHTH+U6Dx339oP2
vQBk5awyupO9j8seVdSHjADLg+2uqX4GcN+qCYzGZCJDY1SV+/Crr/OWCZW9DMAa
vx3T+az7xOhQW/CKreaNPkAJKBurqG4ZMRYyaSs/zHR4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:28 2024 by rpki-client on console-fra.rpki-client.org