Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/SfbJecBFJ9NvJ5EVGEtLHoVc7Ss.roa
File:                     SfbJecBFJ9NvJ5EVGEtLHoVc7Ss.roa (raw, json)
Hash identifier:          rvOprMGZ06fxemxdc+t90kHA6QDWQ2ok5S8WjAEr/Ns=
Subject key identifier:   49:F6:C9:79:C0:45:27:D3:6F:27:91:15:18:4B:4B:1E:85:5C:ED:2B
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0186DF501C341BDD33E7F972A46D55562479
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/SfbJecBFJ9NvJ5EVGEtLHoVc7Ss.roa
Signing time:             Tue 14 Mar 2023 08:50:14 +0000
ROA not before:           Tue 14 Mar 2023 08:50:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204384
IP address blocks:        5.105.124.0/24 maxlen: 24
                          5.105.127.0/24 maxlen: 24
                          5.105.139.0/24 maxlen: 24
                          5.105.138.0/24 maxlen: 24
                          5.105.143.0/24 maxlen: 24
                          5.105.142.0/24 maxlen: 24
                          5.105.157.0/24 maxlen: 24
                          5.105.165.0/24 maxlen: 24
                          5.105.162.0/24 maxlen: 24
                          5.105.168.0/24 maxlen: 24
                          5.105.69.0/24 maxlen: 24
                          5.105.68.0/24 maxlen: 24
                          5.105.80.0/24 maxlen: 24
                          5.105.104.0/24 maxlen: 24
                          5.105.102.0/24 maxlen: 24
                          5.105.112.0/24 maxlen: 24
                          5.105.118.0/24 maxlen: 24
                          5.105.115.0/24 maxlen: 24
                          5.105.114.0/24 maxlen: 24
                          5.105.113.0/24 maxlen: 24
                          5.105.240.0/24 maxlen: 24
                          5.105.239.0/24 maxlen: 24
                          5.105.244.0/24 maxlen: 24
                          5.105.245.0/24 maxlen: 24
                          5.105.249.0/24 maxlen: 24
                          5.105.248.0/24 maxlen: 24
                          5.105.247.0/24 maxlen: 24
                          5.105.186.0/24 maxlen: 24
                          5.105.187.0/24 maxlen: 24
                          193.46.210.0/24 maxlen: 24
                          5.105.199.0/24 maxlen: 24
                          5.105.198.0/24 maxlen: 24
                          5.105.197.0/24 maxlen: 24
                          5.105.202.0/24 maxlen: 24
                          5.105.206.0/24 maxlen: 24
                          5.105.203.0/24 maxlen: 24
                          5.105.207.0/24 maxlen: 24
                          5.105.216.0/24 maxlen: 24
                          5.105.215.0/24 maxlen: 24
                          5.105.214.0/24 maxlen: 24
                          5.105.226.0/24 maxlen: 24
                          5.105.42.0/24 maxlen: 24
                          5.105.59.0/24 maxlen: 24
                          5.105.63.0/24 maxlen: 24
                          5.180.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 15 Mar 2023 11:50:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:df:50:1c:34:1b:dd:33:e7:f9:72:a4:6d:55:56:24:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Mar 14 08:50:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=49f6c979c04527d36f279115184b4b1e855ced2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:a9:09:a1:57:25:26:dd:6e:3e:7c:c4:f4:f3:
                    8e:ed:38:34:78:b8:5e:68:c3:6e:65:44:34:59:e8:
                    e9:a2:76:74:70:b7:94:12:e8:f3:d3:8b:a6:65:df:
                    b7:c9:35:4d:3d:a0:b8:f6:f1:78:53:4d:3f:e1:b6:
                    88:67:da:71:be:22:9e:4c:99:22:ec:53:f0:a2:6b:
                    59:e4:c0:17:4f:04:9d:0a:4a:d6:1a:bd:2d:a3:84:
                    28:2d:51:ca:2a:8e:63:1f:56:b0:5c:a0:9b:e2:5a:
                    2d:02:38:1c:b3:60:4f:82:d7:e2:69:40:71:cd:ca:
                    6b:ad:c5:2c:61:cc:59:c0:42:b9:26:73:b5:b5:da:
                    e1:c7:ac:7b:0f:0b:9c:7a:51:9e:6f:47:de:f1:d7:
                    b7:7e:58:d2:ab:bb:0a:ac:4b:0a:5c:a8:e6:8b:4b:
                    35:0a:e5:13:1a:22:f7:b9:73:68:88:91:51:5f:a5:
                    19:05:c5:a6:47:f4:69:f1:a5:83:31:c4:40:a9:e7:
                    49:81:2a:43:3a:84:29:14:f9:7e:c8:03:6d:39:5f:
                    43:f8:33:fb:c5:52:9e:2f:fa:b0:cd:75:ff:0c:30:
                    74:c9:1a:66:67:5e:ac:c9:e1:25:bd:77:0c:00:ab:
                    8d:a1:b7:53:00:3c:6b:5c:f5:9f:6d:ac:d4:b6:29:
                    92:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:F6:C9:79:C0:45:27:D3:6F:27:91:15:18:4B:4B:1E:85:5C:ED:2B
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/SfbJecBFJ9NvJ5EVGEtLHoVc7Ss.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.42.0/24
                  5.105.59.0/24
                  5.105.63.0/24
                  5.105.68.0/23
                  5.105.80.0/24
                  5.105.102.0/24
                  5.105.104.0/24
                  5.105.112.0/22
                  5.105.118.0/24
                  5.105.124.0/24
                  5.105.127.0/24
                  5.105.138.0/23
                  5.105.142.0/23
                  5.105.157.0/24
                  5.105.162.0/24
                  5.105.165.0/24
                  5.105.168.0/24
                  5.105.186.0/23
                  5.105.197.0-5.105.199.255
                  5.105.202.0/23
                  5.105.206.0/23
                  5.105.214.0-5.105.216.255
                  5.105.226.0/24
                  5.105.239.0-5.105.240.255
                  5.105.244.0/23
                  5.105.247.0-5.105.249.255
                  5.180.176.0/24
                  193.46.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:38:00:d5:e1:89:ee:9e:e3:ef:01:a6:39:10:37:55:cb:10:
         2c:2f:6d:f5:69:5f:ee:9b:28:38:93:d9:de:bc:af:2d:7a:38:
         2a:1c:e7:78:71:5d:af:24:2b:c1:64:36:59:c5:b0:13:7f:e1:
         8b:4a:41:45:51:e7:bb:ef:a8:95:7a:ca:cf:2e:3b:1c:c9:6e:
         49:4f:be:14:68:2b:d0:32:dd:ed:bc:05:d5:37:d8:04:b1:09:
         5d:63:ba:2a:06:c4:50:64:77:12:5a:50:59:e1:9b:88:ef:ca:
         fe:5f:6a:13:00:93:84:96:6b:7a:86:29:1a:84:32:82:9b:28:
         fc:c9:98:df:19:f5:4c:ee:bd:c6:b9:5b:f2:55:2e:a8:04:47:
         28:37:20:7e:a0:9f:ef:c0:91:8b:27:af:48:9b:aa:de:37:e5:
         86:f7:ed:d5:75:8b:d5:0e:02:d5:3e:bc:e2:d0:5f:4f:1a:da:
         99:7b:43:11:c4:f9:bf:3c:c5:da:2c:2f:85:73:01:43:56:2d:
         a3:70:c0:f3:3d:41:80:69:e1:d9:76:01:a4:35:0c:78:13:c3:
         d0:0f:df:22:63:62:ab:86:70:d2:83:91:d6:ce:2f:8d:23:47:
         27:7e:e2:e9:16:38:ce:27:17:72:53:0e:9a:9e:7a:e9:90:94:
         aa:f8:40:12
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYbfUBw0G90z5/lypG1VViR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzE0MDg1MDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWY2Yzk3OWMwNDUyN2QzNmYyNzkxMTUxODRiNGIxZTg1NWNlZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKkJoVclJt1uPnzE9POO7Tg0eLhe
aMNuZUQ0WejponZ0cLeUEujz04umZd+3yTVNPaC49vF4U00/4baIZ9pxviKeTJki
7FPwomtZ5MAXTwSdCkrWGr0to4QoLVHKKo5jH1awXKCb4lotAjgcs2BPgtfiaUBx
zcprrcUsYcxZwEK5JnO1tdrhx6x7DwucelGeb0fe8de3fljSq7sKrEsKXKjmi0s1
CuUTGiL3uXNoiJFRX6UZBcWmR/Rp8aWDMcRAqedJgSpDOoQpFPl+yANtOV9D+DP7
xVKeL/qwzXX/DDB0yRpmZ16syeElvXcMAKuNobdTADxrXPWfbazUtimS6QIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFEn2yXnARSfTbyeRFRhLSx6FXO0rMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvU2ZiSmVjQkZKOU52SjVFVkdFdExIb1ZjN1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBAAF
aSoDBAAFaTsDBAAFaT8DBAEFaUQDBAAFaVADBAAFaWYDBAAFaWgDBAIFaXADBAAF
aXYDBAAFaXwDBAAFaX8DBAEFaYoDBAEFaY4DBAAFaZ0DBAAFaaIDBAAFaaUDBAAF
aagDBAEFabowDAMEAAVpxQMEAwVpwAMEAQVpygMEAQVpzjAMAwQBBWnWAwQABWnY
AwQABWniMAwDBAAFae8DBAAFafADBAEFafQwDAMEAAVp9wMEAQVp+AMEAAW0sAME
AMEu0jANBgkqhkiG9w0BAQsFAAOCAQEAJzgA1eGJ7p7j7wGmORA3VcsQLC9t9Wlf
7psoOJPZ3ryvLXo4KhzneHFdryQrwWQ2WcWwE3/hi0pBRVHnu++olXrKzy47HMlu
SU++FGgr0DLd7bwF1TfYBLEJXWO6KgbEUGR3ElpQWeGbiO/K/l9qEwCThJZreoYp
GoQygpso/MmY3xn1TO69xrlb8lUuqARHKDcgfqCf78CRiyevSJuq3jflhvft1XWL
1Q4C1T684tBfTxramXtDEcT5vzzF2iwvhXMBQ1Yto3DA8z1BgGnh2XYBpDUMeBPD
0A/fImNiq4Zw0oOR1s4vjSNHJ37i6RY4zicXclMOmp566ZCUqvhAEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:57 2024 by rpki-client on console-ams.rpki-client.org