Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/_K8hisDRyGFyZMcBat6LtW3w19c.roa
File:                     _K8hisDRyGFyZMcBat6LtW3w19c.roa (raw, json)
Hash identifier:          YnS3szMxJG5KeNtManZU+X5F0fr1QocZqYSPvi6IvP0=
Subject key identifier:   FC:AF:21:8A:C0:D1:C8:61:72:64:C7:01:6A:DE:8B:B5:6D:F0:D7:D7
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       01880AB0A7788A285AAE482A381E5F09D284
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/_K8hisDRyGFyZMcBat6LtW3w19c.roa
Signing time:             Thu 11 May 2023 12:02:09 +0000
ROA not before:           Thu 11 May 2023 12:02:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3507
IP address blocks:        5.105.49.0/24 maxlen: 24
                          5.105.69.0/24 maxlen: 24
                          5.105.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:0a:b0:a7:78:8a:28:5a:ae:48:2a:38:1e:5f:09:d2:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: May 11 12:02:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fcaf218ac0d1c8617264c7016ade8bb56df0d7d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:70:df:85:db:bf:b3:79:32:ed:11:44:fb:61:
                    30:1e:1a:67:c0:1c:31:c7:7c:05:46:9a:1d:d8:92:
                    fc:67:14:a7:a5:4d:be:9e:6f:8b:8a:b1:f4:23:18:
                    b2:4f:d5:ff:81:e2:04:19:7f:c9:2b:e3:26:c9:b8:
                    6e:63:41:f0:f7:6e:43:03:db:76:55:c0:a4:85:86:
                    6b:28:e7:13:a9:36:3e:b9:27:a3:f3:66:fb:bb:6c:
                    8f:32:fb:50:a9:dd:56:8c:8e:d2:23:b7:a1:58:49:
                    2a:98:07:b0:d9:f0:41:93:70:89:84:bd:00:65:fb:
                    66:d8:f0:32:e0:60:4f:3c:88:76:c6:56:cf:50:fe:
                    20:12:d3:be:00:00:d8:c0:0a:06:34:7b:dc:a6:d7:
                    42:cc:1c:3b:71:16:6e:7a:b3:f2:ec:21:4f:87:ca:
                    b6:b9:eb:41:61:7c:f0:56:60:79:7a:10:e6:e8:12:
                    5b:a1:a2:59:04:1a:cd:19:86:c9:08:e1:de:ee:d7:
                    33:0b:57:20:ec:bd:f4:e2:83:ab:46:14:b4:8c:ba:
                    ec:d2:fc:ab:42:36:41:22:09:73:7e:47:07:7a:28:
                    e4:9d:c0:71:89:4c:e6:22:03:c9:14:68:02:44:40:
                    8c:90:a2:ed:3c:03:87:eb:a6:8b:61:79:3f:17:b3:
                    12:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:AF:21:8A:C0:D1:C8:61:72:64:C7:01:6A:DE:8B:B5:6D:F0:D7:D7
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/_K8hisDRyGFyZMcBat6LtW3w19c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.49.0/24
                  5.105.69.0/24
                  5.105.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:1e:50:29:3c:dc:7c:1b:1d:c3:3e:e4:dd:5c:02:29:cf:dc:
         18:10:fc:84:65:52:f7:b3:15:36:f1:c5:04:25:5a:5c:54:1d:
         81:38:06:91:b3:1c:e3:0e:93:5c:3d:51:3e:4f:52:5e:0c:12:
         a3:ed:da:16:bb:e4:74:94:65:27:de:b3:0c:13:1a:9c:83:53:
         a7:17:e4:2c:c6:b2:5c:86:15:36:25:2b:bb:74:70:79:51:07:
         2d:d5:a3:8c:7d:f8:48:d8:3c:9b:5c:21:5e:1a:b1:fe:1a:fc:
         7c:1c:de:b2:df:d8:db:e9:7d:ee:50:da:1c:41:c4:f6:bc:c5:
         3a:42:d0:63:ef:22:ae:2c:c3:79:ff:91:ec:04:91:d2:e4:46:
         be:05:58:ee:8d:eb:56:1f:51:ab:f8:8b:82:a4:e7:e7:77:c0:
         5f:4d:9e:29:87:9a:20:53:a1:b1:8b:60:22:94:2b:b1:49:c6:
         de:dc:d0:8d:3c:71:67:00:06:aa:ad:86:83:57:58:ed:4c:f1:
         6b:0c:47:3c:bb:eb:55:f7:69:f7:a5:bb:38:54:e7:6d:dd:a7:
         0d:fb:d2:35:20:37:30:14:a0:f4:93:8b:a8:82:84:90:4f:35:
         42:d2:42:df:3f:10:51:c4:9c:08:1a:73:5b:b8:b7:f3:35:b8:
         52:a5:1c:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgKsKd4iiharkgqOB5fCdKEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTExMTIwMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2FmMjE4YWMwZDFjODYxNzI2NGM3MDE2YWRlOGJiNTZkZjBkN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3Dfhdu/s3ky7RFE+2EwHhpnwBwx
x3wFRpod2JL8ZxSnpU2+nm+LirH0IxiyT9X/geIEGX/JK+MmybhuY0Hw925DA9t2
VcCkhYZrKOcTqTY+uSej82b7u2yPMvtQqd1WjI7SI7ehWEkqmAew2fBBk3CJhL0A
Zftm2PAy4GBPPIh2xlbPUP4gEtO+AADYwAoGNHvcptdCzBw7cRZuerPy7CFPh8q2
uetBYXzwVmB5ehDm6BJboaJZBBrNGYbJCOHe7tczC1cg7L304oOrRhS0jLrs0vyr
QjZBIglzfkcHeijkncBxiUzmIgPJFGgCRECMkKLtPAOH66aLYXk/F7MSjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPyvIYrA0chhcmTHAWrei7Vt8NfXMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvX0s4aGlzRFJ5R0Z5Wk1jQmF0Nkx0VzN3MTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWkxAwQA
BWlFAwQABWnOMA0GCSqGSIb3DQEBCwUAA4IBAQBIHlApPNx8Gx3DPuTdXAIpz9wY
EPyEZVL3sxU28cUEJVpcVB2BOAaRsxzjDpNcPVE+T1JeDBKj7doWu+R0lGUn3rMM
Exqcg1OnF+QsxrJchhU2JSu7dHB5UQct1aOMffhI2DybXCFeGrH+Gvx8HN6y39jb
6X3uUNocQcT2vMU6QtBj7yKuLMN5/5HsBJHS5Ea+BVjujetWH1Gr+IuCpOfnd8Bf
TZ4ph5ogU6Gxi2AilCuxScbe3NCNPHFnAAaqrYaDV1jtTPFrDEc8u+tV92n3pbs4
VOdt3acN+9I1IDcwFKD0k4uogoSQTzVC0kLfPxBRxJwIGnNbuLfzNbhSpRyA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:00 2023 by rpki-client on console-ams.rpki-client.org