Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aHt4uTnmvc_r5YBviLpCejlbeMA.roa
File:                     aHt4uTnmvc_r5YBviLpCejlbeMA.roa (raw, json)
Hash identifier:          LQicCFGSWjTKb5CraOB4MrNv1XTh1YEzwTGmKfXxboY=
Subject key identifier:   68:7B:78:B9:39:E6:BD:CF:EB:E5:80:6F:88:BA:42:7A:39:5B:78:C0
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       01856BE5A94B01D78832901C3A1EAEC6FCD2
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aHt4uTnmvc_r5YBviLpCejlbeMA.roa
Signing time:             Sun 01 Jan 2023 05:54:51 +0000
ROA not before:           Sun 01 Jan 2023 05:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21100
IP address blocks:        5.105.77.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Jan 2023 15:49:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:e5:a9:4b:01:d7:88:32:90:1c:3a:1e:ae:c6:fc:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Jan  1 05:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=687b78b939e6bdcfebe5806f88ba427a395b78c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:82:4f:8e:db:8d:2a:7c:b5:07:46:ac:74:a3:
                    d7:b7:72:b4:cd:2e:ac:31:19:0d:ad:c4:f9:17:94:
                    14:d2:ce:74:f3:07:59:b8:ea:29:02:19:c6:53:af:
                    c5:08:35:bd:3b:ea:3a:f1:b1:de:7e:23:35:1d:a3:
                    25:38:04:a1:a1:51:9c:0e:65:7b:6a:b3:8e:84:de:
                    0f:10:4d:c8:1d:c1:1a:d2:a1:2f:6b:de:eb:3c:83:
                    f5:8b:aa:a3:3d:5e:80:7f:bd:91:4f:70:89:ea:07:
                    f6:d8:b3:6b:18:57:52:50:d5:9d:cd:10:87:bc:d0:
                    eb:f9:26:6e:1b:57:22:9c:9a:24:c8:cc:32:2f:68:
                    2d:6c:b1:4d:3d:1a:a9:a0:aa:c0:ab:d1:ad:d2:03:
                    11:c9:03:74:6f:04:a1:96:2c:a2:b4:43:a4:d6:dd:
                    f1:19:82:92:13:c5:2d:8f:da:2a:41:76:d5:4b:46:
                    65:e2:ff:a7:ea:30:0b:8e:2a:04:9e:4a:f0:5b:b1:
                    f0:cc:da:97:32:a7:5e:84:b2:d1:4e:df:cb:44:9d:
                    10:ec:1e:04:83:83:b0:70:70:72:45:73:bb:3e:f2:
                    a5:dc:a6:0d:b0:dc:e7:f4:b9:f0:86:9e:76:41:20:
                    9a:9e:73:de:f9:72:fd:8a:ab:ab:ff:e8:6c:fa:43:
                    6b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:7B:78:B9:39:E6:BD:CF:EB:E5:80:6F:88:BA:42:7A:39:5B:78:C0
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/aHt4uTnmvc_r5YBviLpCejlbeMA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d3:59:2f:1f:04:d9:bd:c9:66:27:39:f1:7b:b9:d1:22:07:1f:
         df:6d:ba:35:f6:e2:47:85:d9:1f:d4:dc:6d:4d:14:f5:36:31:
         1b:4d:ff:72:45:4a:6f:4b:20:a2:3d:ae:dc:74:ef:da:6e:a0:
         f4:af:85:4c:81:17:be:d7:00:5f:09:3f:51:a2:5e:b1:db:af:
         11:fe:57:62:86:98:6f:40:95:38:69:ca:6d:d5:70:57:f4:f6:
         0a:e1:93:eb:84:d1:0f:dd:22:a6:97:e1:13:84:76:69:d1:c6:
         92:91:1e:53:eb:62:96:20:73:63:b2:13:bd:ea:ab:16:93:0c:
         03:43:17:31:c1:56:df:04:10:d4:cc:20:92:c7:0b:c8:8f:c0:
         72:e1:b1:6c:2b:f3:e2:2d:4e:7f:99:ca:4b:88:64:64:39:58:
         d8:1d:9f:53:36:2a:48:ea:60:2a:a4:2c:e9:5c:c2:e9:83:47:
         00:1c:87:d1:31:68:e8:d0:9d:22:bc:d4:f3:c0:84:2f:f4:72:
         84:1b:37:e3:dc:f2:34:6d:61:55:16:49:4f:d9:1f:05:72:d6:
         ef:75:44:be:ea:ec:c4:4b:f4:b0:ca:18:fa:78:76:bf:28:de:
         a1:0c:45:8f:51:2d:70:c8:37:63:52:7a:91:16:c5:40:f2:72:
         70:a6:19:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr5alLAdeIMpAcOh6uxvzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTAxMDU1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODdiNzhiOTM5ZTZiZGNmZWJlNTgwNmY4OGJhNDI3YTM5NWI3OGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIJPjtuNKny1B0asdKPXt3K0zS6s
MRkNrcT5F5QU0s508wdZuOopAhnGU6/FCDW9O+o68bHefiM1HaMlOAShoVGcDmV7
arOOhN4PEE3IHcEa0qEva97rPIP1i6qjPV6Af72RT3CJ6gf22LNrGFdSUNWdzRCH
vNDr+SZuG1cinJokyMwyL2gtbLFNPRqpoKrAq9Gt0gMRyQN0bwShliyitEOk1t3x
GYKSE8Utj9oqQXbVS0Zl4v+n6jALjioEnkrwW7HwzNqXMqdehLLRTt/LRJ0Q7B4E
g4OwcHByRXO7PvKl3KYNsNzn9Lnwhp52QSCannPe+XL9iqur/+hs+kNrqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGh7eLk55r3P6+WAb4i6Qno5W3jAMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvYUh0NHVUbm12Y19yNVlCdmlMcENlamxiZU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWlNMA0G
CSqGSIb3DQEBCwUAA4IBAQDTWS8fBNm9yWYnOfF7udEiBx/fbbo19uJHhdkf1Nxt
TRT1NjEbTf9yRUpvSyCiPa7cdO/abqD0r4VMgRe+1wBfCT9Rol6x268R/ldihphv
QJU4acpt1XBX9PYK4ZPrhNEP3SKml+EThHZp0caSkR5T62KWIHNjshO96qsWkwwD
QxcxwVbfBBDUzCCSxwvIj8By4bFsK/PiLU5/mcpLiGRkOVjYHZ9TNipI6mAqpCzp
XMLpg0cAHIfRMWjo0J0ivNTzwIQv9HKEGzfj3PI0bWFVFklP2R8FctbvdUS+6uzE
S/Swyhj6eHa/KN6hDEWPUS1wyDdjUnqRFsVA8nJwphlP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:28 2024 by rpki-client on console-fra.rpki-client.org