Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dgG4xuawGXSIzrrFTTwlAAjdqzc.roa
File:                     dgG4xuawGXSIzrrFTTwlAAjdqzc.roa (raw, json)
Hash identifier:          OVMitjLldMCMQpV6mRbXXfUFmJSBBKuzWYlhDpKSMX8=
Subject key identifier:   76:01:B8:C6:E6:B0:19:74:88:CE:BA:C5:4D:3C:25:00:08:DD:AB:37
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       01872C3F4E75ABE8978DDADC259D1612182D
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dgG4xuawGXSIzrrFTTwlAAjdqzc.roa
Signing time:             Wed 29 Mar 2023 07:22:38 +0000
ROA not before:           Wed 29 Mar 2023 07:22:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204384
IP address blocks:        5.105.124.0/24 maxlen: 24
                          5.105.127.0/24 maxlen: 24
                          5.105.139.0/24 maxlen: 24
                          5.105.138.0/24 maxlen: 24
                          5.105.143.0/24 maxlen: 24
                          5.105.142.0/24 maxlen: 24
                          5.105.157.0/24 maxlen: 24
                          5.105.165.0/24 maxlen: 24
                          5.105.162.0/24 maxlen: 24
                          5.105.168.0/24 maxlen: 24
                          5.105.170.0/24 maxlen: 24
                          5.105.172.0/24 maxlen: 24
                          5.105.69.0/24 maxlen: 24
                          5.105.68.0/24 maxlen: 24
                          5.105.66.0/24 maxlen: 24
                          5.105.82.0/24 maxlen: 24
                          5.105.104.0/24 maxlen: 24
                          5.105.102.0/24 maxlen: 24
                          5.105.112.0/24 maxlen: 24
                          5.105.118.0/24 maxlen: 24
                          5.105.115.0/24 maxlen: 24
                          5.105.114.0/24 maxlen: 24
                          5.105.113.0/24 maxlen: 24
                          5.105.228.0/24 maxlen: 24
                          5.105.240.0/24 maxlen: 24
                          5.105.239.0/24 maxlen: 24
                          5.105.244.0/24 maxlen: 24
                          5.105.245.0/24 maxlen: 24
                          5.105.249.0/24 maxlen: 24
                          5.105.248.0/24 maxlen: 24
                          5.105.186.0/24 maxlen: 24
                          5.105.185.0/24 maxlen: 24
                          5.105.187.0/24 maxlen: 24
                          193.46.210.0/24 maxlen: 24
                          5.105.199.0/24 maxlen: 24
                          5.105.198.0/24 maxlen: 24
                          5.105.197.0/24 maxlen: 24
                          5.105.202.0/24 maxlen: 24
                          5.105.206.0/24 maxlen: 24
                          5.105.203.0/24 maxlen: 24
                          5.105.207.0/24 maxlen: 24
                          5.105.216.0/24 maxlen: 24
                          5.105.215.0/24 maxlen: 24
                          5.105.218.0/24 maxlen: 24
                          5.105.226.0/24 maxlen: 24
                          5.105.31.0/24 maxlen: 24
                          5.105.51.0/24 maxlen: 24
                          5.180.176.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 30 Mar 2023 08:12:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:2c:3f:4e:75:ab:e8:97:8d:da:dc:25:9d:16:12:18:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Mar 29 07:22:38 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7601b8c6e6b0197488cebac54d3c250008ddab37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:80:6d:5b:1e:09:3b:26:04:d7:a8:b1:16:8b:
                    33:bd:80:b5:d4:41:f9:29:bb:e6:81:e4:6c:45:34:
                    60:25:a9:b2:b5:f8:03:d0:2b:7b:cf:e1:90:6d:32:
                    8e:af:8e:61:12:2f:a5:cc:83:72:52:d4:c9:c3:3a:
                    fa:97:5a:6a:55:38:75:4f:b5:d9:59:83:07:cf:0d:
                    24:0a:0a:5d:d1:04:d3:5e:87:f1:c6:d0:da:85:c4:
                    bb:0b:46:48:8c:3a:52:3b:ac:48:07:77:b6:9f:71:
                    0b:64:c6:2a:a6:28:8e:dd:ca:2c:9e:d1:43:a4:3d:
                    f6:4a:ce:76:c9:95:05:1d:c4:b4:8d:4f:c2:0f:f1:
                    06:1f:60:6a:8b:5b:a4:1d:3a:b6:a4:a4:f2:21:20:
                    a1:70:98:6f:6b:32:c9:34:9a:95:2e:3a:52:cc:fb:
                    a6:c6:2e:c2:cb:f8:ef:06:43:84:67:ec:a9:04:4e:
                    00:9a:05:4f:21:0e:3b:19:aa:3f:83:a6:ed:86:3c:
                    39:d0:8e:93:4f:97:9a:5d:4a:58:31:01:b9:00:68:
                    0b:c0:f4:49:79:01:3c:8e:b3:07:72:bb:ed:89:4d:
                    a3:87:fa:c1:ed:e9:26:0c:04:4e:40:a5:1d:cd:9a:
                    f9:30:7c:b9:3f:15:93:cc:de:da:76:44:cd:33:dc:
                    d3:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:01:B8:C6:E6:B0:19:74:88:CE:BA:C5:4D:3C:25:00:08:DD:AB:37
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/dgG4xuawGXSIzrrFTTwlAAjdqzc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.31.0/24
                  5.105.51.0/24
                  5.105.66.0/24
                  5.105.68.0/23
                  5.105.82.0/24
                  5.105.102.0/24
                  5.105.104.0/24
                  5.105.112.0/22
                  5.105.118.0/24
                  5.105.124.0/24
                  5.105.127.0/24
                  5.105.138.0/23
                  5.105.142.0/23
                  5.105.157.0/24
                  5.105.162.0/24
                  5.105.165.0/24
                  5.105.168.0/24
                  5.105.170.0/24
                  5.105.172.0/24
                  5.105.185.0-5.105.187.255
                  5.105.197.0-5.105.199.255
                  5.105.202.0/23
                  5.105.206.0/23
                  5.105.215.0-5.105.216.255
                  5.105.218.0/24
                  5.105.226.0/24
                  5.105.228.0/24
                  5.105.239.0-5.105.240.255
                  5.105.244.0/23
                  5.105.248.0/23
                  5.180.176.0/24
                  193.46.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:fa:12:17:42:19:a1:f6:83:b4:a6:31:8a:f1:51:f2:21:8d:
         0d:b8:9a:4c:a1:be:e5:1f:df:30:8e:b0:ca:35:67:69:bb:9e:
         75:66:a4:13:be:73:37:c4:0f:85:c9:ed:bd:37:a7:82:78:5f:
         3c:b4:f9:0c:40:ce:d1:9b:74:9f:d6:9b:bd:3a:15:2e:0c:d8:
         97:fe:2d:54:bc:fb:4e:ba:2e:89:c0:45:a1:25:d4:ec:38:df:
         fa:08:16:3e:82:8f:72:8f:65:cc:c0:29:7b:d8:4e:85:9c:73:
         02:db:cd:26:45:4e:47:75:e9:e7:8d:83:54:e4:f6:34:48:8b:
         59:66:83:db:d8:6e:a0:52:ee:96:fa:ab:db:13:a2:67:e0:48:
         c5:18:51:97:07:fe:50:79:34:c0:03:f1:14:c2:9c:68:ee:35:
         fb:61:b4:bd:2f:84:18:57:57:8f:6f:47:27:18:40:34:d7:aa:
         b8:9a:a8:da:f6:bf:29:d5:41:89:fc:b6:60:e7:54:66:69:68:
         18:f1:19:a1:f2:c3:26:f6:67:47:b2:3c:8c:0b:bc:74:67:df:
         b9:1f:f9:da:7f:a6:b4:68:65:f4:7f:c0:1c:26:61:83:07:35:
         df:2b:4b:bc:fd:ac:b1:8a:3b:10:77:14:dd:e9:cc:4f:63:18:
         96:1c:5e:84
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYcsP051q+iXjdrcJZ0WEhgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzI5MDcyMjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjAxYjhjNmU2YjAxOTc0ODhjZWJhYzU0ZDNjMjUwMDA4ZGRhYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYBtWx4JOyYE16ixFoszvYC11EH5
KbvmgeRsRTRgJamytfgD0Ct7z+GQbTKOr45hEi+lzINyUtTJwzr6l1pqVTh1T7XZ
WYMHzw0kCgpd0QTTXofxxtDahcS7C0ZIjDpSO6xIB3e2n3ELZMYqpiiO3cosntFD
pD32Ss52yZUFHcS0jU/CD/EGH2Bqi1ukHTq2pKTyISChcJhvazLJNJqVLjpSzPum
xi7Cy/jvBkOEZ+ypBE4AmgVPIQ47Gao/g6bthjw50I6TT5eaXUpYMQG5AGgLwPRJ
eQE8jrMHcrvtiU2jh/rB7ekmDAROQKUdzZr5MHy5PxWTzN7adkTNM9zTpwIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFHYBuMbmsBl0iM66xU08JQAI3as3MB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvZGdHNHh1YXdHWFNJenJyRlRUd2xBQWpkcXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBAAF
aR8DBAAFaTMDBAAFaUIDBAEFaUQDBAAFaVIDBAAFaWYDBAAFaWgDBAIFaXADBAAF
aXYDBAAFaXwDBAAFaX8DBAEFaYoDBAEFaY4DBAAFaZ0DBAAFaaIDBAAFaaUDBAAF
aagDBAAFaaoDBAAFaawwDAMEAAVpuQMEAgVpuDAMAwQABWnFAwQDBWnAAwQBBWnK
AwQBBWnOMAwDBAAFadcDBAAFadgDBAAFadoDBAAFaeIDBAAFaeQwDAMEAAVp7wME
AAVp8AMEAQVp9AMEAQVp+AMEAAW0sAMEAMEu0jANBgkqhkiG9w0BAQsFAAOCAQEA
afoSF0IZofaDtKYxivFR8iGNDbiaTKG+5R/fMI6wyjVnabuedWakE75zN8QPhcnt
vTengnhfPLT5DEDO0Zt0n9abvToVLgzYl/4tVLz7TrouicBFoSXU7Djf+ggWPoKP
co9lzMApe9hOhZxzAtvNJkVOR3Xp542DVOT2NEiLWWaD29huoFLulvqr2xOiZ+BI
xRhRlwf+UHk0wAPxFMKcaO41+2G0vS+EGFdXj29HJxhANNequJqo2va/KdVBify2
YOdUZmloGPEZofLDJvZnR7I8jAu8dGffuR/52n+mtGhl9H/AHCZhgwc13ytLvP2s
sYo7EHcU3enMT2MYlhxehA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:28 2024 by rpki-client on console-fra.rpki-client.org