Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/hLFJ18E6NPAcs1MEjA6MOasqNQs.roa
File:                     hLFJ18E6NPAcs1MEjA6MOasqNQs.roa (raw, json)
Hash identifier:          L9jJCZL6L8qcJ17VVa9Ze1D4T8oCNxWpuqlAclc+eqU=
Subject key identifier:   84:B1:49:D7:C1:3A:34:F0:1C:B3:53:04:8C:0E:8C:39:AB:2A:35:0B
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       0188730E8884A3A008AC8B5DB295CF1A358F
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/hLFJ18E6NPAcs1MEjA6MOasqNQs.roa
Signing time:             Wed 31 May 2023 18:25:12 +0000
ROA not before:           Wed 31 May 2023 18:25:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     398343
IP address blocks:        5.105.247.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:73:0e:88:84:a3:a0:08:ac:8b:5d:b2:95:cf:1a:35:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: May 31 18:25:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=84b149d7c13a34f01cb353048c0e8c39ab2a350b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:9e:d8:f4:ff:08:ea:c2:03:9a:e1:6e:e5:4c:
                    21:b8:93:2b:82:2a:0b:6f:34:48:f3:63:8c:5e:93:
                    09:1b:15:fc:15:f9:64:40:6c:f0:93:de:cc:05:6b:
                    26:3d:82:95:35:db:2f:a6:c4:97:27:82:8f:85:8e:
                    0e:91:26:39:db:45:34:77:63:db:41:9c:b0:f9:52:
                    97:b2:69:24:7f:6d:4e:87:2f:6a:de:a3:58:44:a1:
                    56:e2:47:dd:92:5e:ba:4c:c8:07:55:57:9f:1a:f9:
                    a9:78:f3:27:7b:b7:48:8a:f6:07:0d:6e:fa:83:1b:
                    c9:4c:bc:cc:2e:69:3e:69:ab:42:1e:64:22:c0:63:
                    f5:2d:92:16:eb:a5:13:57:72:7d:2d:5d:a5:93:1e:
                    c6:6f:a9:c1:32:75:7b:c0:7f:73:93:bf:60:2f:ca:
                    da:85:47:92:75:80:03:4f:80:9f:f2:21:c7:06:89:
                    7f:2d:89:ce:e4:ac:07:2b:ad:e1:f2:b6:1f:aa:22:
                    4e:ab:e3:d2:52:68:85:8a:bb:d9:76:a4:de:1d:7a:
                    43:87:76:23:9f:00:74:f8:43:4e:3b:a6:23:44:0f:
                    ce:a7:fb:d6:e7:40:a6:31:58:38:f7:12:eb:00:ba:
                    2d:1f:93:5c:98:53:15:a3:7d:d1:b9:b0:01:e1:fa:
                    1c:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:B1:49:D7:C1:3A:34:F0:1C:B3:53:04:8C:0E:8C:39:AB:2A:35:0B
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/hLFJ18E6NPAcs1MEjA6MOasqNQs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c8:f4:83:ab:4d:4f:27:19:95:e8:b0:b5:0d:87:33:ed:6b:a4:
         22:e7:15:dd:c6:21:6d:6a:63:0b:b8:08:6e:7c:b8:0f:9d:cf:
         32:e4:3b:34:ca:83:0c:e7:62:43:2c:11:4f:81:da:e4:b6:f2:
         7c:0a:44:46:0b:57:3d:51:01:1b:fb:6a:0c:04:15:9e:51:d4:
         95:be:eb:80:66:13:25:ce:43:61:95:d8:63:06:73:f4:8e:a0:
         c6:57:68:0a:59:19:5c:b5:52:f7:82:14:6b:cc:db:59:1e:f5:
         b4:d7:81:b2:d3:a3:30:9c:b5:bb:ba:96:5f:d1:1f:07:4c:82:
         99:1d:25:c2:c3:cb:c3:a4:ec:a7:a3:b2:2f:61:f7:9b:66:0e:
         48:4f:bf:f5:b3:5b:63:28:57:43:1a:2d:f0:5e:10:c0:6c:0a:
         4b:fe:75:12:1d:8b:8a:82:1c:01:ee:f1:4f:af:76:6d:a3:61:
         df:8c:9e:3b:36:26:6d:1e:7f:c7:3d:2e:40:ee:44:e2:e1:eb:
         5a:3f:41:2f:41:d1:b7:52:d8:b7:ed:46:5b:dc:54:35:07:5c:
         db:dc:8e:78:81:fb:1d:19:96:ea:a5:cc:cb:45:d7:58:fa:1c:
         fb:e0:39:93:0d:27:a7:15:66:4a:f2:e1:de:00:2f:d3:df:e2:
         09:a1:3d:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhzDoiEo6AIrItdspXPGjWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTMxMTgyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGIxNDlkN2MxM2EzNGYwMWNiMzUzMDQ4YzBlOGMzOWFiMmEzNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnp7Y9P8I6sIDmuFu5UwhuJMrgioL
bzRI82OMXpMJGxX8FflkQGzwk97MBWsmPYKVNdsvpsSXJ4KPhY4OkSY520U0d2Pb
QZyw+VKXsmkkf21Ohy9q3qNYRKFW4kfdkl66TMgHVVefGvmpePMne7dIivYHDW76
gxvJTLzMLmk+aatCHmQiwGP1LZIW66UTV3J9LV2lkx7Gb6nBMnV7wH9zk79gL8ra
hUeSdYADT4Cf8iHHBol/LYnO5KwHK63h8rYfqiJOq+PSUmiFirvZdqTeHXpDh3Yj
nwB0+ENOO6YjRA/Op/vW50CmMVg49xLrALotH5NcmFMVo33RubAB4focbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFISxSdfBOjTwHLNTBIwOjDmrKjULMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvaExGSjE4RTZOUEFjczFNRWpBNk1PYXNxTlFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWn3MA0G
CSqGSIb3DQEBCwUAA4IBAQDI9IOrTU8nGZXosLUNhzPta6Qi5xXdxiFtamMLuAhu
fLgPnc8y5Ds0yoMM52JDLBFPgdrktvJ8CkRGC1c9UQEb+2oMBBWeUdSVvuuAZhMl
zkNhldhjBnP0jqDGV2gKWRlctVL3ghRrzNtZHvW014Gy06MwnLW7upZf0R8HTIKZ
HSXCw8vDpOyno7IvYfebZg5IT7/1s1tjKFdDGi3wXhDAbApL/nUSHYuKghwB7vFP
r3Zto2HfjJ47NiZtHn/HPS5A7kTi4etaP0EvQdG3Uti37UZb3FQ1B1zb3I54gfsd
GZbqpczLRddY+hz74DmTDSenFWZK8uHeAC/T3+IJoT2g
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:18 2023 by rpki-client on console-fra.rpki-client.org