Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ldWDPxU_ssaVHfuwZliZqDrgpOk.roa
File:                     ldWDPxU_ssaVHfuwZliZqDrgpOk.roa (raw, json)
Hash identifier:          MCmJ9xEmsZ10MeNBKkMgNq4TAZMfPYMkncrhSoaW2aI=
Subject key identifier:   95:D5:83:3F:15:3F:B2:C6:95:1D:FB:B0:66:58:99:A8:3A:E0:A4:E9
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       018A07C462F2F7B533A2DA53980101D3B20D
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ldWDPxU_ssaVHfuwZliZqDrgpOk.roa
Signing time:             Fri 18 Aug 2023 08:30:25 +0000
ROA not before:           Fri 18 Aug 2023 08:30:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21082
IP address blocks:        5.105.164.0/24 maxlen: 24
                          5.105.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 22 Aug 2023 11:32:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:07:c4:62:f2:f7:b5:33:a2:da:53:98:01:01:d3:b2:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: Aug 18 08:30:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95d5833f153fb2c6951dfbb0665899a83ae0a4e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:78:a1:67:a3:4a:ad:a4:8e:51:cd:06:13:f4:
                    9f:f0:f0:83:74:e0:67:e5:bf:2f:b6:80:d5:27:a9:
                    fc:af:8f:2e:6c:31:47:42:81:d7:d2:1b:93:78:b5:
                    cd:3e:ae:2c:f8:2a:00:0e:1b:27:db:6a:7f:d7:8f:
                    6e:91:da:2b:ef:e9:96:bb:66:d6:0a:1a:cb:9b:8a:
                    ef:b4:82:a6:90:db:4b:54:d5:06:25:08:79:a1:95:
                    38:7f:3f:23:d5:7b:79:ab:74:61:d6:c5:0b:4a:a9:
                    4b:5d:a7:39:2f:b2:ff:2d:2b:62:01:29:c8:34:8f:
                    0f:85:03:2b:bf:fd:b3:66:78:cb:18:87:42:e2:3c:
                    bc:1c:8c:6a:9b:dc:42:86:ca:88:b1:d8:28:78:53:
                    f2:8a:bb:e4:03:bb:9a:2c:a6:ff:63:11:e2:bb:a7:
                    50:37:61:86:e8:47:e0:06:0c:74:1b:32:1e:75:eb:
                    18:13:c6:99:17:6a:5e:1c:2c:17:2c:5f:50:ed:43:
                    86:96:d0:d1:51:4f:a3:e7:c6:56:66:0b:95:78:ed:
                    98:22:7e:c5:63:d6:02:b3:4f:d5:ca:2a:53:cf:df:
                    96:e1:bb:a1:65:8e:af:1d:fe:4a:a4:fa:e5:a6:ee:
                    8d:69:aa:ba:89:8d:86:a1:2e:57:6f:92:1d:77:63:
                    90:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:D5:83:3F:15:3F:B2:C6:95:1D:FB:B0:66:58:99:A8:3A:E0:A4:E9
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ldWDPxU_ssaVHfuwZliZqDrgpOk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.111.0/24
                  5.105.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:2a:68:94:49:52:3b:9e:64:62:f2:f4:69:71:df:e2:e3:2a:
         1d:20:a1:62:66:4f:8c:96:2a:e5:c1:be:2f:37:1e:d9:ab:39:
         43:bf:f1:fa:d1:88:78:12:31:d2:aa:a5:f5:c2:2a:1d:d8:e4:
         82:5f:64:60:3d:d2:83:c0:29:06:53:52:66:50:18:a5:5f:6e:
         55:bd:39:02:f1:3f:87:08:8c:64:5b:d4:92:fa:f9:c0:c2:18:
         72:5e:81:88:2c:76:c4:2d:9b:fe:d3:08:ce:31:6c:4a:65:c4:
         b5:90:56:d4:9b:29:d8:80:6f:23:c7:29:fc:7b:1a:01:3b:4e:
         7d:9e:18:35:ef:5d:91:69:1d:0d:91:7d:da:cc:57:2d:64:4a:
         96:9b:f5:53:7c:7b:ed:31:16:92:e1:81:f4:38:a4:83:f7:3c:
         32:13:41:87:94:ef:b0:0d:b2:6b:c6:f4:1c:eb:d2:e2:1b:46:
         3b:dc:50:91:4a:df:2b:e4:d3:01:aa:4e:24:c9:74:9f:be:bd:
         c1:f5:d6:5e:3e:47:13:98:bb:6c:24:8f:a6:b9:28:29:2d:b9:
         e4:6d:4d:ed:27:5e:81:ff:bf:46:d0:b5:5f:92:bf:e7:f1:93:
         4a:3c:f3:a4:63:c3:84:4d:39:ca:29:0e:58:fe:71:86:04:99:
         91:d8:fb:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoHxGLy97UzotpTmAEB07INMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwODE4MDgzMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWQ1ODMzZjE1M2ZiMmM2OTUxZGZiYjA2NjU4OTlhODNhZTBhNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nihZ6NKraSOUc0GE/Sf8PCDdOBn
5b8vtoDVJ6n8r48ubDFHQoHX0huTeLXNPq4s+CoADhsn22p/149ukdor7+mWu2bW
ChrLm4rvtIKmkNtLVNUGJQh5oZU4fz8j1Xt5q3Rh1sULSqlLXac5L7L/LStiASnI
NI8PhQMrv/2zZnjLGIdC4jy8HIxqm9xChsqIsdgoeFPyirvkA7uaLKb/YxHiu6dQ
N2GG6EfgBgx0GzIedesYE8aZF2peHCwXLF9Q7UOGltDRUU+j58ZWZguVeO2YIn7F
Y9YCs0/VyipTz9+W4buhZY6vHf5KpPrlpu6Naaq6iY2GoS5Xb5Idd2OQWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJXVgz8VP7LGlR37sGZYmag64KTpMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvbGRXRFB4VV9zc2FWSGZ1d1psaVpxRHJncE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWlvAwQA
BWmkMA0GCSqGSIb3DQEBCwUAA4IBAQCWKmiUSVI7nmRi8vRpcd/i4yodIKFiZk+M
lirlwb4vNx7ZqzlDv/H60Yh4EjHSqqX1wiod2OSCX2RgPdKDwCkGU1JmUBilX25V
vTkC8T+HCIxkW9SS+vnAwhhyXoGILHbELZv+0wjOMWxKZcS1kFbUmynYgG8jxyn8
exoBO059nhg1712RaR0NkX3azFctZEqWm/VTfHvtMRaS4YH0OKSD9zwyE0GHlO+w
DbJrxvQc69LiG0Y73FCRSt8r5NMBqk4kyXSfvr3B9dZePkcTmLtsJI+muSgpLbnk
bU3tJ16B/79G0LVfkr/n8ZNKPPOkY8OETTnKKQ5Y/nGGBJmR2PvA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:29 2024 by rpki-client on console-fra.rpki-client.org