Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ub3P9YMeiYFe6YnGMEaQvxy-sUQ.roa
File:                     ub3P9YMeiYFe6YnGMEaQvxy-sUQ.roa (raw, json)
Hash identifier:          ZaimNUvbpk5o4ce7NKr6BQYtLr3Q7nUDTa61JA2q1DU=
Subject key identifier:   B9:BD:CF:F5:83:1E:89:81:5E:E9:89:C6:30:46:90:BF:1C:BE:B1:44
Certificate issuer:       /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial:       01882949AD5AE4D9E10849EA844CFF1DBAC2
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ub3P9YMeiYFe6YnGMEaQvxy-sUQ.roa
Signing time:             Wed 17 May 2023 10:37:54 +0000
ROA not before:           Wed 17 May 2023 10:37:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207279
IP address blocks:        5.105.124.0/24 maxlen: 24
                          5.105.127.0/24 maxlen: 24
                          5.105.139.0/24 maxlen: 24
                          5.105.142.0/24 maxlen: 24
                          5.105.157.0/24 maxlen: 24
                          5.105.113.0/24 maxlen: 24
                          5.105.29.0/24 maxlen: 24
                          5.105.34.0/24 maxlen: 24
                          5.105.249.0/24 maxlen: 24
                          5.105.39.0/24 maxlen: 24
                          5.105.200.0/24 maxlen: 24
                          5.105.207.0/24 maxlen: 24
                          5.105.216.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 May 2023 18:25:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:29:49:ad:5a:e4:d9:e1:08:49:ea:84:4c:ff:1d:ba:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
        Validity
            Not Before: May 17 10:37:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b9bdcff5831e89815ee989c6304690bf1cbeb144
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d9:4a:28:d2:17:5a:63:8b:f8:38:db:5b:3a:
                    6b:5b:61:ee:7c:3c:72:7b:c5:a9:af:90:97:8b:f7:
                    ca:f9:d8:45:13:1c:ee:9e:79:3f:1d:2a:66:27:ee:
                    c8:8c:bc:05:29:a5:90:18:cd:84:74:17:6b:64:ee:
                    4c:6e:eb:21:4f:c9:77:2e:da:d7:93:5b:ea:35:56:
                    f7:03:68:26:a2:67:bd:06:0c:0e:1b:e3:45:40:91:
                    da:59:ae:2d:94:b5:2e:97:ae:6c:40:05:2f:ad:ec:
                    57:83:47:bc:f1:b5:1c:36:66:fc:5d:55:67:13:54:
                    57:c5:d6:7f:a5:87:b3:b3:33:64:b0:67:f9:a7:9f:
                    43:f3:39:54:fa:93:ec:ea:ac:7d:e9:23:d7:c1:49:
                    00:49:8f:04:68:81:9f:e5:e8:17:d9:c2:e9:88:26:
                    d9:26:a6:8e:54:d5:71:26:73:cc:b5:65:7a:2a:2c:
                    de:04:58:a2:d3:7e:50:66:32:01:36:3f:8e:8a:ea:
                    04:d2:e7:b9:4f:23:7e:da:3e:7b:25:fd:9d:39:31:
                    be:f1:34:0c:fa:24:d5:2e:59:b8:5b:3e:25:74:0a:
                    e9:6d:80:f2:d6:7f:7a:a4:8c:b8:1b:d3:f1:fd:a0:
                    32:e8:da:5f:6c:c7:13:87:f1:3f:f8:ff:07:26:86:
                    c9:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:BD:CF:F5:83:1E:89:81:5E:E9:89:C6:30:46:90:BF:1C:BE:B1:44
            X509v3 Authority Key Identifier:
                keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ub3P9YMeiYFe6YnGMEaQvxy-sUQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.105.29.0/24
                  5.105.34.0/24
                  5.105.39.0/24
                  5.105.113.0/24
                  5.105.124.0/24
                  5.105.127.0/24
                  5.105.139.0/24
                  5.105.142.0/24
                  5.105.157.0/24
                  5.105.200.0/24
                  5.105.207.0/24
                  5.105.216.0/24
                  5.105.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:b4:81:8b:27:63:5b:e4:eb:28:e7:eb:55:93:36:09:1c:f2:
         c5:72:ac:1d:4d:30:9f:15:52:9a:5e:2c:02:87:0e:1b:ae:1e:
         c4:32:b4:d1:bd:8c:33:cc:c5:41:0c:7b:66:a8:3a:8c:0b:4a:
         40:e9:4d:20:b3:a4:22:ce:3a:0c:ad:8a:87:db:5e:02:21:6d:
         44:83:1f:3f:bb:1a:bc:88:be:a8:93:c3:28:46:78:c8:6b:d3:
         39:22:c7:35:ea:e2:06:f8:04:64:6e:f1:3a:c1:cf:70:97:d7:
         9d:6a:64:df:ea:9e:13:46:0a:0b:18:8c:c3:fb:33:a5:eb:56:
         60:4c:4f:4b:ca:9b:5c:f9:bf:fe:2d:f4:20:45:c4:72:3c:28:
         ea:1a:53:39:16:9c:3d:fd:5b:b7:83:af:b0:1d:b2:51:42:ef:
         0c:29:f2:92:9c:b1:5f:e9:07:ee:9c:46:1a:3a:2a:c7:1d:3d:
         36:c4:af:15:8c:e2:64:f2:00:04:2c:28:16:89:3d:9f:32:cb:
         bf:83:6d:60:ba:e1:ff:49:fd:96:f0:84:d9:92:51:cc:77:41:
         c1:a6:c2:3f:08:cc:e9:63:dc:6d:a6:8f:ec:c9:83:07:f2:34:
         00:42:4a:d6:f2:22:2a:7d:6b:a2:c3:75:4c:1b:0f:53:04:0e:
         da:a2:db:76
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYgpSa1a5NnhCEnqhEz/HbrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNTE3MTAzNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWJkY2ZmNTgzMWU4OTgxNWVlOTg5YzYzMDQ2OTBiZjFjYmViMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9lKKNIXWmOL+DjbWzprW2HufDxy
e8Wpr5CXi/fK+dhFExzunnk/HSpmJ+7IjLwFKaWQGM2EdBdrZO5MbushT8l3LtrX
k1vqNVb3A2gmome9BgwOG+NFQJHaWa4tlLUul65sQAUvrexXg0e88bUcNmb8XVVn
E1RXxdZ/pYezszNksGf5p59D8zlU+pPs6qx96SPXwUkASY8EaIGf5egX2cLpiCbZ
JqaOVNVxJnPMtWV6KizeBFii035QZjIBNj+OiuoE0ue5TyN+2j57Jf2dOTG+8TQM
+iTVLlm4Wz4ldArpbYDy1n96pIy4G9Px/aAy6NpfbMcTh/E/+P8HJobJSwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFLm9z/WDHomBXumJxjBGkL8cvrFEMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvdWIzUDlZTWVpWUZlNlluR01FYVF2eHktc1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABWkdAwQA
BWkiAwQABWknAwQABWlxAwQABWl8AwQABWl/AwQABWmLAwQABWmOAwQABWmdAwQA
BWnIAwQABWnPAwQABWnYAwQABWn5MA0GCSqGSIb3DQEBCwUAA4IBAQC+tIGLJ2Nb
5Oso5+tVkzYJHPLFcqwdTTCfFVKaXiwChw4brh7EMrTRvYwzzMVBDHtmqDqMC0pA
6U0gs6QizjoMrYqH214CIW1Egx8/uxq8iL6ok8MoRnjIa9M5Isc16uIG+ARkbvE6
wc9wl9edamTf6p4TRgoLGIzD+zOl61ZgTE9Lyptc+b/+LfQgRcRyPCjqGlM5Fpw9
/Vu3g6+wHbJRQu8MKfKSnLFf6QfunEYaOirHHT02xK8VjOJk8gAELCgWiT2fMsu/
g21guuH/Sf2W8ITZklHMd0HBpsI/CMzpY9xtpo/syYMH8jQAQkrW8iIqfWuiw3VM
Gw9TBA7aott2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:59 2024 by rpki-client on console-ams.rpki-client.org