Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DdlN8PPUM5TwQ-S7T8b-oNtO10o.roa
File:                     DdlN8PPUM5TwQ-S7T8b-oNtO10o.roa (raw, json)
Hash identifier:          j6DAQlIrHZ/G5zzUzvo9Wy0v/FxTPSCy+BichVvWdLw=
Subject key identifier:   0D:D9:4D:F0:F3:D4:33:94:F0:43:E4:BB:4F:C6:FE:A0:DB:4E:D7:4A
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018C918EB742B5D39820915AC0D00EF6A13D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DdlN8PPUM5TwQ-S7T8b-oNtO10o.roa
Signing time:             Fri 22 Dec 2023 12:44:58 +0000
ROA not before:           Fri 22 Dec 2023 12:44:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        185.218.84.0/22 maxlen: 24
                          178.215.224.0/24 maxlen: 24
                          94.156.239.0/24 maxlen: 24
                          178.215.236.0/24 maxlen: 24
                          171.22.72.0/22 maxlen: 24
                          185.252.176.0/24 maxlen: 24
                          147.78.101.0/24 maxlen: 24
                          147.78.100.0/24 maxlen: 24
                          147.78.102.0/24 maxlen: 24
                          185.226.172.0/24 maxlen: 24
                          185.226.175.0/24 maxlen: 24
                          92.119.196.0/23 maxlen: 24
                          185.216.84.0/22 maxlen: 24
                          45.88.90.0/24 maxlen: 24
                          87.121.45.0/24 maxlen: 24
                          87.120.87.0/24 maxlen: 24
                          83.219.97.0/24 maxlen: 24
                          93.123.116.0/24 maxlen: 24
                          94.154.162.0/23 maxlen: 24
                          94.154.161.0/24 maxlen: 24
                          87.121.221.0/24 maxlen: 24
                          45.151.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Dec 2023 10:27:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:91:8e:b7:42:b5:d3:98:20:91:5a:c0:d0:0e:f6:a1:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Dec 22 12:44:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0dd94df0f3d43394f043e4bb4fc6fea0db4ed74a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d2:44:f5:94:3f:9d:83:6e:e0:6a:84:d7:8a:
                    57:31:28:88:5c:4a:99:2f:87:39:ff:8c:3d:7a:00:
                    69:26:22:29:37:68:2d:1c:e2:bd:c2:2e:e6:c6:da:
                    42:24:12:6b:6e:2b:bf:d9:43:20:0d:1d:dd:9f:3d:
                    4d:78:b5:e6:91:7f:5d:9a:f3:12:6a:e0:ca:21:34:
                    80:c5:46:d8:8a:5a:09:60:79:9d:05:ef:7d:a2:3d:
                    df:b8:f9:a3:60:44:58:09:f5:4f:c9:0f:25:50:a8:
                    ee:83:22:52:45:36:b3:20:a1:76:a4:3e:f8:ae:aa:
                    08:88:bf:67:60:65:96:ab:33:ea:14:3c:2c:8b:f8:
                    87:9f:b6:a8:f6:85:3b:97:d9:b2:8b:77:b4:e1:79:
                    fe:c9:d9:47:99:d8:14:8c:ff:54:0d:8d:94:01:e2:
                    53:a3:3d:29:38:c8:be:49:8b:3b:84:96:c3:ac:f8:
                    08:7b:e9:47:4d:19:dd:59:db:f3:d4:fb:5d:6b:fb:
                    d3:f7:93:1f:d6:53:09:cd:3f:6e:42:ce:22:8e:a6:
                    2f:e8:83:24:30:48:87:19:55:a2:31:a8:6f:85:33:
                    08:7b:2f:9b:c5:c8:11:57:5b:2d:90:c2:32:b0:d5:
                    74:84:3a:c7:98:0b:26:ec:8d:3a:bd:8a:54:b1:af:
                    2d:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:D9:4D:F0:F3:D4:33:94:F0:43:E4:BB:4F:C6:FE:A0:DB:4E:D7:4A
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DdlN8PPUM5TwQ-S7T8b-oNtO10o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.90.0/24
                  45.151.89.0/24
                  83.219.97.0/24
                  87.120.87.0/24
                  87.121.45.0/24
                  87.121.221.0/24
                  92.119.196.0/23
                  93.123.116.0/24
                  94.154.161.0-94.154.163.255
                  94.156.239.0/24
                  147.78.100.0-147.78.102.255
                  171.22.72.0/22
                  178.215.224.0/24
                  178.215.236.0/24
                  185.216.84.0/22
                  185.218.84.0/22
                  185.226.172.0/24
                  185.226.175.0/24
                  185.252.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:00:19:9c:5a:61:3e:f3:f5:f5:99:a3:d1:d1:cb:9a:18:06:
         2e:e7:26:a3:cb:22:ce:56:91:ed:5e:12:f1:a0:a6:67:84:ef:
         5f:da:90:1e:88:fa:14:f0:58:1c:19:71:33:97:c7:f8:62:bc:
         d2:db:ca:ba:f7:2e:a5:6e:5a:b2:30:02:f5:19:02:96:c2:ef:
         7a:13:74:0b:65:6b:a1:ab:4c:90:9e:e7:89:69:25:75:f5:45:
         76:55:f2:f0:99:bf:12:71:f7:a9:4e:99:74:f5:d0:cd:92:a0:
         f2:43:bf:f4:8c:11:38:f6:40:0d:bc:5a:66:6f:fb:7c:ba:f1:
         3f:c2:26:0a:20:2d:cb:ac:b4:55:5d:45:2e:b3:39:ce:28:70:
         6a:29:29:ee:9a:78:d2:e2:13:f6:0b:38:ec:9a:18:8b:0f:d3:
         64:fa:03:4a:39:c1:08:51:6c:df:ab:ad:56:59:29:c5:05:18:
         c0:41:dd:e2:ee:c3:a6:e0:ad:d9:b1:88:f3:b8:fa:5b:4b:4c:
         81:73:45:9a:e6:96:a1:6b:24:36:f7:92:98:67:0a:74:61:7d:
         2c:ad:0a:98:7b:9c:3e:82:68:aa:ea:a4:15:ef:65:1a:b8:0d:
         ce:2a:c5:d3:22:2e:ad:2a:ea:62:0c:39:98:9a:0d:cb:bd:45:
         49:59:a6:21
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYyRjrdCtdOYIJFawNAO9qE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIyMTI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ5NGRmMGYzZDQzMzk0ZjA0M2U0YmI0ZmM2ZmVhMGRiNGVkNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNJE9ZQ/nYNu4GqE14pXMSiIXEqZ
L4c5/4w9egBpJiIpN2gtHOK9wi7mxtpCJBJrbiu/2UMgDR3dnz1NeLXmkX9dmvMS
auDKITSAxUbYiloJYHmdBe99oj3fuPmjYERYCfVPyQ8lUKjugyJSRTazIKF2pD74
rqoIiL9nYGWWqzPqFDwsi/iHn7ao9oU7l9myi3e04Xn+ydlHmdgUjP9UDY2UAeJT
oz0pOMi+SYs7hJbDrPgIe+lHTRndWdvz1Ptda/vT95Mf1lMJzT9uQs4ijqYv6IMk
MEiHGVWiMahvhTMIey+bxcgRV1stkMIysNV0hDrHmAsm7I06vYpUsa8tUwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFA3ZTfDz1DOU8EPku0/G/qDbTtdKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRGRsTjhQUFVNNVR3US1TN1Q4Yi1vTnRPMTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAAt
WFoDBAAtl1kDBABT22EDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBABde3QwDAME
AF6aoQMEAl6aoAMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfs
AwQCudhUAwQCudpUAwQAueKsAwQAueKvAwQAufywMA0GCSqGSIb3DQEBCwUAA4IB
AQCNABmcWmE+8/X1maPR0cuaGAYu5yajyyLOVpHtXhLxoKZnhO9f2pAeiPoU8Fgc
GXEzl8f4YrzS28q69y6lblqyMAL1GQKWwu96E3QLZWuhq0yQnueJaSV19UV2VfLw
mb8ScfepTpl09dDNkqDyQ7/0jBE49kANvFpmb/t8uvE/wiYKIC3LrLRVXUUusznO
KHBqKSnumnjS4hP2CzjsmhiLD9Nk+gNKOcEIUWzfq61WWSnFBRjAQd3i7sOm4K3Z
sYjzuPpbS0yBc0Wa5pahayQ295KYZwp0YX0srQqYe5w+gmiq6qQV72UauA3OKsXT
Ii6tKupiDDmYmg3LvUVJWaYh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:01 2024 by rpki-client on console-fra.rpki-client.org