Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/T8GbED99EcmTWoPzJS2fzLxC0yg.roa
File:                     T8GbED99EcmTWoPzJS2fzLxC0yg.roa (raw, json)
Hash identifier:          YrHja/rj+EtejBeKCzWi8t567r5dxSMT5oQQaIQYEwU=
Subject key identifier:   4F:C1:9B:10:3F:7D:11:C9:93:5A:83:F3:25:2D:9F:CC:BC:42:D3:28
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018CD97BA62A1DF87C70525185BCE68299E3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/T8GbED99EcmTWoPzJS2fzLxC0yg.roa
Signing time:             Fri 05 Jan 2024 11:56:48 +0000
ROA not before:           Fri 05 Jan 2024 11:56:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     0
IP address blocks:        185.218.84.0/22 maxlen: 24
                          178.215.224.0/24 maxlen: 24
                          94.156.239.0/24 maxlen: 24
                          178.215.236.0/24 maxlen: 24
                          171.22.72.0/22 maxlen: 24
                          185.252.176.0/24 maxlen: 24
                          147.78.101.0/24 maxlen: 24
                          147.78.102.0/24 maxlen: 24
                          193.37.41.0/24 maxlen: 24
                          185.226.172.0/24 maxlen: 24
                          45.84.89.0/24 maxlen: 24
                          185.226.175.0/24 maxlen: 24
                          92.119.196.0/23 maxlen: 24
                          185.216.84.0/22 maxlen: 24
                          45.88.90.0/24 maxlen: 24
                          87.121.45.0/24 maxlen: 24
                          87.120.87.0/24 maxlen: 24
                          94.154.162.0/23 maxlen: 24
                          94.154.161.0/24 maxlen: 24
                          94.154.172.0/24 maxlen: 24
                          87.121.221.0/24 maxlen: 24
                          45.151.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Jan 2024 10:48:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:d9:7b:a6:2a:1d:f8:7c:70:52:51:85:bc:e6:82:99:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  5 11:56:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4fc19b103f7d11c9935a83f3252d9fccbc42d328
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:02:bc:e1:72:df:b7:6c:e6:6c:13:f5:47:6b:
                    0a:6a:04:eb:c2:50:92:ce:c0:eb:c9:70:5e:82:c4:
                    68:3c:44:41:32:f5:47:46:bf:c3:d8:b6:f8:70:fe:
                    c8:d4:12:64:b7:9c:f9:e1:19:ae:d2:a7:77:ca:29:
                    bc:b4:9a:e2:08:27:9a:d6:13:03:4f:48:2d:fa:9d:
                    22:51:d7:75:c5:1d:25:f1:f0:03:70:89:6a:24:31:
                    25:8c:e1:0c:ca:09:af:6e:97:57:80:39:b4:0a:a2:
                    49:05:d5:53:11:2f:d7:f2:aa:98:e2:a6:06:8a:b8:
                    51:8f:d3:04:61:98:33:95:59:ed:26:96:a5:0c:44:
                    6f:c1:5d:11:ed:52:dd:19:4a:95:01:31:be:ea:28:
                    3b:6e:bf:a1:e2:ce:3f:13:b4:10:54:84:cc:0e:4d:
                    58:d2:a7:df:38:e2:a3:ab:61:62:8c:2c:98:ff:d6:
                    5a:6d:1a:7c:c8:5b:72:04:61:2e:12:9c:cd:a8:53:
                    2c:69:c3:32:62:63:f8:b1:22:83:40:c0:11:7c:0c:
                    52:e9:0c:ca:74:93:bb:f6:d2:78:5f:55:d1:dc:2f:
                    0e:8a:52:43:0a:ca:dd:91:d0:95:2d:42:a1:35:7f:
                    51:02:90:29:e0:00:b5:77:22:1f:11:b7:93:07:b2:
                    01:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:C1:9B:10:3F:7D:11:C9:93:5A:83:F3:25:2D:9F:CC:BC:42:D3:28
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/T8GbED99EcmTWoPzJS2fzLxC0yg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.84.89.0/24
                  45.88.90.0/24
                  45.151.89.0/24
                  87.120.87.0/24
                  87.121.45.0/24
                  87.121.221.0/24
                  92.119.196.0/23
                  94.154.161.0-94.154.163.255
                  94.154.172.0/24
                  94.156.239.0/24
                  147.78.101.0-147.78.102.255
                  171.22.72.0/22
                  178.215.224.0/24
                  178.215.236.0/24
                  185.216.84.0/22
                  185.218.84.0/22
                  185.226.172.0/24
                  185.226.175.0/24
                  185.252.176.0/24
                  193.37.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:cc:81:4e:81:54:69:74:0e:cd:22:a9:7a:99:01:36:2a:92:
         af:ac:75:a6:90:9d:6c:4e:b5:20:5f:b2:d8:53:68:7d:57:9a:
         9f:29:d8:fa:4b:cf:15:9d:bc:13:ed:5c:0b:6b:bc:49:1b:70:
         10:fd:30:84:24:bb:b6:8b:dc:d7:24:6b:f4:8c:e9:9b:b8:bd:
         a2:62:93:84:b7:2a:34:1e:47:fc:cd:6c:06:59:3f:fd:a5:a4:
         09:05:42:82:f3:b9:16:a0:f1:8b:9d:69:6e:41:aa:d3:81:eb:
         3b:12:8a:67:07:51:50:f7:92:ea:e4:c2:10:c6:ad:b5:c2:f2:
         8a:44:22:aa:f9:e7:b0:d3:80:ef:d7:69:25:4b:20:e7:2f:cc:
         98:14:2d:ae:0b:3a:2c:ea:e1:b4:6c:df:5e:d3:09:e6:ec:ee:
         f3:14:79:5f:23:41:ca:bc:69:8b:4f:ec:79:d2:ec:c7:b6:b5:
         21:69:ca:a3:cc:a2:1f:e6:08:54:14:21:ef:a3:b9:56:94:6d:
         2b:7f:ef:b6:af:df:a4:da:bb:40:e7:e5:e5:92:c7:e8:cb:3c:
         c0:f4:90:ac:07:89:81:3f:8e:e7:af:27:61:5a:e1:d1:b8:17:
         9e:f8:6d:14:ed:6c:2c:35:c0:83:1b:5c:1a:e7:ea:67:94:b1:
         f6:2f:ef:ef
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYzZe6YqHfh8cFJRhbzmgpnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTA1MTE1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmMxOWIxMDNmN2QxMWM5OTM1YTgzZjMyNTJkOWZjY2JjNDJkMzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAK84XLft2zmbBP1R2sKagTrwlCS
zsDryXBegsRoPERBMvVHRr/D2Lb4cP7I1BJkt5z54Rmu0qd3yim8tJriCCea1hMD
T0gt+p0iUdd1xR0l8fADcIlqJDEljOEMygmvbpdXgDm0CqJJBdVTES/X8qqY4qYG
irhRj9MEYZgzlVntJpalDERvwV0R7VLdGUqVATG+6ig7br+h4s4/E7QQVITMDk1Y
0qffOOKjq2FijCyY/9ZabRp8yFtyBGEuEpzNqFMsacMyYmP4sSKDQMARfAxS6QzK
dJO79tJ4X1XR3C8OilJDCsrdkdCVLUKhNX9RApAp4AC1dyIfEbeTB7IBEwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFE/BmxA/fRHJk1qD8yUtn8y8QtMoMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVDhHYkVEOTlFY21UV29QekpTMmZ6THhDMHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAAt
VFkDBAAtWFoDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QwDAMEAF6aoQME
Al6aoAMEAF6arAMEAF6c7zAMAwQAk05lAwQAk05mAwQCqxZIAwQAstfgAwQAstfs
AwQCudhUAwQCudpUAwQAueKsAwQAueKvAwQAufywAwQAwSUpMA0GCSqGSIb3DQEB
CwUAA4IBAQBpzIFOgVRpdA7NIql6mQE2KpKvrHWmkJ1sTrUgX7LYU2h9V5qfKdj6
S88VnbwT7VwLa7xJG3AQ/TCEJLu2i9zXJGv0jOmbuL2iYpOEtyo0Hkf8zWwGWT/9
paQJBUKC87kWoPGLnWluQarTges7EopnB1FQ95Lq5MIQxq21wvKKRCKq+eew04Dv
12klSyDnL8yYFC2uCzos6uG0bN9e0wnm7O7zFHlfI0HKvGmLT+x50uzHtrUhacqj
zKIf5ghUFCHvo7lWlG0rf++2r9+k2rtA5+XlksfoyzzA9JCsB4mBP47nrydhWuHR
uBee+G0U7WwsNcCDG1wa5+pnlLH2L+/v
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:33 2024 by rpki-client on console-ams.rpki-client.org