Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZQCk9k8pVcylwhiAbPoM7NGau2o.roa
File:                     ZQCk9k8pVcylwhiAbPoM7NGau2o.roa (raw, json)
Hash identifier:          h80DSaoduVf9MTdJ7zRlKCtMAxctb4Ol5zC0apA7zz8=
Subject key identifier:   65:00:A4:F6:4F:29:55:CC:A5:C2:18:80:6C:FA:0C:EC:D1:9A:BB:6A
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01915018FA9D849CCF30EEC99B4041399424
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZQCk9k8pVcylwhiAbPoM7NGau2o.roa
Signing time:             Wed 14 Aug 2024 08:54:59 +0000
ROA not before:           Wed 14 Aug 2024 08:54:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     34577
IP address blocks:        37.60.141.0/24 maxlen: 24
                          87.120.0.0/22 maxlen: 22
                          87.120.12.0/24 maxlen: 24
                          87.120.14.0/23 maxlen: 23
                          87.120.44.0/23 maxlen: 23
                          87.120.45.119/32 maxlen: 32
                          87.120.178.0/23 maxlen: 23
                          87.120.180.0/22 maxlen: 22
                          87.120.184.0/22 maxlen: 22
                          87.120.190.0/23 maxlen: 23
                          87.121.48.0/22 maxlen: 22
                          87.121.88.0/23 maxlen: 23
                          93.123.40.0/24 maxlen: 24
                          93.123.41.0/24 maxlen: 24
                          93.123.42.0/24 maxlen: 24
                          93.123.43.0/24 maxlen: 24
                          93.123.44.0/24 maxlen: 24
                          93.123.47.0/24 maxlen: 24
                          93.123.66.0/24 maxlen: 24
                          93.123.67.0/24 maxlen: 24
                          93.123.96.0/22 maxlen: 22
                          94.156.123.0/24 maxlen: 24
                          212.73.149.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 17 Sep 2024 12:17:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:50:18:fa:9d:84:9c:cf:30:ee:c9:9b:40:41:39:94:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Aug 14 08:54:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6500a4f64f2955cca5c218806cfa0cecd19abb6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:84:13:bb:12:29:16:24:8a:ad:87:99:95:45:
                    b9:8a:25:5f:4d:41:78:e9:18:57:17:ae:3f:dd:37:
                    a2:3c:dd:7e:56:6e:f1:91:0e:ab:71:38:a4:8a:44:
                    0f:63:7c:2c:28:74:0a:fa:90:43:4e:77:ad:33:3f:
                    33:f6:2b:86:dd:1c:29:78:96:d6:08:50:d8:3d:13:
                    d4:7f:4d:03:36:69:3a:42:83:fa:50:c7:81:92:c7:
                    d8:a8:b7:f5:a6:6b:4c:15:41:49:63:c1:a1:bb:e0:
                    2f:6b:d8:43:75:f6:5b:37:65:0d:b1:95:c9:fa:3d:
                    52:41:84:07:3c:e8:db:0c:79:0d:94:d5:4e:90:e9:
                    52:0d:cb:6b:46:9f:a2:fa:ac:8d:c4:d5:89:0a:d1:
                    d8:01:2f:58:52:30:85:71:38:57:5f:43:0e:be:b2:
                    af:99:fa:28:fa:c4:58:cc:7a:5d:e2:8f:e1:1c:e1:
                    5a:5f:40:6e:5d:fb:58:3f:2d:26:fa:0a:5b:9e:0a:
                    f6:33:a2:43:25:03:4d:78:34:dc:a1:0c:3a:65:9e:
                    98:73:78:d0:dd:ec:1a:b3:36:0e:2e:2f:e1:22:10:
                    05:ec:04:82:ad:66:1a:e4:e7:d3:68:1f:20:51:5a:
                    3e:ed:4a:3d:cd:86:e5:1a:a9:1a:16:80:5a:18:cb:
                    a6:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:00:A4:F6:4F:29:55:CC:A5:C2:18:80:6C:FA:0C:EC:D1:9A:BB:6A
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZQCk9k8pVcylwhiAbPoM7NGau2o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.60.141.0/24
                  87.120.0.0/22
                  87.120.12.0/24
                  87.120.14.0/23
                  87.120.44.0/23
                  87.120.178.0-87.120.187.255
                  87.120.190.0/23
                  87.121.48.0/22
                  87.121.88.0/23
                  93.123.40.0-93.123.44.255
                  93.123.47.0/24
                  93.123.66.0/23
                  93.123.96.0/22
                  94.156.123.0/24
                  212.73.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:9a:a9:70:36:e8:09:54:37:ab:6b:bd:f9:2a:c9:e5:9f:84:
         3c:dd:4f:0a:c5:4b:9e:3d:84:66:2a:f3:07:a0:ac:16:82:25:
         66:f0:76:54:14:09:08:de:54:5d:e7:37:66:a1:f4:77:20:5c:
         06:48:e0:f4:6c:82:cd:25:3b:6c:e9:ce:c3:3c:a8:ff:78:8e:
         5e:71:f6:ee:70:62:f0:d2:7b:a9:93:e1:c6:8f:a3:ff:81:07:
         88:8c:c2:8a:7e:b6:4c:08:7c:e4:c0:19:d4:61:48:76:63:1c:
         5f:3b:dd:6f:c5:ca:df:47:4f:e8:70:c6:39:00:0c:71:f8:f4:
         3d:06:b5:71:3b:ef:ca:62:96:c1:6e:b6:52:ce:3e:9e:d2:06:
         b4:ec:92:d0:36:12:b7:12:0e:46:fd:3d:ec:a7:0e:84:01:a6:
         54:eb:47:63:65:eb:1d:c2:0d:7f:4f:6d:59:a2:d4:99:b6:38:
         45:ff:7a:b6:fc:89:42:3d:30:c9:68:f1:86:a5:63:e2:87:34:
         91:ff:73:84:30:46:5f:69:e8:e3:19:7d:8a:08:80:a8:2c:dc:
         db:e8:b7:56:d8:3e:14:85:09:43:fc:59:a5:b7:f5:17:99:ed:
         ae:a1:24:f5:cd:70:d4:3e:d4:34:ea:fe:8d:ac:58:57:96:15:
         b6:58:1c:ba
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZFQGPqdhJzPMO7Jm0BBOZQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODE0MDg1NDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTAwYTRmNjRmMjk1NWNjYTVjMjE4ODA2Y2ZhMGNlY2QxOWFiYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4QTuxIpFiSKrYeZlUW5iiVfTUF4
6RhXF64/3TeiPN1+Vm7xkQ6rcTikikQPY3wsKHQK+pBDTnetMz8z9iuG3RwpeJbW
CFDYPRPUf00DNmk6QoP6UMeBksfYqLf1pmtMFUFJY8Ghu+Ava9hDdfZbN2UNsZXJ
+j1SQYQHPOjbDHkNlNVOkOlSDctrRp+i+qyNxNWJCtHYAS9YUjCFcThXX0MOvrKv
mfoo+sRYzHpd4o/hHOFaX0BuXftYPy0m+gpbngr2M6JDJQNNeDTcoQw6ZZ6Yc3jQ
3ewaszYOLi/hIhAF7ASCrWYa5OfTaB8gUVo+7Uo9zYblGqkaFoBaGMumPQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFGUApPZPKVXMpcIYgGz6DOzRmrtqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWlFDazlrOHBWY3lsd2hpQWJQb003TkdhdTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEACU8jQME
Ald4AAMEAFd4DAMEAVd4DgMEAVd4LDAMAwQBV3iyAwQCV3i4AwQBV3i+AwQCV3kw
AwQBV3lYMAwDBANdeygDBABdeywDBABdey8DBAFde0IDBAJde2ADBABenHsDBADU
SZUwDQYJKoZIhvcNAQELBQADggEBAG+aqXA26AlUN6trvfkqyeWfhDzdTwrFS549
hGYq8wegrBaCJWbwdlQUCQjeVF3nN2ah9HcgXAZI4PRsgs0lO2zpzsM8qP94jl5x
9u5wYvDSe6mT4caPo/+BB4iMwop+tkwIfOTAGdRhSHZjHF873W/Fyt9HT+hwxjkA
DHH49D0GtXE778pilsFutlLOPp7SBrTsktA2ErcSDkb9PeynDoQBplTrR2Nl6x3C
DX9PbVmi1Jm2OEX/erb8iUI9MMlo8YalY+KHNJH/c4QwRl9p6OMZfYoIgKgs3Nvo
t1bYPhSFCUP8WaW39ReZ7a6hJPXNcNQ+1DTq/o2sWFeWFbZYHLo=
-----END CERTIFICATE-----
Generated at Tue Sep 17 18:26:52 2024 by rpki-client on console-ams.rpki-client.org