Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zZILdOBmi4_lCFfYFu2O5e7yGOg.roa
File:                     zZILdOBmi4_lCFfYFu2O5e7yGOg.roa (raw, json)
Hash identifier:          059ikwdGCxoLque5bB5EjGRInjU63zc5CDVDFL1K0Os=
Subject key identifier:   CD:92:0B:74:E0:66:8B:8F:E5:08:57:D8:16:ED:8E:E5:EE:F2:18:E8
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018C80F3204D94BF6873C27127464C7E5DB4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zZILdOBmi4_lCFfYFu2O5e7yGOg.roa
Signing time:             Tue 19 Dec 2023 07:21:06 +0000
ROA not before:           Tue 19 Dec 2023 07:21:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        185.218.84.0/22 maxlen: 24
                          178.215.224.0/24 maxlen: 24
                          94.156.239.0/24 maxlen: 24
                          178.215.236.0/24 maxlen: 24
                          171.22.72.0/22 maxlen: 24
                          185.252.176.0/24 maxlen: 24
                          147.78.101.0/24 maxlen: 24
                          147.78.100.0/24 maxlen: 24
                          147.78.102.0/24 maxlen: 24
                          185.226.172.0/24 maxlen: 24
                          185.226.175.0/24 maxlen: 24
                          92.119.196.0/23 maxlen: 24
                          185.216.84.0/22 maxlen: 24
                          45.88.90.0/24 maxlen: 24
                          87.121.45.0/24 maxlen: 24
                          87.120.87.0/24 maxlen: 24
                          93.123.116.0/24 maxlen: 24
                          94.154.162.0/23 maxlen: 24
                          94.154.161.0/24 maxlen: 24
                          87.121.221.0/24 maxlen: 24
                          45.151.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Dec 2023 11:11:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:80:f3:20:4d:94:bf:68:73:c2:71:27:46:4c:7e:5d:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Dec 19 07:21:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cd920b74e0668b8fe50857d816ed8ee5eef218e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:3d:3a:95:64:b8:13:ec:3e:98:f6:f9:6a:53:
                    dc:70:8c:86:68:a4:9e:42:2a:ac:ca:1c:69:1a:39:
                    c0:e6:30:e4:33:16:ea:4d:f5:15:56:d1:e7:8b:54:
                    f0:f7:1a:52:4d:dc:af:35:08:32:36:a1:a4:3d:6b:
                    a0:d3:15:ce:73:72:30:cc:43:0d:88:8e:ab:0f:2c:
                    61:61:e7:68:bf:e9:5b:40:bf:82:2b:06:1f:0c:de:
                    ba:d6:57:89:e6:7d:3c:1b:53:3a:73:b9:71:d0:4e:
                    e9:15:52:86:54:65:f1:e5:0f:de:1d:99:e7:64:6a:
                    e7:3c:61:55:73:2d:16:9b:7a:6b:ed:30:66:4f:58:
                    96:07:e6:a4:48:a4:e2:00:8c:f7:c6:8b:7f:0c:94:
                    62:53:74:62:aa:9d:28:39:c2:6c:07:d0:14:5c:54:
                    ef:1a:1a:79:e9:7c:62:eb:b2:86:50:ae:4f:13:57:
                    e4:3b:52:51:b7:83:58:d8:d9:24:4a:9d:09:c9:f1:
                    50:79:e4:16:2c:c5:d4:c6:49:99:26:2f:6e:b0:63:
                    31:d1:25:32:33:42:26:39:a3:84:fe:13:36:36:4c:
                    3b:a5:48:53:ff:31:c9:b2:8d:68:f4:fb:ee:e2:fe:
                    15:79:63:c9:7d:f3:93:c1:92:a0:eb:61:c8:07:6d:
                    49:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:92:0B:74:E0:66:8B:8F:E5:08:57:D8:16:ED:8E:E5:EE:F2:18:E8
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zZILdOBmi4_lCFfYFu2O5e7yGOg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.88.90.0/24
                  45.151.89.0/24
                  87.120.87.0/24
                  87.121.45.0/24
                  87.121.221.0/24
                  92.119.196.0/23
                  93.123.116.0/24
                  94.154.161.0-94.154.163.255
                  94.156.239.0/24
                  147.78.100.0-147.78.102.255
                  171.22.72.0/22
                  178.215.224.0/24
                  178.215.236.0/24
                  185.216.84.0/22
                  185.218.84.0/22
                  185.226.172.0/24
                  185.226.175.0/24
                  185.252.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:62:cf:82:6b:19:66:55:be:c3:f3:10:d2:93:d8:2f:e5:34:
         e8:8c:69:f2:ed:8a:3a:4e:13:09:55:0b:7b:97:b1:b9:5d:53:
         61:f8:c8:ae:6f:10:a5:4c:df:a3:28:c6:5b:b0:c4:aa:fe:5e:
         12:f6:d1:6b:61:fd:3c:32:bd:d8:2b:7c:42:df:df:69:22:19:
         cd:f8:a1:72:15:52:7d:17:ba:a0:22:b8:db:24:a5:29:1c:b0:
         04:0d:6e:03:41:b5:32:6e:69:e2:db:60:7c:4f:64:c3:02:39:
         3c:03:e6:1e:a9:a9:3b:0a:bf:b4:b9:fb:43:48:1c:ca:43:e4:
         3d:08:90:86:b3:98:eb:b8:03:8a:9b:80:c7:2a:dd:29:6d:b1:
         04:f7:4f:0c:ed:d3:b7:59:d2:28:45:8a:c4:07:49:81:9d:b8:
         fd:71:7d:82:b4:b5:22:87:90:1b:fd:a8:71:88:f4:bf:2c:39:
         1d:75:57:31:c2:6c:ab:7b:ba:54:01:f4:78:30:c9:20:04:84:
         2d:11:d9:b2:47:34:88:1c:75:1e:f7:89:9c:c8:84:3b:67:0a:
         64:bd:81:77:ec:f8:48:dd:3b:c3:2f:2f:3b:a1:8b:d0:25:94:
         fa:5e:2e:8c:e1:12:5e:3c:5f:12:45:2a:70:89:0d:4e:fc:81:
         35:00:4b:5c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYyA8yBNlL9oc8JxJ0ZMfl20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjE5MDcyMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDkyMGI3NGUwNjY4YjhmZTUwODU3ZDgxNmVkOGVlNWVlZjIxOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnT06lWS4E+w+mPb5alPccIyGaKSe
QiqsyhxpGjnA5jDkMxbqTfUVVtHni1Tw9xpSTdyvNQgyNqGkPWug0xXOc3IwzEMN
iI6rDyxhYedov+lbQL+CKwYfDN661leJ5n08G1M6c7lx0E7pFVKGVGXx5Q/eHZnn
ZGrnPGFVcy0Wm3pr7TBmT1iWB+akSKTiAIz3xot/DJRiU3Riqp0oOcJsB9AUXFTv
Ghp56Xxi67KGUK5PE1fkO1JRt4NY2NkkSp0JyfFQeeQWLMXUxkmZJi9usGMx0SUy
M0ImOaOE/hM2Nkw7pUhT/zHJso1o9Pvu4v4VeWPJffOTwZKg62HIB21JiQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFM2SC3TgZouP5QhX2BbtjuXu8hjoMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvelpJTGRPQm1pNF9sQ0ZmWUZ1Mk81ZTd5R09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAC1Y
WgMEAC2XWQMEAFd4VwMEAFd5LQMEAFd53QMEAVx3xAMEAF17dDAMAwQAXpqhAwQC
XpqgAwQAXpzvMAwDBAKTTmQDBACTTmYDBAKrFkgDBACy1+ADBACy1+wDBAK52FQD
BAK52lQDBAC54qwDBAC54q8DBAC5/LAwDQYJKoZIhvcNAQELBQADggEBAA9iz4Jr
GWZVvsPzENKT2C/lNOiMafLtijpOEwlVC3uXsbldU2H4yK5vEKVM36MoxluwxKr+
XhL20Wth/TwyvdgrfELf32kiGc34oXIVUn0XuqAiuNskpSkcsAQNbgNBtTJuaeLb
YHxPZMMCOTwD5h6pqTsKv7S5+0NIHMpD5D0IkIazmOu4A4qbgMcq3SltsQT3Twzt
07dZ0ihFisQHSYGduP1xfYK0tSKHkBv9qHGI9L8sOR11VzHCbKt7ulQB9HgwySAE
hC0R2bJHNIgcdR73iZzIhDtnCmS9gXfs+EjdO8MvLzuhi9AllPpeLozhEl48XxJF
KnCJDU78gTUAS1w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:47 2024 by rpki-client on console-ams.rpki-client.org