Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5yZhmKTLhGeYV9qNvunK1YwBZjzqpBZNvvqFeFWs6Jmo/0/323830343a313732633a383030303a3a2f33332d3333203d3e20323633313239.roa
File:                     323830343a313732633a383030303a3a2f33332d3333203d3e20323633313239.roa (raw, json)
Hash identifier:          JRrWakH3rk2Tsqh9ZQiJ3uPXxOZ4iwwps+RIuQ1/VR8=
Subject key identifier:   9E:FC:7D:78:8B:14:97:D6:34:21:7F:A6:F9:5F:70:55:D0:E0:A2:44
Certificate issuer:       /CN=2D3A2FD4D8D7AB915819FE83CB84D3AC51A32C7E
Certificate serial:       7E1DD091EB3EE81AD9F1C00D8D0BA27125ACEAB6
Authority key identifier: 2D:3A:2F:D4:D8:D7:AB:91:58:19:FE:83:CB:84:D3:AC:51:A3:2C:7E
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/2D3A2FD4D8D7AB915819FE83CB84D3AC51A32C7E.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5yZhmKTLhGeYV9qNvunK1YwBZjzqpBZNvvqFeFWs6Jmo/0/323830343a313732633a383030303a3a2f33332d3333203d3e20323633313239.roa
Signing time:             Thu 25 Apr 2024 13:11:43 +0000
ROA not before:           Thu 25 Apr 2024 13:06:43 +0000
ROA not after:            Thu 24 Apr 2025 13:11:43 +0000
asID:                     263129
IP address blocks:        2804:172c:8000::/33 maxlen: 33

Validation:               Failed, certificate revoked on Wed 05 Jun 2024 19:39:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:1d:d0:91:eb:3e:e8:1a:d9:f1:c0:0d:8d:0b:a2:71:25:ac:ea:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D3A2FD4D8D7AB915819FE83CB84D3AC51A32C7E
        Validity
            Not Before: Apr 25 13:06:43 2024 GMT
            Not After : Apr 24 13:11:43 2025 GMT
        Subject: CN=9EFC7D788B1497D634217FA6F95F7055D0E0A244
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:04:90:0d:2a:22:c7:c4:a4:4d:87:a2:31:e2:
                    7b:5c:9f:7b:f4:d6:ce:7d:15:3b:1c:d4:68:ad:61:
                    75:a8:02:1e:35:44:c9:c5:ec:1f:02:5b:61:a6:1e:
                    0f:3d:f8:ff:b6:9d:5a:f5:5b:eb:b2:45:42:82:82:
                    70:f7:a7:54:4b:60:2d:c3:c0:56:72:3e:bd:86:63:
                    d5:47:77:9d:bd:71:f5:bb:a2:05:96:ea:96:ea:bd:
                    3b:64:07:ae:c4:64:89:89:1d:7e:7d:27:17:e8:40:
                    12:4a:84:f2:56:59:25:82:07:55:dc:f4:1c:86:40:
                    4f:9a:96:3e:1f:eb:6f:47:2f:4f:14:50:fb:70:a1:
                    ae:91:76:d2:ee:1c:c6:d4:b9:94:65:a6:03:e2:1c:
                    92:1b:11:9d:73:f3:25:cc:ef:1f:89:4a:28:53:33:
                    e3:51:58:92:7f:fb:da:f4:b1:e5:c8:90:fc:4b:7f:
                    40:33:a9:7a:c0:1c:9e:f0:c2:d1:f3:f8:c1:a8:8c:
                    9e:bb:cf:22:c6:d3:4e:f8:86:d1:59:ac:e3:15:d7:
                    16:36:b8:93:93:d4:59:af:1a:09:ef:db:a9:0d:bb:
                    55:e4:f9:0b:0a:74:14:9d:a9:65:3c:61:00:83:99:
                    b4:59:bc:74:54:f9:5b:63:60:f2:0a:9b:90:41:72:
                    0c:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:FC:7D:78:8B:14:97:D6:34:21:7F:A6:F9:5F:70:55:D0:E0:A2:44
            X509v3 Authority Key Identifier:
                keyid:2D:3A:2F:D4:D8:D7:AB:91:58:19:FE:83:CB:84:D3:AC:51:A3:2C:7E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5yZhmKTLhGeYV9qNvunK1YwBZjzqpBZNvvqFeFWs6Jmo/0/2D3A2FD4D8D7AB915819FE83CB84D3AC51A32C7E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/2D3A2FD4D8D7AB915819FE83CB84D3AC51A32C7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5yZhmKTLhGeYV9qNvunK1YwBZjzqpBZNvvqFeFWs6Jmo/0/323830343a313732633a383030303a3a2f33332d3333203d3e20323633313239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:172c:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         c1:17:8f:4e:1d:bf:d6:10:a5:f7:ff:08:e6:6d:fb:8d:31:bd:
         bb:b7:31:ab:53:d1:0c:e1:55:d6:88:e0:0f:50:2b:1a:6c:d4:
         4e:cb:9a:20:21:84:6b:e7:41:8e:06:5c:7f:c3:de:9f:8a:2f:
         6f:f9:5e:af:69:b4:95:74:3e:c5:b3:0d:4e:6d:b6:08:64:23:
         79:ff:8e:b8:c2:f7:b2:63:fa:75:42:3e:41:e4:40:f6:ad:c7:
         d9:5d:bc:b2:9f:3a:8d:30:3c:f2:a2:3c:06:33:93:53:9d:2a:
         e4:e4:3a:d2:9a:b2:57:ff:b5:b8:f6:47:4b:e1:ab:f4:30:f4:
         0f:84:6d:76:48:40:c3:82:2f:18:5a:08:a3:5b:7f:d5:86:28:
         13:ae:96:e5:d6:ef:1d:f0:74:40:86:04:cd:f8:9b:e5:09:b8:
         c2:fb:fc:43:ca:68:1d:b8:cd:aa:da:5e:d4:22:e5:31:8e:4a:
         42:88:0e:ff:62:44:06:f4:00:c8:ae:33:78:25:c4:57:44:d5:
         53:07:36:91:6d:ac:85:b1:0a:c1:9c:a8:6f:c7:a3:49:d3:1c:
         f6:e5:59:0c:63:9a:74:d1:ce:1b:fa:58:7d:06:db:0d:5f:1a:
         bc:2f:04:9d:88:56:f5:ca:80:09:6f:b6:64:1b:17:d2:a9:85:
         f1:da:38:76
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUfh3Qkes+6BrZ8cANjQuicSWs6rYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkQzQTJGRDREOEQ3QUI5MTU4MTlGRTgzQ0I4NEQzQUM1
MUEzMkM3RTAeFw0yNDA0MjUxMzA2NDNaFw0yNTA0MjQxMzExNDNaMDMxMTAvBgNV
BAMTKDlFRkM3RDc4OEIxNDk3RDYzNDIxN0ZBNkY5NUY3MDU1RDBFMEEyNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGBJANKiLHxKRNh6Ix4ntcn3v0
1s59FTsc1GitYXWoAh41RMnF7B8CW2GmHg89+P+2nVr1W+uyRUKCgnD3p1RLYC3D
wFZyPr2GY9VHd529cfW7ogWW6pbqvTtkB67EZImJHX59JxfoQBJKhPJWWSWCB1Xc
9ByGQE+alj4f629HL08UUPtwoa6RdtLuHMbUuZRlpgPiHJIbEZ1z8yXM7x+JSihT
M+NRWJJ/+9r0seXIkPxLf0AzqXrAHJ7wwtHz+MGojJ67zyLG0074htFZrOMV1xY2
uJOT1FmvGgnv26kNu1Xk+QsKdBSdqWU8YQCDmbRZvHRU+VtjYPIKm5BBcgyBAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUnvx9eIsUl9Y0IX+m+V9wVdDgokQwHwYDVR0j
BBgwFoAULTov1NjXq5FYGf6Dy4TTrFGjLH4wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNXlaaG1LVExoR2VZVjlxTnZ1bksxWXdCWmp6cXBCWk52dnFGZUZXczZK
bW8vMC8yRDNBMkZENEQ4RDdBQjkxNTgxOUZFODNDQjg0RDNBQzUxQTMyQzdFLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzJEM0EyRkQ0RDhEN0FCOTE1
ODE5RkU4M0NCODREM0FDNTFBMzJDN0UuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzV5WmhtS1RMaEdlWVY5cU52dW5LMVl3QlpqenFwQlpOdnZxRmVGV3M2Sm1vLzAv
MzIzODMwMzQzYTMxMzczMjYzM2EzODMwMzAzMDNhM2EyZjMzMzMyZDMzMzMyMDNk
M2UyMDMyMzYzMzMxMzIzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBygEFyyAMA0GCSqGSIb3DQEBCwUA
A4IBAQDBF49OHb/WEKX3/wjmbfuNMb27tzGrU9EM4VXWiOAPUCsabNROy5ogIYRr
50GOBlx/w96fii9v+V6vabSVdD7Fsw1ObbYIZCN5/464wveyY/p1Qj5B5ED2rcfZ
XbyynzqNMDzyojwGM5NTnSrk5DrSmrJX/7W49kdL4av0MPQPhG12SEDDgi8YWgij
W3/VhigTrpbl1u8d8HRAhgTN+JvlCbjC+/xDymgduM2q2l7UIuUxjkpCiA7/YkQG
9ADIrjN4JcRXRNVTBzaRbayFsQrBnKhvx6NJ0xz25VkMY5p00c4b+lh9BtsNXxq8
LwSdiFb1yoAJb7ZkGxfSqYXx2jh2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:11 2024 by rpki-client on console-ams.rpki-client.org