Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9iwdA4bz4vXHgkgfCh9Jj5ZMbdbNMiTXrn9gPNNtV4vB/1/3137372e37322e32302e302f32332d3233203d3e20323632363931.roa
File:                     3137372e37322e32302e302f32332d3233203d3e20323632363931.roa (raw, json)
Hash identifier:          QR/F2YvbdM3ohsD051evbjuRYz3o48+TVxhZqeewCGE=
Subject key identifier:   83:4D:4B:D3:17:A8:81:66:37:43:3E:E2:EC:F1:98:4B:86:07:97:7A
Certificate issuer:       /CN=E95789E8ACDC2D595BE33B4A0D21B6DA3CA60B4A
Certificate serial:       4AD53112193310449467819D4214D1E85CAC6335
Authority key identifier: E9:57:89:E8:AC:DC:2D:59:5B:E3:3B:4A:0D:21:B6:DA:3C:A6:0B:4A
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E95789E8ACDC2D595BE33B4A0D21B6DA3CA60B4A.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9iwdA4bz4vXHgkgfCh9Jj5ZMbdbNMiTXrn9gPNNtV4vB/1/3137372e37322e32302e302f32332d3233203d3e20323632363931.roa
Signing time:             Wed 03 Apr 2024 18:30:18 +0000
ROA not before:           Wed 03 Apr 2024 18:25:18 +0000
ROA not after:            Wed 02 Apr 2025 18:30:18 +0000
asID:                     262691
IP address blocks:        177.72.20.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 02 Apr 2025 18:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:d5:31:12:19:33:10:44:94:67:81:9d:42:14:d1:e8:5c:ac:63:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E95789E8ACDC2D595BE33B4A0D21B6DA3CA60B4A
        Validity
            Not Before: Apr  3 18:25:18 2024 GMT
            Not After : Apr  2 18:30:18 2025 GMT
        Subject: CN=3082010A0282010100BBE89FACC298150A136838E266D3E9FA14E49184D0362B943691A9FD17C981C7B18110EC95F3037BE56075ED9E5841795E0E00DE94C89BEF2FD189E4AF5DC8ADAC017A065E66A5700C52914529680912EBA0F090855C2E71F49FE00E7EBB587455E91986F2B6DFEE339366EFA3EE11D6DCB5630C027CFFFAAEA89CD77E79A66BA72CCDBB34C91693EA38B77B189C0ACDF48A1A4827BCA10259449B2E93F7DD67F248C2331856C38A2F9EF76A633D84342C4ADAB62136ED6AA121AEBF46F83BCAA03B5578C227DDB2E7D504D7E0D69EB8C126422EA44207B654DB4484167578DD6233F0810F128E5E13126084F0216C5058719BCDD1F36F5DD1508E88D77C2EF50203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:e8:9f:ac:c2:98:15:0a:13:68:38:e2:66:d3:
                    e9:fa:14:e4:91:84:d0:36:2b:94:36:91:a9:fd:17:
                    c9:81:c7:b1:81:10:ec:95:f3:03:7b:e5:60:75:ed:
                    9e:58:41:79:5e:0e:00:de:94:c8:9b:ef:2f:d1:89:
                    e4:af:5d:c8:ad:ac:01:7a:06:5e:66:a5:70:0c:52:
                    91:45:29:68:09:12:eb:a0:f0:90:85:5c:2e:71:f4:
                    9f:e0:0e:7e:bb:58:74:55:e9:19:86:f2:b6:df:ee:
                    33:93:66:ef:a3:ee:11:d6:dc:b5:63:0c:02:7c:ff:
                    fa:ae:a8:9c:d7:7e:79:a6:6b:a7:2c:cd:bb:34:c9:
                    16:93:ea:38:b7:7b:18:9c:0a:cd:f4:8a:1a:48:27:
                    bc:a1:02:59:44:9b:2e:93:f7:dd:67:f2:48:c2:33:
                    18:56:c3:8a:2f:9e:f7:6a:63:3d:84:34:2c:4a:da:
                    b6:21:36:ed:6a:a1:21:ae:bf:46:f8:3b:ca:a0:3b:
                    55:78:c2:27:dd:b2:e7:d5:04:d7:e0:d6:9e:b8:c1:
                    26:42:2e:a4:42:07:b6:54:db:44:84:16:75:78:dd:
                    62:33:f0:81:0f:12:8e:5e:13:12:60:84:f0:21:6c:
                    50:58:71:9b:cd:d1:f3:6f:5d:d1:50:8e:88:d7:7c:
                    2e:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:4D:4B:D3:17:A8:81:66:37:43:3E:E2:EC:F1:98:4B:86:07:97:7A
            X509v3 Authority Key Identifier:
                keyid:E9:57:89:E8:AC:DC:2D:59:5B:E3:3B:4A:0D:21:B6:DA:3C:A6:0B:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9iwdA4bz4vXHgkgfCh9Jj5ZMbdbNMiTXrn9gPNNtV4vB/1/E95789E8ACDC2D595BE33B4A0D21B6DA3CA60B4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E95789E8ACDC2D595BE33B4A0D21B6DA3CA60B4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9iwdA4bz4vXHgkgfCh9Jj5ZMbdbNMiTXrn9gPNNtV4vB/1/3137372e37322e32302e302f32332d3233203d3e20323632363931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.72.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ba:ad:ef:26:ff:2b:39:ca:9a:6c:c9:2f:3a:7d:c2:05:5d:fb:
         85:21:5b:b5:99:06:23:5b:ae:dd:8d:5d:d9:94:16:dd:62:fc:
         86:5c:d3:c5:20:07:23:24:df:38:41:26:e7:9a:cc:60:75:fe:
         98:5d:b5:29:8a:71:80:44:4d:24:2c:d2:18:47:39:0b:f0:bc:
         22:45:a3:40:4e:d0:80:bf:e5:c8:7d:2d:7a:90:b3:c2:c7:34:
         5c:0c:6d:ee:fb:26:98:f7:3b:c0:ff:57:2a:67:b1:b2:9a:20:
         d7:2c:94:7b:ac:d9:8a:5b:b8:18:3b:c3:cf:43:60:d0:a6:60:
         bc:4e:b0:98:47:4c:80:40:79:f6:3e:14:cd:87:7a:02:a1:e8:
         34:12:9e:d1:16:af:cc:10:e8:fc:e1:c1:fb:38:40:21:99:36:
         2f:66:6c:25:8c:cf:6e:a2:22:a1:f2:96:0c:57:a8:36:6e:d2:
         c3:af:b8:e5:75:98:b9:c6:24:1d:74:11:84:9e:4c:ec:43:a1:
         68:eb:76:c7:bb:70:81:c6:b8:f3:72:e1:0f:49:86:31:68:72:
         e2:91:8e:18:06:36:fd:d5:2b:85:38:ae:5f:5f:bd:46:24:ff:
         c9:6b:12:0a:b1:4a:7d:d4:1a:e7:49:ca:32:34:a5:ba:56:4f:
         25:8b:eb:ca
-----BEGIN CERTIFICATE-----
MIIHQTCCBimgAwIBAgIUStUxEhkzEESUZ4GdQhTR6FysYzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTk1Nzg5RThBQ0RDMkQ1OTVCRTMzQjRBMEQyMUI2REEz
Q0E2MEI0QTAeFw0yNDA0MDMxODI1MThaFw0yNTA0MDIxODMwMThaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQkJFODlGQUNDMjk4MTUwQTEz
NjgzOEUyNjZEM0U5RkExNEU0OTE4NEQwMzYyQjk0MzY5MUE5RkQxN0M5ODFDN0Ix
ODExMEVDOTVGMzAzN0JFNTYwNzVFRDlFNTg0MTc5NUUwRTAwREU5NEM4OUJFRjJG
RDE4OUU0QUY1REM4QURBQzAxN0EwNjVFNjZBNTcwMEM1MjkxNDUyOTY4MDkxMkVC
QTBGMDkwODU1QzJFNzFGNDlGRTAwRTdFQkI1ODc0NTVFOTE5ODZGMkI2REZFRTMz
OTM2NkVGQTNFRTExRDZEQ0I1NjMwQzAyN0NGRkZBQUVBODlDRDc3RTc5QTY2QkE3
MkNDREJCMzRDOTE2OTNFQTM4Qjc3QjE4OUMwQUNERjQ4QTFBNDgyN0JDQTEwMjU5
NDQ5QjJFOTNGN0RENjdGMjQ4QzIzMzE4NTZDMzhBMkY5RUY3NkE2MzNEODQzNDJD
NEFEQUI2MjEzNkVENkFBMTIxQUVCRjQ2RjgzQkNBQTAzQjU1NzhDMjI3RERCMkU3
RDUwNEQ3RTBENjlFQjhDMTI2NDIyRUE0NDIwN0I2NTREQjQ0ODQxNjc1NzhERDYy
MzNGMDgxMEYxMjhFNUUxMzEyNjA4NEYwMjE2QzUwNTg3MTlCQ0REMUYzNkY1REQx
NTA4RTg4RDc3QzJFRjUwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAu+ifrMKYFQoTaDjiZtPp+hTkkYTQNiuUNpGp/RfJgcexgRDslfMD
e+Vgde2eWEF5Xg4A3pTIm+8v0Ynkr13IrawBegZeZqVwDFKRRSloCRLroPCQhVwu
cfSf4A5+u1h0VekZhvK23+4zk2bvo+4R1ty1YwwCfP/6rqic1355pmunLM27NMkW
k+o4t3sYnArN9IoaSCe8oQJZRJsuk/fdZ/JIwjMYVsOKL573amM9hDQsStq2ITbt
aqEhrr9G+DvKoDtVeMIn3bLn1QTX4NaeuMEmQi6kQge2VNtEhBZ1eN1iM/CBDxKO
XhMSYITwIWxQWHGbzdHzb13RUI6I13wu9QIDAQABo4ICTzCCAkswHQYDVR0OBBYE
FINNS9MXqIFmN0M+4uzxmEuGB5d6MB8GA1UdIwQYMBaAFOlXieis3C1ZW+M7Sg0h
tto8pgtKMA4GA1UdDwEB/wQEAwIHgDCBlAYDVR0fBIGMMIGJMIGGoIGDoIGAhn5y
c3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvLzlpd2RBNGJ6NHZYSGdr
Z2ZDaDlKajVaTWJkYk5NaVRYcm45Z1BOTnRWNHZCLzEvRTk1Nzg5RThBQ0RDMkQ1
OTVCRTMzQjRBMEQyMUI2REEzQ0E2MEI0QS5jcmwweAYIKwYBBQUHAQEEbDBqMGgG
CCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL25p
Y2JyX3JlcG8vMS9FOTU3ODlFOEFDREMyRDU5NUJFMzNCNEEwRDIxQjZEQTNDQTYw
QjRBLmNlcjCBrAYIKwYBBQUHAQsEgZ8wgZwwgZkGCCsGAQUFBzALhoGMcnN5bmM6
Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby85aXdkQTRiejR2WEhna2dmQ2g5
Smo1Wk1iZGJOTWlUWHJuOWdQTk50VjR2Qi8xLzMxMzczNzJlMzczMjJlMzIzMDJl
MzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzYzMjM2MzkzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbFI
FDANBgkqhkiG9w0BAQsFAAOCAQEAuq3vJv8rOcqabMkvOn3CBV37hSFbtZkGI1uu
3Y1d2ZQW3WL8hlzTxSAHIyTfOEEm55rMYHX+mF21KYpxgERNJCzSGEc5C/C8IkWj
QE7QgL/lyH0tepCzwsc0XAxt7vsmmPc7wP9XKmexspog1yyUe6zZilu4GDvDz0Ng
0KZgvE6wmEdMgEB59j4UzYd6AqHoNBKe0RavzBDo/OHB+zhAIZk2L2ZsJYzPbqIi
ofKWDFeoNm7Sw6+45XWYucYkHXQRhJ5M7EOhaOt2x7twgca483LhD0mGMWhy4pGO
GAY2/dUrhTiuX1+9RiT/yWsSCrFKfdQa50nKMjSlulZPJYvryg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:39:06 2024 by rpki-client on console-fra.rpki-client.org