Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0Obz0YoP1FNOz27PCuoAsLuXtT0.roa
File:                     0Obz0YoP1FNOz27PCuoAsLuXtT0.roa (raw, json)
Hash identifier:          Kraw4XH6SFor22bboNtA4Ak2ADgCf6URstfXu3pbzJY=
Subject key identifier:   D0:E6:F3:D1:8A:0F:D4:53:4E:CF:6E:CF:0A:EA:00:B0:BB:97:B5:3D
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018A1205345FB9891796ECC09C081B6D8B4D
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0Obz0YoP1FNOz27PCuoAsLuXtT0.roa
Signing time:             Sun 20 Aug 2023 08:17:25 +0000
ROA not before:           Sun 20 Aug 2023 08:17:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        91.186.196.0/22 maxlen: 24
                          94.241.136.0/21 maxlen: 24
                          91.186.216.0/22 maxlen: 24
                          94.241.168.0/21 maxlen: 24
                          178.253.22.0/23 maxlen: 24
                          83.147.240.0/22 maxlen: 22
                          83.147.244.0/22 maxlen: 24
                          83.147.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 20 Aug 2023 14:25:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:12:05:34:5f:b9:89:17:96:ec:c0:9c:08:1b:6d:8b:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Aug 20 08:17:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d0e6f3d18a0fd4534ecf6ecf0aea00b0bb97b53d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:81:01:8c:58:c4:29:76:7b:71:0f:0e:14:29:
                    64:d2:f2:43:49:a2:7e:eb:72:cf:6a:0a:18:2a:cb:
                    32:a3:9f:72:07:af:0b:32:c9:de:69:6e:cf:8c:75:
                    08:21:ee:0c:e1:09:60:ea:c8:49:70:47:db:3c:58:
                    85:bb:96:27:15:87:6b:51:f2:41:47:7e:b0:f6:f6:
                    5e:04:44:31:13:d3:3a:b1:6c:a3:47:b7:67:74:10:
                    53:b6:61:36:f9:b1:e3:f2:3a:c7:35:01:52:f2:7b:
                    1a:24:1a:2b:b7:52:e3:d3:30:9c:e6:3c:31:bf:3f:
                    8e:d8:76:cd:e9:3c:18:bf:09:5a:56:4d:f0:4f:7e:
                    b5:61:1b:75:5b:00:46:e6:6b:00:91:9a:c3:85:ee:
                    56:45:7a:39:8a:72:39:68:d8:d7:c8:00:6f:5d:46:
                    8f:23:f1:5f:9a:0c:2a:91:22:ec:43:b0:e7:4a:b0:
                    e0:16:32:cc:35:48:7f:36:87:bb:eb:ce:77:9b:ac:
                    d8:49:a7:b1:38:74:89:65:35:59:ab:33:a3:b5:32:
                    50:a0:ee:10:c5:5c:b5:22:f0:3d:a5:d2:67:a6:8b:
                    b4:56:1f:ba:6a:4d:eb:f6:42:90:40:55:08:d7:be:
                    2a:5e:41:12:5d:0f:d2:66:45:81:54:5f:ff:c2:b5:
                    ef:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:E6:F3:D1:8A:0F:D4:53:4E:CF:6E:CF:0A:EA:00:B0:BB:97:B5:3D
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/0Obz0YoP1FNOz27PCuoAsLuXtT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.240.0/21
                  83.147.252.0/22
                  91.186.196.0/22
                  91.186.216.0/22
                  94.241.136.0/21
                  94.241.168.0/21
                  178.253.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         47:77:7e:3c:2d:f2:1a:86:0a:9b:cb:c9:04:76:9e:d6:c0:c2:
         e8:76:c8:f4:50:33:a0:4e:73:37:3c:aa:c9:02:ac:7a:f2:09:
         81:be:e8:61:db:2a:b5:1d:eb:84:49:ad:75:13:17:da:b3:f9:
         a3:59:3d:f9:1c:14:44:3b:8a:5d:82:2a:9a:6d:8a:86:4c:d5:
         4b:c5:23:ca:8b:90:11:47:de:e6:f9:54:0b:35:1e:f7:08:23:
         85:24:77:06:41:b5:f6:9d:ca:47:94:27:1a:91:ea:3e:79:f3:
         0b:e2:91:e6:96:d6:db:5a:e3:ee:39:10:70:1c:96:35:53:1a:
         10:8f:70:bb:9b:ab:87:d7:31:87:b9:ab:55:a0:6d:dc:48:9b:
         db:82:ef:bd:6a:1f:34:f0:9f:22:86:4a:a5:77:34:ae:56:d1:
         17:82:b7:d6:79:60:d9:3b:9f:50:19:f6:c6:9c:e0:fd:22:63:
         a1:3c:7e:09:8e:39:48:e7:8c:99:c6:05:f3:9c:68:56:5f:63:
         57:a9:6c:6b:58:a2:84:4c:4e:0b:f5:27:8c:13:c3:b9:97:15:
         04:76:a3:c4:a8:04:30:63:31:ac:df:cb:bd:5e:a1:80:c2:c4:
         f5:d6:75:8c:26:6d:85:a6:58:87:82:04:59:db:b3:fd:f3:a9:
         61:2f:62:72
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYoSBTRfuYkXluzAnAgbbYtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwODIwMDgxNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGU2ZjNkMThhMGZkNDUzNGVjZjZlY2YwYWVhMDBiMGJiOTdiNTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIEBjFjEKXZ7cQ8OFClk0vJDSaJ+
63LPagoYKssyo59yB68LMsneaW7PjHUIIe4M4Qlg6shJcEfbPFiFu5YnFYdrUfJB
R36w9vZeBEQxE9M6sWyjR7dndBBTtmE2+bHj8jrHNQFS8nsaJBort1Lj0zCc5jwx
vz+O2HbN6TwYvwlaVk3wT361YRt1WwBG5msAkZrDhe5WRXo5inI5aNjXyABvXUaP
I/FfmgwqkSLsQ7DnSrDgFjLMNUh/Noe76853m6zYSaexOHSJZTVZqzOjtTJQoO4Q
xVy1IvA9pdJnpou0Vh+6ak3r9kKQQFUI174qXkESXQ/SZkWBVF//wrXviwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNDm89GKD9RTTs9uzwrqALC7l7U9MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvME9iejBZb1AxRk5PejI3UEN1b0FzTHVYdFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDU5PwAwQC
U5P8AwQCW7rEAwQCW7rYAwQDXvGIAwQDXvGoAwQBsv0WMA0GCSqGSIb3DQEBCwUA
A4IBAQBHd348LfIahgqby8kEdp7WwMLodsj0UDOgTnM3PKrJAqx68gmBvuhh2yq1
HeuESa11Exfas/mjWT35HBREO4pdgiqabYqGTNVLxSPKi5ARR97m+VQLNR73CCOF
JHcGQbX2ncpHlCcakeo+efML4pHmltbbWuPuORBwHJY1UxoQj3C7m6uH1zGHuatV
oG3cSJvbgu+9ah808J8ihkqldzSuVtEXgrfWeWDZO59QGfbGnOD9ImOhPH4JjjlI
54yZxgXznGhWX2NXqWxrWKKETE4L9SeME8O5lxUEdqPEqAQwYzGs38u9XqGAwsT1
1nWMJm2FpliHggRZ27P986lhL2Jy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:18 2024 by rpki-client on console-ams.rpki-client.org