Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/IjNtlISCP6xRBX8da-L9i-zUPQ8.roa
File:                     IjNtlISCP6xRBX8da-L9i-zUPQ8.roa (raw, json)
Hash identifier:          0n05LjyUqtqzuP5AwAFYFWa5eiOt0DCGBqufE955MoI=
Subject key identifier:   22:33:6D:94:84:82:3F:AC:51:05:7F:1D:6B:E2:FD:8B:EC:D4:3D:0F
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018B84D494A2D05D411A89DB2719AA6BB022
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/IjNtlISCP6xRBX8da-L9i-zUPQ8.roa
Signing time:             Tue 31 Oct 2023 08:23:26 +0000
ROA not before:           Tue 31 Oct 2023 08:23:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        91.186.216.0/22 maxlen: 24
                          94.241.168.0/21 maxlen: 24
                          83.147.216.0/24 maxlen: 24
                          178.253.32.0/24 maxlen: 24
                          83.147.244.0/22 maxlen: 24
                          83.147.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 12:17:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:84:d4:94:a2:d0:5d:41:1a:89:db:27:19:aa:6b:b0:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Oct 31 08:23:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22336d9484823fac51057f1d6be2fd8becd43d0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:6c:4a:d9:f6:73:5f:a0:30:95:19:6c:db:73:
                    2e:ba:0f:f2:d3:18:27:4b:80:b6:a2:a0:25:56:b9:
                    4a:e7:1b:91:19:94:35:a2:07:be:53:1f:91:3f:b4:
                    49:14:89:e7:00:53:c6:07:cb:08:0b:5e:0c:26:7f:
                    38:f1:98:6d:26:28:ba:83:d1:0c:1e:a9:0f:68:a6:
                    aa:90:39:44:b5:8c:01:56:e1:0d:42:1d:36:3d:29:
                    2a:9d:76:70:75:eb:86:d7:69:09:ad:af:2c:e8:fd:
                    f6:fd:38:5f:0a:f0:07:38:63:85:31:72:b5:e4:10:
                    b8:85:0e:d8:25:76:8a:94:13:e4:11:e6:3b:ff:95:
                    29:e5:13:d3:82:89:df:02:74:67:d1:c3:d2:23:f4:
                    49:62:c6:3e:5b:9c:0c:c7:e4:e3:dd:5b:e9:a4:f5:
                    21:ca:2b:d2:8f:de:66:aa:80:a7:1c:36:ea:fd:bd:
                    3c:6a:b8:f8:25:91:6e:ba:3a:30:38:0e:14:db:6d:
                    5e:ec:0a:b9:f3:05:23:0b:9b:63:a2:df:dc:3c:45:
                    3a:be:92:41:3a:5a:b6:97:4c:85:0c:b9:71:c6:45:
                    84:be:ed:4a:ae:10:4d:6f:0a:c2:a6:91:ff:67:09:
                    d1:d2:db:0e:17:81:9a:24:19:34:9f:db:b2:ea:80:
                    e4:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:33:6D:94:84:82:3F:AC:51:05:7F:1D:6B:E2:FD:8B:EC:D4:3D:0F
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/IjNtlISCP6xRBX8da-L9i-zUPQ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.216.0/24
                  83.147.244.0/22
                  83.147.252.0/22
                  91.186.216.0/22
                  94.241.168.0/21
                  178.253.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:eb:f9:a3:0f:ab:7f:26:95:c1:a9:d7:43:26:88:c0:65:1f:
         2b:64:eb:65:37:ec:0e:6f:ec:61:51:81:1b:cc:91:ce:56:9f:
         4c:bb:16:00:25:1e:69:45:ce:85:b5:8f:19:f9:68:e6:5f:d0:
         8b:e4:8f:1d:15:7a:f1:0c:b5:e0:0d:86:72:65:40:fa:68:7d:
         d5:75:4f:fe:70:bf:7b:ff:c9:45:5b:5c:94:dd:4b:7c:f6:45:
         ce:02:ba:df:f0:f9:46:88:a3:16:e3:5d:66:71:aa:b4:7d:82:
         04:4b:b0:96:90:3b:ff:2f:da:77:89:1f:df:eb:01:11:99:ff:
         24:3b:74:c3:e3:43:d4:bd:05:07:07:04:2c:6c:c2:80:56:fe:
         89:6c:8a:24:7a:7d:35:aa:ef:85:95:6a:15:5a:54:31:21:2e:
         99:43:28:ee:c1:b4:a0:e2:8a:ee:5b:07:b0:21:4b:e0:22:39:
         88:09:2c:0b:2c:49:01:2c:1c:bf:c3:be:c8:c3:a0:08:d3:77:
         1b:02:14:ac:87:74:3d:fb:72:d0:cc:8f:18:4b:ed:36:b8:80:
         55:7d:81:98:68:75:56:a1:58:dc:16:03:c4:76:0d:30:bb:6d:
         91:66:b2:07:8e:17:46:63:24:23:bb:08:bf:90:3c:03:ce:d9:
         b6:52:c4:8c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYuE1JSi0F1BGonbJxmqa7AiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMDMxMDgyMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjMzNmQ5NDg0ODIzZmFjNTEwNTdmMWQ2YmUyZmQ4YmVjZDQzZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2xK2fZzX6AwlRls23Muug/y0xgn
S4C2oqAlVrlK5xuRGZQ1oge+Ux+RP7RJFInnAFPGB8sIC14MJn848ZhtJii6g9EM
HqkPaKaqkDlEtYwBVuENQh02PSkqnXZwdeuG12kJra8s6P32/ThfCvAHOGOFMXK1
5BC4hQ7YJXaKlBPkEeY7/5Up5RPTgonfAnRn0cPSI/RJYsY+W5wMx+Tj3VvppPUh
yivSj95mqoCnHDbq/b08arj4JZFuujowOA4U221e7Aq58wUjC5tjot/cPEU6vpJB
Olq2l0yFDLlxxkWEvu1KrhBNbwrCppH/ZwnR0tsOF4GaJBk0n9uy6oDkLQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCIzbZSEgj+sUQV/HWvi/Yvs1D0PMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvSWpOdGxJU0NQNnhSQlg4ZGEtTDlpLXpVUFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAU5PYAwQC
U5P0AwQCU5P8AwQCW7rYAwQDXvGoAwQAsv0gMA0GCSqGSIb3DQEBCwUAA4IBAQAl
6/mjD6t/JpXBqddDJojAZR8rZOtlN+wOb+xhUYEbzJHOVp9MuxYAJR5pRc6FtY8Z
+WjmX9CL5I8dFXrxDLXgDYZyZUD6aH3VdU/+cL97/8lFW1yU3Ut89kXOArrf8PlG
iKMW411mcaq0fYIES7CWkDv/L9p3iR/f6wERmf8kO3TD40PUvQUHBwQsbMKAVv6J
bIoken01qu+FlWoVWlQxIS6ZQyjuwbSg4oruWwewIUvgIjmICSwLLEkBLBy/w77I
w6AI03cbAhSsh3Q9+3LQzI8YS+02uIBVfYGYaHVWoVjcFgPEdg0wu22RZrIHjhdG
YyQjuwi/kDwDztm2UsSM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org