Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ai0ZhAI8IOaf6rlQA9tqQ2qlV1c.roa
File:                     ai0ZhAI8IOaf6rlQA9tqQ2qlV1c.roa (raw, json)
Hash identifier:          xcbucmUHLu7V3d7KOxOnMS+EzA8HIVzDoOYjTcSe8YY=
Subject key identifier:   6A:2D:19:84:02:3C:20:E6:9F:EA:B9:50:03:DB:6A:43:6A:A5:57:57
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018AB28E7DB9336840419B88B9D8405CFC46
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ai0ZhAI8IOaf6rlQA9tqQ2qlV1c.roa
Signing time:             Wed 20 Sep 2023 12:26:37 +0000
ROA not before:           Wed 20 Sep 2023 12:26:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        91.186.208.0/22 maxlen: 24
                          91.186.216.0/22 maxlen: 24
                          94.241.168.0/21 maxlen: 24
                          83.147.240.0/22 maxlen: 24
                          83.147.244.0/22 maxlen: 24
                          83.147.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 28 Sep 2023 20:44:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b2:8e:7d:b9:33:68:40:41:9b:88:b9:d8:40:5c:fc:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Sep 20 12:26:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a2d1984023c20e69feab95003db6a436aa55757
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:77:11:fd:1b:19:a4:c8:ec:29:0a:7d:e4:ef:
                    a1:89:fb:33:c5:03:62:a5:f9:f8:ad:58:d7:d3:c2:
                    2a:6d:a1:2b:2b:5b:8b:fc:83:b3:58:e4:92:35:27:
                    4f:bc:3b:61:15:2b:fc:7c:18:83:f4:5d:ea:7c:0f:
                    f7:f0:17:04:70:1f:79:a4:72:06:81:dc:ee:e1:fc:
                    be:ef:82:e3:d5:28:fc:f4:62:ab:fb:39:ab:46:f7:
                    09:70:4e:32:47:bd:05:d2:3f:67:9b:d0:d0:67:dd:
                    ec:a0:b0:67:33:74:fe:09:7b:a1:c9:17:ed:83:fc:
                    e3:cb:d5:80:92:fc:b6:4f:9b:6e:bb:08:0a:13:ef:
                    fd:3c:1e:61:1f:bd:1d:0b:bd:f6:ef:f4:84:5f:80:
                    37:b2:38:60:70:ff:d6:6a:df:db:97:20:58:9b:ef:
                    f8:ad:fb:6c:4c:7e:c6:f8:27:ce:65:37:7d:a1:9a:
                    9f:d1:3f:dc:2f:97:22:67:c1:7a:30:05:67:1f:08:
                    e4:ae:43:64:bb:28:ce:81:bd:26:94:8b:24:3a:1c:
                    0e:8c:7d:4b:01:bb:91:e5:f1:1d:20:55:3e:69:31:
                    28:fb:4f:28:05:36:0b:77:de:d8:99:dc:97:7a:40:
                    d8:93:d2:f0:60:39:39:ca:a3:40:b1:4b:f9:ff:9b:
                    9f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:2D:19:84:02:3C:20:E6:9F:EA:B9:50:03:DB:6A:43:6A:A5:57:57
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/ai0ZhAI8IOaf6rlQA9tqQ2qlV1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.240.0/21
                  83.147.252.0/22
                  91.186.208.0/22
                  91.186.216.0/22
                  94.241.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         06:c9:e8:03:c3:93:fd:57:09:5d:7d:c8:93:3b:3a:4c:69:62:
         ab:bf:2c:d6:e4:08:88:f8:29:ec:4d:bc:0e:eb:98:ef:51:8a:
         f1:cc:11:25:7e:c4:66:3e:b4:56:ff:06:cd:b3:31:5c:38:73:
         36:ca:37:df:73:5b:21:d6:07:63:e8:32:28:21:4b:67:53:71:
         22:60:30:1e:0b:e2:df:53:ae:fd:4e:68:d5:ac:70:55:5b:1b:
         d3:a1:ef:a6:28:9e:83:e0:df:f1:b3:dd:6c:be:86:e6:9b:6a:
         5e:18:b5:e7:77:a0:8e:c7:a2:22:84:d4:68:2c:01:c5:19:cb:
         42:b2:5a:b0:66:53:9f:50:11:e0:33:d1:36:b2:1b:f1:23:e8:
         5d:41:c1:96:b6:99:46:35:2c:6e:c3:ac:77:01:54:40:1c:cd:
         78:5f:d5:15:02:c4:70:2e:96:99:7e:49:e3:6b:06:9a:36:29:
         dc:26:f0:bb:24:2a:9a:6f:07:43:10:4f:a3:87:5c:75:13:56:
         79:52:f5:a4:08:32:ce:0f:39:4d:ef:75:40:55:41:64:c9:d4:
         22:75:42:3a:12:69:fc:0b:73:06:76:cc:ba:10:91:4c:fc:eb:
         72:3b:56:df:8e:de:ff:07:c5:4c:3c:20:6d:80:3f:30:99:26:
         90:dc:a6:03
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqyjn25M2hAQZuIudhAXPxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwOTIwMTIyNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTJkMTk4NDAyM2MyMGU2OWZlYWI5NTAwM2RiNmE0MzZhYTU1NzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHcR/RsZpMjsKQp95O+hifszxQNi
pfn4rVjX08IqbaErK1uL/IOzWOSSNSdPvDthFSv8fBiD9F3qfA/38BcEcB95pHIG
gdzu4fy+74Lj1Sj89GKr+zmrRvcJcE4yR70F0j9nm9DQZ93soLBnM3T+CXuhyRft
g/zjy9WAkvy2T5tuuwgKE+/9PB5hH70dC7327/SEX4A3sjhgcP/Wat/blyBYm+/4
rftsTH7G+CfOZTd9oZqf0T/cL5ciZ8F6MAVnHwjkrkNkuyjOgb0mlIskOhwOjH1L
AbuR5fEdIFU+aTEo+08oBTYLd97YmdyXekDYk9LwYDk5yqNAsUv5/5ufpwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGotGYQCPCDmn+q5UAPbakNqpVdXMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvYWkwWmhBSThJT2FmNnJsUUE5dHFRMnFsVjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDU5PwAwQC
U5P8AwQCW7rQAwQCW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAGyegDw5P9
VwldfciTOzpMaWKrvyzW5AiI+CnsTbwO65jvUYrxzBElfsRmPrRW/wbNszFcOHM2
yjffc1sh1gdj6DIoIUtnU3EiYDAeC+LfU679TmjVrHBVWxvToe+mKJ6D4N/xs91s
vobmm2peGLXnd6COx6IihNRoLAHFGctCslqwZlOfUBHgM9E2shvxI+hdQcGWtplG
NSxuw6x3AVRAHM14X9UVAsRwLpaZfknjawaaNincJvC7JCqabwdDEE+jh1x1E1Z5
UvWkCDLODzlN73VAVUFkydQidUI6Emn8C3MGdsy6EJFM/OtyO1bfjt7/B8VMPCBt
gD8wmSaQ3KYD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org