Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cbraoM_HzSRDwaqEFUf65gViHYc.roa
File:                     cbraoM_HzSRDwaqEFUf65gViHYc.roa (raw, json)
Hash identifier:          W3aVaQ1gTIWqVX7sDD5kcQ65SFSJUPHH4G7/yyg5UZ0=
Subject key identifier:   71:BA:DA:A0:CF:C7:CD:24:43:C1:AA:84:15:47:FA:E6:05:62:1D:87
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018BFFE68DBFB19D206CAB5CD026D4D1E015
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cbraoM_HzSRDwaqEFUf65gViHYc.roa
Signing time:             Fri 24 Nov 2023 05:56:21 +0000
ROA not before:           Fri 24 Nov 2023 05:56:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        91.186.216.0/22 maxlen: 24
                          94.241.168.0/21 maxlen: 24
                          83.147.216.0/24 maxlen: 24
                          178.253.26.0/23 maxlen: 24
                          83.147.244.0/22 maxlen: 24
                          83.147.252.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 Nov 2023 06:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ff:e6:8d:bf:b1:9d:20:6c:ab:5c:d0:26:d4:d1:e0:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Nov 24 05:56:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=71badaa0cfc7cd2443c1aa841547fae605621d87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:65:2c:4e:a9:34:eb:6a:31:8f:47:3b:03:6d:
                    02:e3:1a:0a:31:7a:1d:be:ed:8c:72:f4:17:73:cf:
                    ca:82:71:69:cb:b6:92:eb:a6:01:18:90:e3:89:30:
                    ef:48:4c:d1:ac:54:2d:e6:d9:57:de:c6:e5:31:dd:
                    98:de:c5:36:a9:ad:42:a4:d0:69:01:4e:08:f5:d9:
                    7b:f0:52:ae:8e:fa:72:32:5d:09:06:bb:2c:91:fd:
                    7a:6b:33:56:c6:c7:b7:f7:0a:99:4a:ae:e1:93:a7:
                    69:64:e0:8f:cd:77:cb:2f:2f:f3:79:0b:2c:b7:d5:
                    d4:4a:45:49:21:52:85:2b:2f:a8:ae:81:81:2a:b8:
                    1f:a4:2b:47:a9:8e:08:03:ac:ce:af:17:bb:ee:30:
                    13:60:7a:1a:56:3c:51:67:64:34:10:9d:6b:b7:5d:
                    b7:7c:16:60:27:6e:03:17:9f:9b:0f:bf:29:d3:e0:
                    1f:ee:31:27:5b:14:56:77:d4:64:27:51:57:97:20:
                    ee:b2:1c:fb:8f:b3:6a:07:fd:a6:9c:bc:b2:b4:86:
                    04:7b:7f:01:38:85:34:e1:8d:ae:3a:e4:de:5a:56:
                    fd:fa:c9:f2:22:90:70:c3:75:d6:26:75:02:6e:11:
                    43:4b:86:16:d4:fd:84:58:05:9d:bd:f7:5f:6f:95:
                    d7:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:BA:DA:A0:CF:C7:CD:24:43:C1:AA:84:15:47:FA:E6:05:62:1D:87
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cbraoM_HzSRDwaqEFUf65gViHYc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.216.0/24
                  83.147.244.0/22
                  83.147.252.0/22
                  91.186.216.0/22
                  94.241.168.0/21
                  178.253.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9f:06:cf:e3:6f:ee:71:ce:d7:8e:be:21:b2:3d:b4:61:3e:19:
         58:b2:04:a7:8a:4e:94:41:55:e8:5a:0a:61:78:c0:6a:5d:38:
         53:91:b8:f1:7e:06:54:5f:6e:80:6c:b4:39:aa:14:3f:d2:6c:
         d1:ee:9c:18:90:9c:82:a5:1e:90:c5:55:b1:ca:69:a3:7d:c5:
         b1:61:a3:78:50:88:c8:df:69:e2:fa:d9:13:00:a2:5c:57:91:
         da:1e:85:35:fe:38:ea:4a:37:bd:1c:fc:de:22:59:1b:e9:26:
         82:69:83:d1:f2:da:79:ca:ec:27:80:55:a8:f1:83:40:d6:47:
         cc:fb:f5:c8:0b:50:12:af:d3:60:8e:aa:57:c4:44:31:87:3f:
         7f:f3:e7:d8:dd:eb:c7:5a:ee:66:55:3a:1d:84:e4:70:c7:bd:
         00:48:48:ec:9a:63:4f:c9:5a:fa:45:bc:2b:cb:fb:f7:4c:c4:
         30:a9:72:08:1f:ea:8d:e1:75:ee:4d:18:d5:c8:5e:c1:dc:6e:
         d3:0c:79:7d:6e:40:78:e8:b4:b9:50:93:23:d3:a6:f1:31:56:
         e1:b7:5b:52:4f:9e:6f:e4:ab:5a:35:76:8a:c0:34:1a:3f:38:
         c3:5d:c5:7c:0d:98:e0:fd:01:82:cc:9e:5e:59:b0:41:d3:85:
         24:8c:b1:b3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYv/5o2/sZ0gbKtc0CbU0eAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMTI0MDU1NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWJhZGFhMGNmYzdjZDI0NDNjMWFhODQxNTQ3ZmFlNjA1NjIxZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmUsTqk062oxj0c7A20C4xoKMXod
vu2McvQXc8/KgnFpy7aS66YBGJDjiTDvSEzRrFQt5tlX3sblMd2Y3sU2qa1CpNBp
AU4I9dl78FKujvpyMl0JBrsskf16azNWxse39wqZSq7hk6dpZOCPzXfLLy/zeQss
t9XUSkVJIVKFKy+oroGBKrgfpCtHqY4IA6zOrxe77jATYHoaVjxRZ2Q0EJ1rt123
fBZgJ24DF5+bD78p0+Af7jEnWxRWd9RkJ1FXlyDushz7j7NqB/2mnLyytIYEe38B
OIU04Y2uOuTeWlb9+snyIpBww3XWJnUCbhFDS4YW1P2EWAWdvfdfb5XXGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHG62qDPx80kQ8GqhBVH+uYFYh2HMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvY2JyYW9NX0h6U1JEd2FxRUZVZjY1Z1ZpSFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAU5PYAwQC
U5P0AwQCU5P8AwQCW7rYAwQDXvGoAwQBsv0aMA0GCSqGSIb3DQEBCwUAA4IBAQCf
Bs/jb+5xzteOviGyPbRhPhlYsgSnik6UQVXoWgpheMBqXThTkbjxfgZUX26AbLQ5
qhQ/0mzR7pwYkJyCpR6QxVWxymmjfcWxYaN4UIjI32ni+tkTAKJcV5HaHoU1/jjq
Sje9HPzeIlkb6SaCaYPR8tp5yuwngFWo8YNA1kfM+/XIC1ASr9NgjqpXxEQxhz9/
8+fY3evHWu5mVTodhORwx70ASEjsmmNPyVr6Rbwry/v3TMQwqXIIH+qN4XXuTRjV
yF7B3G7TDHl9bkB46LS5UJMj06bxMVbht1tST55v5KtaNXaKwDQaPzjDXcV8DZjg
/QGCzJ5eWbBB04UkjLGz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org