Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/Nun-dqCe2QwQUWg7hZW_nfVWO2c.roa
File:                     Nun-dqCe2QwQUWg7hZW_nfVWO2c.roa (raw, json)
Hash identifier:          DJb/rnYfZhqxlREKihlAPCCelwv73IoIrStEeEH6aU8=
Subject key identifier:   36:E9:FE:76:A0:9E:D9:0C:10:51:68:3B:85:95:BF:9D:F5:56:3B:67
Certificate issuer:       /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial:       01856FF0625B9815571BDE4A5AB8036E4EC0
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/Nun-dqCe2QwQUWg7hZW_nfVWO2c.roa
Signing time:             Mon 02 Jan 2023 00:45:02 +0000
ROA not before:           Mon 02 Jan 2023 00:45:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     19905
IP address blocks:        195.122.186.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:62:5b:98:15:57:1b:de:4a:5a:b8:03:6e:4e:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
        Validity
            Not Before: Jan  2 00:45:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36e9fe76a09ed90c1051683b8595bf9df5563b67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c4:ed:3d:e7:45:1b:16:0b:09:93:e6:7a:9f:
                    1c:55:e9:29:63:c1:66:e0:01:50:5d:60:92:44:9f:
                    03:7d:e9:71:0a:bb:b1:50:d4:d9:4a:03:4e:0e:ca:
                    de:cf:d7:9a:8e:a2:eb:ec:39:f1:34:2b:7b:3b:98:
                    da:68:5a:f4:7d:9b:6f:6d:4c:3e:96:d7:e0:9c:5a:
                    ee:db:ea:d5:15:f9:52:44:9a:ba:b4:38:e2:54:fb:
                    3d:59:3e:e7:5c:12:98:e9:28:12:0c:ef:a0:0c:d7:
                    29:a2:80:1d:16:b3:e3:6b:7d:42:6a:89:61:11:e5:
                    01:2f:25:1c:c7:6b:43:31:8d:d0:d0:99:0c:49:59:
                    cb:f1:bf:76:29:6b:4c:17:09:f1:35:3e:8c:89:62:
                    51:5a:f2:e8:a3:71:70:3b:14:2e:8e:6c:9a:41:88:
                    5c:4b:9b:68:7a:87:b0:96:9d:80:37:df:c1:23:07:
                    4c:a2:65:a8:19:69:b2:ac:80:a2:6b:1d:d4:d9:a4:
                    a8:0a:57:10:18:65:32:e5:0b:76:96:86:31:9a:1d:
                    eb:9a:20:13:86:b9:03:19:e0:0e:26:bc:4f:85:5f:
                    41:5d:f6:e9:99:90:72:a1:0c:ff:a5:13:65:d6:34:
                    69:df:5a:ca:0f:cb:17:24:83:d0:32:4c:ce:57:cf:
                    e1:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:E9:FE:76:A0:9E:D9:0C:10:51:68:3B:85:95:BF:9D:F5:56:3B:67
            X509v3 Authority Key Identifier:
                keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/Nun-dqCe2QwQUWg7hZW_nfVWO2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.122.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:6f:20:35:86:09:0c:79:9a:93:53:9e:49:ad:f2:c0:cb:10:
         8b:4f:3a:c1:09:5b:c0:3f:fd:1c:e4:92:e6:d3:94:86:7e:41:
         f0:3c:39:ca:23:95:f7:eb:0a:69:cb:4b:45:85:c1:db:9e:27:
         bb:c0:ce:f5:96:3c:a5:9f:5f:11:a9:3e:35:9e:0f:5a:6f:ac:
         40:c8:8d:c1:35:d2:05:d0:da:72:0f:c4:02:ba:0a:6f:56:3c:
         c7:97:05:1e:c2:b4:54:e4:e2:01:05:e8:d0:cd:e7:22:eb:3d:
         95:2e:5a:ee:e0:68:b7:aa:0a:ae:12:1a:f8:f1:27:5d:21:de:
         fb:d6:2c:8a:c7:a6:fb:f7:7e:eb:74:f2:eb:d9:ba:04:34:a6:
         0b:35:ba:43:c5:bf:f9:4f:a2:e5:5a:3a:93:98:09:c0:b0:a8:
         9a:04:82:30:a9:fc:f8:08:2c:0a:81:e0:4f:3d:7e:9e:99:98:
         82:52:4a:fd:6b:dd:9f:4d:b6:ac:10:67:54:b3:92:be:86:17:
         b9:e6:8f:54:06:98:c1:d3:49:b4:ba:d9:48:2a:4e:97:74:67:
         36:91:e7:bb:6c:1c:9b:d6:93:4f:90:4e:2c:eb:37:d6:b2:85:
         63:e3:93:3e:af:78:e2:d1:5e:97:97:67:9f:3e:e7:c6:f4:96:
         4d:b2:69:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8GJbmBVXG95KWrgDbk7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjMwMTAyMDA0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmU5ZmU3NmEwOWVkOTBjMTA1MTY4M2I4NTk1YmY5ZGY1NTYzYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsTtPedFGxYLCZPmep8cVekpY8Fm
4AFQXWCSRJ8DfelxCruxUNTZSgNODsrez9eajqLr7DnxNCt7O5jaaFr0fZtvbUw+
ltfgnFru2+rVFflSRJq6tDjiVPs9WT7nXBKY6SgSDO+gDNcpooAdFrPja31Caolh
EeUBLyUcx2tDMY3Q0JkMSVnL8b92KWtMFwnxNT6MiWJRWvLoo3FwOxQujmyaQYhc
S5toeoewlp2AN9/BIwdMomWoGWmyrICiax3U2aSoClcQGGUy5Qt2loYxmh3rmiAT
hrkDGeAOJrxPhV9BXfbpmZByoQz/pRNl1jRp31rKD8sXJIPQMkzOV8/h1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbp/nagntkMEFFoO4WVv531VjtnMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvTnVuLWRxQ2UyUXdRVVdnN2haV19uZlZXTzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3q6MA0G
CSqGSIb3DQEBCwUAA4IBAQBQbyA1hgkMeZqTU55JrfLAyxCLTzrBCVvAP/0c5JLm
05SGfkHwPDnKI5X36wppy0tFhcHbnie7wM71ljyln18RqT41ng9ab6xAyI3BNdIF
0NpyD8QCugpvVjzHlwUewrRU5OIBBejQzeci6z2VLlru4Gi3qgquEhr48SddId77
1iyKx6b7937rdPLr2boENKYLNbpDxb/5T6LlWjqTmAnAsKiaBIIwqfz4CCwKgeBP
PX6emZiCUkr9a92fTbasEGdUs5K+hhe55o9UBpjB00m0utlIKk6XdGc2kee7bByb
1pNPkE4s6zfWsoVj45M+r3ji0V6Xl2efPufG9JZNsmm9
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:29 2024 by rpki-client on console-fra.rpki-client.org