Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/Ai0NqmPR60J1THQgVX84T-EhnRo.roa
File:                     Ai0NqmPR60J1THQgVX84T-EhnRo.roa (raw, json)
Hash identifier:          wni5TZ2Q1GLpmBD+LIXMJZMo4zwTI00e8DvH0KfhQ2U=
Subject key identifier:   02:2D:0D:AA:63:D1:EB:42:75:4C:74:20:55:7F:38:4F:E1:21:9D:1A
Certificate issuer:       /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial:       018A8CDC1CF10737B734DDA2CA0F0272C49A
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/Ai0NqmPR60J1THQgVX84T-EhnRo.roa
Signing time:             Wed 13 Sep 2023 04:45:50 +0000
ROA not before:           Wed 13 Sep 2023 04:45:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14445
IP address blocks:        194.104.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:8c:dc:1c:f1:07:37:b7:34:dd:a2:ca:0f:02:72:c4:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
        Validity
            Not Before: Sep 13 04:45:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=022d0daa63d1eb42754c7420557f384fe1219d1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:c6:af:ba:55:90:eb:51:1f:d1:9e:e0:75:01:
                    ff:6c:ca:3b:42:9e:5f:0b:30:6b:6e:76:05:73:5e:
                    29:43:30:63:46:46:6f:91:11:4c:de:6a:5f:4e:62:
                    91:04:5d:d0:4f:80:b9:18:a8:64:1f:5d:a2:f9:3a:
                    66:02:4f:15:f1:55:31:0e:cc:bc:9b:47:2f:f7:08:
                    ac:c0:25:9d:c8:e2:b9:a2:49:f6:de:74:f3:bb:67:
                    e4:95:5a:d4:ef:50:47:ef:23:74:c6:dd:d2:a5:11:
                    0e:83:57:fa:39:fc:a7:80:88:94:23:60:b2:88:c7:
                    b7:02:50:2e:a8:5a:c3:fe:78:00:af:30:e1:d9:54:
                    8d:41:5f:57:eb:41:76:9c:b8:91:cf:c3:18:04:28:
                    b6:71:14:14:09:08:bf:7c:9e:f3:43:f4:b9:10:f2:
                    9c:9a:d4:c8:31:3d:d0:2d:42:1d:3b:a8:db:1b:8e:
                    f1:80:ee:ec:c9:c5:f0:9b:bb:af:55:cd:18:91:df:
                    8b:c7:e7:78:7b:1f:7c:c1:f7:78:ad:27:c4:5a:5e:
                    66:17:9d:4b:02:a7:32:33:d1:f7:e8:33:86:23:9d:
                    eb:c2:59:0e:77:0a:e6:42:a4:68:2b:e5:bd:98:c7:
                    ce:14:57:26:b0:6d:21:64:a5:c1:f3:dc:a8:da:71:
                    97:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:2D:0D:AA:63:D1:EB:42:75:4C:74:20:55:7F:38:4F:E1:21:9D:1A
            X509v3 Authority Key Identifier:
                keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/Ai0NqmPR60J1THQgVX84T-EhnRo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:a3:9c:80:44:78:f3:17:e2:d9:22:2a:79:91:b8:e6:c9:03:
         7f:3c:e8:20:62:7f:ee:ce:93:87:21:1b:2f:3a:f2:d7:cd:e1:
         06:57:37:15:9f:bd:3f:ea:82:df:77:f6:52:ad:14:94:94:49:
         65:9d:df:c2:32:57:c1:0c:9a:ee:2a:2c:34:cc:b5:58:4a:cc:
         ae:dc:5f:9e:ca:e0:fa:09:e1:5b:68:e9:fa:f3:7d:ed:c8:d9:
         c7:9e:30:63:e1:a3:f2:9d:e7:d0:15:d2:49:a8:2c:6c:8d:83:
         9d:72:88:ac:80:fe:c0:f3:e7:b9:9d:f3:75:f8:0d:05:6d:6a:
         45:ab:63:a5:df:77:71:07:69:6a:8e:93:b5:4c:75:82:fe:64:
         f5:22:7f:89:44:65:a4:c9:38:49:2b:5f:80:8b:ef:d2:c7:67:
         3d:ed:e9:62:6c:9e:63:7a:43:8d:3e:9e:d1:33:63:81:ab:09:
         e8:59:71:5e:d9:e2:6d:8b:5a:96:c5:dd:a0:c8:8d:ed:2d:81:
         64:15:16:c4:c6:30:f2:72:ff:65:11:53:b7:d0:0a:7a:cb:2c:
         c2:3d:c2:d7:dd:c4:4c:3e:da:f6:29:2f:b2:2a:7e:86:b0:bc:
         17:3f:09:6f:2b:17:d4:38:8c:9e:40:3f:d2:f0:c6:ca:13:a4:
         0a:d0:97:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqM3BzxBze3NN2iyg8CcsSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjMwOTEzMDQ0NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjJkMGRhYTYzZDFlYjQyNzU0Yzc0MjA1NTdmMzg0ZmUxMjE5ZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsavulWQ61Ef0Z7gdQH/bMo7Qp5f
CzBrbnYFc14pQzBjRkZvkRFM3mpfTmKRBF3QT4C5GKhkH12i+TpmAk8V8VUxDsy8
m0cv9wiswCWdyOK5okn23nTzu2fklVrU71BH7yN0xt3SpREOg1f6OfyngIiUI2Cy
iMe3AlAuqFrD/ngArzDh2VSNQV9X60F2nLiRz8MYBCi2cRQUCQi/fJ7zQ/S5EPKc
mtTIMT3QLUIdO6jbG47xgO7sycXwm7uvVc0Ykd+Lx+d4ex98wfd4rSfEWl5mF51L
AqcyM9H36DOGI53rwlkOdwrmQqRoK+W9mMfOFFcmsG0hZKXB89yo2nGX+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAItDapj0etCdUx0IFV/OE/hIZ0aMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvQWkwTnFtUFI2MEoxVEhRZ1ZYODRULUVoblJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiKMA0G
CSqGSIb3DQEBCwUAA4IBAQB/o5yARHjzF+LZIip5kbjmyQN/POggYn/uzpOHIRsv
OvLXzeEGVzcVn70/6oLfd/ZSrRSUlEllnd/CMlfBDJruKiw0zLVYSsyu3F+eyuD6
CeFbaOn6833tyNnHnjBj4aPynefQFdJJqCxsjYOdcoisgP7A8+e5nfN1+A0FbWpF
q2Ol33dxB2lqjpO1THWC/mT1In+JRGWkyThJK1+Ai+/Sx2c97elibJ5jekONPp7R
M2OBqwnoWXFe2eJti1qWxd2gyI3tLYFkFRbExjDycv9lEVO30Ap6yyzCPcLX3cRM
Ptr2KS+yKn6GsLwXPwlvKxfUOIyeQD/S8MbKE6QK0Jcl
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:12 2024 by rpki-client on console-fra.rpki-client.org