Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/djc3yllpnKbknGOZWuehxBvGHAc.roa
File:                     djc3yllpnKbknGOZWuehxBvGHAc.roa (raw, json)
Hash identifier:          XqSAyVfaG2scehl9RyumzcvoMeIBFgll3WWmFdVSsUw=
Subject key identifier:   76:37:37:CA:59:69:9C:A6:E4:9C:63:99:5A:E7:A1:C4:1B:C6:1C:07
Certificate issuer:       /CN=c15e7d7bb69efacb0c73902972c74d72d29bf77f
Certificate serial:       018BB98BEF0460DF0E2D6DD8D6BEAA129698
Authority key identifier: C1:5E:7D:7B:B6:9E:FA:CB:0C:73:90:29:72:C7:4D:72:D2:9B:F7:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wV59e7ae-ssMc5ApcsdNctKb938.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/djc3yllpnKbknGOZWuehxBvGHAc.roa
Signing time:             Fri 10 Nov 2023 14:03:57 +0000
ROA not before:           Fri 10 Nov 2023 14:03:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206238
IP address blocks:        185.238.128.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b9:8b:ef:04:60:df:0e:2d:6d:d8:d6:be:aa:12:96:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c15e7d7bb69efacb0c73902972c74d72d29bf77f
        Validity
            Not Before: Nov 10 14:03:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=763737ca59699ca6e49c63995ae7a1c41bc61c07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:9f:39:31:2f:12:e2:fd:9f:54:d8:cb:7b:d8:
                    7d:97:c6:80:ad:27:d5:8d:1d:0d:08:7c:8c:0d:ae:
                    1e:79:d3:7d:45:0f:9b:d7:21:d6:03:73:9a:28:1e:
                    e2:17:1b:31:a9:9e:f8:ea:bd:22:83:af:00:43:ca:
                    0e:27:92:c1:db:68:e0:dd:13:2d:3b:8b:09:b8:aa:
                    14:78:c6:af:da:42:26:ef:9e:22:73:09:6e:99:92:
                    10:80:c9:1c:00:d0:3c:a4:ba:45:db:ea:99:2f:74:
                    e7:c7:c9:a9:3f:a0:6d:1c:22:b9:c7:22:d3:2d:ff:
                    37:95:25:65:5a:90:44:b0:93:6e:4f:48:a5:81:65:
                    83:49:51:11:3b:20:f1:60:e4:a1:15:29:b4:8b:3a:
                    6b:1a:43:79:3d:56:79:aa:db:e4:28:66:d6:2a:04:
                    da:f3:53:8f:5a:80:e5:06:6d:55:dd:3d:e5:32:b2:
                    a7:53:6f:a7:0f:e0:35:86:38:2f:ae:97:b5:a9:07:
                    33:f1:84:97:aa:8b:e5:d9:fb:3a:8b:5d:ce:20:30:
                    82:1f:2d:ba:1e:e0:0f:c6:8d:d4:a2:d4:20:ea:ab:
                    5b:c9:ee:a0:66:f4:63:d5:d8:97:a9:4e:e0:79:ff:
                    13:1f:18:82:7b:a1:27:39:5f:63:f2:5a:6b:66:a5:
                    15:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:37:37:CA:59:69:9C:A6:E4:9C:63:99:5A:E7:A1:C4:1B:C6:1C:07
            X509v3 Authority Key Identifier:
                keyid:C1:5E:7D:7B:B6:9E:FA:CB:0C:73:90:29:72:C7:4D:72:D2:9B:F7:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wV59e7ae-ssMc5ApcsdNctKb938.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/djc3yllpnKbknGOZWuehxBvGHAc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/ea402a-0ff6-47d9-9cd0-347a0f7c5b08/1/wV59e7ae-ssMc5ApcsdNctKb938.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.238.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6f:e0:40:19:de:b2:0c:37:71:c2:cf:14:cb:0b:dc:8b:6d:ac:
         83:f8:34:87:3b:43:2e:c3:6f:16:79:f1:8c:bc:8b:ec:60:23:
         98:47:c2:ec:cb:7f:76:74:0e:3d:af:ea:b1:9a:1c:02:4b:5c:
         7a:a8:3f:0a:e0:20:22:b2:80:90:1d:8a:4b:b0:ac:f8:d7:46:
         2d:6c:47:b3:71:ee:65:b3:72:2c:73:99:2b:36:f4:20:cf:a7:
         f9:62:af:69:a1:42:e9:34:a7:11:93:a6:f8:3c:98:e4:7b:ab:
         02:bd:87:f5:44:a1:40:7f:5f:f8:d7:87:fc:47:84:4b:f5:f2:
         8e:24:87:d6:69:94:43:c5:73:29:07:8c:13:d6:9c:7f:fa:54:
         4c:33:89:29:f8:6f:f0:15:86:3f:e9:19:55:11:27:87:c1:51:
         61:41:f0:35:dc:31:ae:72:ab:67:aa:43:a8:5b:f9:b8:ab:a1:
         b0:d3:a5:ea:72:3d:52:c8:61:38:46:2c:7f:a9:5f:0f:e0:15:
         ef:d9:4e:32:ee:a1:a0:ff:a6:b4:26:87:6b:41:77:bf:41:14:
         5d:ac:ff:df:45:3c:c7:9a:97:79:4b:92:e0:c5:86:df:5b:ae:
         d2:b4:01:5c:9c:66:64:c1:b1:25:c9:5a:28:c8:fb:fc:dd:15:
         95:69:66:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu5i+8EYN8OLW3Y1r6qEpaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxNWU3ZDdiYjY5ZWZhY2IwYzczOTAyOTcyYzc0ZDcyZDI5
YmY3N2YwHhcNMjMxMTEwMTQwMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjM3MzdjYTU5Njk5Y2E2ZTQ5YzYzOTk1YWU3YTFjNDFiYzYxYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr585MS8S4v2fVNjLe9h9l8aArSfV
jR0NCHyMDa4eedN9RQ+b1yHWA3OaKB7iFxsxqZ746r0ig68AQ8oOJ5LB22jg3RMt
O4sJuKoUeMav2kIm754icwlumZIQgMkcANA8pLpF2+qZL3Tnx8mpP6BtHCK5xyLT
Lf83lSVlWpBEsJNuT0ilgWWDSVEROyDxYOShFSm0izprGkN5PVZ5qtvkKGbWKgTa
81OPWoDlBm1V3T3lMrKnU2+nD+A1hjgvrpe1qQcz8YSXqovl2fs6i13OIDCCHy26
HuAPxo3UotQg6qtbye6gZvRj1diXqU7gef8THxiCe6EnOV9j8lprZqUViwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHY3N8pZaZym5JxjmVrnocQbxhwHMB8GA1UdIwQY
MBaAFMFefXu2nvrLDHOQKXLHTXLSm/d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1Y1OWU3YWUtc3NNYzVBcGNzZE5jdEtiOTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9lYTQwMmEtMGZmNi00N2Q5LTljZDAt
MzQ3YTBmN2M1YjA4LzEvZGpjM3lsbHBuS2JrbkdPWld1ZWh4QnZHSEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9lYTQwMmEtMGZmNi00N2Q5LTljZDAtMzQ3YTBmN2M1YjA4
LzEvd1Y1OWU3YWUtc3NNYzVBcGNzZE5jdEtiOTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue6AMA0G
CSqGSIb3DQEBCwUAA4IBAQBv4EAZ3rIMN3HCzxTLC9yLbayD+DSHO0Muw28WefGM
vIvsYCOYR8Lsy392dA49r+qxmhwCS1x6qD8K4CAisoCQHYpLsKz410YtbEezce5l
s3Isc5krNvQgz6f5Yq9poULpNKcRk6b4PJjke6sCvYf1RKFAf1/414f8R4RL9fKO
JIfWaZRDxXMpB4wT1px/+lRMM4kp+G/wFYY/6RlVESeHwVFhQfA13DGucqtnqkOo
W/m4q6Gw06Xqcj1SyGE4Rix/qV8P4BXv2U4y7qGg/6a0JodrQXe/QRRdrP/fRTzH
mpd5S5LgxYbfW67StAFcnGZkwbElyVooyPv83RWVaWb8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:02 2024 by rpki-client on console-fra.rpki-client.org