Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sLZaVyh7_WeyiwUFvDflP6lc7LY.roa
File:                     sLZaVyh7_WeyiwUFvDflP6lc7LY.roa (raw, json)
Hash identifier:          Nu3C3sPSi45m+7mne3KzhwXhArawCfFsTlCki0xY/5Y=
Subject key identifier:   B0:B6:5A:57:28:7B:FD:67:B2:8B:05:05:BC:37:E5:3F:A9:5C:EC:B6
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01876B2865E2A203D3037817D070B9E1F4F1
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sLZaVyh7_WeyiwUFvDflP6lc7LY.roa
Signing time:             Mon 10 Apr 2023 12:33:42 +0000
ROA not before:           Mon 10 Apr 2023 12:33:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        193.233.100.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Nov 2023 17:27:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:6b:28:65:e2:a2:03:d3:03:78:17:d0:70:b9:e1:f4:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Apr 10 12:33:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0b65a57287bfd67b28b0505bc37e53fa95cecb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:bf:29:03:18:1d:d9:ed:95:d4:35:88:45:54:
                    6f:51:98:9b:b7:a0:a4:a4:af:60:39:11:74:e9:10:
                    86:0c:f0:d3:de:df:57:b1:b0:df:e0:08:89:6f:b8:
                    e7:99:64:ee:69:13:5b:35:4b:ab:66:95:cb:7a:12:
                    d9:5b:ad:59:d2:77:00:56:7d:f9:ef:47:20:19:3a:
                    a3:14:97:81:66:dd:a8:dd:45:82:92:e2:7c:b8:bf:
                    fb:cc:35:27:7a:3a:d4:95:1c:c1:d8:c6:79:7f:65:
                    0a:4c:36:6a:38:3f:14:b6:c7:4e:7f:ac:b7:25:56:
                    dd:42:6f:68:e0:e4:ce:3b:ce:f6:2b:9b:8e:0a:38:
                    51:86:20:65:7a:1d:c7:f4:cd:19:34:28:07:29:08:
                    3a:97:0d:82:b2:cb:9d:3e:2d:b7:11:60:2e:cc:11:
                    76:92:20:f1:6a:25:46:c8:c5:d9:f2:a8:1b:b1:6c:
                    4e:c4:ad:da:9e:88:82:3d:e9:aa:ed:48:57:89:87:
                    d5:38:32:12:3a:3f:2a:58:37:cf:f5:d0:0c:7c:b0:
                    06:0c:5c:00:3d:0c:92:30:e9:86:c5:88:af:f4:77:
                    08:fa:75:03:9c:16:a2:51:1c:e4:9d:ff:47:43:a8:
                    09:0a:1c:6e:d7:89:b4:03:2a:7f:c9:c4:f2:aa:3b:
                    ca:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:B6:5A:57:28:7B:FD:67:B2:8B:05:05:BC:37:E5:3F:A9:5C:EC:B6
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/sLZaVyh7_WeyiwUFvDflP6lc7LY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:fc:20:7d:a3:02:50:c8:c8:a5:dc:a9:ba:d4:29:ca:50:37:
         ec:28:99:e3:ce:4b:6a:89:99:21:ab:f0:6e:16:2f:e3:ff:50:
         7c:b9:be:8a:fb:f5:28:0e:bd:00:9f:82:6b:cc:c1:e8:d8:d8:
         ee:df:38:b6:43:f9:6c:5a:f5:32:41:a3:41:cc:52:80:72:4e:
         15:c5:ff:09:0d:9d:d8:1d:3e:52:2e:c5:c7:fa:47:cc:7b:cf:
         d8:ea:19:b0:c3:7e:08:6c:26:3a:3f:82:e4:a4:bf:6b:40:11:
         a6:57:98:89:17:9d:ff:d4:d8:f6:49:aa:0d:ac:ac:7a:e1:1a:
         8e:9f:df:91:af:a1:86:76:5c:5c:72:84:f0:eb:e4:85:dc:4a:
         38:1d:ed:54:dd:1c:3f:7d:49:e6:e1:09:01:00:39:5c:a2:12:
         0b:41:50:fc:70:57:0a:e5:43:ef:9b:2b:ec:ca:44:63:86:c5:
         b4:ff:17:a4:6c:df:8c:01:36:a7:a8:d7:af:b2:f0:92:6b:29:
         a8:a4:83:88:4f:de:c0:77:ac:57:d8:4f:8d:09:23:03:bc:41:
         1a:36:d7:f1:97:68:92:72:fd:0a:40:2a:a9:1c:9d:bc:93:a1:
         74:c2:2a:f0:00:6f:10:83:af:17:2d:b2:41:72:08:d1:63:8a:
         2d:2b:2a:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdrKGXiogPTA3gX0HC54fTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwNDEwMTIzMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGI2NWE1NzI4N2JmZDY3YjI4YjA1MDViYzM3ZTUzZmE5NWNlY2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn78pAxgd2e2V1DWIRVRvUZibt6Ck
pK9gORF06RCGDPDT3t9XsbDf4AiJb7jnmWTuaRNbNUurZpXLehLZW61Z0ncAVn35
70cgGTqjFJeBZt2o3UWCkuJ8uL/7zDUnejrUlRzB2MZ5f2UKTDZqOD8UtsdOf6y3
JVbdQm9o4OTOO872K5uOCjhRhiBleh3H9M0ZNCgHKQg6lw2CssudPi23EWAuzBF2
kiDxaiVGyMXZ8qgbsWxOxK3anoiCPemq7UhXiYfVODISOj8qWDfP9dAMfLAGDFwA
PQySMOmGxYiv9HcI+nUDnBaiURzknf9HQ6gJChxu14m0Ayp/ycTyqjvKvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLC2Wlcoe/1nsosFBbw35T+pXOy2MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvc0xaYVZ5aDdfV2V5aXdVRnZEZmxQNmxjN0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwelkMA0G
CSqGSIb3DQEBCwUAA4IBAQCS/CB9owJQyMil3Km61CnKUDfsKJnjzktqiZkhq/Bu
Fi/j/1B8ub6K+/UoDr0An4JrzMHo2Nju3zi2Q/lsWvUyQaNBzFKAck4Vxf8JDZ3Y
HT5SLsXH+kfMe8/Y6hmww34IbCY6P4LkpL9rQBGmV5iJF53/1Nj2SaoNrKx64RqO
n9+Rr6GGdlxccoTw6+SF3Eo4He1U3Rw/fUnm4QkBADlcohILQVD8cFcK5UPvmyvs
ykRjhsW0/xekbN+MATanqNevsvCSaymopIOIT97Ad6xX2E+NCSMDvEEaNtfxl2iS
cv0KQCqpHJ28k6F0wirwAG8Qg68XLbJBcgjRY4otKyoB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org