Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/u_EOL_BYH1LOFC8XO9ymG6RjNmo.roa
File:                     u_EOL_BYH1LOFC8XO9ymG6RjNmo.roa (raw, json)
Hash identifier:          Gmf/doqahUUbf1Z7btV8ziXL7/kMjYnmYnL/xjgvYjo=
Subject key identifier:   BB:F1:0E:2F:F0:58:1F:52:CE:14:2F:17:3B:DC:A6:1B:A4:63:36:6A
Certificate issuer:       /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial:       01856F26E23125D0B38E7450CB3E9076D3BF
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/u_EOL_BYH1LOFC8XO9ymG6RjNmo.roa
Signing time:             Sun 01 Jan 2023 21:04:57 +0000
ROA not before:           Sun 01 Jan 2023 21:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        193.233.100.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Apr 2023 11:58:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:26:e2:31:25:d0:b3:8e:74:50:cb:3e:90:76:d3:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
        Validity
            Not Before: Jan  1 21:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bbf10e2ff0581f52ce142f173bdca61ba463366a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d8:ba:91:8f:83:6c:95:47:de:53:9e:24:40:
                    fe:d2:fd:8a:10:15:6c:27:1f:10:f4:01:8d:50:f6:
                    32:d4:a8:55:3c:1a:92:4c:69:3d:00:35:42:2a:5a:
                    9a:72:dd:0f:2a:f9:f8:a1:b2:19:c9:33:19:cc:5f:
                    56:55:57:19:2a:01:1a:fa:c6:b4:e6:8f:fe:a0:88:
                    e6:39:f2:d1:e2:a1:8a:69:c2:fc:6a:e2:8d:5a:c4:
                    7f:30:07:55:60:dc:d8:50:95:f3:fc:22:2d:6e:88:
                    8d:e4:7f:2f:a1:40:a0:1a:a2:73:9e:7d:0c:3e:7d:
                    c2:28:66:77:1b:51:6a:57:9b:c4:cc:83:a8:b3:0b:
                    b2:36:60:80:19:fb:59:e8:a6:ec:9f:39:ce:f3:61:
                    1c:99:4a:e9:cc:71:d2:3e:04:07:74:ff:31:88:b2:
                    4a:b6:c7:5e:44:e9:3d:5d:fb:5e:8a:01:ad:c8:25:
                    06:d4:af:7a:5d:da:3a:63:fb:c3:91:b7:24:22:05:
                    ab:6f:39:30:4a:cc:05:20:e5:09:ba:a7:d2:8d:2e:
                    43:c6:c7:70:00:76:bc:d9:79:6c:13:1f:bd:11:9b:
                    84:8f:35:8a:83:e5:c1:6a:41:d5:36:35:06:f0:4b:
                    89:ea:9d:e5:a4:e1:63:6f:51:74:91:69:a7:df:86:
                    47:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:F1:0E:2F:F0:58:1F:52:CE:14:2F:17:3B:DC:A6:1B:A4:63:36:6A
            X509v3 Authority Key Identifier:
                keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/u_EOL_BYH1LOFC8XO9ymG6RjNmo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.233.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9a:76:cf:a6:95:ba:86:79:8a:d8:d0:4a:34:04:63:4c:a8:ff:
         70:89:1c:6d:b2:ad:4c:0a:7f:39:74:55:3a:7b:a3:45:3a:80:
         2b:2e:7a:0c:55:99:b3:72:82:ba:af:65:46:ef:2d:7c:f6:d9:
         a6:81:56:87:f2:69:2d:b0:5c:41:be:fa:a3:e5:f5:c5:ea:4e:
         f0:04:3a:60:98:1e:a7:1d:ab:c3:a6:9a:a8:6d:ec:20:05:eb:
         b5:23:49:c2:53:b7:04:59:69:cd:1c:07:7d:d7:14:55:81:19:
         85:ce:33:05:f6:39:0a:d0:9c:70:c0:ca:04:1c:55:f9:a8:53:
         31:02:30:f8:a6:8d:3d:92:ee:75:fc:1a:6e:5f:d5:be:a4:79:
         4b:7a:f7:7c:25:5d:2d:06:30:2a:5c:bf:c5:0f:2e:bf:b9:11:
         6e:c1:3f:84:4d:1b:0d:04:f6:8e:00:4b:21:60:2c:d4:70:5b:
         46:bb:13:a1:8a:51:a9:30:bd:2f:e8:de:0b:c4:26:a7:da:6d:
         2b:02:de:e3:aa:b6:65:55:84:aa:9d:a6:3b:20:07:23:c9:4b:
         88:0a:2d:16:2b:5f:1d:e0:21:5b:1e:b2:af:16:c2:77:40:39:
         b7:7a:22:59:77:d1:47:eb:72:29:49:f0:85:78:6f:bc:fd:92:
         d6:cb:24:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJuIxJdCzjnRQyz6QdtO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmYxMGUyZmYwNTgxZjUyY2UxNDJmMTczYmRjYTYxYmE0NjMzNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdi6kY+DbJVH3lOeJED+0v2KEBVs
Jx8Q9AGNUPYy1KhVPBqSTGk9ADVCKlqact0PKvn4obIZyTMZzF9WVVcZKgEa+sa0
5o/+oIjmOfLR4qGKacL8auKNWsR/MAdVYNzYUJXz/CItboiN5H8voUCgGqJznn0M
Pn3CKGZ3G1FqV5vEzIOoswuyNmCAGftZ6KbsnznO82EcmUrpzHHSPgQHdP8xiLJK
tsdeROk9XfteigGtyCUG1K96Xdo6Y/vDkbckIgWrbzkwSswFIOUJuqfSjS5Dxsdw
AHa82XlsEx+9EZuEjzWKg+XBakHVNjUG8EuJ6p3lpOFjb1F0kWmn34ZHIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvxDi/wWB9SzhQvFzvcphukYzZqMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdV9FT0xfQllIMUxPRkM4WE85eW1HNlJqTm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwelkMA0G
CSqGSIb3DQEBCwUAA4IBAQCads+mlbqGeYrY0Eo0BGNMqP9wiRxtsq1MCn85dFU6
e6NFOoArLnoMVZmzcoK6r2VG7y189tmmgVaH8mktsFxBvvqj5fXF6k7wBDpgmB6n
HavDppqobewgBeu1I0nCU7cEWWnNHAd91xRVgRmFzjMF9jkK0JxwwMoEHFX5qFMx
AjD4po09ku51/BpuX9W+pHlLevd8JV0tBjAqXL/FDy6/uRFuwT+ETRsNBPaOAEsh
YCzUcFtGuxOhilGpML0v6N4LxCan2m0rAt7jqrZlVYSqnaY7IAcjyUuICi0WK18d
4CFbHrKvFsJ3QDm3eiJZd9FH63IpSfCFeG+8/ZLWyyQA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:33 2024 by rpki-client on console-ams.rpki-client.org