Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/PZUW3bI5z03UB9ExQdAdqGvkpUI.roa
File:                     PZUW3bI5z03UB9ExQdAdqGvkpUI.roa (raw, json)
Hash identifier:          0aK5JWHwqA6Hg68qthiSO+LgEby+khd+3XmSs+J05u8=
Subject key identifier:   3D:95:16:DD:B2:39:CF:4D:D4:07:D1:31:41:D0:1D:A8:6B:E4:A5:42
Certificate issuer:       /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial:       01857822730624BD245D5D635A47231DABE1
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/PZUW3bI5z03UB9ExQdAdqGvkpUI.roa
Signing time:             Tue 03 Jan 2023 14:56:41 +0000
ROA not before:           Tue 03 Jan 2023 14:56:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210439
IP address blocks:        87.248.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 05 Feb 2023 05:28:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:78:22:73:06:24:bd:24:5d:5d:63:5a:47:23:1d:ab:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
        Validity
            Not Before: Jan  3 14:56:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d9516ddb239cf4dd407d13141d01da86be4a542
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:4b:7c:41:12:a0:10:21:ea:cc:00:99:99:75:
                    fb:c7:66:56:36:21:82:d0:47:a0:73:fc:1b:68:39:
                    a6:c3:67:9b:42:23:d3:c3:b2:09:df:b8:a2:4b:f0:
                    0d:f2:46:1f:4e:d8:d1:bc:a8:76:48:48:a2:c5:7f:
                    da:3b:6b:4f:5c:02:4b:15:db:0a:fa:26:a6:02:60:
                    5a:8c:d1:a5:31:f3:3f:62:14:e9:26:9f:95:ba:8f:
                    ed:06:aa:28:9e:44:98:cb:21:9e:e7:e0:b0:ce:6c:
                    a7:24:0e:fe:9d:35:03:b7:3b:30:60:54:a9:dd:35:
                    b5:d2:ef:f2:7b:1b:32:5e:1e:ac:24:45:60:e8:97:
                    b1:c4:3b:82:ce:da:48:a2:c3:74:b6:a2:f6:8b:72:
                    60:76:03:bd:93:a8:cc:08:c9:23:cb:cb:3e:96:ae:
                    0e:e3:dd:d2:2b:1b:ab:25:65:dc:e1:ea:d5:9c:8d:
                    ff:f0:ff:50:fa:f8:f6:58:af:be:6f:bf:d3:f1:25:
                    a9:fa:ae:98:0a:4c:cb:36:73:a5:01:f2:f0:92:cd:
                    55:24:6f:34:44:9a:9c:32:61:f5:06:48:81:bb:a2:
                    ae:57:23:23:6c:1f:35:fb:d8:dc:69:34:41:d3:5b:
                    f8:7f:36:77:39:00:2f:7a:ef:68:9e:25:ae:e2:ca:
                    bc:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:95:16:DD:B2:39:CF:4D:D4:07:D1:31:41:D0:1D:A8:6B:E4:A5:42
            X509v3 Authority Key Identifier:
                keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/PZUW3bI5z03UB9ExQdAdqGvkpUI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.248.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:31:62:fd:63:b1:40:f2:f5:02:b4:19:b6:a8:96:35:59:fa:
         99:5d:fa:51:a0:e5:71:79:d1:5c:aa:d5:f0:36:8e:d7:1d:ef:
         3f:21:9e:72:2f:e5:b8:1f:c0:6c:9a:21:22:64:54:4c:fa:53:
         af:27:42:5f:8f:68:5f:f7:4a:ae:1c:86:57:77:b4:59:cc:08:
         4b:5a:3c:2a:09:9f:a1:4e:94:9a:f6:0d:71:55:da:0a:8b:21:
         c2:d1:12:a8:b1:25:e6:79:84:63:0c:dd:87:7e:e7:1c:d6:e0:
         fa:07:fb:04:a2:6c:f1:9e:fd:aa:1d:e3:61:cc:da:2e:37:49:
         3d:dd:71:35:b8:2d:81:48:91:89:af:ff:f3:90:bc:b7:10:69:
         5f:36:80:ff:43:be:35:4d:82:c5:0e:13:0b:ea:3d:d7:9c:47:
         6a:31:2e:e7:f6:a6:26:18:e8:66:13:fd:47:bb:d8:7a:e5:89:
         b4:a6:06:b4:dd:89:9d:68:75:8c:4e:d7:ef:87:1e:de:93:8b:
         16:ca:b5:70:9b:e5:5e:b9:ae:55:e0:9a:fd:96:d5:18:83:7e:
         80:cd:58:f6:e1:0e:45:cc:bd:52:19:c5:50:f6:c1:52:b3:8f:
         63:bc:43:46:36:5e:a1:ae:3c:99:e6:3f:62:8e:09:eb:1d:ea:
         9d:79:2b:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV4InMGJL0kXV1jWkcjHavhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjMwMTAzMTQ1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDk1MTZkZGIyMzljZjRkZDQwN2QxMzE0MWQwMWRhODZiZTRhNTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUt8QRKgECHqzACZmXX7x2ZWNiGC
0Eegc/wbaDmmw2ebQiPTw7IJ37iiS/AN8kYfTtjRvKh2SEiixX/aO2tPXAJLFdsK
+iamAmBajNGlMfM/YhTpJp+Vuo/tBqoonkSYyyGe5+CwzmynJA7+nTUDtzswYFSp
3TW10u/yexsyXh6sJEVg6JexxDuCztpIosN0tqL2i3JgdgO9k6jMCMkjy8s+lq4O
493SKxurJWXc4erVnI3/8P9Q+vj2WK++b7/T8SWp+q6YCkzLNnOlAfLwks1VJG80
RJqcMmH1BkiBu6KuVyMjbB81+9jcaTRB01v4fzZ3OQAveu9oniWu4sq8pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2VFt2yOc9N1AfRMUHQHahr5KVCMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvUFpVVzNiSTV6MDNVQjlFeFFkQWRxR3ZrcFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/iRMA0G
CSqGSIb3DQEBCwUAA4IBAQAoMWL9Y7FA8vUCtBm2qJY1WfqZXfpRoOVxedFcqtXw
No7XHe8/IZ5yL+W4H8BsmiEiZFRM+lOvJ0Jfj2hf90quHIZXd7RZzAhLWjwqCZ+h
TpSa9g1xVdoKiyHC0RKosSXmeYRjDN2Hfucc1uD6B/sEomzxnv2qHeNhzNouN0k9
3XE1uC2BSJGJr//zkLy3EGlfNoD/Q741TYLFDhML6j3XnEdqMS7n9qYmGOhmE/1H
u9h65Ym0pga03YmdaHWMTtfvhx7ek4sWyrVwm+Veua5V4Jr9ltUYg36AzVj24Q5F
zL1SGcVQ9sFSs49jvENGNl6hrjyZ5j9ijgnrHeqdeSvO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org