Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/PZJhi0Puua7zaPcqdjJJxbn0Eeg.roa
File:                     PZJhi0Puua7zaPcqdjJJxbn0Eeg.roa (raw, json)
Hash identifier:          xH726/QlMhcnJFM+hLLeqdsFNGiJuKIRlWntdA0Hdj0=
Subject key identifier:   3D:92:61:8B:43:EE:B9:AE:F3:68:F7:2A:76:32:49:C5:B9:F4:11:E8
Certificate issuer:       /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial:       0185721E893400CABEB1C9FBE3820ED3F1EE
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/PZJhi0Puua7zaPcqdjJJxbn0Eeg.roa
Signing time:             Mon 02 Jan 2023 10:54:41 +0000
ROA not before:           Mon 02 Jan 2023 10:54:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12989
IP address blocks:        85.12.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:1e:89:34:00:ca:be:b1:c9:fb:e3:82:0e:d3:f1:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
        Validity
            Not Before: Jan  2 10:54:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3d92618b43eeb9aef368f72a763249c5b9f411e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:02:64:fd:6d:15:92:a9:2d:5d:a1:5e:84:e5:
                    b8:ef:5c:64:32:77:95:e5:5e:d3:05:e3:5e:18:73:
                    93:c3:c6:02:60:c5:60:7a:9e:f2:d8:4d:ce:72:82:
                    67:71:cd:78:31:10:9e:32:e6:28:07:7a:48:de:91:
                    6a:64:c8:a7:92:0a:f6:6e:4e:27:50:e8:17:b1:76:
                    5b:50:23:6b:2f:7c:a2:3e:56:23:a8:ae:cb:d9:23:
                    21:e2:f1:ba:cb:e2:00:76:b6:43:70:d3:66:21:e3:
                    3f:17:a7:f2:07:8e:08:86:aa:0f:0c:22:63:d3:d7:
                    77:60:69:59:93:aa:95:53:4b:f1:67:4b:ae:a0:97:
                    dc:e3:41:59:d1:86:c7:e5:62:0c:2e:e4:25:cb:84:
                    e7:21:d8:63:50:24:39:c0:2b:9a:57:8c:e5:6b:3d:
                    dd:6e:da:bd:ba:a4:87:3c:f5:04:e5:3a:4f:23:d2:
                    42:8d:a5:3e:a5:10:99:5b:5f:da:7d:77:f8:1e:45:
                    71:04:8a:05:7b:61:06:78:a2:18:d4:10:af:a2:f5:
                    31:e6:45:d1:bf:c0:4a:9c:62:f8:57:00:bb:2b:f0:
                    77:10:fa:45:30:d7:8c:ea:5a:21:a9:48:08:ef:54:
                    74:a6:7b:de:5e:4c:11:22:77:06:e0:9b:0b:36:dd:
                    38:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:92:61:8B:43:EE:B9:AE:F3:68:F7:2A:76:32:49:C5:B9:F4:11:E8
            X509v3 Authority Key Identifier:
                keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/PZJhi0Puua7zaPcqdjJJxbn0Eeg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.12.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:27:f8:5a:6f:4a:35:e5:af:1f:8b:f1:2b:ae:a1:4e:c5:4f:
         71:69:80:35:a6:1d:a3:1a:e8:77:a5:e2:41:5a:c0:f9:49:1c:
         0d:89:1f:ac:bc:fa:ea:de:35:e0:01:70:0e:9f:fa:39:d5:5b:
         7e:e5:7f:6a:8b:4c:b6:10:95:81:70:27:e6:b8:12:a3:73:89:
         de:55:6f:9d:6f:ad:33:02:f7:f8:3e:14:dc:9d:d2:61:5d:69:
         fa:65:08:78:26:01:ec:34:1c:49:e2:96:4f:65:b6:81:c0:a5:
         ae:e5:68:75:a3:44:e2:fb:48:79:6f:10:f6:91:9d:13:f5:66:
         ff:15:ae:be:69:02:f2:11:fe:ef:d8:5c:d7:2b:50:23:e1:14:
         1f:3a:9b:1e:9d:1a:c6:05:ae:19:36:87:61:48:70:3f:6d:f5:
         a5:db:8d:83:7f:84:14:7b:84:65:54:5e:0a:82:cd:3d:44:11:
         c0:f9:aa:83:fe:85:d6:a1:80:74:9f:53:6e:23:53:ae:e8:0f:
         80:bc:86:b4:dd:37:90:89:28:08:76:18:31:cb:fd:e3:58:68:
         71:e2:a2:d1:ed:fb:11:e1:39:d0:a5:ea:17:65:8c:6d:9f:4c:
         84:b9:07:7c:2c:0b:08:25:b3:2c:22:b5:d2:f7:cc:01:0f:12:
         66:80:92:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyHok0AMq+scn744IO0/HuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjMwMTAyMTA1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDkyNjE4YjQzZWViOWFlZjM2OGY3MmE3NjMyNDljNWI5ZjQxMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowJk/W0VkqktXaFehOW471xkMneV
5V7TBeNeGHOTw8YCYMVgep7y2E3OcoJncc14MRCeMuYoB3pI3pFqZMinkgr2bk4n
UOgXsXZbUCNrL3yiPlYjqK7L2SMh4vG6y+IAdrZDcNNmIeM/F6fyB44IhqoPDCJj
09d3YGlZk6qVU0vxZ0uuoJfc40FZ0YbH5WIMLuQly4TnIdhjUCQ5wCuaV4zlaz3d
btq9uqSHPPUE5TpPI9JCjaU+pRCZW1/afXf4HkVxBIoFe2EGeKIY1BCvovUx5kXR
v8BKnGL4VwC7K/B3EPpFMNeM6lohqUgI71R0pnveXkwRIncG4JsLNt047QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2SYYtD7rmu82j3KnYyScW59BHoMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvUFpKaGkwUHV1YTd6YVBjcWRqSkp4Ym4wRWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVQwBMA0G
CSqGSIb3DQEBCwUAA4IBAQA+J/hab0o15a8fi/ErrqFOxU9xaYA1ph2jGuh3peJB
WsD5SRwNiR+svPrq3jXgAXAOn/o51Vt+5X9qi0y2EJWBcCfmuBKjc4neVW+db60z
Avf4PhTcndJhXWn6ZQh4JgHsNBxJ4pZPZbaBwKWu5Wh1o0Ti+0h5bxD2kZ0T9Wb/
Fa6+aQLyEf7v2FzXK1Aj4RQfOpsenRrGBa4ZNodhSHA/bfWl242Df4QUe4RlVF4K
gs09RBHA+aqD/oXWoYB0n1NuI1Ou6A+AvIa03TeQiSgIdhgxy/3jWGhx4qLR7fsR
4TnQpeoXZYxtn0yEuQd8LAsIJbMsIrXS98wBDxJmgJI9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:47 2024 by rpki-client on console-ams.rpki-client.org