Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130342e302f32342d3234203d3e2034383231.roa
File:                     3232332e32352e3130342e302f32342d3234203d3e2034383231.roa (raw, json)
Hash identifier:          SOfLjEqnz4xSFhgocK9BGCs9O3I7bc2YsUqsH/4v+hM=
Subject key identifier:   EC:32:CC:4D:BD:F5:51:C6:37:95:AB:1D:D5:17:37:4A:47:80:A7:74
Certificate issuer:       /CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787
Certificate serial:       23CFBBBEA27D7575F3A842FC106C5D80D1A54359
Authority key identifier: 4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130342e302f32342d3234203d3e2034383231.roa
Signing time:             Mon 31 Jul 2023 00:08:27 +0000
ROA not before:           Mon 31 Jul 2023 00:03:27 +0000
ROA not after:            Mon 29 Jul 2024 00:08:27 +0000
asID:                     4821
IP address blocks:        223.25.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 Jan 2024 07:54:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:cf:bb:be:a2:7d:75:75:f3:a8:42:fc:10:6c:5d:80:d1:a5:43:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787
        Validity
            Not Before: Jul 31 00:03:27 2023 GMT
            Not After : Jul 29 00:08:27 2024 GMT
        Subject: CN=EC32CC4DBDF551C63795AB1DD517374A4780A774
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:48:c8:d0:36:cc:b7:1f:52:53:73:51:32:92:
                    cf:11:92:08:7b:08:55:e3:6b:f6:24:13:fb:01:d6:
                    cf:c7:30:5b:cd:26:6c:b2:c5:ab:bb:c9:7a:2a:3f:
                    75:78:e8:66:47:70:11:4e:50:d0:97:4e:5e:a5:6f:
                    15:bc:85:2f:bc:9a:7b:76:a0:7f:68:67:88:0a:d8:
                    dc:d5:41:d8:69:07:f6:db:58:90:11:c6:34:ed:23:
                    4a:14:72:2d:b5:c7:90:7d:32:dc:80:e5:e1:e3:ee:
                    7c:22:84:80:aa:42:fa:b5:e2:b8:b0:79:15:fe:53:
                    a7:72:b8:69:af:2f:5f:3f:19:35:54:77:14:11:a4:
                    b8:df:44:9a:5e:ff:1d:f3:2d:20:a2:c4:27:de:ae:
                    0e:5c:6b:19:ee:a0:d0:56:4d:01:bb:6f:54:01:b9:
                    e0:18:b4:84:34:91:df:48:06:fe:c7:43:26:b1:53:
                    ec:24:57:49:50:10:a2:00:f0:d8:2f:6d:8c:51:5d:
                    8d:58:e2:1a:c1:43:fa:d2:9f:1a:a7:4e:c6:a6:46:
                    fe:b0:1e:19:19:df:76:20:b1:ff:e0:d2:e9:93:59:
                    60:e1:ac:3f:c5:97:0e:02:45:30:02:81:6a:c0:5d:
                    15:89:88:02:3b:78:e7:ce:b2:6b:f0:30:6b:f3:a6:
                    4e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:32:CC:4D:BD:F5:51:C6:37:95:AB:1D:D5:17:37:4A:47:80:A7:74
            X509v3 Authority Key Identifier:
                keyid:4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130342e302f32342d3234203d3e2034383231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.25.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:18:27:4d:a8:ca:b5:8d:44:ca:80:67:4a:d1:d7:33:38:5f:
         c7:84:2b:5e:08:6e:2d:15:f1:c0:85:bf:e7:c5:50:ad:dc:c2:
         fb:e8:02:87:cb:86:4c:f7:80:09:46:d3:90:f9:94:7f:cd:91:
         a0:6c:d3:39:56:70:94:ad:0a:d0:f4:95:8c:d8:e6:fc:9b:6e:
         f3:1a:9b:1d:8a:cd:97:c2:18:23:16:b3:91:3d:12:e2:40:79:
         29:59:e0:0d:88:05:3c:50:04:91:92:64:fd:3e:e3:0e:44:d4:
         a5:92:44:4a:4f:d3:81:aa:fa:2a:2c:f2:c0:4a:06:83:24:b2:
         d6:c1:ed:1a:d5:c3:1b:58:d1:e8:69:dd:ef:c7:16:92:80:06:
         a1:22:72:5e:9a:75:74:fc:7a:b9:7b:13:2a:b2:d7:8a:9c:de:
         05:d3:75:9b:b4:7f:de:9a:4f:d5:1d:eb:49:65:94:b6:ac:92:
         9b:cd:07:17:01:1e:32:3a:5d:21:51:c1:10:ba:e4:73:40:3f:
         ba:61:b7:e6:e3:bd:2f:32:e3:97:94:9b:0f:c7:de:62:1a:1b:
         bd:7b:76:e2:4b:61:f2:52:99:0d:f7:7c:28:3e:4e:04:c8:62:
         fe:5d:1f:a8:45:41:b8:0d:19:7e:f9:77:66:98:5a:5b:50:b7:
         d6:e7:a3:d2
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUI8+7vqJ9dXXzqEL8EGxdgNGlQ1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3
RkMzODc4NzAeFw0yMzA3MzEwMDAzMjdaFw0yNDA3MjkwMDA4MjdaMDMxMTAvBgNV
BAMTKEVDMzJDQzREQkRGNTUxQzYzNzk1QUIxREQ1MTczNzRBNDc4MEE3NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbSMjQNsy3H1JTc1Eyks8Rkgh7
CFXja/YkE/sB1s/HMFvNJmyyxau7yXoqP3V46GZHcBFOUNCXTl6lbxW8hS+8mnt2
oH9oZ4gK2NzVQdhpB/bbWJARxjTtI0oUci21x5B9MtyA5eHj7nwihICqQvq14riw
eRX+U6dyuGmvL18/GTVUdxQRpLjfRJpe/x3zLSCixCferg5caxnuoNBWTQG7b1QB
ueAYtIQ0kd9IBv7HQyaxU+wkV0lQEKIA8NgvbYxRXY1Y4hrBQ/rSnxqnTsamRv6w
HhkZ33Ygsf/g0umTWWDhrD/Flw4CRTACgWrAXRWJiAI7eOfOsmvwMGvzpk4lAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU7DLMTb31UcY3lasd1Rc3SkeAp3QwHwYDVR0j
BBgwFoAUS/HcwLzFsaS2vlJqdf8zOX/Dh4cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
ZDI1NDQxOS01M2JlLTRhZDQtYmY3Zi0yOWY4OTEyNTIzZDAvMC80QkYxRENDMEJD
QzVCMUE0QjZCRTUyNkE3NUZGMzMzOTdGQzM4Nzg3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3RkMz
ODc4Ny5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhkMjU0NDE5LTUzYmUtNGFkNC1i
ZjdmLTI5Zjg5MTI1MjNkMC8wLzMyMzIzMzJlMzIzNTJlMzEzMDM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzODMyMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADfGWgwDQYJKoZIhvcN
AQELBQADggEBAJUYJ02oyrWNRMqAZ0rR1zM4X8eEK14Ibi0V8cCFv+fFUK3cwvvo
AofLhkz3gAlG05D5lH/NkaBs0zlWcJStCtD0lYzY5vybbvMamx2KzZfCGCMWs5E9
EuJAeSlZ4A2IBTxQBJGSZP0+4w5E1KWSREpP04Gq+ios8sBKBoMkstbB7RrVwxtY
0ehp3e/HFpKABqEicl6adXT8erl7Eyqy14qc3gXTdZu0f96aT9Ud60lllLaskpvN
BxcBHjI6XSFRwRC65HNAP7pht+bjvS8y45eUmw/H3mIaG717duJLYfJSmQ33fCg+
TgTIYv5dH6hFQbgNGX75d2aYWltQt9bno9I=
-----END CERTIFICATE-----
Generated at Mon Jan 15 11:27:23 2024 by rpki-client on console-fra.rpki-client.org