Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/1n8Bg6H-7RogrXQQGujT-iUKUWI.roa
File:                     1n8Bg6H-7RogrXQQGujT-iUKUWI.roa (raw, json)
Hash identifier:          TE+K6hPp2Y4WOzjJtu/SRWCOdUrKHThJR/9gz0d10RI=
Subject key identifier:   D6:7F:01:83:A1:FE:ED:1A:20:AD:74:10:1A:E8:D3:FA:25:0A:51:62
Certificate issuer:       /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial:       10CD
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/1n8Bg6H-7RogrXQQGujT-iUKUWI.roa
Signing time:             Fri 14 Jun 2024 02:10:10 +0000
ROA not before:           Fri 14 Jun 2024 02:10:10 +0000
ROA not after:            Fri 31 Jan 2025 01:13:46 +0000
asID:                     136897
IP address blocks:        180.223.112.0/21 maxlen: 24
                          180.223.120.0/21 maxlen: 24
                          180.223.232.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 Jul 2024 15:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4301 (0x10cd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
        Validity
            Not Before: Jun 14 02:10:10 2024 GMT
            Not After : Jan 31 01:13:46 2025 GMT
        Subject: CN=D67F0183A1FEED1A20AD74101AE8D3FA250A5162
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:15:3e:2e:69:4d:87:7b:aa:c4:b6:95:1b:fb:
                    e4:98:0e:83:ca:81:ee:e7:d6:1c:51:94:75:5d:81:
                    5a:89:51:3b:02:e9:77:e0:bd:e5:6e:28:b5:cf:33:
                    2a:e1:1a:27:0d:5f:f3:7d:a2:7d:1c:35:a7:f1:b8:
                    a0:93:de:72:16:3d:18:43:a9:67:c1:0d:31:f7:8e:
                    94:46:1e:4b:1d:20:4c:10:28:f5:40:dc:b6:fe:f3:
                    c3:c4:d9:6f:f7:e4:41:02:ce:91:0c:5c:0a:8f:e8:
                    21:2d:1d:60:53:f8:9c:7f:9e:d3:8a:22:ac:7f:95:
                    9e:a4:f2:14:d5:88:3f:f5:7d:9a:f8:b9:c3:af:82:
                    72:6c:ab:74:bb:12:44:ad:39:21:31:1e:09:54:93:
                    21:f4:c6:19:9e:e3:d0:9a:4a:6e:61:b1:39:3f:3d:
                    2b:72:7c:7c:8f:11:7a:33:63:e0:70:4a:8d:01:55:
                    31:c5:62:6b:39:a6:96:80:22:91:b1:04:93:88:b1:
                    21:4b:72:d2:7b:dc:bd:51:00:6a:38:f9:7a:6b:36:
                    4e:57:c8:eb:8d:45:50:cd:38:bd:d0:e3:18:76:62:
                    a1:aa:35:85:e4:1e:4a:2e:6e:ff:9d:72:4a:12:d1:
                    39:14:43:98:17:b5:d9:1b:e5:11:7e:5e:a1:c9:e9:
                    43:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:7F:01:83:A1:FE:ED:1A:20:AD:74:10:1A:E8:D3:FA:25:0A:51:62
            X509v3 Authority Key Identifier:
                keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/1n8Bg6H-7RogrXQQGujT-iUKUWI.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.223.112.0/20
                  180.223.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         76:34:be:92:3a:8e:d6:5b:70:c9:d7:06:76:3f:bd:4d:98:59:
         c7:a8:19:47:e2:8b:6d:20:0f:f1:df:f5:e8:6b:7b:d0:4e:94:
         99:12:6c:56:f0:8a:f7:ca:04:b8:cc:72:39:b9:41:1d:94:62:
         be:71:99:ff:80:44:1e:c5:84:e3:bb:b8:63:35:b3:41:36:dd:
         bd:87:94:84:58:d2:a7:c2:3d:d1:df:d8:6a:da:28:85:e8:b6:
         26:cf:ed:54:c6:97:4a:3b:6f:80:a1:59:1a:0a:87:a8:c4:a2:
         64:0c:34:35:b1:98:7e:24:09:d0:f7:41:d5:86:45:c8:fe:1c:
         04:a3:b2:a8:d9:82:cb:97:10:9d:48:8c:e0:5a:08:cf:ff:91:
         7c:a1:81:f9:d4:8c:ac:77:bb:31:19:c0:66:26:d9:49:b6:79:
         87:53:48:28:80:ee:77:7c:e8:02:23:a6:d6:fe:e5:41:06:bb:
         45:fa:7c:2e:91:b8:51:e0:f7:a0:49:9e:00:a4:50:a7:55:51:
         85:42:bb:a1:66:f6:23:60:e8:e1:7a:30:6b:cb:46:3d:98:fe:
         70:4f:2c:d9:e7:e7:b2:be:52:c6:a6:26:4c:8f:26:7f:4e:8a:
         fd:85:73:7e:5b:f9:f9:4f:0d:89:20:a5:3a:21:35:86:32:89:
         d1:ca:ce:9d
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICEM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA2MTQw
MjEwMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2N0YwMTgzQTFGRUVE
MUEyMEFENzQxMDFBRThEM0ZBMjUwQTUxNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTFT4uaU2He6rEtpUb++SYDoPKge7n1hxRlHVdgVqJUTsC6Xfg
veVuKLXPMyrhGicNX/N9on0cNafxuKCT3nIWPRhDqWfBDTH3jpRGHksdIEwQKPVA
3Lb+88PE2W/35EECzpEMXAqP6CEtHWBT+Jx/ntOKIqx/lZ6k8hTViD/1fZr4ucOv
gnJsq3S7EkStOSExHglUkyH0xhme49CaSm5hsTk/PStyfHyPEXozY+BwSo0BVTHF
Yms5ppaAIpGxBJOIsSFLctJ73L1RAGo4+XprNk5XyOuNRVDNOL3Q4xh2YqGqNYXk
Hkoubv+dckoS0TkUQ5gXtdkb5RF+XqHJ6UP/AgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQU1n8Bg6H+7RogrXQQGujT+iUKUWIwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvMW44Qmc2SC03Um9n
clhRUUd1alQtaVVLVVdJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEBLTfcAMEA7Tf6DANBgkqhkiG9w0BAQsFAAOCAQEAdjS+kjqO1ltwydcGdj+9
TZhZx6gZR+KLbSAP8d/16Gt70E6UmRJsVvCK98oEuMxyOblBHZRivnGZ/4BEHsWE
47u4YzWzQTbdvYeUhFjSp8I90d/Yatoohei2Js/tVMaXSjtvgKFZGgqHqMSiZAw0
NbGYfiQJ0PdB1YZFyP4cBKOyqNmCy5cQnUiM4FoIz/+RfKGB+dSMrHe7MRnAZibZ
SbZ5h1NIKIDud3zoAiOm1v7lQQa7Rfp8LpG4UeD3oEmeAKRQp1VRhUK7oWb2I2Do
4Xowa8tGPZj+cE8s2efnsr5SxqYmTI8mf06K/YVzflv5+U8NiSClOiE1hjKJ0crO
nQ==
-----END CERTIFICATE-----
Generated at Thu Jul 11 17:47:37 2024 by rpki-client on console-fra.rpki-client.org