Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/Nd2zb6MIqPKlAJvkh3tdLHnU7NU.roa
File:                     Nd2zb6MIqPKlAJvkh3tdLHnU7NU.roa (raw, json)
Hash identifier:          Vl923E42WQ/semX3bGJv8FAJ4FarQPQTaNZlxWtW9xw=
Subject key identifier:   35:DD:B3:6F:A3:08:A8:F2:A5:00:9B:E4:87:7B:5D:2C:79:D4:EC:D5
Certificate issuer:       /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial:       053B
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Nd2zb6MIqPKlAJvkh3tdLHnU7NU.roa
Signing time:             Tue 15 Nov 2022 03:08:25 +0000
ROA not before:           Tue 15 Nov 2022 03:08:25 +0000
ROA not after:            Mon 28 Aug 2023 04:15:34 +0000
asID:                     3320
IP address blocks:        180.223.216.0/21 maxlen: 24
                          180.223.224.0/21 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1339 (0x53b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
        Validity
            Not Before: Nov 15 03:08:25 2022 GMT
            Not After : Aug 28 04:15:34 2023 GMT
        Subject: CN=35DDB36FA308A8F2A5009BE4877B5D2C79D4ECD5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:73:6f:ce:da:d3:9c:67:72:d9:14:4d:fc:cf:
                    33:28:73:6c:49:82:69:a6:d4:46:c7:dd:8f:5d:dc:
                    9b:ff:fa:a7:4a:de:40:d1:ff:74:f6:b9:7e:ed:36:
                    b2:d4:57:e3:58:51:69:25:e8:8f:6f:9b:cc:3f:c1:
                    97:4a:0e:fe:11:2d:b3:f2:76:80:00:7d:1b:63:51:
                    82:25:89:05:d9:18:e8:cd:dd:33:f5:1b:96:d9:34:
                    c7:6f:d7:0a:25:9d:14:40:71:33:48:70:31:bf:00:
                    7b:f9:5b:fb:3c:04:a1:2e:c4:fc:bf:de:33:40:49:
                    9f:ae:de:bf:cf:84:8e:99:09:6d:5f:6e:a7:e3:d6:
                    8d:ec:3f:d3:24:51:6b:a1:29:e9:19:6b:c7:2b:17:
                    21:79:0b:fd:ea:84:22:8f:c7:2d:b4:10:14:35:9c:
                    0a:30:61:63:e9:76:38:2e:60:95:72:3d:f7:47:7d:
                    c6:f0:dd:4a:66:aa:c4:76:4a:d1:f7:ed:5c:0e:78:
                    21:db:6a:92:af:8b:36:bc:29:0a:40:cc:e8:0b:0e:
                    44:52:29:55:ff:75:f4:d5:83:a1:0f:1f:f2:dd:fb:
                    62:38:b1:16:fa:c3:18:5b:95:93:eb:2a:53:bf:c2:
                    4c:fa:cf:cb:f9:0b:6f:f0:3a:56:86:fc:cb:9a:2a:
                    92:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:DD:B3:6F:A3:08:A8:F2:A5:00:9B:E4:87:7B:5D:2C:79:D4:EC:D5
            X509v3 Authority Key Identifier:
                keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Nd2zb6MIqPKlAJvkh3tdLHnU7NU.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.223.216.0-180.223.231.255

    Signature Algorithm: sha256WithRSAEncryption
         6d:f6:c4:ce:fd:c9:f1:d1:d4:5c:05:60:1e:66:e6:6f:eb:c8:
         30:44:27:12:81:ac:7a:cd:fb:82:3f:9e:21:ec:a4:af:f7:43:
         f8:13:f2:68:e5:68:39:ff:f0:e2:4f:28:18:46:6f:ee:c6:d7:
         bc:af:a4:f5:34:64:9e:58:a1:0b:dd:34:6e:ab:44:4e:3e:27:
         49:56:b1:f1:46:90:97:7c:f3:94:ab:bf:01:b6:35:ef:93:46:
         ab:81:69:df:de:9e:26:03:fd:fd:fb:f4:38:a8:0d:f0:0d:fb:
         c7:90:ed:5a:c4:75:0f:90:b6:d4:11:41:19:7d:7a:ec:40:4f:
         a9:ac:97:6d:f7:18:fe:b8:62:be:ac:ae:0b:a0:3d:52:a5:2d:
         86:19:f6:6b:9b:2f:2c:10:77:94:e0:d6:ab:a6:9b:76:b8:63:
         7d:61:30:9a:b0:ef:54:15:99:ad:22:fa:71:fa:c3:85:e2:9b:
         95:d8:37:77:0b:5c:34:c5:8d:30:8d:e5:d3:0c:2e:22:1f:ad:
         9b:94:ca:13:8e:e7:95:43:35:95:7a:2b:d0:83:a0:37:a7:b3:
         ce:b3:87:aa:5e:1e:31:68:b3:26:e3:ea:65:b2:17:64:41:ed:
         27:d5:31:19:f5:1a:b2:e4:41:d7:8c:6f:05:87:dd:22:36:d1:
         a7:9f:c3:56
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgICBTswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yMjExMTUw
MzA4MjVaFw0yMzA4MjgwNDE1MzRaMDMxMTAvBgNVBAMTKDM1RERCMzZGQTMwOEE4
RjJBNTAwOUJFNDg3N0I1RDJDNzlENEVDRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoc2/O2tOcZ3LZFE38zzMoc2xJgmmm1EbH3Y9d3Jv/+qdK3kDR
/3T2uX7tNrLUV+NYUWkl6I9vm8w/wZdKDv4RLbPydoAAfRtjUYIliQXZGOjN3TP1
G5bZNMdv1wolnRRAcTNIcDG/AHv5W/s8BKEuxPy/3jNASZ+u3r/PhI6ZCW1fbqfj
1o3sP9MkUWuhKekZa8crFyF5C/3qhCKPxy20EBQ1nAowYWPpdjguYJVyPfdHfcbw
3UpmqsR2StH37VwOeCHbapKviza8KQpAzOgLDkRSKVX/dfTVg6EPH/Ld+2I4sRb6
wxhblZPrKlO/wkz6z8v5C2/wOlaG/MuaKpJxAgMBAAGjggH7MIIB9zAdBgNVHQ4E
FgQUNd2zb6MIqPKlAJvkh3tdLHnU7NUwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvTmQyemI2TUlxUEts
QUp2a2gzdGRMSG5VN05VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEw
DjAMAwQDtN/YAwQDtN/gMA0GCSqGSIb3DQEBCwUAA4IBAQBt9sTO/cnx0dRcBWAe
ZuZv68gwRCcSgax6zfuCP54h7KSv90P4E/Jo5Wg5//DiTygYRm/uxte8r6T1NGSe
WKEL3TRuq0ROPidJVrHxRpCXfPOUq78BtjXvk0argWnf3p4mA/39+/Q4qA3wDfvH
kO1axHUPkLbUEUEZfXrsQE+prJdt9xj+uGK+rK4LoD1SpS2GGfZrmy8sEHeU4Nar
ppt2uGN9YTCasO9UFZmtIvpx+sOF4puV2Dd3C1w0xY0wjeXTDC4iH62blMoTjueV
QzWVeivQg6A3p7POs4eqXh4xaLMm4+plshdkQe0n1TEZ9Rqy5EHXjG8Fh90iNtGn
n8NW
-----END CERTIFICATE-----
Generated at Mon Aug 14 04:51:52 2023 by rpki-client on console-fra.rpki-client.org