Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/h68wfWvjvVHiTORBcLl6MphveYA.roa
File:                     h68wfWvjvVHiTORBcLl6MphveYA.roa (raw, json)
Hash identifier:          KgmTLNw/L8bsWS2vATo+wwplCGvznTWgiW3RJJWGjOM=
Subject key identifier:   87:AF:30:7D:6B:E3:BD:51:E2:4C:E4:41:70:B9:7A:32:98:6F:79:80
Certificate issuer:       /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial:       0C19
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/h68wfWvjvVHiTORBcLl6MphveYA.roa
Signing time:             Sat 21 Oct 2023 02:06:48 +0000
ROA not before:           Sat 21 Oct 2023 02:06:48 +0000
ROA not after:            Tue 08 Oct 2024 00:16:33 +0000
asID:                     4134
IP address blocks:        180.223.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Apr 2024 06:08:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3097 (0xc19)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
        Validity
            Not Before: Oct 21 02:06:48 2023 GMT
            Not After : Oct  8 00:16:33 2024 GMT
        Subject: CN=87AF307D6BE3BD51E24CE44170B97A32986F7980
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b4:87:58:27:90:d5:15:a1:51:de:15:86:5e:
                    3a:cd:21:c8:51:84:72:fc:ab:32:06:82:b2:f2:85:
                    96:96:f3:fc:4f:e5:f7:90:c8:df:91:ae:d5:8e:42:
                    79:89:bf:ba:3d:97:22:39:d3:a9:7b:a5:9d:60:6c:
                    bc:07:11:2e:8c:0c:60:c2:74:7b:7d:07:0e:4b:eb:
                    73:07:b3:36:42:70:d8:9d:ca:b5:b9:23:d1:e4:c5:
                    eb:a1:dc:6e:1b:b3:c5:b6:5f:05:2c:b1:40:eb:d2:
                    1f:15:c3:a9:3a:48:e4:71:a3:da:b6:b9:56:ee:bd:
                    bd:11:0e:51:49:d8:ed:e8:38:2b:bc:ec:07:e9:7f:
                    04:cb:ac:d8:71:4a:4b:12:93:71:6d:b8:e4:34:c3:
                    bc:33:fb:d5:90:7c:7b:e8:1a:0c:88:5f:76:4e:de:
                    00:2b:37:90:ed:8a:c1:b0:00:61:21:f3:30:28:20:
                    47:3d:e0:73:1e:4c:50:11:4e:ac:73:24:9a:72:fa:
                    78:03:6e:9d:0f:5f:88:36:3b:a3:6b:27:49:21:3b:
                    82:79:1e:52:65:5e:3f:7b:d9:0e:93:cf:78:83:c0:
                    cf:9d:2b:de:21:d5:0c:6e:69:80:e2:15:2d:de:c8:
                    6b:28:46:d5:a1:84:9b:e3:65:45:9f:0e:fd:19:d2:
                    06:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:AF:30:7D:6B:E3:BD:51:E2:4C:E4:41:70:B9:7A:32:98:6F:79:80
            X509v3 Authority Key Identifier:
                keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/h68wfWvjvVHiTORBcLl6MphveYA.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.223.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b9:f8:58:d7:d4:71:4c:99:26:6e:51:6b:44:d2:f8:bb:12:b7:
         95:b7:ff:6b:9f:f7:d4:7c:cf:8e:72:df:5d:d3:6e:c7:24:29:
         71:5a:c3:92:c2:09:f3:34:db:a0:92:27:4c:5a:5c:b3:f4:c3:
         31:9e:e2:f3:6e:7d:d0:e1:31:82:0d:7e:07:88:7f:75:1f:e7:
         c6:39:44:d6:51:58:31:39:31:01:1c:7b:ea:d6:4e:da:39:44:
         f7:93:64:99:7c:66:48:83:a5:16:81:e2:4e:19:75:1a:e9:8b:
         18:fa:38:77:69:d7:4e:e1:fe:e8:ca:59:83:7f:e0:88:96:4c:
         38:6e:0d:d9:6d:69:51:b7:b1:12:65:e7:06:93:bc:ea:83:ed:
         38:7d:3c:3d:3f:23:b3:91:a4:da:76:a9:49:23:45:46:e4:4d:
         2b:ae:d4:c2:48:2d:29:b1:f4:94:2b:be:10:47:05:fe:94:01:
         93:47:23:bb:0b:f0:37:d2:a4:77:10:56:c2:7d:82:b0:5b:51:
         91:ba:9e:7b:36:b5:4b:bf:af:be:65:68:a4:dc:c6:92:11:26:
         f5:aa:a7:a8:79:88:a3:fa:69:63:77:15:59:39:f3:fd:83:ab:
         db:53:ce:4a:07:f0:57:f5:91:b9:8f:4e:a9:78:d4:08:3d:39:
         f3:83:1b:5c
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDBkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yMzEwMjEw
MjA2NDhaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDg3QUYzMDdENkJFM0JE
NTFFMjRDRTQ0MTcwQjk3QTMyOTg2Rjc5ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUtIdYJ5DVFaFR3hWGXjrNIchRhHL8qzIGgrLyhZaW8/xP5feQ
yN+RrtWOQnmJv7o9lyI506l7pZ1gbLwHES6MDGDCdHt9Bw5L63MHszZCcNidyrW5
I9Hkxeuh3G4bs8W2XwUssUDr0h8Vw6k6SORxo9q2uVbuvb0RDlFJ2O3oOCu87Afp
fwTLrNhxSksSk3FtuOQ0w7wz+9WQfHvoGgyIX3ZO3gArN5DtisGwAGEh8zAoIEc9
4HMeTFARTqxzJJpy+ngDbp0PX4g2O6NrJ0khO4J5HlJlXj972Q6Tz3iDwM+dK94h
1QxuaYDiFS3eyGsoRtWhhJvjZUWfDv0Z0ga9AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUh68wfWvjvVHiTORBcLl6MphveYAwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvaDY4d2ZXdmp2Vkhp
VE9SQmNMbDZNcGh2ZVlBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw
BQMDALTfMA0GCSqGSIb3DQEBCwUAA4IBAQC5+FjX1HFMmSZuUWtE0vi7EreVt/9r
n/fUfM+Oct9d027HJClxWsOSwgnzNNugkidMWlyz9MMxnuLzbn3Q4TGCDX4HiH91
H+fGOUTWUVgxOTEBHHvq1k7aOUT3k2SZfGZIg6UWgeJOGXUa6YsY+jh3addO4f7o
ylmDf+CIlkw4bg3ZbWlRt7ESZecGk7zqg+04fTw9PyOzkaTadqlJI0VG5E0rrtTC
SC0psfSUK74QRwX+lAGTRyO7C/A30qR3EFbCfYKwW1GRup57NrVLv6++ZWik3MaS
ESb1qqeoeYij+mljdxVZOfP9g6vbU85KB/BX9ZG5j06peNQIPTnzgxtc
-----END CERTIFICATE-----
Generated at Mon Apr 1 07:35:34 2024 by rpki-client on console-fra.rpki-client.org