Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/dtlXcS9ECSBioSeS0D5iWzVGbsc.roa
File:                     dtlXcS9ECSBioSeS0D5iWzVGbsc.roa (raw, json)
Hash identifier:          VyrYpeoHgDNE+xmLy6mRxQuZl7RT24fo1v2FT+iMaPY=
Subject key identifier:   76:D9:57:71:2F:44:09:20:62:A1:27:92:D0:3E:62:5B:35:46:6E:C7
Certificate issuer:       /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial:       A1
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/dtlXcS9ECSBioSeS0D5iWzVGbsc.roa
Signing time:             Thu 20 Jun 2024 04:40:28 +0000
ROA not before:           Thu 20 Jun 2024 04:40:28 +0000
ROA not after:            Wed 21 May 2025 03:30:10 +0000
asID:                     136897
IP address blocks:        113.31.32.0/21 maxlen: 24
                          113.31.40.0/21 maxlen: 24
                          113.31.48.0/21 maxlen: 24
                          113.31.56.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 Jul 2024 11:43:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 161 (0xa1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
        Validity
            Not Before: Jun 20 04:40:28 2024 GMT
            Not After : May 21 03:30:10 2025 GMT
        Subject: CN=76D957712F44092062A12792D03E625B35466EC7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:cf:d6:17:06:2f:5f:1a:e1:f7:df:3c:e4:4c:
                    ec:d1:15:82:8c:13:98:66:55:20:6f:25:0f:e5:9a:
                    9d:1a:80:57:0f:7e:e9:d6:06:d1:d6:67:be:46:da:
                    aa:6f:16:34:f2:db:27:bb:4c:22:35:4d:1d:30:7d:
                    9d:aa:31:5d:cf:de:19:d9:62:1b:98:47:4b:f7:46:
                    db:1f:8f:53:2f:4f:05:dc:8d:ce:fd:7e:7b:14:aa:
                    98:db:95:7e:aa:31:b0:81:a6:bc:7f:99:d3:2c:23:
                    87:ae:82:2e:ab:fd:f7:a5:06:62:ee:08:75:1f:63:
                    fa:da:b9:b0:6c:f9:bb:31:53:31:ff:55:3d:db:97:
                    71:69:18:05:0a:69:85:8c:f9:cd:ef:7a:b3:23:b9:
                    f4:66:43:9d:87:25:e6:5e:32:22:28:ff:db:1f:57:
                    26:2e:4e:61:14:c0:03:d2:28:61:d9:14:5b:a4:3e:
                    28:96:8f:0d:08:5a:b8:cf:40:0e:2a:d9:ab:42:2b:
                    06:32:02:f6:e7:53:49:5b:e4:f6:95:d8:71:21:bb:
                    4a:a6:84:7e:f7:96:72:e1:bd:ec:6c:85:02:e4:68:
                    00:84:a0:b5:bf:a6:c3:0b:20:eb:09:0f:4f:88:22:
                    5b:f3:d7:f9:ab:98:b9:50:9d:b4:01:51:f8:a1:75:
                    b5:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:D9:57:71:2F:44:09:20:62:A1:27:92:D0:3E:62:5B:35:46:6E:C7
            X509v3 Authority Key Identifier:
                keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/dtlXcS9ECSBioSeS0D5iWzVGbsc.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  113.31.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         0e:36:ae:8c:67:19:15:8f:f4:5f:f2:35:6c:87:13:7b:91:2a:
         55:ab:23:3a:48:65:dc:e1:9d:b4:ed:95:25:06:9e:83:fe:4a:
         f4:e1:3d:ca:37:3c:7c:04:18:e0:29:0a:33:54:2a:b9:59:f7:
         76:3c:49:14:ba:c1:08:63:00:3e:e2:1a:a4:02:45:8b:29:1d:
         23:1e:d9:69:cc:98:e5:e0:bb:6f:57:e2:4f:51:d1:bc:a9:d9:
         22:fc:20:7d:3d:2e:f2:0a:14:c4:11:a1:cf:45:02:91:0e:3f:
         a5:e5:95:d3:93:ac:3a:34:1d:46:fb:3e:4b:73:b1:f1:d2:84:
         28:aa:5f:ca:b0:a5:53:38:19:ee:7c:56:72:c3:1f:e7:a1:7a:
         43:7d:09:ca:bb:ad:92:60:28:db:35:9e:8b:7b:ed:93:c1:da:
         63:9d:85:cd:00:b1:16:dc:2c:f5:af:0d:93:a4:76:db:e7:29:
         c8:af:6b:a6:61:be:60:d7:36:6b:7d:17:75:88:a4:9a:98:8e:
         aa:26:a7:20:2c:ec:3b:67:19:a2:60:c2:04:6b:fd:1e:9b:0e:
         10:0c:2a:dd:cf:0a:98:23:12:16:c6:5c:4d:ec:34:48:4e:56:
         ff:4f:ec:af:36:e1:18:af:0a:9f:12:3a:7a:02:52:19:6d:9a:
         19:48:37:fb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAKEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNDA2MjAw
NDQwMjhaFw0yNTA1MjEwMzMwMTBaMDMxMTAvBgNVBAMTKDc2RDk1NzcxMkY0NDA5
MjA2MkExMjc5MkQwM0U2MjVCMzU0NjZFQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0z9YXBi9fGuH33zzkTOzRFYKME5hmVSBvJQ/lmp0agFcPfunW
BtHWZ75G2qpvFjTy2ye7TCI1TR0wfZ2qMV3P3hnZYhuYR0v3Rtsfj1MvTwXcjc79
fnsUqpjblX6qMbCBprx/mdMsI4eugi6r/felBmLuCHUfY/raubBs+bsxUzH/VT3b
l3FpGAUKaYWM+c3verMjufRmQ52HJeZeMiIo/9sfVyYuTmEUwAPSKGHZFFukPiiW
jw0IWrjPQA4q2atCKwYyAvbnU0lb5PaV2HEhu0qmhH73lnLhvexshQLkaACEoLW/
psMLIOsJD0+IIlvz1/mrmLlQnbQBUfihdbWhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUdtlXcS9ECSBioSeS0D5iWzVGbscwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL2R0bFhjUzlFQ1NCaW9T
ZVMwRDVpV3pWR2JzYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAVxHyAwDQYJKoZIhvcNAQELBQADggEBAA42roxnGRWP9F/yNWyHE3uRKlWrIzpI
ZdzhnbTtlSUGnoP+SvThPco3PHwEGOApCjNUKrlZ93Y8SRS6wQhjAD7iGqQCRYsp
HSMe2WnMmOXgu29X4k9R0byp2SL8IH09LvIKFMQRoc9FApEOP6XlldOTrDo0HUb7
PktzsfHShCiqX8qwpVM4Ge58VnLDH+ehekN9Ccq7rZJgKNs1not77ZPB2mOdhc0A
sRbcLPWvDZOkdtvnKciva6ZhvmDXNmt9F3WIpJqYjqompyAs7DtnGaJgwgRr/R6b
DhAMKt3PCpgjEhbGXE3sNEhOVv9P7K824RivCp8SOnoCUhltmhlIN/s=
-----END CERTIFICATE-----
Generated at Thu Jul 11 13:05:51 2024 by rpki-client on console-fra.rpki-client.org