Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3a2f33362d3336203d3e20313338383134.roa
File: 323430343a393763303a3a2f33362d3336203d3e20313338383134.roa (raw, json)
Hash identifier: ABcgnldw5hncRBQlN8/HFGHei7BR8pVRKejkYjJOquQ=
Subject key identifier: A4:0A:A1:53:18:F1:90:A0:E8:9C:86:B6:7D:F5:3C:6B:9F:93:9C:5D
Certificate issuer: /CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE
Certificate serial: 6A04784EA80D9EFBA49A445A6EB1FA75CE03D45C
Authority key identifier: 47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3a2f33362d3336203d3e20313338383134.roa
Signing time: Thu 27 Jun 2024 14:00:01 +0000
ROA not before: Thu 27 Jun 2024 13:55:01 +0000
ROA not after: Thu 26 Jun 2025 14:00:01 +0000
asID: 138814
IP address blocks: 2404:97c0::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 19 Feb 2025 02:40:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:04:78:4e:a8:0d:9e:fb:a4:9a:44:5a:6e:b1:fa:75:ce:03:d4:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE
Validity
Not Before: Jun 27 13:55:01 2024 GMT
Not After : Jun 26 14:00:01 2025 GMT
Subject: CN=A40AA15318F190A0E89C86B67DF53C6B9F939C5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8e:32:82:b2:e5:77:1c:ae:19:ad:0a:27:73:
63:94:ae:7c:47:4e:af:be:a3:6a:40:4c:e7:79:80:
50:36:ff:3a:34:77:3a:2c:da:1e:a3:07:ab:3a:0e:
d1:e7:21:da:02:f2:63:2b:38:a8:6c:29:ee:96:e9:
4c:41:f2:f4:c2:07:b1:ad:6a:f4:63:a8:38:43:76:
c4:80:6c:90:f2:56:06:34:aa:ae:e3:9c:68:86:be:
48:3f:1c:a6:c8:37:7a:99:0b:39:84:41:aa:c1:95:
c8:af:24:53:48:24:86:ee:e7:e4:e7:ee:a0:14:c1:
79:87:fe:6c:7a:fd:b8:cc:05:6b:54:3b:df:e0:32:
ad:09:56:f4:7e:9b:1a:5e:b6:1a:9c:e5:ca:4c:ed:
a3:cb:b8:45:36:4d:20:32:d5:13:c8:58:4e:0f:40:
98:84:29:8a:3f:70:af:b4:47:1a:06:92:38:c4:fc:
a7:7a:05:ef:2c:21:6b:a5:45:d8:e0:92:8e:2c:6f:
02:12:84:f1:41:ff:fc:6a:49:a1:90:72:46:e6:71:
1b:de:c1:45:00:6a:c7:ff:00:d5:48:cf:16:b0:27:
a1:68:c5:cd:e6:da:8c:fd:30:ec:71:dd:3f:44:5c:
e6:74:af:b1:b0:90:95:b1:5a:65:e6:19:d9:60:68:
51:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0A:A1:53:18:F1:90:A0:E8:9C:86:B6:7D:F5:3C:6B:9F:93:9C:5D
X509v3 Authority Key Identifier:
keyid:47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3a2f33362d3336203d3e20313338383134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2404:97c0::/36
Signature Algorithm: sha256WithRSAEncryption
3a:4b:77:d5:16:55:89:88:0b:ec:8d:b8:74:1e:5b:37:e5:e0:
90:d2:85:f8:e7:3a:f9:9b:fe:2a:8d:84:db:2c:54:aa:82:cd:
4a:b1:5a:1f:ef:4d:54:d6:04:93:d3:c3:d0:a3:0d:5b:09:91:
1e:0f:d4:20:b9:02:f1:d7:eb:23:29:32:a9:e1:43:15:21:08:
45:f7:2f:fb:a1:30:53:be:78:58:ab:5c:48:02:a1:f5:c5:76:
e7:50:00:1b:6e:ee:1d:c2:ac:e9:9e:9b:29:1c:cb:c6:50:e2:
52:69:0d:02:0b:df:eb:ad:9d:69:da:bf:24:7b:54:aa:72:1b:
51:dc:af:1c:a3:62:60:21:5d:86:5c:e4:35:da:af:3c:bc:dc:
a5:fa:a9:2c:a6:1e:c9:ba:3c:ba:47:26:c6:22:c4:2e:a2:28:
94:fb:da:89:c6:c0:69:82:9c:ed:1b:2a:94:87:55:62:f1:19:
ff:04:bb:a3:7e:0d:5c:79:10:20:60:3a:6f:40:b9:ae:ac:46:
3a:f5:3e:f7:00:4b:24:3f:cc:70:7f:34:e8:52:14:4d:a8:2e:
32:d2:29:35:03:fc:fb:2a:88:42:1a:01:ff:b8:c8:d9:cd:71:
76:a5:67:9e:f0:d9:30:30:6c:34:d5:6c:67:66:61:6a:83:68:
18:79:b2:96
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUagR4TqgNnvukmkRabrH6dc4D1FwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzky
NzI5REVFRTAeFw0yNDA2MjcxMzU1MDFaFw0yNTA2MjYxNDAwMDFaMDMxMTAvBgNV
BAMTKEE0MEFBMTUzMThGMTkwQTBFODlDODZCNjdERjUzQzZCOUY5MzlDNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTjjKCsuV3HK4ZrQonc2OUrnxH
Tq++o2pATOd5gFA2/zo0dzos2h6jB6s6DtHnIdoC8mMrOKhsKe6W6UxB8vTCB7Gt
avRjqDhDdsSAbJDyVgY0qq7jnGiGvkg/HKbIN3qZCzmEQarBlcivJFNIJIbu5+Tn
7qAUwXmH/mx6/bjMBWtUO9/gMq0JVvR+mxpethqc5cpM7aPLuEU2TSAy1RPIWE4P
QJiEKYo/cK+0RxoGkjjE/Kd6Be8sIWulRdjgko4sbwIShPFB//xqSaGQckbmcRve
wUUAasf/ANVIzxawJ6Foxc3m2oz9MOxx3T9EXOZ0r7GwkJWxWmXmGdlgaFEDAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUpAqhUxjxkKDonIa2ffU8a5+TnF0wHwYDVR0j
BBgwFoAURzdIuOs5vulvZGLDtTzqOScp3u4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
NjU0YThjMy0zMGM4LTQ5NTctODI5MS1hMGMxZjliMTgzOWUvMC80NzM3NDhCOEVC
MzlCRUU5NkY2NDYyQzNCNTNDRUEzOTI3MjlERUVFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzkyNzI5
REVFRS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA2NTRhOGMzLTMwYzgtNDk1Ny04
MjkxLWEwYzFmOWIxODM5ZS8wLzMyMzQzMDM0M2EzOTM3NjMzMDNhM2EyZjMzMzYy
ZDMzMzYyMDNkM2UyMDMxMzMzODM4MzEzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCQEl8AAMA0GCSqG
SIb3DQEBCwUAA4IBAQA6S3fVFlWJiAvsjbh0Hls35eCQ0oX45zr5m/4qjYTbLFSq
gs1KsVof701U1gST08PQow1bCZEeD9QguQLx1+sjKTKp4UMVIQhF9y/7oTBTvnhY
q1xIAqH1xXbnUAAbbu4dwqzpnpspHMvGUOJSaQ0CC9/rrZ1p2r8ke1SqchtR3K8c
o2JgIV2GXOQ12q88vNyl+qksph7Jujy6RybGIsQuoiiU+9qJxsBpgpztGyqUh1Vi
8Rn/BLujfg1ceRAgYDpvQLmurEY69T73AEskP8xwfzToUhRNqC4y0ik1A/z7KohC
GgH/uMjZzXF2pWee8NkwMGw01WxnZmFqg2gYebKW
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:34 2025 by rpki-client