Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e31382e302f32342d3234203d3e20313439373037.roa
File:                     3230322e35372e31382e302f32342d3234203d3e20313439373037.roa (raw, json)
Hash identifier:          +T1gf2uApw76UcUj6oPqv0Lxj2A7PA+RQBx1vdM2GJ4=
Subject key identifier:   D9:AD:E3:04:B6:38:FF:06:9D:88:2A:71:BB:EC:BF:F9:73:FB:71:80
Certificate issuer:       /CN=1F969EE9B0838D22156118A888B81BF27B859BD5
Certificate serial:       2FC6D418C85B4B7FC545C07EC80324D8EBA27706
Authority key identifier: 1F:96:9E:E9:B0:83:8D:22:15:61:18:A8:88:B8:1B:F2:7B:85:9B:D5
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1F969EE9B0838D22156118A888B81BF27B859BD5.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e31382e302f32342d3234203d3e20313439373037.roa
Signing time:             Sun 07 Jan 2024 02:00:01 +0000
ROA not before:           Sun 07 Jan 2024 01:55:01 +0000
ROA not after:            Sun 05 Jan 2025 02:00:01 +0000
asID:                     149707
IP address blocks:        202.57.18.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 10 Sep 2024 07:13:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:c6:d4:18:c8:5b:4b:7f:c5:45:c0:7e:c8:03:24:d8:eb:a2:77:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1F969EE9B0838D22156118A888B81BF27B859BD5
        Validity
            Not Before: Jan  7 01:55:01 2024 GMT
            Not After : Jan  5 02:00:01 2025 GMT
        Subject: CN=D9ADE304B638FF069D882A71BBECBFF973FB7180
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e7:0a:1a:77:f7:e6:0a:df:38:2d:79:54:6e:
                    66:3b:68:b0:85:c2:01:55:22:71:3d:fc:62:60:8d:
                    40:84:01:c0:68:8a:3d:9f:de:80:b3:83:95:70:69:
                    e6:cb:ad:5d:cd:d7:8d:3f:e6:60:05:d7:71:32:bc:
                    ee:93:84:5f:2e:05:12:8c:bf:70:a7:4b:b9:89:b3:
                    8c:de:0c:12:93:11:10:b8:f9:bf:0e:42:5e:d4:e2:
                    34:1b:7e:85:2e:0d:cd:ea:33:27:7c:78:e3:c9:d5:
                    c2:8c:d4:96:68:dc:20:d8:3f:99:cb:01:1b:99:27:
                    33:8f:dc:78:33:38:44:c4:b6:3a:0e:66:f3:c9:f6:
                    1d:47:01:c0:8a:e8:47:06:26:64:60:e5:05:87:cb:
                    9a:45:63:3f:48:98:b0:dd:6f:1d:75:3c:27:91:2d:
                    24:87:fe:9a:16:34:f5:ec:f8:d6:7f:54:bf:3a:26:
                    03:bf:2a:07:12:e6:5f:7e:ca:8f:5e:f0:3a:50:14:
                    ee:34:42:4f:6a:ba:81:af:5f:68:59:c2:82:0e:56:
                    83:23:9b:65:60:32:be:9f:32:22:53:ae:11:91:45:
                    ae:4b:d4:02:f4:d8:dd:e6:e4:fb:69:1f:9e:2d:2d:
                    d4:66:49:d7:98:37:84:ec:bd:25:c6:14:48:e9:f2:
                    75:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:AD:E3:04:B6:38:FF:06:9D:88:2A:71:BB:EC:BF:F9:73:FB:71:80
            X509v3 Authority Key Identifier:
                keyid:1F:96:9E:E9:B0:83:8D:22:15:61:18:A8:88:B8:1B:F2:7B:85:9B:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/1F969EE9B0838D22156118A888B81BF27B859BD5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1F969EE9B0838D22156118A888B81BF27B859BD5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0d3f095b-7130-4122-af25-7d2e7a11b1b1/0/3230322e35372e31382e302f32342d3234203d3e20313439373037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.57.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:51:be:b1:79:36:9f:eb:3c:06:38:0b:1a:26:42:22:65:55:
         e0:61:ff:cc:66:58:d6:72:04:8e:76:d6:da:d5:a3:44:13:bb:
         95:4a:ee:7c:b6:9d:dc:53:12:08:f4:1f:a6:dd:e3:b3:72:65:
         9d:36:6d:4e:cf:5c:0c:a3:e3:23:9b:fb:81:b4:07:d7:a4:8c:
         cc:44:14:de:35:3e:61:7e:21:60:81:c1:4a:1e:3a:70:51:3f:
         d3:45:9f:4c:83:18:bd:3d:5d:9e:db:aa:a1:d2:6c:99:72:20:
         db:43:0d:58:d3:9b:ed:83:fe:8e:24:50:5f:79:6d:e9:62:9d:
         df:c0:49:be:4f:e9:cd:10:ad:f0:55:6d:81:68:48:b9:7c:ad:
         ad:fa:a2:fa:f6:c9:28:e8:5d:8d:ae:a5:8a:8e:8b:f8:9e:4a:
         18:49:d0:42:12:fb:f1:37:f0:8a:ee:e9:81:d2:29:04:6e:ea:
         3c:a8:10:b4:5f:30:6b:a9:52:68:7a:d6:8e:6c:1c:6f:da:c1:
         41:70:5e:20:bd:69:bf:a2:18:0f:04:a1:94:c2:cc:ab:f3:fe:
         22:1b:fa:5c:e2:f7:fa:1e:da:aa:ac:8b:2f:fa:57:0a:c4:35:
         5c:48:34:24:33:05:6d:cc:fb:75:89:30:5e:60:84:71:77:b4:
         c4:45:e2:78
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUL8bUGMhbS3/FRcB+yAMk2OuidwYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY5NjlFRTlCMDgzOEQyMjE1NjExOEE4ODhCODFCRjI3
Qjg1OUJENTAeFw0yNDAxMDcwMTU1MDFaFw0yNTAxMDUwMjAwMDFaMDMxMTAvBgNV
BAMTKEQ5QURFMzA0QjYzOEZGMDY5RDg4MkE3MUJCRUNCRkY5NzNGQjcxODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC25woad/fmCt84LXlUbmY7aLCF
wgFVInE9/GJgjUCEAcBoij2f3oCzg5VwaebLrV3N140/5mAF13EyvO6ThF8uBRKM
v3CnS7mJs4zeDBKTERC4+b8OQl7U4jQbfoUuDc3qMyd8eOPJ1cKM1JZo3CDYP5nL
ARuZJzOP3HgzOETEtjoOZvPJ9h1HAcCK6EcGJmRg5QWHy5pFYz9ImLDdbx11PCeR
LSSH/poWNPXs+NZ/VL86JgO/KgcS5l9+yo9e8DpQFO40Qk9quoGvX2hZwoIOVoMj
m2VgMr6fMiJTrhGRRa5L1AL02N3m5PtpH54tLdRmSdeYN4TsvSXGFEjp8nWxAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU2a3jBLY4/wadiCpxu+y/+XP7cYAwHwYDVR0j
BBgwFoAUH5ae6bCDjSIVYRioiLgb8nuFm9UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
ZDNmMDk1Yi03MTMwLTQxMjItYWYyNS03ZDJlN2ExMWIxYjEvMC8xRjk2OUVFOUIw
ODM4RDIyMTU2MTE4QTg4OEI4MUJGMjdCODU5QkQ1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMUY5NjlFRTlCMDgzOEQyMjE1NjExOEE4ODhCODFCRjI3Qjg1
OUJENS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBkM2YwOTViLTcxMzAtNDEyMi1h
ZjI1LTdkMmU3YTExYjFiMS8wLzMyMzAzMjJlMzUzNzJlMzEzODJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzQzOTM3MzAzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMo5EjANBgkqhkiG
9w0BAQsFAAOCAQEAllG+sXk2n+s8BjgLGiZCImVV4GH/zGZY1nIEjnbW2tWjRBO7
lUrufLad3FMSCPQfpt3js3JlnTZtTs9cDKPjI5v7gbQH16SMzEQU3jU+YX4hYIHB
Sh46cFE/00WfTIMYvT1dntuqodJsmXIg20MNWNOb7YP+jiRQX3lt6WKd38BJvk/p
zRCt8FVtgWhIuXytrfqi+vbJKOhdja6lio6L+J5KGEnQQhL78Tfwiu7pgdIpBG7q
PKgQtF8wa6lSaHrWjmwcb9rBQXBeIL1pv6IYDwShlMLMq/P+Ihv6XOL3+h7aqqyL
L/pXCsQ1XEg0JDMFbcz7dYkwXmCEcXe0xEXieA==
-----END CERTIFICATE-----
Generated at Tue Sep 10 08:57:19 2024 by rpki-client on console-fra.rpki-client.org