Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32302e302f32322d3232203d3e203538343835.roa
File: 3130332e3234372e32302e302f32322d3232203d3e203538343835.roa (raw, json)
Hash identifier: SHqSIu0Xpl+zFfVj0WiXF7sKehZDcL+WrhDhfBYINbk=
Subject key identifier: 6D:E6:C1:EA:5D:54:09:61:24:5F:48:FD:B1:8D:F1:51:10:65:1B:82
Certificate issuer: /CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39
Certificate serial: 41C333F7DC2956B6A9B47D1213366F81B63F9008
Authority key identifier: FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32302e302f32322d3232203d3e203538343835.roa
Signing time: Sat 30 Dec 2023 10:44:03 +0000
ROA not before: Sat 30 Dec 2023 10:39:03 +0000
ROA not after: Sat 28 Dec 2024 10:44:03 +0000
asID: 58485
IP address blocks: 103.247.20.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:c3:33:f7:dc:29:56:b6:a9:b4:7d:12:13:36:6f:81:b6:3f:90:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39
Validity
Not Before: Dec 30 10:39:03 2023 GMT
Not After : Dec 28 10:44:03 2024 GMT
Subject: CN=6DE6C1EA5D540961245F48FDB18DF15110651B82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:12:bb:f7:fb:78:d8:c5:36:cc:84:c5:7b:5a:
05:53:a7:9f:14:23:b7:6c:54:da:f4:8c:8e:41:d8:
76:58:be:45:e8:e0:99:62:75:c9:f9:39:4a:44:65:
78:26:de:81:22:b9:f5:72:13:e4:e4:ed:15:13:2f:
4d:e2:75:9b:42:f5:5b:b9:f9:46:1b:eb:c7:26:47:
d9:5d:98:cb:4b:d6:b6:1b:7b:f0:be:e3:e4:bc:08:
c9:ee:ac:f4:24:d4:ae:44:43:f8:b8:e9:15:f6:fc:
90:93:28:1e:b4:35:3a:f6:6e:f5:4a:88:6d:ba:21:
8d:89:c5:98:a8:15:07:ba:5d:fe:56:fe:10:b1:f0:
16:a3:c6:a1:fd:0c:dc:58:90:9e:1e:e9:1e:30:e7:
74:e0:78:f5:64:b5:8a:4f:e4:c0:56:1f:b8:2f:ed:
6a:e1:fa:71:cf:b3:f1:c0:06:b2:d0:19:1e:db:ff:
af:0f:93:4f:f1:07:1f:0c:30:83:99:38:f5:be:1d:
67:5c:10:9a:d0:d2:e1:c4:01:df:1a:4c:81:dc:24:
f5:81:bd:d5:aa:9d:fa:b1:a2:0a:86:25:26:d7:dd:
e3:48:6a:88:85:f9:60:96:84:3c:69:61:f8:ba:58:
42:26:52:79:c1:fd:eb:0b:b7:ba:67:e8:57:af:e8:
af:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E6:C1:EA:5D:54:09:61:24:5F:48:FD:B1:8D:F1:51:10:65:1B:82
X509v3 Authority Key Identifier:
keyid:FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/3130332e3234372e32302e302f32322d3232203d3e203538343835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.247.20.0/22
Signature Algorithm: sha256WithRSAEncryption
65:5f:bf:cf:af:e2:3a:f6:cd:88:58:6c:ef:18:d6:f5:18:1c:
d7:26:a1:ac:f3:fb:fc:ea:8b:8b:e9:56:ac:e4:ee:f6:2b:88:
4b:b2:22:80:c3:5d:5b:a1:4f:d6:d7:55:46:6d:e8:a8:50:d3:
fe:39:57:c3:bf:6a:e7:26:77:fa:20:5c:3a:a1:77:79:09:d9:
a3:86:41:10:fb:3e:47:e3:b7:be:f3:e8:10:34:ca:21:ff:a7:
7f:9a:ab:c6:df:67:ef:71:b4:32:02:b9:92:c9:ef:c8:1c:e4:
31:fd:3b:7b:19:ef:e9:f5:be:ce:7d:b3:4f:53:81:23:8a:3e:
6f:cd:58:a6:95:e9:04:be:67:58:89:fc:66:5b:02:a4:5e:60:
1b:f5:79:10:a5:4e:d8:c8:3b:b7:d9:84:13:b7:90:b5:f4:94:
d5:7c:26:17:23:82:1e:7f:e9:7d:89:c4:22:db:19:11:b0:95:
58:3c:82:3a:90:48:a3:0e:ad:b2:70:f5:fa:e8:4c:43:24:eb:
bc:f6:1d:dd:c3:ec:cb:bf:5c:b8:fb:44:d5:ac:8c:73:5e:97:
eb:af:51:b1:66:28:11:58:87:e4:2d:dd:8b:30:d8:ef:ce:76:
45:e9:c9:94:bf:34:f7:b4:a8:0b:95:02:46:e4:6d:13:63:47:
03:c1:39:27
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUQcMz99wpVraptH0SEzZvgbY/kAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJF
QjNCRkYzOTAeFw0yMzEyMzAxMDM5MDNaFw0yNDEyMjgxMDQ0MDNaMDMxMTAvBgNV
BAMTKDZERTZDMUVBNUQ1NDA5NjEyNDVGNDhGREIxOERGMTUxMTA2NTFCODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYErv3+3jYxTbMhMV7WgVTp58U
I7dsVNr0jI5B2HZYvkXo4Jlidcn5OUpEZXgm3oEiufVyE+Tk7RUTL03idZtC9Vu5
+UYb68cmR9ldmMtL1rYbe/C+4+S8CMnurPQk1K5EQ/i46RX2/JCTKB60NTr2bvVK
iG26IY2JxZioFQe6Xf5W/hCx8BajxqH9DNxYkJ4e6R4w53TgePVktYpP5MBWH7gv
7Wrh+nHPs/HABrLQGR7b/68Pk0/xBx8MMIOZOPW+HWdcEJrQ0uHEAd8aTIHcJPWB
vdWqnfqxogqGJSbX3eNIaoiF+WCWhDxpYfi6WEImUnnB/esLt7pn6Fev6K/FAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUbebB6l1UCWEkX0j9sY3xURBlG4IwHwYDVR0j
BBgwFoAU+lvKmE7rr/3O2EGQxwdW2+s7/zkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZWU0N2JiZi1iYTg0LTQ0OGYtOTYyYi0yYWFmNWM3ZGQ2OGQvMC9GQTVCQ0E5ODRF
RUJBRkZEQ0VEODQxOTBDNzA3NTZEQkVCM0JGRjM5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJFQjNC
RkYzOS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJlZTQ3YmJmLWJhODQtNDQ4Zi05
NjJiLTJhYWY1YzdkZDY4ZC8wLzMxMzAzMzJlMzIzNDM3MmUzMjMwMmUzMDJmMzIz
MjJkMzIzMjIwM2QzZTIwMzUzODM0MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmf3FDANBgkqhkiG
9w0BAQsFAAOCAQEAZV+/z6/iOvbNiFhs7xjW9Rgc1yahrPP7/OqLi+lWrOTu9iuI
S7IigMNdW6FP1tdVRm3oqFDT/jlXw79q5yZ3+iBcOqF3eQnZo4ZBEPs+R+O3vvPo
EDTKIf+nf5qrxt9n73G0MgK5ksnvyBzkMf07exnv6fW+zn2zT1OBI4o+b81YppXp
BL5nWIn8ZlsCpF5gG/V5EKVO2Mg7t9mEE7eQtfSU1XwmFyOCHn/pfYnEItsZEbCV
WDyCOpBIow6tsnD1+uhMQyTrvPYd3cPsy79cuPtE1ayMc16X669RsWYoEViH5C3d
izDY7852RenJlL8097SoC5UCRuRtE2NHA8E5Jw==
-----END CERTIFICATE-----
Generated at Wed Jan 3 23:27:34 2024 by rpki-client on console-ams.rpki-client.org