Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3133302e302f32332d3233203d3e203130323137.roa
File:                     3131392e31312e3133302e302f32332d3233203d3e203130323137.roa (raw, json)
Hash identifier:          a4kS9CTkDBUfP97uMO7J9Gg2CP7uOKiYZlih+1ocPx8=
Subject key identifier:   34:B0:DD:04:85:4E:4B:5C:10:CB:D8:6E:02:E5:3E:4A:0C:CC:C4:7D
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       2C29B65B1F8A48685306C1BEBA5285D74FDC1364
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3133302e302f32332d3233203d3e203130323137.roa
Signing time:             Fri 25 Aug 2023 07:32:17 +0000
ROA not before:           Fri 25 Aug 2023 07:27:17 +0000
ROA not after:            Fri 23 Aug 2024 07:32:17 +0000
asID:                     10217
IP address blocks:        119.11.130.0/23 maxlen: 23

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:29:b6:5b:1f:8a:48:68:53:06:c1:be:ba:52:85:d7:4f:dc:13:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 25 07:27:17 2023 GMT
            Not After : Aug 23 07:32:17 2024 GMT
        Subject: CN=34B0DD04854E4B5C10CBD86E02E53E4A0CCCC47D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:14:54:14:9e:30:18:fa:d5:95:ac:6e:c7:fe:
                    42:b9:44:7b:f3:36:79:48:a5:80:ae:10:1a:58:ad:
                    23:e2:70:0f:23:0c:08:e3:10:08:5e:61:bc:02:5a:
                    72:2c:02:1c:67:67:b1:0e:c0:03:9b:20:b1:d1:fc:
                    d9:36:9f:2b:6b:eb:be:13:f1:eb:b5:50:04:97:9f:
                    ca:49:30:7c:20:61:0a:c4:fb:4a:5e:e3:cb:18:eb:
                    75:c2:48:e7:93:5d:30:a0:d2:85:71:ec:47:cb:7a:
                    79:45:e5:4a:2c:ef:35:19:e0:62:ae:4f:26:ac:4a:
                    03:62:cc:f2:a3:8f:e3:a8:4d:ea:e8:7e:84:4a:98:
                    2d:0e:d1:5f:51:fa:bf:d4:69:2c:ff:05:fe:e0:98:
                    28:5a:a8:be:9c:a1:ba:17:c5:ce:b8:dc:07:dc:f5:
                    3c:7c:1b:b1:81:7b:ca:b1:69:4a:3b:6b:77:ed:31:
                    e1:63:f1:24:81:a3:aa:22:b8:b0:8f:1e:92:1d:4f:
                    ea:bb:c4:b0:86:aa:24:f3:1b:85:2e:cd:07:bb:5e:
                    6b:46:30:b6:f7:77:03:57:24:32:24:54:4c:37:87:
                    80:27:02:fd:cb:55:21:d5:f9:46:d5:94:fd:12:4c:
                    72:95:45:ce:98:77:0e:c8:e5:11:47:a5:dc:d3:69:
                    46:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:B0:DD:04:85:4E:4B:5C:10:CB:D8:6E:02:E5:3E:4A:0C:CC:C4:7D
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3133302e302f32332d3233203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.11.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         83:7c:fb:72:17:2a:f5:7c:6a:1c:ce:24:7d:7d:81:d0:2a:57:
         f2:ae:97:36:8b:8f:c0:8f:ae:fb:b6:31:3a:e3:59:1d:1a:ed:
         aa:69:de:0f:8d:90:bc:93:8f:66:85:76:7b:16:35:94:5f:dd:
         5b:e7:18:6c:da:91:25:a8:8f:6d:b7:c5:6f:3b:1a:d0:4b:eb:
         e3:b7:2a:15:11:9a:5d:82:d6:27:78:e9:24:54:2a:d2:37:cc:
         78:6a:e2:73:3c:b7:0d:89:e9:33:61:49:cb:25:f4:94:a8:38:
         03:14:43:c1:89:f2:97:9a:91:62:95:1d:09:ce:a9:c4:f8:d4:
         48:01:2c:30:79:79:df:eb:db:f4:50:a8:5d:a7:0b:9c:43:c2:
         1e:b8:73:63:12:06:c4:4d:e3:e4:51:41:73:cb:5d:83:a1:16:
         fc:ec:6f:26:97:41:c9:82:da:87:de:96:a6:ec:fa:16:35:08:
         e2:e0:aa:ab:e1:30:61:2e:0f:49:3d:23:74:db:83:32:42:29:
         1d:1b:f6:11:11:39:fb:39:44:0a:57:e2:b9:9b:e7:3d:0a:1f:
         8f:34:02:66:94:05:88:a1:3a:56:ec:06:0a:04:26:a3:d3:21:
         65:f8:53:d5:7c:21:9a:92:36:30:9b:d5:7d:a8:a1:8f:1c:45:
         2a:fa:a4:da
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIULCm2Wx+KSGhTBsG+ulKF10/cE2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MjUwNzI3MTdaFw0yNDA4MjMwNzMyMTdaMDMxMTAvBgNV
BAMTKDM0QjBERDA0ODU0RTRCNUMxMENCRDg2RTAyRTUzRTRBMENDQ0M0N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUFFQUnjAY+tWVrG7H/kK5RHvz
NnlIpYCuEBpYrSPicA8jDAjjEAheYbwCWnIsAhxnZ7EOwAObILHR/Nk2nytr674T
8eu1UASXn8pJMHwgYQrE+0pe48sY63XCSOeTXTCg0oVx7EfLenlF5Uos7zUZ4GKu
TyasSgNizPKjj+OoTerofoRKmC0O0V9R+r/UaSz/Bf7gmChaqL6coboXxc643Afc
9Tx8G7GBe8qxaUo7a3ftMeFj8SSBo6oiuLCPHpIdT+q7xLCGqiTzG4UuzQe7XmtG
MLb3dwNXJDIkVEw3h4AnAv3LVSHV+UbVlP0STHKVRc6Ydw7I5RFHpdzTaUZdAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUNLDdBIVOS1wQy9huAuU+SgzMxH0wHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMxMzEzOTJlMzEzMTJlMzEzMzMwMmUzMDJmMzIz
MzJkMzIzMzIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAXcLgjANBgkqhkiG
9w0BAQsFAAOCAQEAg3z7chcq9XxqHM4kfX2B0CpX8q6XNouPwI+u+7YxOuNZHRrt
qmneD42QvJOPZoV2exY1lF/dW+cYbNqRJaiPbbfFbzsa0Evr47cqFRGaXYLWJ3jp
JFQq0jfMeGriczy3DYnpM2FJyyX0lKg4AxRDwYnyl5qRYpUdCc6pxPjUSAEsMHl5
3+vb9FCoXacLnEPCHrhzYxIGxE3j5FFBc8tdg6EW/OxvJpdByYLah96Wpuz6FjUI
4uCqq+EwYS4PST0jdNuDMkIpHRv2ERE5+zlEClfiuZvnPQofjzQCZpQFiKE6VuwG
CgQmo9MhZfhT1XwhmpI2MJvVfaihjxxFKvqk2g==
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org