Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3133312e302f32342d3234203d3e203130323137.roa
File:                     3131392e31312e3133312e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          mFRscMeHL4J+Vu2r/6Izk6KI/TQ6p7xqxfohslfBjOs=
Subject key identifier:   34:39:36:48:5B:25:7C:CF:FE:BC:38:D6:FA:9A:DA:37:48:D1:F4:74
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       5A59E8E2C78BC5E57796E0E10D98C2F456505DCC
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3133312e302f32342d3234203d3e203130323137.roa
Signing time:             Mon 13 Nov 2023 05:19:44 +0000
ROA not before:           Mon 13 Nov 2023 05:14:44 +0000
ROA not after:            Mon 11 Nov 2024 05:19:44 +0000
asID:                     10217
IP address blocks:        119.11.131.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 10:21:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:59:e8:e2:c7:8b:c5:e5:77:96:e0:e1:0d:98:c2:f4:56:50:5d:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Nov 13 05:14:44 2023 GMT
            Not After : Nov 11 05:19:44 2024 GMT
        Subject: CN=343936485B257CCFFEBC38D6FA9ADA3748D1F474
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:1d:44:58:21:9e:35:c6:58:a7:15:87:8e:47:
                    c6:6e:fd:96:e2:ad:e6:9b:d9:e2:55:ea:92:52:8d:
                    cc:d3:a7:45:f9:a4:21:7b:25:dd:bd:ab:37:3c:8a:
                    fa:85:34:dd:08:b1:f3:43:d5:da:2b:0c:79:37:80:
                    8e:ce:dd:4f:a7:a7:d9:1e:9a:3d:9a:d6:01:b9:4d:
                    56:7c:4c:fd:06:7a:75:71:3b:06:d6:23:e5:76:07:
                    c6:3a:c6:9b:43:e0:9e:e1:14:4e:77:bf:aa:75:f7:
                    54:d2:6c:7f:39:4c:1a:bd:55:92:e6:07:5c:b6:0a:
                    a1:8e:98:42:21:40:61:a0:55:b6:f4:ce:5e:47:07:
                    a1:40:87:f0:f4:a8:e9:66:24:11:b9:ca:b5:ae:79:
                    3d:67:1e:56:c4:1f:1e:4a:94:25:f1:76:0e:f8:74:
                    a8:e5:e4:9b:a9:59:c5:b2:dd:d4:92:c0:6b:09:b2:
                    f0:46:46:4f:24:6a:18:d9:78:3f:f8:fd:a9:e2:40:
                    ea:69:5f:26:54:cf:ee:7a:7b:41:4a:ad:57:2f:c4:
                    c0:16:f1:d4:b1:1a:f9:de:fc:da:53:b7:4c:18:09:
                    89:31:cb:90:a2:ca:1e:29:23:e0:ce:9c:fb:75:f5:
                    31:8f:e0:0c:0e:b4:69:8a:48:fb:f6:b0:3e:6d:91:
                    0c:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:39:36:48:5B:25:7C:CF:FE:BC:38:D6:FA:9A:DA:37:48:D1:F4:74
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3133312e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.11.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:97:87:57:57:88:74:ae:5a:aa:4b:18:b1:a3:c7:48:82:2e:
         84:97:00:ed:56:66:e1:cf:63:e9:30:62:5c:61:a3:bb:49:6c:
         d7:cc:3d:a6:48:10:82:27:a9:e7:e3:ea:b8:8a:d8:8a:6b:6e:
         30:e6:91:9a:9b:fe:fa:2c:40:f0:99:47:b9:74:39:84:a0:c2:
         2b:86:72:90:5d:68:6f:09:1f:a3:5f:f3:25:8b:8c:c2:b8:57:
         8b:cb:c0:66:76:99:fa:2a:b6:3e:16:85:ce:15:24:4a:20:df:
         67:12:ae:59:f0:e2:df:44:c1:96:3b:65:b5:e8:1f:76:b7:81:
         f2:c7:66:81:c8:ec:82:df:0f:c0:38:20:ce:8c:48:9d:27:fa:
         23:fd:42:d5:b2:5b:c3:99:be:ee:63:a4:4e:10:71:cd:9e:77:
         ca:bd:08:cc:5b:3b:bc:0b:70:81:92:60:2b:5f:14:e5:d9:9b:
         b9:84:dc:39:b5:b1:d3:f3:e7:f4:19:9b:b8:26:a3:1d:40:bd:
         8f:bf:f5:d6:2c:61:2f:d5:69:7d:de:f9:b5:e7:29:76:18:06:
         68:08:1b:0c:0f:34:d0:1c:e1:1d:90:50:6f:29:76:8d:6e:0a:
         fe:5c:b9:10:83:41:53:14:77:f2:bd:06:9d:9c:66:74:07:7d:
         a6:10:a5:35
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUWlno4seLxeV3luDhDZjC9FZQXcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzExMTMwNTE0NDRaFw0yNDExMTEwNTE5NDRaMDMxMTAvBgNV
BAMTKDM0MzkzNjQ4NUIyNTdDQ0ZGRUJDMzhENkZBOUFEQTM3NDhEMUY0NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVHURYIZ41xlinFYeOR8Zu/Zbi
reab2eJV6pJSjczTp0X5pCF7Jd29qzc8ivqFNN0IsfND1dorDHk3gI7O3U+np9ke
mj2a1gG5TVZ8TP0GenVxOwbWI+V2B8Y6xptD4J7hFE53v6p191TSbH85TBq9VZLm
B1y2CqGOmEIhQGGgVbb0zl5HB6FAh/D0qOlmJBG5yrWueT1nHlbEHx5KlCXxdg74
dKjl5JupWcWy3dSSwGsJsvBGRk8kahjZeD/4/aniQOppXyZUz+56e0FKrVcvxMAW
8dSxGvne/NpTt0wYCYkxy5Ciyh4pI+DOnPt19TGP4AwOtGmKSPv2sD5tkQyrAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUNDk2SFslfM/+vDjW+praN0jR9HQwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMxMzEzOTJlMzEzMTJlMzEzMzMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHcLgzANBgkqhkiG
9w0BAQsFAAOCAQEAmJeHV1eIdK5aqksYsaPHSIIuhJcA7VZm4c9j6TBiXGGju0ls
18w9pkgQgiep5+PquIrYimtuMOaRmpv++ixA8JlHuXQ5hKDCK4ZykF1obwkfo1/z
JYuMwrhXi8vAZnaZ+iq2PhaFzhUkSiDfZxKuWfDi30TBljtltegfdreB8sdmgcjs
gt8PwDggzoxInSf6I/1C1bJbw5m+7mOkThBxzZ53yr0IzFs7vAtwgZJgK18U5dmb
uYTcObWx0/Pn9BmbuCajHUC9j7/11ixhL9Vpfd75tecpdhgGaAgbDA800BzhHZBQ
byl2jW4K/ly5EINBUxR38r0GnZxmdAd9phClNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:02 2024 by rpki-client on console-fra.rpki-client.org