Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3133322e302f32342d3234203d3e203130323137.roa
File:                     3131392e31312e3133322e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          oPo4KwF8s3xg8qWo1G3Zs+droxWMskDQ/jtkVkMzXTk=
Subject key identifier:   D5:9E:38:3F:EB:15:B1:BC:6B:9C:41:15:1B:2A:85:1F:E1:FE:93:56
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       2871CCFEC19398D19353C5302FF1F22D1F74BE0B
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3133322e302f32342d3234203d3e203130323137.roa
Signing time:             Mon 13 Nov 2023 05:20:20 +0000
ROA not before:           Mon 13 Nov 2023 05:15:20 +0000
ROA not after:            Mon 11 Nov 2024 05:20:20 +0000
asID:                     10217
IP address blocks:        119.11.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 10:21:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:71:cc:fe:c1:93:98:d1:93:53:c5:30:2f:f1:f2:2d:1f:74:be:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Nov 13 05:15:20 2023 GMT
            Not After : Nov 11 05:20:20 2024 GMT
        Subject: CN=D59E383FEB15B1BC6B9C41151B2A851FE1FE9356
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:79:d7:4e:ca:07:7d:2e:c5:ad:7a:3c:e1:05:
                    05:c7:c1:3d:0e:1d:8b:54:cc:f2:a8:5c:8f:44:a2:
                    79:48:e1:72:ff:af:c5:01:d9:79:b4:47:2e:5d:a4:
                    51:6b:b1:f1:7c:e3:8b:ab:ae:39:49:64:f5:5b:11:
                    93:58:20:72:0c:b7:f5:ec:7c:dd:7a:cd:52:02:ec:
                    75:06:6a:40:b9:51:c7:c5:85:4e:88:14:95:68:c8:
                    1a:a9:43:04:a6:23:92:69:0d:da:92:08:ff:94:ce:
                    27:02:73:85:ee:d0:b1:03:48:eb:ee:be:bb:2d:b3:
                    95:d8:96:5a:d2:f7:db:44:a8:39:82:4e:40:d0:43:
                    d1:1d:11:6a:0c:13:32:64:e1:0e:69:c2:b9:2b:f1:
                    b5:8c:e2:b3:e3:94:de:37:c9:99:6b:55:77:2c:83:
                    d5:8b:89:53:db:d7:66:98:3d:c8:8e:47:0a:62:0e:
                    34:84:c0:72:e2:76:a3:3f:59:d1:70:28:3a:b9:8c:
                    52:0d:59:06:87:46:74:75:08:90:17:d4:de:49:19:
                    b8:2b:a2:5b:88:18:17:5b:ab:28:bc:42:86:ad:25:
                    ff:86:3c:b4:ce:9d:20:2d:f6:da:40:93:06:b5:49:
                    e9:23:d6:24:12:b0:b3:9d:82:b2:72:0c:57:6f:0a:
                    70:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:9E:38:3F:EB:15:B1:BC:6B:9C:41:15:1B:2A:85:1F:E1:FE:93:56
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3131392e31312e3133322e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.11.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:03:42:1c:5f:b7:21:fc:11:9a:92:33:e7:44:97:c3:49:30:
         d0:18:14:4a:50:47:d5:c6:8a:24:53:73:42:0a:69:e1:7c:fb:
         c7:0b:a8:95:8a:35:27:f0:2b:24:74:c8:d0:94:65:d4:5f:0c:
         4d:66:6e:fe:c6:02:8b:89:63:33:9c:d3:27:3b:96:67:75:b4:
         a7:c6:1d:9d:61:7e:6e:75:6d:1e:fb:58:73:65:75:8e:95:ad:
         8f:0e:79:28:f2:0f:3a:b5:4e:5e:fc:d8:8d:ef:6c:85:f1:a5:
         9a:f9:5c:cc:ba:db:b0:77:34:6e:ee:78:1a:35:d1:2d:2e:78:
         54:ac:64:d6:d9:e9:ce:39:3e:ce:80:c6:a1:b9:1c:b7:c2:d7:
         49:18:6d:9a:e2:5e:e8:88:ea:08:8f:a7:b4:bf:72:67:c1:bb:
         91:89:87:af:da:7d:6e:cb:8b:11:07:1f:57:0b:35:8a:5c:fb:
         01:0c:ce:5d:e6:2d:dc:bb:35:a3:26:04:3b:4d:ea:c5:37:f0:
         d4:ff:32:02:7c:63:52:80:c4:bd:52:41:e5:f7:90:31:9d:83:
         fb:74:20:d6:8f:f4:a5:b8:c1:b0:dd:d4:86:b7:45:2e:44:05:
         e0:71:cd:fa:39:96:4a:9c:d1:34:ab:61:3c:78:d7:fc:d7:7e:
         ee:84:6a:68
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUKHHM/sGTmNGTU8UwL/HyLR90vgswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzExMTMwNTE1MjBaFw0yNDExMTEwNTIwMjBaMDMxMTAvBgNV
BAMTKEQ1OUUzODNGRUIxNUIxQkM2QjlDNDExNTFCMkE4NTFGRTFGRTkzNTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCheddOygd9LsWtejzhBQXHwT0O
HYtUzPKoXI9EonlI4XL/r8UB2Xm0Ry5dpFFrsfF844urrjlJZPVbEZNYIHIMt/Xs
fN16zVIC7HUGakC5UcfFhU6IFJVoyBqpQwSmI5JpDdqSCP+UzicCc4Xu0LEDSOvu
vrsts5XYllrS99tEqDmCTkDQQ9EdEWoMEzJk4Q5pwrkr8bWM4rPjlN43yZlrVXcs
g9WLiVPb12aYPciORwpiDjSEwHLidqM/WdFwKDq5jFINWQaHRnR1CJAX1N5JGbgr
oluIGBdbqyi8QoatJf+GPLTOnSAt9tpAkwa1Sekj1iQSsLOdgrJyDFdvCnBtAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU1Z44P+sVsbxrnEEVGyqFH+H+k1YwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMxMzEzOTJlMzEzMTJlMzEzMzMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHcLhDANBgkqhkiG
9w0BAQsFAAOCAQEAUgNCHF+3IfwRmpIz50SXw0kw0BgUSlBH1caKJFNzQgpp4Xz7
xwuolYo1J/ArJHTI0JRl1F8MTWZu/sYCi4ljM5zTJzuWZ3W0p8YdnWF+bnVtHvtY
c2V1jpWtjw55KPIPOrVOXvzYje9shfGlmvlczLrbsHc0bu54GjXRLS54VKxk1tnp
zjk+zoDGobkct8LXSRhtmuJe6IjqCI+ntL9yZ8G7kYmHr9p9bsuLEQcfVws1ilz7
AQzOXeYt3Ls1oyYEO03qxTfw1P8yAnxjUoDEvVJB5feQMZ2D+3Qg1o/0pbjBsN3U
hrdFLkQF4HHN+jmWSpzRNKthPHjX/Nd+7oRqaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:02 2024 by rpki-client on console-fra.rpki-client.org