Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e302e302f32302d3230203d3e203130323137.roa
File:                     3230322e3137312e302e302f32302d3230203d3e203130323137.roa (raw, json)
Hash identifier:          SOlMLs7nPt0Mdq9SmBsFzq1nyRE9XegTJakmIO3nmUM=
Subject key identifier:   62:70:FC:56:1F:9B:4C:28:39:C7:0D:4F:CD:E0:7D:E6:D1:DE:3A:78
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       47F1154C6BB0A09F8D57E8C1B9E790780F9EEF0A
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e302e302f32302d3230203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:01 +0000
ROA not before:           Thu 31 Aug 2023 05:55:01 +0000
ROA not after:            Thu 29 Aug 2024 06:00:01 +0000
asID:                     10217
IP address blocks:        202.171.0.0/20 maxlen: 20

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:f1:15:4c:6b:b0:a0:9f:8d:57:e8:c1:b9:e7:90:78:0f:9e:ef:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:01 2023 GMT
            Not After : Aug 29 06:00:01 2024 GMT
        Subject: CN=6270FC561F9B4C2839C70D4FCDE07DE6D1DE3A78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:35:e4:8f:4d:a2:94:16:a8:5e:df:5b:a9:30:
                    1c:ef:c1:83:17:54:d3:89:e1:2a:ec:f2:f5:4f:fa:
                    18:44:0e:16:b5:a6:b8:53:86:f0:e5:92:24:cd:c5:
                    84:bc:b0:a2:90:4f:8b:8d:77:bc:65:7c:12:74:4c:
                    26:1a:99:23:53:bc:9f:e4:f5:a5:ff:cd:5b:1d:01:
                    34:3a:96:d7:ab:43:91:56:3f:4c:9c:cc:78:e3:bf:
                    49:9a:2f:72:b0:3a:d1:4c:b9:03:00:52:d1:a8:49:
                    e5:48:63:9f:01:53:fe:69:1f:ce:e0:07:9a:29:a8:
                    40:44:92:8f:c1:3f:76:72:64:4a:29:0d:cd:cd:fc:
                    01:73:36:f8:dd:f2:ba:90:55:87:7e:5c:77:53:2c:
                    9e:3f:08:35:a2:aa:e1:45:6b:6d:7c:3e:25:52:40:
                    d0:38:31:69:4d:20:0a:bf:6f:8f:c5:83:9d:e5:fd:
                    0c:5a:70:75:e0:58:af:53:1f:c9:b7:0b:95:5f:e8:
                    dc:9a:3f:f9:eb:90:54:7c:ba:63:9c:77:2d:46:c5:
                    7b:21:6f:23:e8:03:29:f5:6f:2c:bf:11:a0:6c:6f:
                    14:fc:2a:7e:1b:91:68:93:be:71:ee:25:7f:35:a2:
                    8e:d5:7a:c0:85:5c:b5:ae:93:1c:0e:07:2d:89:e2:
                    aa:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:70:FC:56:1F:9B:4C:28:39:C7:0D:4F:CD:E0:7D:E6:D1:DE:3A:78
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e302e302f32302d3230203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a4:38:24:92:ea:55:05:02:81:2e:e9:d6:93:88:85:10:b1:aa:
         25:e1:46:e7:a8:51:f9:51:8d:81:af:3c:c7:c8:80:b4:85:c9:
         aa:59:01:85:72:ef:65:36:1d:80:79:2e:eb:15:cd:53:f9:e4:
         eb:27:cb:8c:d3:87:f8:d4:08:55:e4:ce:f6:9b:57:1e:8e:a7:
         a9:55:47:df:a2:ea:34:ab:11:82:5b:4e:bc:95:80:3f:a5:78:
         95:72:0a:7f:35:a0:43:8d:90:d8:3f:ed:15:00:53:a6:1b:c3:
         39:6c:d8:2f:0d:ba:35:26:db:fd:b6:0c:f6:55:c4:33:ae:57:
         26:3c:72:1e:9d:cc:5c:6d:40:d9:53:87:db:fd:ed:ba:dc:8a:
         0e:65:a5:48:72:48:15:cf:a2:6a:6d:bc:f4:3b:0c:f4:c2:d9:
         57:70:5f:d4:d5:4d:f4:48:d6:f5:56:4b:bf:2c:fa:46:07:74:
         b1:e3:da:e9:7c:b6:f0:96:26:e3:c1:04:50:94:d4:36:a4:d9:
         58:bb:93:ac:91:3a:3b:e5:f7:02:39:ed:a2:08:69:e9:fb:d7:
         18:74:3c:be:00:d7:aa:60:a7:49:38:7f:a2:d0:ed:a2:0a:01:
         78:af:57:a8:57:bd:0b:57:3d:5f:8c:c7:42:13:4f:42:8d:41:
         e6:bf:8a:01
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUR/EVTGuwoJ+NV+jBueeQeA+e7wowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDFaFw0yNDA4MjkwNjAwMDFaMDMxMTAvBgNV
BAMTKDYyNzBGQzU2MUY5QjRDMjgzOUM3MEQ0RkNERTA3REU2RDFERTNBNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrNeSPTaKUFqhe31upMBzvwYMX
VNOJ4Srs8vVP+hhEDha1prhThvDlkiTNxYS8sKKQT4uNd7xlfBJ0TCYamSNTvJ/k
9aX/zVsdATQ6lterQ5FWP0yczHjjv0maL3KwOtFMuQMAUtGoSeVIY58BU/5pH87g
B5opqEBEko/BP3ZyZEopDc3N/AFzNvjd8rqQVYd+XHdTLJ4/CDWiquFFa218PiVS
QNA4MWlNIAq/b4/Fg53l/QxacHXgWK9TH8m3C5Vf6NyaP/nrkFR8umOcdy1GxXsh
byPoAyn1byy/EaBsbxT8Kn4bkWiTvnHuJX81oo7VesCFXLWukxwOBy2J4qrBAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUYnD8Vh+bTCg5xw1PzeB95tHeOngwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzMDJlMzAyZjMyMzAy
ZDMyMzAyMDNkM2UyMDMxMzAzMjMxMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATKqwAwDQYJKoZIhvcN
AQELBQADggEBAKQ4JJLqVQUCgS7p1pOIhRCxqiXhRueoUflRjYGvPMfIgLSFyapZ
AYVy72U2HYB5LusVzVP55Osny4zTh/jUCFXkzvabVx6Op6lVR9+i6jSrEYJbTryV
gD+leJVyCn81oEONkNg/7RUAU6Ybwzls2C8NujUm2/22DPZVxDOuVyY8ch6dzFxt
QNlTh9v97brcig5lpUhySBXPomptvPQ7DPTC2VdwX9TVTfRI1vVWS78s+kYHdLHj
2ul8tvCWJuPBBFCU1Dak2Vi7k6yROjvl9wI57aIIaen71xh0PL4A16pgp0k4f6LQ
7aIKAXivV6hXvQtXPV+Mx0ITT0KNQea/igE=
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org