Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e302e302f32322d3232203d3e203130323137.roa
File:                     3230322e3137312e302e302f32322d3232203d3e203130323137.roa (raw, json)
Hash identifier:          Jh0iomHhV3fsgMvfn8TEgz2GInRyxWF51686ZGYfDn4=
Subject key identifier:   72:FA:1A:E9:CE:66:F6:74:AB:28:60:FD:8F:2A:2D:E4:96:7F:8A:95
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       0C8EC1EEB1238217E5A3C3E857B1C76DCF397E23
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e302e302f32322d3232203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:04 +0000
ROA not before:           Thu 31 Aug 2023 05:55:04 +0000
ROA not after:            Thu 29 Aug 2024 06:00:04 +0000
asID:                     10217
IP address blocks:        202.171.0.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 10:21:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:8e:c1:ee:b1:23:82:17:e5:a3:c3:e8:57:b1:c7:6d:cf:39:7e:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:04 2023 GMT
            Not After : Aug 29 06:00:04 2024 GMT
        Subject: CN=72FA1AE9CE66F674AB2860FD8F2A2DE4967F8A95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:85:41:3a:46:73:65:2c:34:05:58:f1:3a:79:
                    76:80:20:1b:59:10:e9:96:e7:c3:d4:54:ef:6e:8b:
                    24:86:11:28:55:18:01:2f:87:b0:56:b3:5c:39:f6:
                    6e:aa:58:9d:53:e0:26:c2:15:4a:e7:7d:ba:ee:2c:
                    65:d0:f1:5b:8a:69:66:0c:9c:83:20:c8:ec:5e:0c:
                    3f:57:d1:fe:08:8c:94:89:bb:6d:55:42:f6:c9:49:
                    cb:cb:bd:0a:71:bb:e2:fb:41:fd:c0:e5:e9:0d:e6:
                    e9:d2:a4:48:b5:c8:80:aa:ba:b3:69:11:ec:e6:af:
                    58:c1:3b:f2:25:e3:70:8a:2a:26:8d:c9:ee:83:b8:
                    f2:b1:d6:44:c8:08:66:62:65:b7:a5:55:f5:82:9d:
                    8a:27:8a:24:7c:99:f8:7d:7d:92:43:ec:7f:05:2d:
                    b6:35:04:fe:3b:81:f5:42:6b:0b:af:df:a1:41:e5:
                    c6:d0:f2:51:58:a3:72:27:cc:20:ac:b1:61:5a:4e:
                    70:09:63:b0:5f:f3:39:fb:25:5d:aa:ba:e1:a3:ac:
                    04:b8:ac:3f:12:d1:0c:f7:e4:35:76:ff:22:0f:f3:
                    ec:09:f1:76:59:18:1d:26:c1:96:80:a9:ba:ee:0d:
                    42:94:e0:d9:7d:42:41:25:41:da:09:a0:1d:c6:fd:
                    56:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:FA:1A:E9:CE:66:F6:74:AB:28:60:FD:8F:2A:2D:E4:96:7F:8A:95
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e302e302f32322d3232203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:39:a3:a2:36:64:53:10:d2:f3:34:c4:62:c6:cc:5e:22:bb:
         26:02:82:c8:92:85:85:df:da:30:98:43:35:08:9a:7d:f0:7c:
         ae:45:fa:58:68:46:59:47:63:70:13:51:f9:1e:5c:f0:6a:87:
         46:3e:a1:da:aa:8d:4d:1b:9a:15:41:c9:95:cc:ba:55:ee:58:
         6a:e1:9b:d3:21:ef:c3:16:46:86:67:11:19:cd:43:8e:f4:46:
         56:5e:86:1f:e5:1f:b6:8e:54:29:ff:f3:eb:d7:36:1e:30:55:
         50:68:80:d5:0d:5c:88:04:08:09:0e:26:07:89:83:2f:55:d0:
         da:dc:cf:80:79:c0:2c:cc:17:48:16:1e:10:4a:3f:51:e7:cb:
         15:9f:3e:9f:3e:a5:14:1b:49:ce:69:d5:d9:65:d5:56:10:16:
         3b:91:f6:78:2a:bc:52:99:bf:6e:db:e6:7a:ad:8f:d4:b5:78:
         b4:f1:0f:a5:2f:fb:76:44:dd:0c:b9:26:f5:fc:27:84:42:ca:
         2a:19:8d:9e:3c:32:14:c1:a3:fc:35:ce:47:bd:86:b4:43:df:
         d9:89:5a:d5:0c:3d:a8:1f:bd:35:3f:d7:cf:e4:fa:63:d0:40:
         48:b2:35:a9:58:d2:85:b2:cb:87:e5:f9:92:a5:4a:63:19:a1:
         bb:20:60:f8
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUDI7B7rEjghflo8PoV7HHbc85fiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDRaFw0yNDA4MjkwNjAwMDRaMDMxMTAvBgNV
BAMTKDcyRkExQUU5Q0U2NkY2NzRBQjI4NjBGRDhGMkEyREU0OTY3RjhBOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2hUE6RnNlLDQFWPE6eXaAIBtZ
EOmW58PUVO9uiySGEShVGAEvh7BWs1w59m6qWJ1T4CbCFUrnfbruLGXQ8VuKaWYM
nIMgyOxeDD9X0f4IjJSJu21VQvbJScvLvQpxu+L7Qf3A5ekN5unSpEi1yICqurNp
Eezmr1jBO/Il43CKKiaNye6DuPKx1kTICGZiZbelVfWCnYoniiR8mfh9fZJD7H8F
LbY1BP47gfVCawuv36FB5cbQ8lFYo3InzCCssWFaTnAJY7Bf8zn7JV2quuGjrAS4
rD8S0Qz35DV2/yIP8+wJ8XZZGB0mwZaAqbruDUKU4Nl9QkElQdoJoB3G/VYPAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUcvoa6c5m9nSrKGD9jyot5JZ/ipUwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzMDJlMzAyZjMyMzIy
ZDMyMzIyMDNkM2UyMDMxMzAzMjMxMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALKqwAwDQYJKoZIhvcN
AQELBQADggEBAAI5o6I2ZFMQ0vM0xGLGzF4iuyYCgsiShYXf2jCYQzUImn3wfK5F
+lhoRllHY3ATUfkeXPBqh0Y+odqqjU0bmhVByZXMulXuWGrhm9Mh78MWRoZnERnN
Q470RlZehh/lH7aOVCn/8+vXNh4wVVBogNUNXIgECAkOJgeJgy9V0Nrcz4B5wCzM
F0gWHhBKP1HnyxWfPp8+pRQbSc5p1dll1VYQFjuR9ngqvFKZv27b5nqtj9S1eLTx
D6Uv+3ZE3Qy5JvX8J4RCyioZjZ48MhTBo/w1zke9hrRD39mJWtUMPagfvTU/18/k
+mPQQEiyNalY0oWyy4fl+ZKlSmMZobsgYPg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:02 2024 by rpki-client on console-fra.rpki-client.org