Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e31322e302f32342d3234203d3e203130323137.roa
File:                     3230322e3137312e31322e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          EdqmIJvO+gWEh/VIVx9MT/AOIS8ZSZY4xVPZQ4Chs24=
Subject key identifier:   EF:D9:63:27:2B:C4:15:1B:BF:B6:54:DC:19:06:D3:16:9E:AE:62:05
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       3DC07C058C9886C9904D0B8C97E8211E4C350F26
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e31322e302f32342d3234203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:02 +0000
ROA not before:           Thu 31 Aug 2023 05:55:02 +0000
ROA not after:            Thu 29 Aug 2024 06:00:02 +0000
asID:                     10217
IP address blocks:        202.171.12.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:c0:7c:05:8c:98:86:c9:90:4d:0b:8c:97:e8:21:1e:4c:35:0f:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:02 2023 GMT
            Not After : Aug 29 06:00:02 2024 GMT
        Subject: CN=EFD963272BC4151BBFB654DC1906D3169EAE6205
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:9d:74:74:0c:f2:7e:8e:0c:35:2f:9f:76:2a:
                    63:62:fe:48:58:68:96:fb:40:80:eb:a5:2b:42:f7:
                    9a:f8:8c:57:38:d8:0a:7d:08:71:79:3b:94:85:24:
                    2c:0f:a6:e9:6e:ea:33:10:8d:eb:a4:6a:64:f6:c7:
                    16:ce:4f:71:6d:7f:99:a0:be:15:22:b2:38:d4:e2:
                    1f:8e:bc:52:e1:bd:c4:a6:f3:c6:6a:44:4f:5f:91:
                    6a:3e:02:41:fe:46:9c:7e:96:3b:69:e6:16:2d:03:
                    ad:2e:3f:25:8b:4f:c8:b5:3b:b3:e7:a9:9e:3b:2d:
                    db:30:0b:a3:05:9b:ab:05:6e:20:b3:d3:6b:10:ac:
                    29:a8:f7:97:26:a3:7e:9b:b6:9b:bb:cb:4c:a9:4a:
                    22:00:7e:5c:ef:3f:93:dc:df:d0:b4:20:46:76:b3:
                    34:dc:66:1a:4a:f1:3a:55:5c:f0:35:e5:e3:1c:3c:
                    b1:70:4e:e4:ee:9d:d0:7d:2a:00:a0:85:8a:3d:0a:
                    69:0d:32:3f:02:7d:34:6d:9d:c7:17:f7:4a:6d:c7:
                    96:5d:e9:10:82:3b:67:a7:67:50:e8:43:a7:9e:07:
                    0d:d4:8f:86:8d:37:51:90:9f:4c:d8:56:a7:03:97:
                    07:ac:aa:ad:de:34:a1:a3:24:68:e6:46:8d:3a:f9:
                    ab:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:D9:63:27:2B:C4:15:1B:BF:B6:54:DC:19:06:D3:16:9E:AE:62:05
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e31322e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:35:ad:5d:ed:56:08:42:41:ef:74:bf:b2:2e:8e:b1:72:9d:
         7e:52:95:58:c0:65:2b:07:00:89:3d:46:69:d3:71:02:40:46:
         65:09:a3:02:ca:eb:cb:2a:5b:af:0f:90:33:0b:7b:f4:82:28:
         85:d5:08:b6:7e:68:88:ac:12:f4:a8:86:5e:61:6e:0c:e9:d3:
         6c:c4:dd:ce:ce:4e:0c:54:0c:5a:db:b8:d3:64:8f:c9:bd:6d:
         c2:d9:e0:da:6b:fd:80:60:23:00:5d:98:c5:02:35:31:48:93:
         be:bd:d4:6f:cf:4c:fe:cb:c0:9c:ca:28:34:24:a1:2b:ec:8b:
         f7:b4:33:81:d1:b1:94:d8:80:49:fd:8e:56:c8:89:01:ca:ec:
         f3:0c:f9:16:89:d8:e6:c8:98:46:d8:8e:85:5b:66:9d:de:7d:
         c3:80:2c:01:c0:e6:76:2e:20:04:0e:7a:5a:13:87:02:ca:83:
         e4:52:81:d4:8d:e9:fa:77:48:3e:40:c8:52:33:82:30:d5:a0:
         65:ce:8d:a1:74:71:b9:64:af:ea:5f:7e:0a:79:1a:ac:74:e4:
         11:b4:63:cb:52:73:d0:92:8c:2e:96:c8:a9:19:1c:53:cf:31:
         bf:4c:6e:ed:9d:f1:2a:90:b8:20:fe:80:a6:9d:b9:19:18:5b:
         a4:e7:bd:01
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUPcB8BYyYhsmQTQuMl+ghHkw1DyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDJaFw0yNDA4MjkwNjAwMDJaMDMxMTAvBgNV
BAMTKEVGRDk2MzI3MkJDNDE1MUJCRkI2NTREQzE5MDZEMzE2OUVBRTYyMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDonXR0DPJ+jgw1L592KmNi/khY
aJb7QIDrpStC95r4jFc42Ap9CHF5O5SFJCwPpulu6jMQjeukamT2xxbOT3Ftf5mg
vhUisjjU4h+OvFLhvcSm88ZqRE9fkWo+AkH+Rpx+ljtp5hYtA60uPyWLT8i1O7Pn
qZ47LdswC6MFm6sFbiCz02sQrCmo95cmo36btpu7y0ypSiIAflzvP5Pc39C0IEZ2
szTcZhpK8TpVXPA15eMcPLFwTuTundB9KgCghYo9CmkNMj8CfTRtnccX90ptx5Zd
6RCCO2enZ1DoQ6eeBw3Uj4aNN1GQn0zYVqcDlwesqq3eNKGjJGjmRo06+atdAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU79ljJyvEFRu/tlTcGQbTFp6uYgUwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzMTMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMqrDDANBgkqhkiG
9w0BAQsFAAOCAQEADDWtXe1WCEJB73S/si6OsXKdflKVWMBlKwcAiT1GadNxAkBG
ZQmjAsrryypbrw+QMwt79IIohdUItn5oiKwS9KiGXmFuDOnTbMTdzs5ODFQMWtu4
02SPyb1twtng2mv9gGAjAF2YxQI1MUiTvr3Ub89M/svAnMooNCShK+yL97QzgdGx
lNiASf2OVsiJAcrs8wz5FonY5siYRtiOhVtmnd59w4AsAcDmdi4gBA56WhOHAsqD
5FKB1I3p+ndIPkDIUjOCMNWgZc6NoXRxuWSv6l9+CnkarHTkEbRjy1Jz0JKMLpbI
qRkcU88xv0xu7Z3xKpC4IP6App25GRhbpOe9AQ==
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org