Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e31342e302f32342d3234203d3e203130323137.roa
File:                     3230322e3137312e31342e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          Q/U3+AKfwKGwVj+seoBiwGVHXPRart+OAyjqQbCSNc4=
Subject key identifier:   C5:3D:F5:19:BF:66:07:18:91:D4:26:D9:C1:14:26:FB:3F:1A:FB:CC
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       69A66467B9089575DC3ABB1ADF260E21AC5B7362
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e31342e302f32342d3234203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:02 +0000
ROA not before:           Thu 31 Aug 2023 05:55:02 +0000
ROA not after:            Thu 29 Aug 2024 06:00:02 +0000
asID:                     10217
IP address blocks:        202.171.14.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:a6:64:67:b9:08:95:75:dc:3a:bb:1a:df:26:0e:21:ac:5b:73:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:02 2023 GMT
            Not After : Aug 29 06:00:02 2024 GMT
        Subject: CN=C53DF519BF66071891D426D9C11426FB3F1AFBCC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:bd:33:19:ac:f8:0f:5e:23:c6:1f:c9:ca:4e:
                    80:2f:3c:40:a3:d8:d6:06:c5:08:c7:5e:94:b6:00:
                    f5:d9:0d:65:aa:a6:ee:96:01:b7:25:96:b1:f7:31:
                    e4:76:5c:68:59:59:f1:31:cd:79:c8:3a:b0:f0:b4:
                    9c:a8:4b:ef:e9:e2:99:12:97:2d:46:df:37:a3:a9:
                    2e:8b:e2:dd:9f:e1:a5:6d:f8:04:96:ce:42:71:a7:
                    47:b2:1b:49:53:0f:f1:96:b6:bc:d3:bd:bc:f7:97:
                    42:dd:33:75:31:2f:64:7e:03:0f:01:40:95:e8:94:
                    cf:e5:5f:f2:60:fb:41:91:ae:c8:49:ae:99:dd:64:
                    02:90:8d:ce:44:e9:fa:61:b7:41:6b:88:c5:4f:e8:
                    89:24:8f:30:23:ca:50:03:05:fa:b8:de:b6:02:7e:
                    f8:24:21:6b:34:d3:cd:b2:e4:d5:2b:1d:34:86:e3:
                    7e:0e:64:80:d2:9e:d1:e5:fa:2e:db:e6:13:9b:33:
                    36:07:12:90:25:99:ef:44:18:07:b0:71:c1:53:bd:
                    6d:16:4a:ee:1f:09:a6:30:4f:58:bd:3f:1b:c7:82:
                    1f:a1:f8:70:1e:79:f9:e5:b6:30:1f:0a:0c:25:fd:
                    56:2c:8f:3e:e7:77:fa:e7:5c:5d:fb:58:f9:f8:db:
                    98:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:3D:F5:19:BF:66:07:18:91:D4:26:D9:C1:14:26:FB:3F:1A:FB:CC
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e31342e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:3d:a4:fb:4b:c9:e1:4c:39:34:1c:40:6a:48:24:bd:5a:87:
         c8:0a:30:cb:fc:34:c8:13:0d:ca:9c:bb:d2:25:de:06:46:64:
         61:69:14:cc:8e:ea:6a:dd:f9:c0:75:6f:00:05:2e:91:32:fe:
         34:ea:80:62:2a:c1:ef:e6:d5:12:b8:7d:07:72:53:3a:c3:cf:
         0a:5f:9e:bc:85:7a:15:df:38:36:ee:0a:13:85:2e:9b:26:fe:
         e1:1f:ee:14:9a:a4:c1:d1:0a:d7:5f:8a:49:8f:85:0f:93:3e:
         ae:24:44:77:4a:e6:b1:cb:eb:21:63:d2:72:6e:b8:3d:8e:0a:
         56:c6:ff:58:ff:f9:5c:c3:e0:f6:71:a5:20:34:95:d5:09:79:
         c4:25:73:70:6d:29:a5:7f:28:b9:73:92:0b:cb:3c:38:f5:1e:
         bc:80:49:2c:b3:6a:63:8d:f9:66:52:ed:72:52:4a:c5:ed:d3:
         0c:2d:c2:40:d0:11:b6:88:65:02:e5:f7:52:5d:83:1d:9a:ce:
         5a:db:02:78:87:65:5c:88:95:3c:3f:bc:29:a6:27:09:8d:29:
         dc:5b:13:6e:a7:94:76:6f:7e:1a:05:4c:17:18:82:00:c7:fc:
         c7:50:b0:db:6c:7b:51:58:6c:dc:ac:36:3c:55:61:4d:81:1b:
         22:c0:37:0f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUaaZkZ7kIlXXcOrsa3yYOIaxbc2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDJaFw0yNDA4MjkwNjAwMDJaMDMxMTAvBgNV
BAMTKEM1M0RGNTE5QkY2NjA3MTg5MUQ0MjZEOUMxMTQyNkZCM0YxQUZCQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHvTMZrPgPXiPGH8nKToAvPECj
2NYGxQjHXpS2APXZDWWqpu6WAbcllrH3MeR2XGhZWfExzXnIOrDwtJyoS+/p4pkS
ly1G3zejqS6L4t2f4aVt+ASWzkJxp0eyG0lTD/GWtrzTvbz3l0LdM3UxL2R+Aw8B
QJXolM/lX/Jg+0GRrshJrpndZAKQjc5E6fpht0FriMVP6IkkjzAjylADBfq43rYC
fvgkIWs0082y5NUrHTSG434OZIDSntHl+i7b5hObMzYHEpAlme9EGAewccFTvW0W
Su4fCaYwT1i9PxvHgh+h+HAeefnltjAfCgwl/VYsjz7nd/rnXF37WPn425hRAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUxT31Gb9mBxiR1CbZwRQm+z8a+8wwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzMTM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMqrDjANBgkqhkiG
9w0BAQsFAAOCAQEAHT2k+0vJ4Uw5NBxAakgkvVqHyAowy/w0yBMNypy70iXeBkZk
YWkUzI7qat35wHVvAAUukTL+NOqAYirB7+bVErh9B3JTOsPPCl+evIV6Fd84Nu4K
E4Uumyb+4R/uFJqkwdEK11+KSY+FD5M+riREd0rmscvrIWPScm64PY4KVsb/WP/5
XMPg9nGlIDSV1Ql5xCVzcG0ppX8ouXOSC8s8OPUevIBJLLNqY435ZlLtclJKxe3T
DC3CQNARtohlAuX3Ul2DHZrOWtsCeIdlXIiVPD+8KaYnCY0p3FsTbqeUdm9+GgVM
FxiCAMf8x1Cw22x7UVhs3Kw2PFVhTYEbIsA3Dw==
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org