Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e31362e302f32342d3234203d3e203130323137.roa
File:                     3230322e3137312e31362e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          589i3cmdji0uacHnliArMRFPxW68k+u9F94Uv4hVQfc=
Subject key identifier:   02:7A:CA:6C:83:7F:67:4F:31:AB:F2:AF:B3:F0:44:8F:BA:76:6C:9E
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       2CC6E8427BA27AA00BBD3EC25FF6E2BB0CD2A55D
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e31362e302f32342d3234203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:02 +0000
ROA not before:           Thu 31 Aug 2023 05:55:02 +0000
ROA not after:            Thu 29 Aug 2024 06:00:02 +0000
asID:                     10217
IP address blocks:        202.171.16.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:c6:e8:42:7b:a2:7a:a0:0b:bd:3e:c2:5f:f6:e2:bb:0c:d2:a5:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:02 2023 GMT
            Not After : Aug 29 06:00:02 2024 GMT
        Subject: CN=027ACA6C837F674F31ABF2AFB3F0448FBA766C9E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:a9:9f:84:b1:bd:75:48:3c:f4:ad:e4:62:30:
                    23:16:fa:4b:04:8c:c4:7a:1a:76:41:e5:b8:f7:75:
                    a4:df:be:87:b6:e7:af:bf:72:15:48:a2:7e:25:8a:
                    41:c6:cf:7f:4b:85:ed:7f:b3:a8:79:00:f4:c8:0a:
                    ad:24:d7:78:93:d7:ed:12:57:ac:92:de:ca:4a:14:
                    a4:14:a3:5a:90:8e:4b:32:79:cf:bd:f8:a2:d3:db:
                    b9:5a:3d:ac:6a:0b:f3:81:90:01:ff:d0:8b:bf:2d:
                    ef:33:86:a7:93:2d:87:38:84:49:08:11:99:96:1c:
                    9b:e4:0e:16:71:4d:cf:ba:90:05:57:78:a8:11:25:
                    50:d4:20:68:63:94:74:46:84:c5:51:7a:66:a9:ab:
                    d2:a0:65:bd:24:09:17:90:78:27:57:52:90:d1:f3:
                    c5:a8:23:f7:fc:15:0f:71:33:0b:ea:23:f8:00:b4:
                    b1:d9:6a:2a:d9:28:63:83:32:cd:8b:48:27:aa:19:
                    9f:0e:c1:1d:02:55:84:36:36:10:9a:a5:87:a1:71:
                    1b:82:a1:69:94:24:5c:17:4e:30:e9:d8:f4:06:59:
                    48:5f:86:f8:55:a0:84:cf:92:dd:3b:e6:3a:b0:8d:
                    48:cf:fd:07:51:26:f3:e3:6e:86:b6:25:7c:11:41:
                    5c:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:7A:CA:6C:83:7F:67:4F:31:AB:F2:AF:B3:F0:44:8F:BA:76:6C:9E
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e31362e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:6f:25:6e:14:67:5f:63:c7:72:38:d0:f4:4f:e3:11:e3:c5:
         8d:f3:20:10:3c:fd:10:45:9b:96:f7:a3:3b:a9:84:6b:f2:a5:
         6b:7a:d0:a7:a1:2f:74:cc:b8:23:ed:c2:bf:2a:75:98:aa:e4:
         ba:cf:d0:03:62:e3:f3:a9:21:2a:27:5e:f9:1d:85:49:07:77:
         35:67:7a:9d:5d:f3:25:d9:cd:de:46:57:a7:8a:3c:ea:71:a5:
         fe:55:03:c2:61:6f:09:ab:5d:8b:ae:a3:4e:d9:27:e4:a3:b1:
         68:6f:83:3f:70:9c:dc:03:3c:cd:f0:7d:bc:ca:ab:08:cc:1d:
         31:a9:55:fd:b2:eb:aa:39:ac:eb:38:1e:12:83:fb:67:71:5b:
         41:16:c5:e8:37:ec:15:22:3a:97:06:bd:c1:44:3a:71:fb:c2:
         30:09:25:ce:8a:17:41:c9:5e:0c:7d:f9:03:50:f2:c7:e4:83:
         8a:b7:65:49:0f:48:20:bf:ac:a4:c3:98:9f:20:0b:f5:59:98:
         1d:bc:3a:e3:13:a7:31:f5:0c:1d:7b:50:bd:b9:7e:db:a7:9d:
         77:5d:95:45:5e:05:81:c4:21:ad:23:85:8b:ba:30:4b:8d:57:
         6c:d2:36:5e:92:8c:82:1b:0b:53:80:6d:ad:79:3b:20:a0:6c:
         c6:e1:d4:62
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIULMboQnuieqALvT7CX/biuwzSpV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDJaFw0yNDA4MjkwNjAwMDJaMDMxMTAvBgNV
BAMTKDAyN0FDQTZDODM3RjY3NEYzMUFCRjJBRkIzRjA0NDhGQkE3NjZDOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOqZ+Esb11SDz0reRiMCMW+ksE
jMR6GnZB5bj3daTfvoe256+/chVIon4likHGz39Lhe1/s6h5APTICq0k13iT1+0S
V6yS3spKFKQUo1qQjksyec+9+KLT27laPaxqC/OBkAH/0Iu/Le8zhqeTLYc4hEkI
EZmWHJvkDhZxTc+6kAVXeKgRJVDUIGhjlHRGhMVRemapq9KgZb0kCReQeCdXUpDR
88WoI/f8FQ9xMwvqI/gAtLHZairZKGODMs2LSCeqGZ8OwR0CVYQ2NhCapYehcRuC
oWmUJFwXTjDp2PQGWUhfhvhVoITPkt075jqwjUjP/QdRJvPjboa2JXwRQVyFAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUAnrKbIN/Z08xq/Kvs/BEj7p2bJ4wHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzMTM2MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMqrEDANBgkqhkiG
9w0BAQsFAAOCAQEAam8lbhRnX2PHcjjQ9E/jEePFjfMgEDz9EEWblvejO6mEa/Kl
a3rQp6EvdMy4I+3Cvyp1mKrkus/QA2Lj86khKide+R2FSQd3NWd6nV3zJdnN3kZX
p4o86nGl/lUDwmFvCatdi66jTtkn5KOxaG+DP3Cc3AM8zfB9vMqrCMwdMalV/bLr
qjms6zgeEoP7Z3FbQRbF6DfsFSI6lwa9wUQ6cfvCMAklzooXQcleDH35A1Dyx+SD
irdlSQ9IIL+spMOYnyAL9VmYHbw64xOnMfUMHXtQvbl+26edd12VRV4FgcQhrSOF
i7owS41XbNI2XpKMghsLU4BtrXk7IKBsxuHUYg==
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org