Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e322e302f32342d3234203d3e203130323137.roa
File:                     3230322e3137312e322e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          T4e/7g39BIx8ny5wua6I0wLf1WHGLP1rvCh4RsvVNi8=
Subject key identifier:   71:74:F3:37:F2:9A:34:7B:6C:2A:11:B4:3D:A5:C7:C5:23:08:CF:DE
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       60116E08A5DF5D2B41527FF9A56284153133F655
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e322e302f32342d3234203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:05 +0000
ROA not before:           Thu 31 Aug 2023 05:55:05 +0000
ROA not after:            Thu 29 Aug 2024 06:00:05 +0000
asID:                     10217
IP address blocks:        202.171.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:11:6e:08:a5:df:5d:2b:41:52:7f:f9:a5:62:84:15:31:33:f6:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:05 2023 GMT
            Not After : Aug 29 06:00:05 2024 GMT
        Subject: CN=7174F337F29A347B6C2A11B43DA5C7C52308CFDE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:36:7a:30:b1:8c:65:d9:30:32:a1:19:a2:a8:
                    a2:4a:67:6c:74:f3:eb:ec:1a:1a:c6:f5:fb:c3:58:
                    40:b0:6c:94:10:86:ee:39:0b:27:37:9d:7d:f8:01:
                    22:74:6f:90:46:12:36:d2:36:39:56:42:8e:c6:c8:
                    cd:a8:8b:ca:05:ac:00:97:a0:a1:fb:ff:01:4a:9a:
                    27:dd:6a:19:54:12:88:15:17:bf:83:54:34:aa:5e:
                    6a:77:89:fe:df:7a:f5:1a:3c:0b:06:82:a8:80:92:
                    bd:0f:99:ad:97:b9:a3:a3:f0:6d:4e:79:43:2e:8c:
                    6e:64:68:03:26:9f:c7:0d:7e:79:da:6e:a8:74:6c:
                    a4:67:7a:83:a4:e6:f6:df:54:7d:ac:16:35:ef:e9:
                    bb:f6:6d:e2:cf:45:17:d4:bc:27:0c:f2:98:60:b8:
                    78:dc:9e:c0:fa:0d:08:f2:86:05:6b:36:9c:9a:2a:
                    1c:4f:e0:2c:8d:e3:98:a5:fe:df:f4:25:a2:f9:7e:
                    e3:7d:ec:31:08:e6:48:70:1b:7a:18:cc:14:4c:43:
                    2b:0f:92:2f:e7:6e:46:4b:59:65:f7:fd:55:a5:f9:
                    17:0e:eb:d8:7c:6f:df:45:bf:8c:2c:5f:82:da:ec:
                    aa:b7:d1:dc:d4:ec:dc:b3:29:06:39:a4:df:4a:49:
                    08:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:74:F3:37:F2:9A:34:7B:6C:2A:11:B4:3D:A5:C7:C5:23:08:CF:DE
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e322e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:8c:1e:8f:47:d7:6a:cd:e8:d2:b7:d4:71:0c:d9:04:00:60:
         7f:39:9a:eb:33:f4:a5:d5:00:ab:38:94:c3:5a:48:f7:71:7c:
         7a:78:14:99:4a:38:ec:bc:dd:16:3b:c1:99:f5:5a:d9:a4:d3:
         18:8a:22:f5:ea:1f:40:fa:28:ff:0c:8c:cc:5d:6c:e7:de:22:
         e9:bc:72:b2:b9:01:8d:61:96:e4:3f:3b:4e:48:fe:ac:a8:d8:
         91:90:89:93:ec:1d:97:56:74:0e:0b:e5:2a:ca:6a:95:90:d6:
         a6:12:3e:db:10:4c:38:d7:df:b3:e2:74:af:21:cf:1d:b0:a9:
         c5:b2:e8:92:5e:c6:23:13:3d:54:9d:2f:44:53:2d:01:c1:96:
         04:1c:06:d2:7e:27:fc:8c:39:37:13:45:0b:b9:0c:15:89:a7:
         0c:77:03:a9:48:45:e0:c3:60:f1:37:fe:31:00:b6:63:a0:ea:
         9d:10:49:a9:6f:3a:f5:4d:22:28:c0:e4:09:50:1b:58:78:c2:
         ad:ee:b7:4f:b5:b3:05:40:b1:79:32:5f:5d:8e:70:d7:2f:7a:
         9a:42:c0:3a:13:83:f7:71:5c:2b:96:f3:70:da:da:76:64:fd:
         3a:23:86:0c:54:bf:eb:f4:48:ee:25:f8:21:4c:54:c0:91:ce:
         6e:fa:d8:b3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUYBFuCKXfXStBUn/5pWKEFTEz9lUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDVaFw0yNDA4MjkwNjAwMDVaMDMxMTAvBgNV
BAMTKDcxNzRGMzM3RjI5QTM0N0I2QzJBMTFCNDNEQTVDN0M1MjMwOENGREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuNnowsYxl2TAyoRmiqKJKZ2x0
8+vsGhrG9fvDWECwbJQQhu45Cyc3nX34ASJ0b5BGEjbSNjlWQo7GyM2oi8oFrACX
oKH7/wFKmifdahlUEogVF7+DVDSqXmp3if7fevUaPAsGgqiAkr0Pma2XuaOj8G1O
eUMujG5kaAMmn8cNfnnabqh0bKRneoOk5vbfVH2sFjXv6bv2beLPRRfUvCcM8phg
uHjcnsD6DQjyhgVrNpyaKhxP4CyN45il/t/0JaL5fuN97DEI5khwG3oYzBRMQysP
ki/nbkZLWWX3/VWl+RcO69h8b99Fv4wsX4La7Kq30dzU7NyzKQY5pN9KSQhlAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUcXTzN/KaNHtsKhG0PaXHxSMIz94wHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzMjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzAzMjMxMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKqwIwDQYJKoZIhvcN
AQELBQADggEBAIaMHo9H12rN6NK31HEM2QQAYH85musz9KXVAKs4lMNaSPdxfHp4
FJlKOOy83RY7wZn1Wtmk0xiKIvXqH0D6KP8MjMxdbOfeIum8crK5AY1hluQ/O05I
/qyo2JGQiZPsHZdWdA4L5SrKapWQ1qYSPtsQTDjX37PidK8hzx2wqcWy6JJexiMT
PVSdL0RTLQHBlgQcBtJ+J/yMOTcTRQu5DBWJpwx3A6lIReDDYPE3/jEAtmOg6p0Q
SalvOvVNIijA5AlQG1h4wq3ut0+1swVAsXkyX12OcNcveppCwDoTg/dxXCuW83Da
2nZk/TojhgxUv+v0SO4l+CFMVMCRzm762LM=
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org