Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32312e302f32342d3234203d3e203130323137.roa
File:                     3230322e3137312e32312e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          fQfkRXKr73ri4cMpkMIhTqy1xLwHCt2tukSQlUxkxEU=
Subject key identifier:   FA:70:5A:7E:EA:B3:5F:49:C7:5F:D2:B0:80:B8:CE:7C:C3:07:91:B3
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       6B44D8CC81D14277FD33361F40069555CA90C4A5
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32312e302f32342d3234203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:05 +0000
ROA not before:           Thu 31 Aug 2023 05:55:05 +0000
ROA not after:            Thu 29 Aug 2024 06:00:05 +0000
asID:                     10217
IP address blocks:        202.171.21.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:44:d8:cc:81:d1:42:77:fd:33:36:1f:40:06:95:55:ca:90:c4:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:05 2023 GMT
            Not After : Aug 29 06:00:05 2024 GMT
        Subject: CN=FA705A7EEAB35F49C75FD2B080B8CE7CC30791B3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:b3:51:04:08:fa:e5:69:a4:0d:20:8e:08:86:
                    68:d3:c1:42:55:ba:4b:71:b9:ec:eb:a0:bd:ab:d7:
                    c5:d9:1c:8a:ec:30:59:8f:c4:84:7c:c3:5a:6e:ed:
                    62:57:1a:2b:41:e8:ee:50:b0:db:14:42:ce:c2:ec:
                    6a:e9:87:d6:14:a9:d5:c8:2f:0b:51:21:b3:69:f7:
                    ab:ec:33:2b:12:82:26:c3:d6:e2:cf:9b:3f:38:62:
                    5f:76:58:29:01:1f:9e:f6:07:bf:a8:2c:3a:88:33:
                    ed:f9:0c:c1:09:ac:ee:81:e4:24:da:b3:fd:18:67:
                    60:dd:7c:eb:a9:7e:1c:49:fb:a0:c9:6e:76:2b:b9:
                    05:82:c7:48:03:0a:5d:d9:c6:42:bf:a1:a8:0c:ad:
                    73:c4:c4:f3:bd:a6:58:2a:40:8f:55:fd:0f:3b:2c:
                    ab:70:17:b4:7e:9e:0a:fd:c7:0e:4e:39:fa:4f:79:
                    12:10:d4:83:4c:d5:1b:3e:8e:78:db:06:a6:92:a5:
                    46:3a:ba:8b:8a:fb:7b:da:c0:c6:4f:aa:5c:b0:21:
                    67:ee:38:04:05:04:07:a6:43:a1:c8:84:57:f4:26:
                    f0:c0:78:9a:6c:91:1a:61:f2:be:09:8e:d7:49:96:
                    98:ab:db:15:34:a9:78:ed:f9:0a:61:d6:4d:25:8d:
                    47:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:70:5A:7E:EA:B3:5F:49:C7:5F:D2:B0:80:B8:CE:7C:C3:07:91:B3
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32312e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:c8:e5:cb:46:8e:bc:0f:0f:38:a3:68:8d:8d:95:e5:08:30:
         0e:37:e0:66:65:27:38:8f:06:cf:9d:25:af:f5:de:72:6d:c9:
         10:f9:86:39:27:40:53:ff:08:cd:cd:07:56:5a:53:18:6a:14:
         90:d5:fa:b0:4c:f6:90:d4:26:fc:e3:9f:72:de:64:35:bb:cf:
         61:e0:74:f2:c4:72:b0:b7:f5:fe:b1:a8:fa:4a:51:f8:2c:04:
         da:b4:eb:ef:54:1f:00:a3:b6:ad:0d:a9:a3:57:7f:52:2f:59:
         29:5f:d3:a7:c5:c8:84:d4:9a:58:5f:e2:fa:77:e9:29:a8:21:
         6b:ad:39:ae:56:e7:cb:42:9d:62:c5:b7:db:3f:f9:5e:c0:ac:
         31:ad:11:57:b8:f0:c8:19:25:bf:b3:60:61:5b:b3:38:aa:6a:
         11:69:34:18:d4:d2:31:ae:32:0e:c3:4e:3b:13:8c:2a:59:46:
         a3:67:99:0d:0e:5a:92:61:09:e7:20:9c:ac:87:33:ad:71:76:
         1c:d2:77:6b:05:c2:83:6f:67:ab:2f:d8:d1:e9:a4:63:5e:4f:
         fc:18:51:fd:22:88:a3:c8:86:e0:ae:af:45:d8:2c:ae:70:84:
         a6:bd:bc:fc:29:90:83:fb:9a:d7:f3:4d:f6:3d:18:fa:c0:78:
         73:4c:08:59
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUa0TYzIHRQnf9MzYfQAaVVcqQxKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDVaFw0yNDA4MjkwNjAwMDVaMDMxMTAvBgNV
BAMTKEZBNzA1QTdFRUFCMzVGNDlDNzVGRDJCMDgwQjhDRTdDQzMwNzkxQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIs1EECPrlaaQNII4IhmjTwUJV
uktxuezroL2r18XZHIrsMFmPxIR8w1pu7WJXGitB6O5QsNsUQs7C7Grph9YUqdXI
LwtRIbNp96vsMysSgibD1uLPmz84Yl92WCkBH572B7+oLDqIM+35DMEJrO6B5CTa
s/0YZ2DdfOupfhxJ+6DJbnYruQWCx0gDCl3ZxkK/oagMrXPExPO9plgqQI9V/Q87
LKtwF7R+ngr9xw5OOfpPeRIQ1INM1Rs+jnjbBqaSpUY6uouK+3vawMZPqlywIWfu
OAQFBAemQ6HIhFf0JvDAeJpskRph8r4JjtdJlpir2xU0qXjt+Qph1k0ljUfdAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU+nBafuqzX0nHX9KwgLjOfMMHkbMwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzMjMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMqrFTANBgkqhkiG
9w0BAQsFAAOCAQEAicjly0aOvA8POKNojY2V5QgwDjfgZmUnOI8Gz50lr/Xecm3J
EPmGOSdAU/8Izc0HVlpTGGoUkNX6sEz2kNQm/OOfct5kNbvPYeB08sRysLf1/rGo
+kpR+CwE2rTr71QfAKO2rQ2po1d/Ui9ZKV/Tp8XIhNSaWF/i+nfpKagha605rlbn
y0KdYsW32z/5XsCsMa0RV7jwyBklv7NgYVuzOKpqEWk0GNTSMa4yDsNOOxOMKllG
o2eZDQ5akmEJ5yCcrIczrXF2HNJ3awXCg29nqy/Y0emkY15P/BhR/SKIo8iG4K6v
RdgsrnCEpr28/CmQg/ua1/NN9j0Y+sB4c0wIWQ==
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org