Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32322e302f32332d3233203d3e203130323137.roa
File:                     3230322e3137312e32322e302f32332d3233203d3e203130323137.roa (raw, json)
Hash identifier:          R+1Gl8ilgEdNKahUBWJUV2N+oDc4/MhuprcC9W/MJD8=
Subject key identifier:   E0:F8:34:FF:DF:6D:BF:86:E9:35:9A:DF:73:A2:D3:C8:9C:2D:CF:B2
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       6A6120EFDCBED5409159299EDBD4A8C39D91783A
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32322e302f32332d3233203d3e203130323137.roa
Signing time:             Fri 17 Nov 2023 07:20:28 +0000
ROA not before:           Fri 17 Nov 2023 07:15:28 +0000
ROA not after:            Fri 15 Nov 2024 07:20:28 +0000
asID:                     10217
IP address blocks:        202.171.22.0/23 maxlen: 23

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:61:20:ef:dc:be:d5:40:91:59:29:9e:db:d4:a8:c3:9d:91:78:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Nov 17 07:15:28 2023 GMT
            Not After : Nov 15 07:20:28 2024 GMT
        Subject: CN=E0F834FFDF6DBF86E9359ADF73A2D3C89C2DCFB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:bc:c8:0a:03:06:e7:bd:03:b6:fb:dc:4e:20:
                    c1:16:1f:97:2f:a9:a0:b2:38:90:00:0f:88:bc:e2:
                    43:1f:69:1c:74:1a:dc:b6:ef:e1:b4:99:05:bc:18:
                    1c:bc:6b:05:40:a5:81:e1:78:ed:2b:66:bb:cf:f2:
                    45:e6:35:f1:a9:8e:f6:4e:63:94:be:23:63:35:64:
                    ea:60:6c:15:a1:68:c6:92:0c:25:8f:62:9c:65:b8:
                    80:da:b5:ca:c6:ca:02:c9:92:c3:93:3b:1b:30:23:
                    09:23:b6:52:c8:7f:d8:26:d4:a2:57:ca:8e:d3:54:
                    47:01:8b:34:90:d3:2a:00:b5:2e:94:6a:eb:d6:ba:
                    a8:ea:b7:6c:e6:c5:95:c2:5f:ea:a9:e8:f9:1d:e7:
                    44:f9:7a:9b:92:11:1a:59:9d:60:d6:80:8b:0d:b4:
                    53:1b:fc:72:2d:05:d5:ef:37:a4:71:39:bc:e6:b8:
                    64:f2:6f:26:e6:68:18:46:62:c7:2a:a1:9f:8c:87:
                    7f:34:a6:c5:22:4f:02:69:79:b7:ec:84:73:75:3f:
                    2e:d5:3a:02:0f:8b:87:8c:22:e3:e2:1c:0a:2b:35:
                    74:9a:c5:9d:c5:60:df:15:ef:47:b6:1a:6f:b3:ee:
                    b8:4c:39:7b:b1:9a:6e:98:3e:75:b1:71:21:c3:f1:
                    05:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:F8:34:FF:DF:6D:BF:86:E9:35:9A:DF:73:A2:D3:C8:9C:2D:CF:B2
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32322e302f32332d3233203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         aa:2e:73:84:dc:08:60:76:dd:fc:f7:34:4a:f6:c4:7c:94:c4:
         50:2c:5c:19:35:e1:a5:d5:e8:eb:06:21:2f:35:7f:c4:26:68:
         41:59:0e:04:ab:0f:4c:bd:12:cf:60:44:22:c3:2c:44:17:b8:
         e7:f7:1b:da:e5:be:6f:a6:8f:26:d3:18:52:85:ac:c5:ea:c1:
         30:5f:a6:98:ae:4a:2d:6c:42:31:14:c5:15:dd:57:59:ec:a6:
         3e:fd:56:a9:a7:6b:53:05:64:f3:b9:af:2f:be:f6:b6:18:f6:
         7e:6f:be:ef:b8:ba:bd:9b:cf:27:0f:fa:39:49:7e:d5:09:59:
         4f:10:3a:25:28:26:ad:ef:cb:c8:c2:a1:23:31:3b:d0:39:7d:
         9a:b4:37:20:42:b3:1f:8c:30:4d:8c:81:22:c6:46:5b:50:aa:
         f1:b9:84:c0:f8:a4:56:cb:32:4a:b5:d4:4e:51:ec:2e:b5:ea:
         a5:9f:78:fe:cf:eb:45:84:26:27:2f:ca:b0:a3:56:39:57:69:
         dc:5e:c8:f7:11:3b:4b:93:95:a5:2f:f7:b5:9c:73:e5:56:5e:
         a5:bf:f6:33:09:bc:73:c2:bc:da:5a:19:aa:36:ca:03:5e:37:
         fa:53:a0:be:20:ea:f6:18:0a:32:51:c2:b7:5a:58:44:ce:31:
         93:ae:9d:4e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUamEg79y+1UCRWSme29Sow52ReDowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzExMTcwNzE1MjhaFw0yNDExMTUwNzIwMjhaMDMxMTAvBgNV
BAMTKEUwRjgzNEZGREY2REJGODZFOTM1OUFERjczQTJEM0M4OUMyRENGQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKvMgKAwbnvQO2+9xOIMEWH5cv
qaCyOJAAD4i84kMfaRx0Gty27+G0mQW8GBy8awVApYHheO0rZrvP8kXmNfGpjvZO
Y5S+I2M1ZOpgbBWhaMaSDCWPYpxluIDatcrGygLJksOTOxswIwkjtlLIf9gm1KJX
yo7TVEcBizSQ0yoAtS6UauvWuqjqt2zmxZXCX+qp6Pkd50T5epuSERpZnWDWgIsN
tFMb/HItBdXvN6RxObzmuGTybybmaBhGYscqoZ+Mh380psUiTwJpebfshHN1Py7V
OgIPi4eMIuPiHAorNXSaxZ3FYN8V70e2Gm+z7rhMOXuxmm6YPnWxcSHD8QW9AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU4Pg0/99tv4bpNZrfc6LTyJwtz7IwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzMjMyMmUzMDJmMzIz
MzJkMzIzMzIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcqrFjANBgkqhkiG
9w0BAQsFAAOCAQEAqi5zhNwIYHbd/Pc0SvbEfJTEUCxcGTXhpdXo6wYhLzV/xCZo
QVkOBKsPTL0Sz2BEIsMsRBe45/cb2uW+b6aPJtMYUoWsxerBMF+mmK5KLWxCMRTF
Fd1XWeymPv1WqadrUwVk87mvL772thj2fm++77i6vZvPJw/6OUl+1QlZTxA6JSgm
re/LyMKhIzE70Dl9mrQ3IEKzH4wwTYyBIsZGW1Cq8bmEwPikVssySrXUTlHsLrXq
pZ94/s/rRYQmJy/KsKNWOVdp3F7I9xE7S5OVpS/3tZxz5VZepb/2Mwm8c8K82loZ
qjbKA143+lOgviDq9hgKMlHCt1pYRM4xk66dTg==
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org