Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32322e302f32342d3234203d3e203130323137.roa
File:                     3230322e3137312e32322e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          QplgeR5QacCNuKmYlrEAiCb915yafsnrkzf+0jzjuls=
Subject key identifier:   12:44:A2:2A:6A:D1:ED:EE:C0:86:F9:03:F1:DF:30:B3:BB:D7:1A:12
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       3363D12AAEB0AB428BF97737623FC43FCDEB0496
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32322e302f32342d3234203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:06 +0000
ROA not before:           Thu 31 Aug 2023 05:55:06 +0000
ROA not after:            Thu 29 Aug 2024 06:00:06 +0000
asID:                     10217
IP address blocks:        202.171.22.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:63:d1:2a:ae:b0:ab:42:8b:f9:77:37:62:3f:c4:3f:cd:eb:04:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:06 2023 GMT
            Not After : Aug 29 06:00:06 2024 GMT
        Subject: CN=1244A22A6AD1EDEEC086F903F1DF30B3BBD71A12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c4:a1:a4:05:54:0e:5e:78:ca:ed:4f:9c:90:
                    c6:b7:cf:34:53:5c:00:36:9c:19:86:4d:b6:12:2d:
                    cb:84:a0:7e:21:12:d6:18:0f:a5:d7:19:92:a8:e3:
                    78:fb:35:89:22:0d:26:a1:8c:7e:e9:17:cd:86:55:
                    9f:48:fd:5e:1e:3c:77:04:dc:eb:3e:09:22:ce:7d:
                    e0:09:e7:f7:21:5c:06:6e:cf:c7:7a:1e:9b:ba:f9:
                    6c:ef:67:c0:9a:7d:bf:28:7c:ca:c4:b4:fa:bb:aa:
                    b6:6a:5e:a9:db:cd:25:74:bd:d0:70:a8:60:ca:bb:
                    88:3d:94:ea:58:1e:19:8d:e4:a0:99:15:b3:e6:9a:
                    7a:54:e5:f0:f2:2a:08:8c:c6:c1:2d:c3:0a:70:32:
                    5b:08:ec:2a:d9:1f:e9:d0:58:a9:fe:ca:cf:d0:05:
                    1e:c9:84:9f:d1:d7:4b:34:a3:4c:0b:1d:c9:88:ab:
                    81:b2:2d:df:1d:55:26:97:4f:44:4f:1d:1e:98:ba:
                    4a:bb:d2:bc:27:92:c4:57:eb:ee:35:64:88:d1:c8:
                    4c:e1:41:bb:b0:d6:5b:ef:bb:48:bb:10:59:b6:ce:
                    a1:bf:ee:2e:7f:8a:73:5b:8f:6c:b7:6f:76:c9:0f:
                    0b:7b:3e:28:87:e8:cb:6b:fe:07:cc:c2:38:af:e8:
                    eb:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:44:A2:2A:6A:D1:ED:EE:C0:86:F9:03:F1:DF:30:B3:BB:D7:1A:12
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32322e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:28:2d:7b:cd:72:8e:0b:09:a5:f3:fb:c0:dc:49:ec:61:ff:
         6d:4b:1e:7d:af:a5:50:cd:46:0d:53:7a:d6:cf:1b:db:cf:6c:
         77:40:0c:7d:6a:60:4a:74:d6:f9:77:b1:5b:54:52:9a:82:fe:
         ee:87:3c:f7:b7:7b:79:c2:fb:ed:4e:aa:9b:8f:7b:db:6b:e6:
         20:0d:a3:25:e4:ff:2a:c9:32:98:0a:6e:be:39:3e:ac:89:b7:
         d7:40:a9:2f:d4:01:c2:1e:fe:0c:ad:a2:ab:49:fa:e2:63:20:
         1d:13:6d:1d:f9:8c:5b:f8:2e:e4:d8:e5:e3:12:95:55:9a:a8:
         e0:41:60:30:10:55:4a:71:7e:b9:a8:00:2a:61:31:11:51:0c:
         cb:45:2a:ae:54:f4:ce:c7:b1:55:c7:a8:5e:16:ab:a0:18:00:
         fa:d7:f5:9f:92:19:c7:70:c4:eb:e2:9b:9a:93:d1:9c:c1:c3:
         55:99:6b:63:47:85:6b:62:5e:b0:a8:d3:f8:72:97:cd:b0:22:
         24:cd:42:8e:b4:97:63:a1:b5:40:c7:26:9f:eb:ab:2b:d5:fe:
         1d:ce:14:ef:61:b9:af:25:80:41:00:84:cf:fa:0e:0a:3c:ab:
         56:21:d7:f6:00:bf:4f:83:e1:36:2e:44:af:c8:a9:fb:9e:e7:
         8b:3f:55:b7
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUM2PRKq6wq0KL+Xc3Yj/EP83rBJYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDZaFw0yNDA4MjkwNjAwMDZaMDMxMTAvBgNV
BAMTKDEyNDRBMjJBNkFEMUVERUVDMDg2RjkwM0YxREYzMEIzQkJENzFBMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcxKGkBVQOXnjK7U+ckMa3zzRT
XAA2nBmGTbYSLcuEoH4hEtYYD6XXGZKo43j7NYkiDSahjH7pF82GVZ9I/V4ePHcE
3Os+CSLOfeAJ5/chXAZuz8d6Hpu6+WzvZ8Cafb8ofMrEtPq7qrZqXqnbzSV0vdBw
qGDKu4g9lOpYHhmN5KCZFbPmmnpU5fDyKgiMxsEtwwpwMlsI7CrZH+nQWKn+ys/Q
BR7JhJ/R10s0o0wLHcmIq4GyLd8dVSaXT0RPHR6Yukq70rwnksRX6+41ZIjRyEzh
Qbuw1lvvu0i7EFm2zqG/7i5/inNbj2y3b3bJDwt7PiiH6Mtr/gfMwjiv6OsVAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUEkSiKmrR7e7AhvkD8d8ws7vXGhIwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzMjMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMqrFjANBgkqhkiG
9w0BAQsFAAOCAQEAPSgte81yjgsJpfP7wNxJ7GH/bUsefa+lUM1GDVN61s8b289s
d0AMfWpgSnTW+XexW1RSmoL+7oc897d7ecL77U6qm49722vmIA2jJeT/KskymApu
vjk+rIm310CpL9QBwh7+DK2iq0n64mMgHRNtHfmMW/gu5Njl4xKVVZqo4EFgMBBV
SnF+uagAKmExEVEMy0UqrlT0zsexVceoXharoBgA+tf1n5IZx3DE6+KbmpPRnMHD
VZlrY0eFa2JesKjT+HKXzbAiJM1CjrSXY6G1QMcmn+urK9X+Hc4U72G5ryWAQQCE
z/oOCjyrViHX9gC/T4PhNi5Er8ip+57niz9Vtw==
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org