Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32362e302f32342d3234203d3e203130323137.roa
File:                     3230322e3137312e32362e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          VXx9kuEhlRyrkgRcF+MIiuw04KrhYEdbtUsu5gjWO1s=
Subject key identifier:   12:20:37:E1:17:8F:E0:0B:0A:D5:27:55:2B:72:2A:06:BD:74:D8:ED
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       151410BC8CF1359FA49E3F57C55A96114C374BB1
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32362e302f32342d3234203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:01 +0000
ROA not before:           Thu 31 Aug 2023 05:55:01 +0000
ROA not after:            Thu 29 Aug 2024 06:00:01 +0000
asID:                     10217
IP address blocks:        202.171.26.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:14:10:bc:8c:f1:35:9f:a4:9e:3f:57:c5:5a:96:11:4c:37:4b:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:01 2023 GMT
            Not After : Aug 29 06:00:01 2024 GMT
        Subject: CN=122037E1178FE00B0AD527552B722A06BD74D8ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:4e:55:a6:13:e1:80:0b:0e:d3:eb:7b:a6:17:
                    5f:44:e0:f4:31:11:42:83:34:c9:3e:ec:a7:1e:fc:
                    c7:31:07:68:47:eb:7c:bb:8a:c3:d7:d8:3a:ff:76:
                    25:2b:0b:f9:7c:f3:57:83:7b:4f:e9:bf:60:82:1e:
                    3b:82:f8:34:3a:2a:7d:c3:2c:5e:39:e1:fd:b8:f2:
                    69:88:a6:ec:25:27:79:8c:d0:d7:d7:39:ec:3d:5f:
                    5c:d1:71:6a:32:a7:eb:51:76:19:8d:ce:6c:e0:b5:
                    2a:0b:4b:c0:c9:42:12:97:f5:70:c7:20:cc:ae:25:
                    5c:62:d3:61:64:c5:3f:ad:cb:8a:76:ed:21:ba:eb:
                    a1:a4:0d:4c:69:e6:ef:a5:a8:bb:eb:97:26:95:28:
                    11:22:30:a2:d2:60:0c:5f:ae:96:0b:3c:97:99:b1:
                    43:44:5d:e0:96:25:e2:62:03:2f:57:62:d8:4d:79:
                    54:a3:d6:8a:29:d5:48:d7:1d:53:e3:6d:c5:4d:7a:
                    9a:60:ee:96:75:f0:56:87:b0:aa:32:53:04:7b:a7:
                    7e:33:b5:e2:cf:fc:2b:62:3f:6a:bc:d3:2a:39:0c:
                    ed:a3:5b:0e:11:39:9d:3a:3c:b4:da:f7:15:ac:9d:
                    02:3d:b8:89:17:a5:d0:bf:f4:60:93:31:a4:49:46:
                    c8:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:20:37:E1:17:8F:E0:0B:0A:D5:27:55:2B:72:2A:06:BD:74:D8:ED
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32362e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:ec:bd:87:4d:ea:f9:e7:d1:dd:64:fd:f6:c1:f0:4d:f9:83:
         39:6f:99:89:81:79:36:ad:18:a5:82:dc:c1:49:e9:3f:d3:48:
         64:ed:7c:97:40:5e:1c:20:6c:97:32:76:38:e4:c4:10:fb:1c:
         07:3c:73:58:15:da:df:87:3d:04:78:37:fe:38:bf:3d:ef:aa:
         07:e2:de:be:5f:fe:6c:8b:08:d1:72:9d:b0:56:bc:e8:0a:58:
         38:96:15:37:7c:d0:e2:e8:9f:d1:0a:e9:71:b8:f5:1c:77:5d:
         66:cb:4e:f9:e2:17:3d:0d:37:7f:41:80:ec:ea:4d:20:66:8b:
         70:64:16:7b:4b:0b:f2:f3:ec:4d:da:99:1d:df:fd:ba:da:84:
         07:65:02:d0:1d:4c:59:b4:7e:48:f9:2f:f1:ee:e6:c0:a4:e8:
         1c:fc:ab:e0:00:39:d2:fb:e5:93:4d:02:c3:39:dd:e2:71:37:
         57:0c:48:a3:bb:19:53:ee:d6:f8:c5:1d:0e:15:8a:8b:40:46:
         ab:7d:9d:67:51:d6:de:1a:0d:d8:f1:ca:d7:c6:46:dc:f0:24:
         38:62:62:50:ad:f6:33:27:98:9c:dd:2c:46:14:17:1c:dc:a0:
         8f:c5:34:ee:1d:c3:8e:eb:0a:45:25:9b:cb:23:d2:ee:8d:1e:
         8d:20:b4:7a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUFRQQvIzxNZ+knj9XxVqWEUw3S7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDFaFw0yNDA4MjkwNjAwMDFaMDMxMTAvBgNV
BAMTKDEyMjAzN0UxMTc4RkUwMEIwQUQ1Mjc1NTJCNzIyQTA2QkQ3NEQ4RUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjTlWmE+GACw7T63umF19E4PQx
EUKDNMk+7Kce/McxB2hH63y7isPX2Dr/diUrC/l881eDe0/pv2CCHjuC+DQ6Kn3D
LF454f248mmIpuwlJ3mM0NfXOew9X1zRcWoyp+tRdhmNzmzgtSoLS8DJQhKX9XDH
IMyuJVxi02FkxT+ty4p27SG666GkDUxp5u+lqLvrlyaVKBEiMKLSYAxfrpYLPJeZ
sUNEXeCWJeJiAy9XYthNeVSj1oop1UjXHVPjbcVNeppg7pZ18FaHsKoyUwR7p34z
teLP/CtiP2q80yo5DO2jWw4ROZ06PLTa9xWsnQI9uIkXpdC/9GCTMaRJRsitAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUEiA34ReP4AsK1SdVK3IqBr102O0wHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzMjM2MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMqrGjANBgkqhkiG
9w0BAQsFAAOCAQEABOy9h03q+efR3WT99sHwTfmDOW+ZiYF5Nq0YpYLcwUnpP9NI
ZO18l0BeHCBslzJ2OOTEEPscBzxzWBXa34c9BHg3/ji/Pe+qB+Levl/+bIsI0XKd
sFa86ApYOJYVN3zQ4uif0Qrpcbj1HHddZstO+eIXPQ03f0GA7OpNIGaLcGQWe0sL
8vPsTdqZHd/9utqEB2UC0B1MWbR+SPkv8e7mwKToHPyr4AA50vvlk00Cwznd4nE3
VwxIo7sZU+7W+MUdDhWKi0BGq32dZ1HW3hoN2PHK18ZG3PAkOGJiUK32MyeYnN0s
RhQXHNygj8U07h3DjusKRSWbyyPS7o0ejSC0eg==
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org