Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32392e302f32342d3234203d3e203130323137.roa
File:                     3230322e3137312e32392e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          ZkZwcPM8b8z8DGxtbpaowUubIll4d92fuxw0KVApzns=
Subject key identifier:   9E:F1:7B:77:62:C8:00:36:87:3B:AF:9A:05:E7:13:1B:F0:53:47:AA
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       6B96263A8F02DBB0C0A0115B2D7A75A3AB2686B3
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32392e302f32342d3234203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:02 +0000
ROA not before:           Thu 31 Aug 2023 05:55:02 +0000
ROA not after:            Thu 29 Aug 2024 06:00:02 +0000
asID:                     10217
IP address blocks:        202.171.29.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 10:21:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:96:26:3a:8f:02:db:b0:c0:a0:11:5b:2d:7a:75:a3:ab:26:86:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:02 2023 GMT
            Not After : Aug 29 06:00:02 2024 GMT
        Subject: CN=9EF17B7762C80036873BAF9A05E7131BF05347AA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a2:07:4e:81:59:06:2d:b4:ce:26:49:66:63:
                    77:a0:59:94:c1:82:9e:7d:5f:b8:d6:7f:1b:25:0b:
                    48:fb:68:3f:20:54:17:a3:61:5d:1c:6e:46:50:7f:
                    22:3e:97:d8:b0:25:4e:71:b8:df:42:75:b2:4e:16:
                    5d:19:98:e7:29:c0:8e:9e:f3:e1:d2:0c:7d:83:3d:
                    88:33:cf:da:ad:69:5f:4d:e6:68:45:b5:b3:a4:17:
                    8f:ee:00:60:c6:77:be:a2:f3:59:72:f2:25:67:9e:
                    70:69:51:ee:13:3f:47:c4:40:6f:b2:cd:49:0e:c3:
                    b0:17:a9:9f:6e:44:96:66:3b:ad:50:8d:29:f3:3d:
                    d8:37:4b:52:c7:50:84:b1:32:ba:10:48:ab:68:9f:
                    84:86:91:df:e5:e7:b9:79:c2:3d:6f:c6:75:9b:a2:
                    69:5f:08:d0:0c:f3:58:01:8e:69:c3:84:65:73:f0:
                    b6:17:31:ab:01:e6:10:bc:35:23:14:99:ef:b6:51:
                    fd:d3:e0:f0:b1:5f:2d:5c:b0:0b:7a:6e:7f:8b:d8:
                    ff:4c:76:97:a4:e2:72:e1:52:10:92:53:45:90:6e:
                    ab:7a:98:cd:82:c0:c5:09:cb:e5:67:3b:db:91:f5:
                    50:44:7b:ba:f5:7b:26:36:83:75:81:6c:26:43:4c:
                    e1:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:F1:7B:77:62:C8:00:36:87:3B:AF:9A:05:E7:13:1B:F0:53:47:AA
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e32392e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a4:0d:b9:7e:79:a6:db:c8:da:ec:62:bf:ca:9e:f4:c2:46:5c:
         3f:42:bc:c4:26:50:8c:ec:57:d0:88:26:51:70:d9:6b:c9:db:
         58:10:a0:6f:e5:33:90:67:f1:2b:e9:35:56:de:b7:b6:ba:e6:
         3e:c7:f4:e8:af:f0:40:6f:e1:82:d6:60:9c:b0:8c:52:49:6d:
         42:38:b3:e1:0b:47:e7:ae:d7:48:41:10:28:71:35:d5:5a:b5:
         d2:0e:db:14:ee:c1:75:e1:8c:33:c9:13:a0:a6:fd:14:56:6b:
         52:31:8d:ed:12:7f:33:34:95:54:e4:a5:fd:dd:56:f2:4c:34:
         2b:d3:54:26:95:38:23:3e:91:dd:e7:dc:49:c7:13:d9:42:c0:
         34:59:85:a9:f6:55:bb:4a:37:98:84:3b:12:fe:4a:48:45:4b:
         0c:02:c9:83:93:8e:b0:92:92:15:ae:8b:2a:68:aa:7c:16:25:
         71:97:a4:a4:f6:6b:17:53:1e:bb:2a:07:13:7e:4a:50:af:61:
         e9:2e:d8:b6:92:54:16:af:e7:5f:09:26:12:0c:f7:78:e4:98:
         51:00:c5:d8:86:5f:93:41:c5:eb:12:4a:31:20:31:81:e7:fb:
         c9:1f:72:e6:fd:30:3f:0a:63:d8:aa:44:9e:1d:f9:96:0b:52:
         7b:29:94:ae
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUa5YmOo8C27DAoBFbLXp1o6smhrMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDJaFw0yNDA4MjkwNjAwMDJaMDMxMTAvBgNV
BAMTKDlFRjE3Qjc3NjJDODAwMzY4NzNCQUY5QTA1RTcxMzFCRjA1MzQ3QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChogdOgVkGLbTOJklmY3egWZTB
gp59X7jWfxslC0j7aD8gVBejYV0cbkZQfyI+l9iwJU5xuN9CdbJOFl0ZmOcpwI6e
8+HSDH2DPYgzz9qtaV9N5mhFtbOkF4/uAGDGd76i81ly8iVnnnBpUe4TP0fEQG+y
zUkOw7AXqZ9uRJZmO61QjSnzPdg3S1LHUISxMroQSKton4SGkd/l57l5wj1vxnWb
omlfCNAM81gBjmnDhGVz8LYXMasB5hC8NSMUme+2Uf3T4PCxXy1csAt6bn+L2P9M
dpek4nLhUhCSU0WQbqt6mM2CwMUJy+VnO9uR9VBEe7r1eyY2g3WBbCZDTOF/AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUnvF7d2LIADaHO6+aBecTG/BTR6owHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzMjM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMDMyMzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMqrHTANBgkqhkiG
9w0BAQsFAAOCAQEApA25fnmm28ja7GK/yp70wkZcP0K8xCZQjOxX0IgmUXDZa8nb
WBCgb+UzkGfxK+k1Vt63trrmPsf06K/wQG/hgtZgnLCMUkltQjiz4QtH567XSEEQ
KHE11Vq10g7bFO7BdeGMM8kToKb9FFZrUjGN7RJ/MzSVVOSl/d1W8kw0K9NUJpU4
Iz6R3efcSccT2ULANFmFqfZVu0o3mIQ7Ev5KSEVLDALJg5OOsJKSFa6LKmiqfBYl
cZekpPZrF1MeuyoHE35KUK9h6S7YtpJUFq/nXwkmEgz3eOSYUQDF2IZfk0HF6xJK
MSAxgef7yR9y5v0wPwpj2KpEnh35lgtSeymUrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:02 2024 by rpki-client on console-fra.rpki-client.org