Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e342e302f32342d3234203d3e203130323137.roa
File:                     3230322e3137312e342e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          9IZmJEr8iRL22dawbDXd1tyGQgINSjfJBjRkIQyEP+A=
Subject key identifier:   17:EE:8A:4C:FD:5C:2F:19:92:F1:6B:FA:B5:F3:55:45:01:B5:25:BE
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       1A1BFEBCD709799D9DF3E37F70F53E9DC9312927
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e342e302f32342d3234203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:02 +0000
ROA not before:           Thu 31 Aug 2023 05:55:02 +0000
ROA not after:            Thu 29 Aug 2024 06:00:02 +0000
asID:                     10217
IP address blocks:        202.171.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:1b:fe:bc:d7:09:79:9d:9d:f3:e3:7f:70:f5:3e:9d:c9:31:29:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:02 2023 GMT
            Not After : Aug 29 06:00:02 2024 GMT
        Subject: CN=17EE8A4CFD5C2F1992F16BFAB5F3554501B525BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:67:87:cd:ac:6f:c8:ab:2c:d0:7f:ba:7f:e4:
                    4e:9e:17:41:2b:d9:15:a3:85:eb:b9:4b:75:cd:a5:
                    6f:db:d5:cd:60:33:57:52:e0:08:da:07:46:0f:b5:
                    18:6c:83:2d:da:d2:be:e1:3a:64:81:7d:52:4f:be:
                    cf:69:dc:88:54:05:74:2a:3d:61:62:d2:66:3a:26:
                    b7:2a:6a:79:9e:16:b6:1a:b0:e1:11:55:3f:c7:aa:
                    99:59:e6:6c:c0:f3:d2:69:40:d0:36:28:a8:8a:82:
                    5d:e4:dc:e9:de:55:a0:df:53:88:fa:37:47:fc:4b:
                    93:73:a8:b2:24:72:ab:59:a7:ca:2e:16:bd:fa:9d:
                    16:c5:c4:6d:26:79:4f:d6:aa:f8:12:a3:ce:37:0e:
                    8e:ac:5f:25:51:6a:17:c4:34:71:15:7f:fa:80:78:
                    9c:b0:e6:d3:da:40:c1:9e:f7:80:28:d5:37:d9:c0:
                    9f:40:f7:5a:ec:23:e3:ec:01:a1:10:48:c8:9d:df:
                    99:86:d9:4d:10:12:c8:e4:20:a8:ed:40:b0:24:20:
                    c6:e2:3a:3b:b6:65:bd:73:55:72:f0:a9:ac:aa:76:
                    d4:a7:d2:ca:72:57:31:5c:78:71:8e:1a:60:0d:88:
                    ab:55:36:7a:6b:8c:c1:7d:22:d3:df:5b:3d:16:35:
                    47:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:EE:8A:4C:FD:5C:2F:19:92:F1:6B:FA:B5:F3:55:45:01:B5:25:BE
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e342e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:9b:38:3b:53:f7:9b:cd:f9:3f:d8:18:77:d5:e2:b3:db:1e:
         a2:db:28:a7:ce:e4:59:ac:d6:c2:b1:75:22:26:61:f0:11:42:
         bd:31:a1:59:80:2e:fa:48:3f:d7:55:e7:8e:1c:bb:fe:17:09:
         83:27:28:ad:07:bb:e8:f7:c8:f7:35:e6:2f:d2:ac:ec:ea:6b:
         46:55:25:31:97:4f:be:0e:f1:e0:4e:7d:69:66:ae:bc:86:58:
         5b:a9:8b:7a:81:17:d2:34:3b:69:18:7f:0d:40:6e:e7:04:a8:
         d1:50:52:20:96:4c:1d:42:a7:16:4f:b0:1b:57:7b:f6:7e:95:
         d8:40:e2:38:6e:96:d4:f1:a6:76:96:cd:54:45:33:5a:52:0e:
         91:2b:75:d5:2f:6a:5e:06:91:b1:61:08:4c:db:42:df:b6:56:
         b8:48:8c:e7:16:1e:cb:97:1c:55:37:05:ff:68:fb:38:b2:0a:
         87:e2:b0:31:1f:d1:fe:f1:0b:ac:0d:d8:a8:d5:cd:e0:29:ef:
         18:f6:b0:92:5b:bd:71:de:93:61:2f:e0:5f:96:4b:c2:a2:ef:
         2c:be:c3:28:8d:46:bf:c8:72:65:33:35:41:86:66:77:76:cf:
         e3:6c:cc:8f:f6:a6:08:65:30:03:41:b4:cd:fd:ce:35:1d:dd:
         85:1f:d9:f4
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUGhv+vNcJeZ2d8+N/cPU+nckxKScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDJaFw0yNDA4MjkwNjAwMDJaMDMxMTAvBgNV
BAMTKDE3RUU4QTRDRkQ1QzJGMTk5MkYxNkJGQUI1RjM1NTQ1MDFCNTI1QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNZ4fNrG/IqyzQf7p/5E6eF0Er
2RWjheu5S3XNpW/b1c1gM1dS4AjaB0YPtRhsgy3a0r7hOmSBfVJPvs9p3IhUBXQq
PWFi0mY6JrcqanmeFrYasOERVT/HqplZ5mzA89JpQNA2KKiKgl3k3OneVaDfU4j6
N0f8S5NzqLIkcqtZp8ouFr36nRbFxG0meU/WqvgSo843Do6sXyVRahfENHEVf/qA
eJyw5tPaQMGe94Ao1TfZwJ9A91rsI+PsAaEQSMid35mG2U0QEsjkIKjtQLAkIMbi
Oju2Zb1zVXLwqayqdtSn0spyVzFceHGOGmANiKtVNnprjMF9ItPfWz0WNUedAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUF+6KTP1cLxmS8Wv6tfNVRQG1Jb4wHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzNDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzAzMjMxMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKqwQwDQYJKoZIhvcN
AQELBQADggEBACWbODtT95vN+T/YGHfV4rPbHqLbKKfO5Fms1sKxdSImYfARQr0x
oVmALvpIP9dV544cu/4XCYMnKK0Hu+j3yPc15i/SrOzqa0ZVJTGXT74O8eBOfWlm
rryGWFupi3qBF9I0O2kYfw1AbucEqNFQUiCWTB1CpxZPsBtXe/Z+ldhA4jhultTx
pnaWzVRFM1pSDpErddUval4GkbFhCEzbQt+2VrhIjOcWHsuXHFU3Bf9o+ziyCofi
sDEf0f7xC6wN2KjVzeAp7xj2sJJbvXHek2Ev4F+WS8Ki7yy+wyiNRr/IcmUzNUGG
Znd2z+NszI/2pghlMANBtM39zjUd3YUf2fQ=
-----END CERTIFICATE-----
Generated at Wed Nov 22 10:32:48 2023 by rpki-client on console-ams.rpki-client.org