Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e382e302f32342d3234203d3e203130323137.roa
File:                     3230322e3137312e382e302f32342d3234203d3e203130323137.roa (raw, json)
Hash identifier:          eFqGLr4cfWbsljLhqN2KpID0cXiTq6S4BrG69TgDFCg=
Subject key identifier:   23:C4:CA:FC:A2:3F:1C:24:04:8C:50:F0:A8:E8:37:0C:38:1D:E0:D6
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       071A89A16B02F5A6A6A790212B18AC8D1154513D
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e382e302f32342d3234203d3e203130323137.roa
Signing time:             Thu 31 Aug 2023 06:00:06 +0000
ROA not before:           Thu 31 Aug 2023 05:55:06 +0000
ROA not after:            Thu 29 Aug 2024 06:00:06 +0000
asID:                     10217
IP address blocks:        202.171.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jun 2024 10:21:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:1a:89:a1:6b:02:f5:a6:a6:a7:90:21:2b:18:ac:8d:11:54:51:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Aug 31 05:55:06 2023 GMT
            Not After : Aug 29 06:00:06 2024 GMT
        Subject: CN=23C4CAFCA23F1C24048C50F0A8E8370C381DE0D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:89:81:e5:bd:10:6b:37:c6:e5:b8:b2:e4:05:
                    ea:6c:03:07:8b:49:29:fd:f6:64:aa:57:ac:4d:c1:
                    e0:de:a4:1a:f1:98:89:c8:05:f5:27:4b:19:9e:48:
                    c9:b7:82:e7:7b:2a:52:3f:3e:52:5f:f5:f1:c0:22:
                    6f:fc:d8:56:39:2a:64:3a:41:4e:69:21:2d:f9:7b:
                    44:3d:81:3c:7c:5e:0d:93:34:e4:01:e6:bb:70:79:
                    92:b0:68:b6:43:84:68:55:e2:36:f2:1a:2e:43:c1:
                    03:22:b3:b2:4b:0a:31:a6:74:1c:0b:1d:7e:77:ef:
                    7c:5b:e5:60:9c:4a:89:fb:14:08:e6:75:ae:d2:37:
                    bb:da:d5:06:47:19:43:87:30:0d:1b:3e:bd:f3:ab:
                    7b:dc:ac:03:dc:0d:06:3b:b5:8a:8c:67:12:7b:cd:
                    14:7f:ba:87:05:b9:f2:4c:9c:d1:70:00:da:39:42:
                    c3:74:02:a9:ed:75:04:a6:cf:7d:51:53:d4:16:40:
                    1f:9d:d3:dd:12:2f:f5:e3:8b:dd:8e:b4:d0:96:9b:
                    d8:26:fc:6f:ff:63:ae:43:e3:71:3f:f0:0a:6d:7b:
                    b2:10:30:be:4e:1c:d1:46:de:e7:e8:3d:14:2d:8a:
                    bd:61:4b:e3:8f:c1:3b:86:cb:c6:6e:30:56:10:d8:
                    c5:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:C4:CA:FC:A2:3F:1C:24:04:8C:50:F0:A8:E8:37:0C:38:1D:E0:D6
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/3230322e3137312e382e302f32342d3234203d3e203130323137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.171.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:01:df:f3:56:19:31:c4:da:4f:3f:53:cc:cf:7c:b7:c7:e8:
         42:d0:d8:29:b2:7e:9b:37:aa:0e:d0:06:96:4c:1e:43:a8:87:
         c7:38:41:81:10:09:5e:43:f2:83:6a:87:b2:12:54:c1:11:81:
         b2:1b:a9:ba:2e:f9:89:7b:b3:f6:28:ed:6d:ad:88:e9:da:80:
         4b:6e:e7:53:70:6b:7d:bf:3b:5b:6e:37:46:18:c9:84:d8:78:
         b9:c7:46:b7:31:b1:10:15:90:37:f9:41:22:42:dd:cf:f6:51:
         0b:4a:b3:9e:ec:0e:70:69:23:06:c7:41:3f:42:42:70:54:ee:
         27:85:c9:40:2e:b1:2a:83:27:ed:b5:9a:1a:ad:f7:d6:ca:04:
         54:bf:1d:3d:e9:df:c2:0d:c1:c7:1f:69:87:20:83:5e:3d:7b:
         98:64:d4:fe:53:6b:0a:e6:3c:41:58:5a:c9:7c:f1:14:ce:8d:
         a5:75:bc:5b:38:62:69:98:8a:00:c9:ac:eb:a6:a0:5f:7e:0b:
         e5:52:63:66:16:96:92:e7:b8:0c:4c:3b:9d:f8:99:14:da:73:
         16:be:c6:b6:e5:14:1c:65:07:c0:53:8d:bb:31:e1:14:a1:4e:
         aa:1d:47:e5:7b:54:12:67:5f:14:04:b5:15:8e:4d:ce:a9:bf:
         f3:db:8a:2d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUBxqJoWsC9aamp5AhKxisjRFUUT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yMzA4MzEwNTU1MDZaFw0yNDA4MjkwNjAwMDZaMDMxMTAvBgNV
BAMTKDIzQzRDQUZDQTIzRjFDMjQwNDhDNTBGMEE4RTgzNzBDMzgxREUwRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDliYHlvRBrN8bluLLkBepsAweL
SSn99mSqV6xNweDepBrxmInIBfUnSxmeSMm3gud7KlI/PlJf9fHAIm/82FY5KmQ6
QU5pIS35e0Q9gTx8Xg2TNOQB5rtweZKwaLZDhGhV4jbyGi5DwQMis7JLCjGmdBwL
HX5373xb5WCcSon7FAjmda7SN7va1QZHGUOHMA0bPr3zq3vcrAPcDQY7tYqMZxJ7
zRR/uocFufJMnNFwANo5QsN0AqntdQSmz31RU9QWQB+d090SL/Xji92OtNCWm9gm
/G//Y65D43E/8Apte7IQML5OHNFG3ufoPRQtir1hS+OPwTuGy8ZuMFYQ2MVLAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUI8TK/KI/HCQEjFDwqOg3DDgd4NYwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmYjcwODE4LTIzNjYtNDJlMC05
ZGJkLTI1NDM4MTA2OWU1Ny8wLzMyMzAzMjJlMzEzNzMxMmUzODJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzAzMjMxMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKqwgwDQYJKoZIhvcN
AQELBQADggEBAJUB3/NWGTHE2k8/U8zPfLfH6ELQ2Cmyfps3qg7QBpZMHkOoh8c4
QYEQCV5D8oNqh7ISVMERgbIbqbou+Yl7s/Yo7W2tiOnagEtu51Nwa32/O1tuN0YY
yYTYeLnHRrcxsRAVkDf5QSJC3c/2UQtKs57sDnBpIwbHQT9CQnBU7ieFyUAusSqD
J+21mhqt99bKBFS/HT3p38INwccfaYcgg149e5hk1P5TawrmPEFYWsl88RTOjaV1
vFs4YmmYigDJrOumoF9+C+VSY2YWlpLnuAxMO534mRTacxa+xrblFBxlB8BTjbsx
4RShTqodR+V7VBJnXxQEtRWOTc6pv/Pbii0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:02 2024 by rpki-client on console-fra.rpki-client.org