Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/3230322e332e3230382e302f32302d3230203d3e203233363933.roa
File: 3230322e332e3230382e302f32302d3230203d3e203233363933.roa (raw, json)
Hash identifier: cbdwyVDAZZ+/cnq8AKNjZ9AOH6nySdr/utSqSt45guY=
Subject key identifier: CB:66:89:37:48:0D:CA:5D:25:5B:F4:18:6D:2A:8F:0B:DB:72:6D:B6
Certificate issuer: /CN=66442B8563B5A590ED84F72A8C7B97A16B9C9F3A
Certificate serial: 153AA5C94497B45B6F764C7F76C2E341921A58D5
Authority key identifier: 66:44:2B:85:63:B5:A5:90:ED:84:F7:2A:8C:7B:97:A1:6B:9C:9F:3A
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/66442B8563B5A590ED84F72A8C7B97A16B9C9F3A.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/3230322e332e3230382e302f32302d3230203d3e203233363933.roa
Signing time: Fri 08 Nov 2024 07:55:52 +0000
ROA not before: Fri 08 Nov 2024 07:50:52 +0000
ROA not after: Fri 07 Nov 2025 07:55:52 +0000
asID: 23693
IP address blocks: 202.3.208.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 11 Nov 2024 14:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:3a:a5:c9:44:97:b4:5b:6f:76:4c:7f:76:c2:e3:41:92:1a:58:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66442B8563B5A590ED84F72A8C7B97A16B9C9F3A
Validity
Not Before: Nov 8 07:50:52 2024 GMT
Not After : Nov 7 07:55:52 2025 GMT
Subject: CN=CB668937480DCA5D255BF4186D2A8F0BDB726DB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3a:57:bb:1b:dc:b7:fb:e2:2d:f7:59:0e:1a:
13:a2:a4:68:a6:66:48:45:ab:ae:70:d2:8b:f4:ec:
41:c8:29:c5:9b:67:4c:5c:d8:aa:b3:ae:a4:d6:41:
06:f6:2f:83:f0:ed:ae:13:92:de:01:6f:f0:cd:bc:
3e:59:2f:85:f0:6a:94:55:6f:7b:02:5e:2e:c3:27:
ec:24:de:bd:7a:91:6f:e3:8f:c2:7d:a2:f1:93:a1:
71:2b:77:22:66:3a:18:41:79:0b:57:91:c0:bd:60:
6f:95:70:d3:b9:de:63:38:88:2e:dd:a5:c9:51:5c:
d8:04:a8:bf:93:7f:aa:6e:fb:15:84:c6:e4:37:1f:
42:b2:88:1f:a4:e1:92:02:3c:9b:53:f6:69:a1:63:
b9:15:49:e8:cf:54:e8:ab:99:d6:51:d8:74:c6:2b:
5e:7c:de:d0:86:ca:0a:62:a8:68:00:bf:b3:fb:6b:
0d:52:39:d6:14:43:27:69:83:3e:03:0b:c4:a4:c3:
ad:3b:de:24:c0:22:f8:87:dc:7d:8b:1f:a8:30:ce:
d5:46:1a:df:be:11:f1:74:63:48:bc:4e:50:48:3f:
2f:70:6f:f4:ad:97:71:12:28:ed:35:11:3c:32:1a:
d2:ad:25:4f:17:d7:db:e7:a8:4c:a6:49:6a:5d:78:
aa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:66:89:37:48:0D:CA:5D:25:5B:F4:18:6D:2A:8F:0B:DB:72:6D:B6
X509v3 Authority Key Identifier:
keyid:66:44:2B:85:63:B5:A5:90:ED:84:F7:2A:8C:7B:97:A1:6B:9C:9F:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/66442B8563B5A590ED84F72A8C7B97A16B9C9F3A.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/66442B8563B5A590ED84F72A8C7B97A16B9C9F3A.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3328f24e-dc7f-4562-a51d-e2e38c3677d1/0/3230322e332e3230382e302f32302d3230203d3e203233363933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.3.208.0/20
Signature Algorithm: sha256WithRSAEncryption
2b:7f:5d:ae:7d:ab:3c:f1:56:57:3c:2c:d9:9c:83:0d:fc:01:
d6:f8:3f:10:ce:d7:6d:cd:bc:9e:6c:63:9f:11:26:92:e4:a6:
be:c2:82:3a:76:3d:62:98:e4:08:cb:46:b1:b3:f7:d2:ae:fa:
90:30:ba:b4:32:ec:91:0f:c1:59:dd:cf:18:bc:e8:79:9e:4c:
ad:bd:86:81:29:16:8d:52:1b:9c:96:5a:cc:f6:9b:67:49:19:
70:c3:cf:7b:2e:8a:91:c3:86:64:34:2a:6b:62:3a:92:29:22:
52:ad:ec:d2:fa:79:51:fe:77:c5:1c:cb:40:55:43:86:cf:d5:
64:e3:ae:8e:66:a9:b5:62:c4:b8:be:b5:69:37:dd:ac:fc:b6:
d8:a7:ef:bc:55:67:e7:64:e0:0d:ae:f0:78:6b:f9:a8:51:b9:
b8:eb:39:31:06:bb:ad:6c:b2:3c:b9:8c:e1:20:06:90:86:69:
78:9f:d5:19:bb:78:66:a9:32:42:d4:65:7e:5e:eb:c6:9e:dc:
45:4e:6f:f4:63:54:2c:df:c7:21:7a:1d:da:6a:45:3f:91:ab:
ff:51:9f:05:a9:c7:cc:66:a5:22:a3:6a:57:49:0e:be:8c:71:
c4:f1:1c:cf:92:5a:e4:0c:5d:8f:ca:45:72:e6:e2:85:9d:c3:
ba:3b:e8:6e
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUFTqlyUSXtFtvdkx/dsLjQZIaWNUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjY0NDJCODU2M0I1QTU5MEVEODRGNzJBOEM3Qjk3QTE2
QjlDOUYzQTAeFw0yNDExMDgwNzUwNTJaFw0yNTExMDcwNzU1NTJaMDMxMTAvBgNV
BAMTKENCNjY4OTM3NDgwRENBNUQyNTVCRjQxODZEMkE4RjBCREI3MjZEQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqOle7G9y3++It91kOGhOipGim
ZkhFq65w0ov07EHIKcWbZ0xc2KqzrqTWQQb2L4Pw7a4Tkt4Bb/DNvD5ZL4XwapRV
b3sCXi7DJ+wk3r16kW/jj8J9ovGToXErdyJmOhhBeQtXkcC9YG+VcNO53mM4iC7d
pclRXNgEqL+Tf6pu+xWExuQ3H0KyiB+k4ZICPJtT9mmhY7kVSejPVOirmdZR2HTG
K1583tCGygpiqGgAv7P7aw1SOdYUQydpgz4DC8Skw6073iTAIviH3H2LH6gwztVG
Gt++EfF0Y0i8TlBIPy9wb/Stl3ESKO01ETwyGtKtJU8X19vnqEymSWpdeKqZAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUy2aJN0gNyl0lW/QYbSqPC9tybbYwHwYDVR0j
BBgwFoAUZkQrhWO1pZDthPcqjHuXoWucnzowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzI4ZjI0ZS1kYzdmLTQ1NjItYTUxZC1lMmUzOGMzNjc3ZDEvMC82NjQ0MkI4NTYz
QjVBNTkwRUQ4NEY3MkE4QzdCOTdBMTZCOUM5RjNBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjY0NDJCODU2M0I1QTU5MEVEODRGNzJBOEM3Qjk3QTE2QjlD
OUYzQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMzMjhmMjRlLWRjN2YtNDU2Mi1h
NTFkLWUyZTM4YzM2NzdkMS8wLzMyMzAzMjJlMzMyZTMyMzAzODJlMzAyZjMyMzAy
ZDMyMzAyMDNkM2UyMDMyMzMzNjM5MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATKA9AwDQYJKoZIhvcN
AQELBQADggEBACt/Xa59qzzxVlc8LNmcgw38Adb4PxDO123NvJ5sY58RJpLkpr7C
gjp2PWKY5AjLRrGz99Ku+pAwurQy7JEPwVndzxi86HmeTK29hoEpFo1SG5yWWsz2
m2dJGXDDz3suipHDhmQ0KmtiOpIpIlKt7NL6eVH+d8Ucy0BVQ4bP1WTjro5mqbVi
xLi+tWk33az8ttin77xVZ+dk4A2u8Hhr+ahRubjrOTEGu61ssjy5jOEgBpCGaXif
1Rm7eGapMkLUZX5e68ae3EVOb/RjVCzfxyF6HdpqRT+Rq/9RnwWpx8xmpSKjaldJ
Dr6MccTxHM+SWuQMXY/KRXLm4oWdw7o76G4=
-----END CERTIFICATE-----
Generated at Mon Nov 11 17:00:09 2024 by rpki-client on console-ams.rpki-client.org