Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3136342e302f32342d3234203d3e203435373235.roa
File:                     3230322e3135302e3136342e302f32342d3234203d3e203435373235.roa (raw, json)
Hash identifier:          vPXrTijHmpeVIiNWLEpUMWPOVThl2W6YDjC0tLH80qE=
Subject key identifier:   32:1D:8A:57:CF:55:C0:D3:7E:9C:50:2A:64:CB:98:5F:F2:A1:97:F8
Certificate issuer:       /CN=BE7F813F3C6CA289A9CDAC5630975B7627458103
Certificate serial:       2A5693F36371BC7F8713B98DB8870D920A0B9F19
Authority key identifier: BE:7F:81:3F:3C:6C:A2:89:A9:CD:AC:56:30:97:5B:76:27:45:81:03
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3136342e302f32342d3234203d3e203435373235.roa
Signing time:             Tue 25 Jul 2023 09:00:02 +0000
ROA not before:           Tue 25 Jul 2023 08:55:02 +0000
ROA not after:            Tue 23 Jul 2024 09:00:02 +0000
asID:                     45725
IP address blocks:        202.150.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 06 Jun 2024 03:41:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:56:93:f3:63:71:bc:7f:87:13:b9:8d:b8:87:0d:92:0a:0b:9f:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BE7F813F3C6CA289A9CDAC5630975B7627458103
        Validity
            Not Before: Jul 25 08:55:02 2023 GMT
            Not After : Jul 23 09:00:02 2024 GMT
        Subject: CN=321D8A57CF55C0D37E9C502A64CB985FF2A197F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:7b:99:db:27:6f:06:b9:80:5c:44:da:14:e9:
                    47:05:bd:8f:fe:b4:f9:17:27:35:6f:f2:a9:d8:eb:
                    2c:61:c3:9f:16:06:13:a4:d3:54:26:e1:57:0d:f5:
                    72:29:22:bd:e7:cd:80:aa:6f:d0:7d:b1:df:ee:8c:
                    3e:3a:dd:84:79:a8:0b:21:ab:06:b4:fb:ef:f9:d9:
                    4a:bc:af:35:df:58:7a:45:3a:31:02:8a:76:ce:0e:
                    6a:e0:79:43:78:36:2a:ec:6f:f5:4f:52:3d:90:a5:
                    82:6c:2c:ba:89:41:b1:e8:22:00:bb:61:23:e7:6d:
                    11:36:5e:fa:ff:b6:48:5b:38:8f:1f:e8:e0:08:f7:
                    03:cc:66:fc:f6:71:e7:19:e2:2a:db:6c:68:18:60:
                    78:81:80:cf:4a:54:e5:f8:f7:a8:a6:03:dd:e5:36:
                    88:b3:26:24:cb:ca:85:28:ac:63:73:83:2e:24:23:
                    78:5d:ba:2d:4c:63:09:f0:b6:d3:67:41:8e:22:eb:
                    d8:b2:b4:fb:46:3f:97:37:c4:41:30:f5:61:c7:3e:
                    63:3b:46:15:36:1d:3c:6d:e3:e6:b3:37:85:45:95:
                    c7:4b:e9:51:b2:a1:72:9c:98:9a:6c:99:58:be:76:
                    18:17:6c:db:0f:f4:ba:1f:bf:6b:af:5e:7b:dc:32:
                    0c:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:1D:8A:57:CF:55:C0:D3:7E:9C:50:2A:64:CB:98:5F:F2:A1:97:F8
            X509v3 Authority Key Identifier:
                keyid:BE:7F:81:3F:3C:6C:A2:89:A9:CD:AC:56:30:97:5B:76:27:45:81:03

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3136342e302f32342d3234203d3e203435373235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.150.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c8:d9:79:e4:19:43:19:2d:de:35:46:e4:2d:5c:b9:51:53:b5:
         f7:41:b6:ff:c4:a5:c2:61:19:59:96:67:e3:a2:a3:64:5b:f3:
         86:a5:d2:72:23:79:a3:53:ca:da:4b:03:54:9d:73:37:63:bb:
         9f:32:b8:5c:80:b0:1a:a4:26:92:05:39:15:ba:8b:b7:ab:ad:
         ee:4f:ef:d6:15:fa:60:68:19:bf:f5:01:be:19:f9:9d:3d:fd:
         cb:4a:9f:e5:36:e0:4a:9c:df:40:6a:d5:ab:3a:76:ea:b5:e1:
         bc:65:53:3e:26:e9:66:2e:b3:de:90:71:32:73:78:83:63:65:
         97:84:8d:54:54:ec:e3:be:d3:5a:7a:f8:35:26:0a:bd:4b:30:
         4f:af:0b:cd:6c:97:14:99:00:90:5b:ff:e4:be:45:54:61:4d:
         13:d8:f5:c6:1d:10:fc:0f:e3:43:11:89:c8:64:23:d8:e3:1b:
         42:7c:67:1e:f3:d5:19:21:c3:8f:af:34:de:81:20:63:9e:cf:
         1c:4f:19:6f:8c:47:ef:ec:93:37:23:72:a1:83:ec:20:b9:86:
         5a:8c:05:5d:05:d3:88:1d:a7:a7:9a:31:70:b1:78:d3:a6:bf:
         fe:4b:30:5b:96:aa:e7:89:4e:76:71:50:9f:19:fc:4f:83:4b:
         8c:63:63:ea
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUKlaT82NxvH+HE7mNuIcNkgoLnxkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkU3RjgxM0YzQzZDQTI4OUE5Q0RBQzU2MzA5NzVCNzYy
NzQ1ODEwMzAeFw0yMzA3MjUwODU1MDJaFw0yNDA3MjMwOTAwMDJaMDMxMTAvBgNV
BAMTKDMyMUQ4QTU3Q0Y1NUMwRDM3RTlDNTAyQTY0Q0I5ODVGRjJBMTk3RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+e5nbJ28GuYBcRNoU6UcFvY/+
tPkXJzVv8qnY6yxhw58WBhOk01Qm4VcN9XIpIr3nzYCqb9B9sd/ujD463YR5qAsh
qwa0++/52Uq8rzXfWHpFOjECinbODmrgeUN4Nirsb/VPUj2QpYJsLLqJQbHoIgC7
YSPnbRE2Xvr/tkhbOI8f6OAI9wPMZvz2cecZ4irbbGgYYHiBgM9KVOX496imA93l
NoizJiTLyoUorGNzgy4kI3hdui1MYwnwttNnQY4i69iytPtGP5c3xEEw9WHHPmM7
RhU2HTxt4+azN4VFlcdL6VGyoXKcmJpsmVi+dhgXbNsP9Lofv2uvXnvcMgwBAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUMh2KV89VwNN+nFAqZMuYX/Khl/gwHwYDVR0j
BBgwFoAUvn+BPzxsoompzaxWMJdbdidFgQMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
NDQyMTZkOC03MGNlLTQ5MDgtYTcyYi1lYzI3M2Y0M2JiYzIvMC9CRTdGODEzRjND
NkNBMjg5QTlDREFDNTYzMDk3NUI3NjI3NDU4MTAzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkU3RjgxM0YzQzZDQTI4OUE5Q0RBQzU2MzA5NzVCNzYyNzQ1
ODEwMy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY0NDIxNmQ4LTcwY2UtNDkwOC1h
NzJiLWVjMjczZjQzYmJjMi8wLzMyMzAzMjJlMzEzNTMwMmUzMTM2MzQyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNDM1MzczMjM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAypakMA0GCSqG
SIb3DQEBCwUAA4IBAQDI2XnkGUMZLd41RuQtXLlRU7X3Qbb/xKXCYRlZlmfjoqNk
W/OGpdJyI3mjU8raSwNUnXM3Y7ufMrhcgLAapCaSBTkVuou3q63uT+/WFfpgaBm/
9QG+GfmdPf3LSp/lNuBKnN9AatWrOnbqteG8ZVM+JulmLrPekHEyc3iDY2WXhI1U
VOzjvtNaevg1Jgq9SzBPrwvNbJcUmQCQW//kvkVUYU0T2PXGHRD8D+NDEYnIZCPY
4xtCfGce89UZIcOPrzTegSBjns8cTxlvjEfv7JM3I3Khg+wguYZajAVdBdOIHaen
mjFwsXjTpr/+SzBblqrniU52cVCfGfxPg0uMY2Pq
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:07 2024 by rpki-client on console-fra.rpki-client.org