Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/3230332e3135332e3132302e302f32342d3234203d3e203338353035.roa
File:                     3230332e3135332e3132302e302f32342d3234203d3e203338353035.roa (raw, json)
Hash identifier:          axETqYNSwqlH4HEDi51+dxpEk75QSWr/Mu8wDWl5lUw=
Subject key identifier:   AD:D9:37:8A:80:14:2C:06:E5:8F:AF:9D:AF:E7:DF:58:91:47:45:32
Certificate issuer:       /CN=83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6
Certificate serial:       308181EF3AA2C58DFCC66220E61A53FC68669735
Authority key identifier: 83:D3:98:6C:5C:BD:56:BD:0C:E9:03:D1:B5:1E:AD:65:D1:1D:33:A6
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/3230332e3135332e3132302e302f32342d3234203d3e203338353035.roa
Signing time:             Thu 10 Aug 2023 08:00:02 +0000
ROA not before:           Thu 10 Aug 2023 07:55:02 +0000
ROA not after:            Thu 08 Aug 2024 08:00:02 +0000
asID:                     38505
IP address blocks:        203.153.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Jun 2024 09:22:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:81:81:ef:3a:a2:c5:8d:fc:c6:62:20:e6:1a:53:fc:68:66:97:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6
        Validity
            Not Before: Aug 10 07:55:02 2023 GMT
            Not After : Aug  8 08:00:02 2024 GMT
        Subject: CN=ADD9378A80142C06E58FAF9DAFE7DF5891474532
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:f3:5c:56:c9:96:f1:f4:28:9a:1a:b7:f6:c2:
                    ab:ad:08:7f:0e:73:d1:0d:8e:f0:35:ff:4c:2f:25:
                    1d:3d:88:1c:ea:de:51:0d:e6:0c:8b:2f:7b:7b:b6:
                    3a:5b:7e:36:24:8d:89:f5:2c:f7:03:ed:9d:9c:22:
                    0a:47:f4:21:19:55:3a:d5:36:68:e6:4f:0c:3f:da:
                    92:57:6a:76:2d:1e:89:b9:78:f9:e0:b7:b8:74:97:
                    eb:08:39:8d:d2:f7:e6:ec:f5:af:71:b6:8a:4e:2a:
                    9b:7e:1a:c4:b7:28:2a:f1:00:87:92:e3:30:0a:39:
                    20:07:ee:73:7e:66:af:e0:3b:48:59:2b:7c:fb:1f:
                    2c:b4:f5:1e:5a:62:0c:09:8c:0c:9a:ba:3b:32:54:
                    af:98:85:b4:a1:9e:d5:36:0a:aa:61:68:91:94:b9:
                    dc:35:df:13:40:8c:40:e8:f7:42:d3:3c:22:cc:e4:
                    f0:56:2f:de:ca:b9:4e:95:7c:ca:27:05:9d:0c:50:
                    e0:af:e0:16:b7:97:a1:72:06:f2:6c:90:de:21:94:
                    d7:26:3d:50:c0:3f:73:74:7b:31:03:f3:6b:58:cc:
                    00:76:9c:e9:5f:ab:fe:4e:fc:86:5e:26:d6:82:d5:
                    cb:6a:8b:cc:43:79:6c:79:b4:ad:7a:52:9d:49:f0:
                    96:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:D9:37:8A:80:14:2C:06:E5:8F:AF:9D:AF:E7:DF:58:91:47:45:32
            X509v3 Authority Key Identifier:
                keyid:83:D3:98:6C:5C:BD:56:BD:0C:E9:03:D1:B5:1E:AD:65:D1:1D:33:A6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/3230332e3135332e3132302e302f32342d3234203d3e203338353035.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.153.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c5:67:62:6e:0b:52:e1:cc:42:c7:e8:68:cb:48:af:b4:de:71:
         69:c7:31:e8:a7:4f:7b:ea:4f:53:7b:a6:f2:ee:86:b3:45:7f:
         12:d2:52:26:5f:dc:26:6b:51:57:94:3b:53:b7:41:63:8b:12:
         46:b1:3c:d7:a3:45:7b:df:1f:28:c8:25:c9:83:57:16:ee:06:
         a4:4d:f3:31:9e:49:67:0f:a9:11:c5:cf:eb:f5:be:3a:59:87:
         5e:f6:ed:3e:85:0f:54:b0:35:91:23:e1:78:ca:b2:1b:81:61:
         69:98:10:6c:22:14:eb:ac:e1:6b:49:ab:27:a2:a6:83:e4:b6:
         7c:a6:6d:9d:bb:31:81:bf:69:3b:79:01:ca:1f:55:15:47:64:
         0f:a1:3a:a8:8d:86:67:a4:e9:35:5b:ee:49:70:9c:ef:64:4a:
         b6:86:73:74:a8:59:20:dd:a2:b7:48:67:d2:00:7a:8a:76:ff:
         39:73:d5:f2:32:c8:9d:32:38:8a:25:0a:b1:52:4a:c6:17:9c:
         39:13:0d:17:bf:7b:dc:7f:89:ed:8b:bf:41:5b:e5:f7:55:36:
         53:b8:8f:9b:00:ef:5d:ea:a8:bf:68:93:b6:d8:02:4c:e5:0d:
         0d:ea:ed:78:0f:c2:ee:e5:04:a2:2f:aa:da:9a:7f:50:85:b3:
         2b:cd:4e:fd
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUMIGB7zqixY38xmIg5hpT/GhmlzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODNEMzk4NkM1Q0JENTZCRDBDRTkwM0QxQjUxRUFENjVE
MTFEMzNBNjAeFw0yMzA4MTAwNzU1MDJaFw0yNDA4MDgwODAwMDJaMDMxMTAvBgNV
BAMTKEFERDkzNzhBODAxNDJDMDZFNThGQUY5REFGRTdERjU4OTE0NzQ1MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF81xWyZbx9CiaGrf2wqutCH8O
c9ENjvA1/0wvJR09iBzq3lEN5gyLL3t7tjpbfjYkjYn1LPcD7Z2cIgpH9CEZVTrV
NmjmTww/2pJXanYtHom5ePngt7h0l+sIOY3S9+bs9a9xtopOKpt+GsS3KCrxAIeS
4zAKOSAH7nN+Zq/gO0hZK3z7Hyy09R5aYgwJjAyaujsyVK+YhbShntU2CqphaJGU
udw13xNAjEDo90LTPCLM5PBWL97KuU6VfMonBZ0MUOCv4Ba3l6FyBvJskN4hlNcm
PVDAP3N0ezED82tYzAB2nOlfq/5O/IZeJtaC1ctqi8xDeWx5tK16Up1J8JabAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUrdk3ioAULAblj6+dr+ffWJFHRTIwHwYDVR0j
BBgwFoAUg9OYbFy9Vr0M6QPRtR6tZdEdM6YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
M2QwNzg2ZC0zZDNlLTQ1YjctOTY2NS04ZDQ3NGZkMTRhZWEvMC84M0QzOTg2QzVD
QkQ1NkJEMENFOTAzRDFCNTFFQUQ2NUQxMUQzM0E2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODNEMzk4NkM1Q0JENTZCRDBDRTkwM0QxQjUxRUFENjVEMTFE
MzNBNi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzgzZDA3ODZkLTNkM2UtNDViNy05
NjY1LThkNDc0ZmQxNGFlYS8wLzMyMzAzMzJlMzEzNTMzMmUzMTMyMzAyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzUzMDM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy5l4MA0GCSqG
SIb3DQEBCwUAA4IBAQDFZ2JuC1LhzELH6GjLSK+03nFpxzHop0976k9Te6by7oaz
RX8S0lImX9wma1FXlDtTt0FjixJGsTzXo0V73x8oyCXJg1cW7gakTfMxnklnD6kR
xc/r9b46WYde9u0+hQ9UsDWRI+F4yrIbgWFpmBBsIhTrrOFrSasnoqaD5LZ8pm2d
uzGBv2k7eQHKH1UVR2QPoTqojYZnpOk1W+5JcJzvZEq2hnN0qFkg3aK3SGfSAHqK
dv85c9XyMsidMjiKJQqxUkrGF5w5Ew0Xv3vcf4nti79BW+X3VTZTuI+bAO9d6qi/
aJO22AJM5Q0N6u14D8Lu5QSiL6ramn9QhbMrzU79
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:41 2024 by rpki-client on console-ams.rpki-client.org