Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/3230332e3135332e3132352e302f32342d3234203d3e203338353035.roa
File:                     3230332e3135332e3132352e302f32342d3234203d3e203338353035.roa (raw, json)
Hash identifier:          ME1GOINOsn1wJnaL1X6MjKoDqu/CCxyLzV0lp9O4DKQ=
Subject key identifier:   5A:64:7E:9F:EF:4F:9E:9A:E4:EB:36:B8:95:F3:1B:1E:3F:AD:7C:65
Certificate issuer:       /CN=83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6
Certificate serial:       443C55EFD34D68992372DA6DFE29831FBD5BAD65
Authority key identifier: 83:D3:98:6C:5C:BD:56:BD:0C:E9:03:D1:B5:1E:AD:65:D1:1D:33:A6
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/3230332e3135332e3132352e302f32342d3234203d3e203338353035.roa
Signing time:             Thu 10 Aug 2023 08:00:00 +0000
ROA not before:           Thu 10 Aug 2023 07:55:00 +0000
ROA not after:            Thu 08 Aug 2024 08:00:00 +0000
asID:                     38505
IP address blocks:        203.153.125.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Jun 2024 09:22:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:3c:55:ef:d3:4d:68:99:23:72:da:6d:fe:29:83:1f:bd:5b:ad:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6
        Validity
            Not Before: Aug 10 07:55:00 2023 GMT
            Not After : Aug  8 08:00:00 2024 GMT
        Subject: CN=5A647E9FEF4F9E9AE4EB36B895F31B1E3FAD7C65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:cc:83:46:04:00:bc:1c:6b:41:95:ef:aa:89:
                    fb:28:e2:6b:d2:8c:6a:d6:38:77:85:7e:a1:50:d6:
                    42:0e:db:bf:27:13:76:e0:de:50:22:a4:03:30:5a:
                    21:98:2a:8a:05:b3:f4:6c:d3:bd:af:fb:b2:14:aa:
                    3c:3a:04:4c:e9:e3:51:a8:eb:72:6a:60:84:53:58:
                    75:33:b0:b8:17:b3:9e:cd:e9:3c:1a:a3:33:66:40:
                    59:0e:85:04:4a:28:8c:25:ad:b7:be:53:5f:18:a8:
                    13:08:ee:60:56:ce:81:af:cf:d8:5d:1c:54:95:18:
                    e0:ba:7f:7b:67:43:40:2b:3b:1d:5c:b6:57:77:ed:
                    6b:60:3b:08:b9:60:7f:12:36:9f:9d:1a:0b:ca:7b:
                    54:59:b9:20:99:82:f5:e5:0f:72:bd:75:95:b4:e4:
                    80:65:97:cf:d6:d4:c5:d2:ae:32:a8:2e:18:bd:d5:
                    bb:11:78:8a:30:8d:c7:23:0e:c7:83:9e:11:91:8e:
                    d5:ea:64:cc:11:9e:96:b1:39:76:8b:b0:22:53:63:
                    bf:04:35:5c:e6:37:d1:d6:a9:e1:7e:48:b6:e8:fe:
                    ba:bc:b8:70:cc:43:99:cf:c5:0e:13:57:b4:20:db:
                    de:a9:17:f9:fd:88:b2:6d:17:0d:1e:d6:21:19:d2:
                    3c:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:64:7E:9F:EF:4F:9E:9A:E4:EB:36:B8:95:F3:1B:1E:3F:AD:7C:65
            X509v3 Authority Key Identifier:
                keyid:83:D3:98:6C:5C:BD:56:BD:0C:E9:03:D1:B5:1E:AD:65:D1:1D:33:A6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/3230332e3135332e3132352e302f32342d3234203d3e203338353035.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.153.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:1b:60:ca:d2:6f:0b:37:2d:0d:21:8a:eb:3a:ec:93:41:dc:
         96:6a:3e:e7:fd:49:27:1c:4b:93:54:95:cf:48:39:d8:ee:6b:
         bd:28:34:3b:ab:40:50:a2:9d:c7:cd:43:b7:0a:fc:25:d5:fe:
         23:19:0d:1c:89:3e:65:01:83:00:1f:2e:3b:eb:7b:8c:06:b2:
         15:2e:bd:ad:23:b4:19:d6:fe:f5:72:73:d5:2e:61:51:00:fa:
         87:40:d8:a9:d3:af:46:4b:7b:0d:82:31:3d:dc:0e:68:4b:ee:
         ba:96:cd:1d:a8:9b:88:a1:94:3d:0a:28:1a:19:d0:bc:83:10:
         e6:5f:0d:b9:2a:49:50:14:6a:95:3f:49:ec:3f:46:dd:7e:cc:
         cd:13:ed:dd:ed:68:89:86:f7:6d:c0:86:c1:41:e8:bb:90:98:
         9c:7a:78:bd:89:83:90:71:db:09:1c:44:4b:ac:8d:17:0c:d4:
         a7:ef:83:f4:ff:32:08:2d:1a:6f:9c:bc:28:1c:66:76:bd:61:
         43:f1:5f:8c:f8:b0:ee:c7:b8:4d:73:d5:8d:4c:ec:bc:61:63:
         8b:bb:24:8f:27:6c:13:6b:d4:0b:c8:b0:de:33:64:f7:dc:98:
         96:75:03:9a:39:ee:28:59:aa:e0:85:9b:4a:de:8a:59:fb:56:
         29:2e:48:4b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIURDxV79NNaJkjctpt/imDH71brWUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODNEMzk4NkM1Q0JENTZCRDBDRTkwM0QxQjUxRUFENjVE
MTFEMzNBNjAeFw0yMzA4MTAwNzU1MDBaFw0yNDA4MDgwODAwMDBaMDMxMTAvBgNV
BAMTKDVBNjQ3RTlGRUY0RjlFOUFFNEVCMzZCODk1RjMxQjFFM0ZBRDdDNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvzINGBAC8HGtBle+qifso4mvS
jGrWOHeFfqFQ1kIO278nE3bg3lAipAMwWiGYKooFs/Rs072v+7IUqjw6BEzp41Go
63JqYIRTWHUzsLgXs57N6TwaozNmQFkOhQRKKIwlrbe+U18YqBMI7mBWzoGvz9hd
HFSVGOC6f3tnQ0ArOx1ctld37WtgOwi5YH8SNp+dGgvKe1RZuSCZgvXlD3K9dZW0
5IBll8/W1MXSrjKoLhi91bsReIowjccjDseDnhGRjtXqZMwRnpaxOXaLsCJTY78E
NVzmN9HWqeF+SLbo/rq8uHDMQ5nPxQ4TV7Qg296pF/n9iLJtFw0e1iEZ0jz7AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUWmR+n+9Pnprk6za4lfMbHj+tfGUwHwYDVR0j
BBgwFoAUg9OYbFy9Vr0M6QPRtR6tZdEdM6YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
M2QwNzg2ZC0zZDNlLTQ1YjctOTY2NS04ZDQ3NGZkMTRhZWEvMC84M0QzOTg2QzVD
QkQ1NkJEMENFOTAzRDFCNTFFQUQ2NUQxMUQzM0E2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODNEMzk4NkM1Q0JENTZCRDBDRTkwM0QxQjUxRUFENjVEMTFE
MzNBNi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzgzZDA3ODZkLTNkM2UtNDViNy05
NjY1LThkNDc0ZmQxNGFlYS8wLzMyMzAzMzJlMzEzNTMzMmUzMTMyMzUyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzUzMDM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy5l9MA0GCSqG
SIb3DQEBCwUAA4IBAQAmG2DK0m8LNy0NIYrrOuyTQdyWaj7n/UknHEuTVJXPSDnY
7mu9KDQ7q0BQop3HzUO3Cvwl1f4jGQ0ciT5lAYMAHy4763uMBrIVLr2tI7QZ1v71
cnPVLmFRAPqHQNip069GS3sNgjE93A5oS+66ls0dqJuIoZQ9CigaGdC8gxDmXw25
KklQFGqVP0nsP0bdfszNE+3d7WiJhvdtwIbBQei7kJiceni9iYOQcdsJHERLrI0X
DNSn74P0/zIILRpvnLwoHGZ2vWFD8V+M+LDux7hNc9WNTOy8YWOLuySPJ2wTa9QL
yLDeM2T33JiWdQOaOe4oWarghZtK3opZ+1YpLkhL
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:07 2024 by rpki-client on console-fra.rpki-client.org