Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/911417c0-37bb-446d-87f2-d8184178c149/0/3130332e3233382e3230302e302f32322d3234203d3e203233363739.roa
File:                     3130332e3233382e3230302e302f32322d3234203d3e203233363739.roa (raw, json)
Hash identifier:          x1b/PF6BfdVj0mKhejblTQmF0tEEtNvFZOOH0g1WYF8=
Subject key identifier:   88:FB:98:D4:75:E3:01:82:88:9B:5A:13:1A:B0:A0:D0:99:28:AE:5B
Certificate issuer:       /CN=084550E9619FF5ABD20864D9A6383053B59BF91E
Certificate serial:       7D9FFBD7109F471A1FF5A54CF27122CF9DE28BEF
Authority key identifier: 08:45:50:E9:61:9F:F5:AB:D2:08:64:D9:A6:38:30:53:B5:9B:F9:1E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/084550E9619FF5ABD20864D9A6383053B59BF91E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/911417c0-37bb-446d-87f2-d8184178c149/0/3130332e3233382e3230302e302f32322d3234203d3e203233363739.roa
Signing time:             Tue 11 Jun 2024 04:00:01 +0000
ROA not before:           Tue 11 Jun 2024 03:55:01 +0000
ROA not after:            Tue 10 Jun 2025 04:00:01 +0000
asID:                     23679
IP address blocks:        103.238.200.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 13 Aug 2024 05:17:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:9f:fb:d7:10:9f:47:1a:1f:f5:a5:4c:f2:71:22:cf:9d:e2:8b:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=084550E9619FF5ABD20864D9A6383053B59BF91E
        Validity
            Not Before: Jun 11 03:55:01 2024 GMT
            Not After : Jun 10 04:00:01 2025 GMT
        Subject: CN=88FB98D475E30182889B5A131AB0A0D09928AE5B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:76:d0:53:dc:39:28:cf:62:e3:77:4f:76:41:
                    3b:70:1c:89:b0:cb:b1:b2:0a:2a:cf:7a:44:37:34:
                    02:50:cf:8e:26:a4:30:f7:2b:1b:21:1d:2e:f0:32:
                    86:4c:e7:4f:cf:34:52:bd:e9:12:02:66:af:54:50:
                    88:bc:7a:ed:e8:26:ec:93:27:c8:92:0e:50:9a:c6:
                    06:79:80:c4:df:95:1e:4c:fe:24:b2:36:d1:dc:78:
                    17:33:a2:30:0d:fa:5b:7a:71:57:94:55:47:ba:91:
                    e5:5b:73:f0:25:ed:7f:25:f3:15:b7:e9:ff:c2:a2:
                    b6:2f:24:88:98:4a:46:d5:aa:a3:7b:66:c1:27:6b:
                    56:0e:96:0a:29:68:65:5a:46:3e:87:67:d2:1c:d4:
                    83:a4:76:ec:b0:69:48:d8:1a:58:49:aa:d3:f3:23:
                    94:30:17:b5:70:fb:11:84:a2:e3:53:b2:eb:18:d4:
                    4b:42:7b:19:3b:d3:44:59:05:77:09:4b:35:9b:98:
                    d6:3b:c9:0a:66:c8:be:1d:40:4d:d2:47:5c:02:28:
                    36:df:f4:9d:96:99:91:7b:9b:c5:2c:97:bb:86:30:
                    d2:eb:45:c0:a0:c0:28:26:d3:ba:db:0a:dd:94:70:
                    41:87:f9:41:f9:03:6f:76:c6:05:0e:ba:5c:43:01:
                    c3:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:FB:98:D4:75:E3:01:82:88:9B:5A:13:1A:B0:A0:D0:99:28:AE:5B
            X509v3 Authority Key Identifier:
                keyid:08:45:50:E9:61:9F:F5:AB:D2:08:64:D9:A6:38:30:53:B5:9B:F9:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/911417c0-37bb-446d-87f2-d8184178c149/0/084550E9619FF5ABD20864D9A6383053B59BF91E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/084550E9619FF5ABD20864D9A6383053B59BF91E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/911417c0-37bb-446d-87f2-d8184178c149/0/3130332e3233382e3230302e302f32322d3234203d3e203233363739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.238.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         09:f4:d4:50:df:bc:59:46:5b:7f:e4:b8:2d:b9:4a:a6:64:34:
         fd:dc:5c:b7:db:a5:f0:45:76:ca:51:55:12:3a:0b:97:71:81:
         2d:28:70:63:1c:ce:74:b9:65:8e:33:94:1c:0d:a1:9d:71:e8:
         73:35:7b:e6:ee:f9:f4:f8:98:96:42:21:dd:0b:54:25:b0:a9:
         11:25:30:6e:27:1c:06:ca:2e:41:76:da:4e:b2:91:3c:78:b8:
         af:53:7b:4a:89:50:bd:d6:a8:cf:db:3b:3c:c8:e2:02:ce:8e:
         f4:a1:0d:09:fd:7c:5b:9d:57:37:e3:9d:f4:8f:1c:bd:0d:e3:
         b4:3b:95:02:56:b2:40:1f:92:f8:05:7d:c5:ef:69:19:ab:f2:
         a3:67:05:4a:5d:f5:91:f7:df:3f:fc:96:20:de:10:b7:83:d9:
         1e:33:82:35:cd:84:59:6f:9d:78:a0:66:01:d5:4a:66:65:56:
         1c:60:5d:2a:1e:6f:96:fb:50:47:4a:a8:51:95:2b:0f:2a:2d:
         f9:72:2d:45:72:92:bd:32:6a:1d:c4:40:a3:de:f0:e1:d8:94:
         ba:ec:8f:0b:38:ef:88:59:0c:22:2f:5c:5f:fb:e6:b6:ea:70:
         95:1a:2d:7e:2b:22:88:70:20:d1:29:6f:db:bb:1a:55:e8:dc:
         98:98:1a:bf
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUfZ/71xCfRxof9aVM8nEiz53ii+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg0NTUwRTk2MTlGRjVBQkQyMDg2NEQ5QTYzODMwNTNC
NTlCRjkxRTAeFw0yNDA2MTEwMzU1MDFaFw0yNTA2MTAwNDAwMDFaMDMxMTAvBgNV
BAMTKDg4RkI5OEQ0NzVFMzAxODI4ODlCNUExMzFBQjBBMEQwOTkyOEFFNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtdtBT3Dkoz2Ljd092QTtwHImw
y7GyCirPekQ3NAJQz44mpDD3KxshHS7wMoZM50/PNFK96RICZq9UUIi8eu3oJuyT
J8iSDlCaxgZ5gMTflR5M/iSyNtHceBczojAN+lt6cVeUVUe6keVbc/Al7X8l8xW3
6f/CorYvJIiYSkbVqqN7ZsEna1YOlgopaGVaRj6HZ9Ic1IOkduywaUjYGlhJqtPz
I5QwF7Vw+xGEouNTsusY1EtCexk700RZBXcJSzWbmNY7yQpmyL4dQE3SR1wCKDbf
9J2WmZF7m8Usl7uGMNLrRcCgwCgm07rbCt2UcEGH+UH5A292xgUOulxDAcPFAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUiPuY1HXjAYKIm1oTGrCg0JkorlswHwYDVR0j
BBgwFoAUCEVQ6WGf9avSCGTZpjgwU7Wb+R4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
MTE0MTdjMC0zN2JiLTQ0NmQtODdmMi1kODE4NDE3OGMxNDkvMC8wODQ1NTBFOTYx
OUZGNUFCRDIwODY0RDlBNjM4MzA1M0I1OUJGOTFFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDg0NTUwRTk2MTlGRjVBQkQyMDg2NEQ5QTYzODMwNTNCNTlC
RjkxRS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkxMTQxN2MwLTM3YmItNDQ2ZC04
N2YyLWQ4MTg0MTc4YzE0OS8wLzMxMzAzMzJlMzIzMzM4MmUzMjMwMzAyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMjMzMzYzNzM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+7IMA0GCSqG
SIb3DQEBCwUAA4IBAQAJ9NRQ37xZRlt/5LgtuUqmZDT93Fy326XwRXbKUVUSOguX
cYEtKHBjHM50uWWOM5QcDaGdcehzNXvm7vn0+JiWQiHdC1QlsKkRJTBuJxwGyi5B
dtpOspE8eLivU3tKiVC91qjP2zs8yOICzo70oQ0J/XxbnVc34530jxy9DeO0O5UC
VrJAH5L4BX3F72kZq/KjZwVKXfWR998//JYg3hC3g9keM4I1zYRZb514oGYB1Upm
ZVYcYF0qHm+W+1BHSqhRlSsPKi35ci1FcpK9MmodxECj3vDh2JS67I8LOO+IWQwi
L1xf++a26nCVGi1+KyKIcCDRKW/buxpV6NyYmBq/
-----END CERTIFICATE-----
Generated at Tue Aug 13 06:15:22 2024 by rpki-client on console-fra.rpki-client.org