Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/34332e3234372e33342e302f32342d3234203d3e203136353039.roa
File:                     34332e3234372e33342e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier:          I9Rk/Ok9fcrT+b3PAmLVtaqLvZrz1Snwm9pkeXGrmtQ=
Subject key identifier:   CE:F8:97:36:9B:46:CF:41:3C:81:A9:FC:E3:02:48:7A:7C:EE:C6:7E
Certificate issuer:       /CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
Certificate serial:       16B4CB77B3E7AA33DCE1325AE586B71B33C296B7
Authority key identifier: 15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/34332e3234372e33342e302f32342d3234203d3e203136353039.roa
Signing time:             Mon 31 Jul 2023 00:06:24 +0000
ROA not before:           Mon 31 Jul 2023 00:01:24 +0000
ROA not after:            Mon 29 Jul 2024 00:06:24 +0000
asID:                     16509
IP address blocks:        43.247.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:b4:cb:77:b3:e7:aa:33:dc:e1:32:5a:e5:86:b7:1b:33:c2:96:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
        Validity
            Not Before: Jul 31 00:01:24 2023 GMT
            Not After : Jul 29 00:06:24 2024 GMT
        Subject: CN=CEF897369B46CF413C81A9FCE302487A7CEEC67E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:8f:5b:c0:cd:ca:81:bf:12:bc:3b:6c:6a:c8:
                    ea:f8:eb:51:cf:98:5f:53:7a:6e:2f:3e:fb:fa:51:
                    4f:67:3a:dc:e9:5d:4b:a6:ef:8e:00:87:2c:fb:65:
                    47:40:27:10:94:74:ee:3b:3d:77:b7:a7:69:99:ed:
                    cc:fe:82:d1:12:85:c8:e5:4c:fd:2d:24:49:53:d3:
                    3c:3e:82:5c:ec:a4:dc:35:8d:c2:d9:07:0e:7c:f2:
                    59:e4:df:2b:a9:c0:7e:dd:8a:8d:1a:6a:9e:3e:08:
                    e2:ff:f7:5b:2e:93:b9:5d:a3:55:88:b9:91:6d:cf:
                    c5:df:b1:a1:e2:b7:12:c2:5d:6d:f2:56:47:21:a5:
                    ed:dd:e0:fc:7b:f5:dc:20:85:8b:db:3a:0d:af:c5:
                    32:f5:d5:0e:04:60:56:d4:48:e6:5d:3e:10:01:88:
                    d1:a5:f8:1d:56:38:80:cd:3f:32:3c:0f:ba:d2:13:
                    02:d6:b9:94:e2:e4:fe:28:51:11:b0:11:13:d2:50:
                    32:3d:7e:63:ac:ea:f8:83:08:a5:7f:23:4c:8d:99:
                    f7:8a:5e:b8:e8:2e:13:30:ed:55:7f:a1:06:44:d4:
                    3e:b1:c0:56:26:4d:84:1d:80:f2:d7:81:18:b7:43:
                    3d:3a:9b:2c:27:17:55:22:ee:14:f9:37:80:cf:63:
                    4e:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:F8:97:36:9B:46:CF:41:3C:81:A9:FC:E3:02:48:7A:7C:EE:C6:7E
            X509v3 Authority Key Identifier:
                keyid:15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/34332e3234372e33342e302f32342d3234203d3e203136353039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.247.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:8e:34:49:52:c8:b3:de:1c:f5:fd:b9:74:08:ca:bb:16:63:
         c0:81:8e:66:df:ab:22:68:5c:92:00:58:32:81:bf:e9:cc:7d:
         94:51:59:94:56:b0:77:4a:f7:98:08:06:06:65:ab:c0:a1:dc:
         6f:84:90:71:b2:7a:f6:87:00:a5:19:53:2b:79:f6:ae:87:ea:
         c8:c7:84:cd:e8:35:c7:67:70:cd:dd:3a:e7:79:49:28:62:7b:
         c4:ce:46:c5:89:c3:0f:c6:e9:47:a9:a7:0f:e9:a6:2b:60:f6:
         b3:79:40:0c:a2:92:9d:9d:39:9d:6d:ae:0e:91:71:42:b0:6c:
         e0:11:6b:ac:ad:32:09:40:97:1c:69:28:09:3d:ef:93:ca:e9:
         58:61:5b:05:1e:a2:25:c4:ed:88:87:de:5c:12:fd:a7:30:5d:
         e6:99:39:d7:4a:78:cc:a7:f6:4b:6c:7f:63:48:d2:3c:8f:5f:
         6d:4c:37:85:a5:53:88:e1:39:c6:cd:ca:45:1b:37:9c:de:07:
         04:a5:7d:b2:5f:20:39:6c:04:d5:f0:1c:7c:3c:44:13:0f:f1:
         25:13:f8:ff:f8:61:26:02:e5:30:e6:a8:58:8d:1d:f5:84:62:
         53:55:83:c3:fb:26:b5:8f:b0:84:b7:2a:cf:8b:75:c1:f7:1c:
         1a:f1:13:67
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUFrTLd7PnqjPc4TJa5Ya3GzPClrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NB
MEJGQzQ0MTAeFw0yMzA3MzEwMDAxMjRaFw0yNDA3MjkwMDA2MjRaMDMxMTAvBgNV
BAMTKENFRjg5NzM2OUI0NkNGNDEzQzgxQTlGQ0UzMDI0ODdBN0NFRUM2N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRj1vAzcqBvxK8O2xqyOr461HP
mF9Tem4vPvv6UU9nOtzpXUum744Ahyz7ZUdAJxCUdO47PXe3p2mZ7cz+gtEShcjl
TP0tJElT0zw+glzspNw1jcLZBw588lnk3yupwH7dio0aap4+COL/91suk7ldo1WI
uZFtz8XfsaHitxLCXW3yVkchpe3d4Px79dwghYvbOg2vxTL11Q4EYFbUSOZdPhAB
iNGl+B1WOIDNPzI8D7rSEwLWuZTi5P4oURGwERPSUDI9fmOs6viDCKV/I0yNmfeK
XrjoLhMw7VV/oQZE1D6xwFYmTYQdgPLXgRi3Qz06mywnF1Ui7hT5N4DPY049AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUzviXNptGz0E8gan84wJIenzuxn4wHwYDVR0j
BBgwFoAUFU7gMZhGe5YxX9tSf7O7zKC/xEEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NjIxZjc1My1hODhlLTRlZGYtYTMwNi1iZDkzZDVhMzhmZWEvMC8xNTRFRTAzMTk4
NDY3Qjk2MzE1RkRCNTI3RkIzQkJDQ0EwQkZDNDQxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NBMEJG
QzQ0MS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2MjFmNzUzLWE4OGUtNGVkZi1h
MzA2LWJkOTNkNWEzOGZlYS8wLzM0MzMyZTMyMzQzNzJlMzMzNDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAr9yIwDQYJKoZIhvcN
AQELBQADggEBAK+ONElSyLPeHPX9uXQIyrsWY8CBjmbfqyJoXJIAWDKBv+nMfZRR
WZRWsHdK95gIBgZlq8Ch3G+EkHGyevaHAKUZUyt59q6H6sjHhM3oNcdncM3dOud5
SShie8TORsWJww/G6Ueppw/ppitg9rN5QAyikp2dOZ1trg6RcUKwbOARa6ytMglA
lxxpKAk975PK6VhhWwUeoiXE7YiH3lwS/acwXeaZOddKeMyn9ktsf2NI0jyPX21M
N4WlU4jhOcbNykUbN5zeBwSlfbJfIDlsBNXwHHw8RBMP8SUT+P/4YSYC5TDmqFiN
HfWEYlNVg8P7JrWPsIS3Ks+LdcH3HBrxE2c=
-----END CERTIFICATE-----
Generated at Fri Jan 5 08:48:13 2024 by rpki-client on console-ams.rpki-client.org