Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/3230322e31302e33322e302f32332d3234203d3e2039343632.roa
File:                     3230322e31302e33322e302f32332d3234203d3e2039343632.roa (raw, json)
Hash identifier:          1YEju6c+++Fkto/Cat2HdN/6yiXLMO3dGvZWghWr/eU=
Subject key identifier:   60:29:10:E7:21:A3:15:8A:9A:18:B8:15:86:33:D0:04:6F:61:AD:FE
Certificate issuer:       /CN=B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3
Certificate serial:       1F315E3BB2B1F1770EEDA4DAC5515D42F3CFC868
Authority key identifier: B6:EE:1F:61:D6:E8:E9:EE:C6:40:CC:C1:D7:91:DB:A1:24:99:3C:A3
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/3230322e31302e33322e302f32332d3234203d3e2039343632.roa
Signing time:             Fri 19 Apr 2024 10:00:00 +0000
ROA not before:           Fri 19 Apr 2024 09:55:00 +0000
ROA not after:            Fri 18 Apr 2025 10:00:00 +0000
asID:                     9462
IP address blocks:        202.10.32.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Sep 2024 03:49:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:31:5e:3b:b2:b1:f1:77:0e:ed:a4:da:c5:51:5d:42:f3:cf:c8:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3
        Validity
            Not Before: Apr 19 09:55:00 2024 GMT
            Not After : Apr 18 10:00:00 2025 GMT
        Subject: CN=602910E721A3158A9A18B8158633D0046F61ADFE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:14:ce:71:84:f9:c5:d4:61:52:27:b6:ea:0b:
                    f2:7f:9c:3b:d3:3c:b4:ee:06:11:29:52:ff:9e:62:
                    32:a9:f0:66:2e:dd:1f:13:7d:34:82:ae:fc:57:c6:
                    c5:54:fa:60:e0:3a:9c:2f:18:2a:e0:67:4e:64:74:
                    45:b6:2f:bc:85:46:fe:e7:3c:81:47:bd:77:ae:01:
                    cd:09:94:d8:ef:ae:42:a4:c9:d1:16:cd:02:b8:38:
                    f3:5c:46:e9:0f:e4:60:b2:56:77:8a:59:fc:1e:1a:
                    8c:b5:d3:38:bb:30:a2:76:5a:12:80:da:4c:19:11:
                    52:a8:50:dd:77:5f:c4:0f:7f:58:05:d9:62:58:fa:
                    9a:e5:2c:f9:42:98:76:02:68:0a:17:6f:bf:a7:46:
                    81:70:3e:a8:d3:ab:6c:ae:e2:42:19:ec:35:cd:50:
                    73:2d:1f:c7:8e:ed:ad:98:e7:ab:ee:9a:c5:69:c1:
                    56:f2:72:59:86:5b:0e:b6:2c:a7:b0:f0:81:57:aa:
                    a1:7d:6f:4c:40:b5:ae:b7:99:53:29:ec:7d:31:ed:
                    74:09:d8:9a:85:75:de:61:74:b4:c3:10:14:47:9a:
                    e1:c5:18:16:d3:09:45:12:d9:7e:ba:07:b8:b2:ef:
                    58:f5:4e:3f:17:d8:67:e2:50:12:39:91:de:59:4e:
                    8c:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:29:10:E7:21:A3:15:8A:9A:18:B8:15:86:33:D0:04:6F:61:AD:FE
            X509v3 Authority Key Identifier:
                keyid:B6:EE:1F:61:D6:E8:E9:EE:C6:40:CC:C1:D7:91:DB:A1:24:99:3C:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/3230322e31302e33322e302f32332d3234203d3e2039343632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.10.32.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b8:e2:aa:98:6d:30:a0:61:47:cb:d8:af:d9:73:91:c0:6d:d8:
         bd:6b:08:05:3d:aa:2a:50:f7:28:54:e6:44:74:c6:87:06:b0:
         cc:69:89:70:19:95:ad:55:43:7b:6f:46:16:d9:6f:8e:7a:2e:
         94:aa:76:7d:9a:a6:24:53:ef:a0:90:5f:61:8c:73:ef:c1:74:
         f2:88:02:16:49:0c:56:3e:04:17:8c:7b:df:e9:2c:8a:57:28:
         90:bd:f4:35:b7:8b:31:85:b3:43:58:fc:70:73:f9:a8:ed:94:
         86:dc:bc:ad:11:54:62:2d:a7:75:65:b2:8c:e5:be:fa:7a:56:
         3d:5d:90:1d:f4:e6:6c:0b:77:fe:31:a7:e0:a6:db:0c:dd:81:
         28:8d:08:6c:5a:1a:0f:c2:30:fb:00:7a:6a:4b:16:27:42:5d:
         02:30:61:1f:bb:05:72:21:35:e2:8c:3d:62:38:c1:d2:f2:23:
         fa:68:da:1e:3c:1d:5c:55:3e:e3:62:ce:95:ae:76:d7:7c:4b:
         b0:84:d5:fd:e8:b5:4d:69:eb:3a:42:be:db:af:e6:5f:ee:b1:
         0f:55:40:13:e9:75:b3:67:1e:d8:9e:3b:f3:5d:e5:7b:50:b2:
         03:17:5c:d3:14:4a:2c:8e:c8:14:36:57:5a:d1:6c:1e:00:1f:
         54:18:91:b2
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUHzFeO7Kx8XcO7aTaxVFdQvPPyGgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjZFRTFGNjFENkU4RTlFRUM2NDBDQ0MxRDc5MURCQTEy
NDk5M0NBMzAeFw0yNDA0MTkwOTU1MDBaFw0yNTA0MTgxMDAwMDBaMDMxMTAvBgNV
BAMTKDYwMjkxMEU3MjFBMzE1OEE5QTE4QjgxNTg2MzNEMDA0NkY2MUFERkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcFM5xhPnF1GFSJ7bqC/J/nDvT
PLTuBhEpUv+eYjKp8GYu3R8TfTSCrvxXxsVU+mDgOpwvGCrgZ05kdEW2L7yFRv7n
PIFHvXeuAc0JlNjvrkKkydEWzQK4OPNcRukP5GCyVneKWfweGoy10zi7MKJ2WhKA
2kwZEVKoUN13X8QPf1gF2WJY+prlLPlCmHYCaAoXb7+nRoFwPqjTq2yu4kIZ7DXN
UHMtH8eO7a2Y56vumsVpwVbyclmGWw62LKew8IFXqqF9b0xAta63mVMp7H0x7XQJ
2JqFdd5hdLTDEBRHmuHFGBbTCUUS2X66B7iy71j1Tj8X2GfiUBI5kd5ZToz5AgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUYCkQ5yGjFYqaGLgVhjPQBG9hrf4wHwYDVR0j
BBgwFoAUtu4fYdbo6e7GQMzB15HboSSZPKMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
MTA4NWI0YS1mNTczLTQyZjMtODI1Yy0xY2YwYzg3MmIxNTIvMC9CNkVFMUY2MUQ2
RThFOUVFQzY0MENDQzFENzkxREJBMTI0OTkzQ0EzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjZFRTFGNjFENkU4RTlFRUM2NDBDQ0MxRDc5MURCQTEyNDk5
M0NBMy5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDEwODViNGEtZjU3My00MmYzLTgy
NWMtMWNmMGM4NzJiMTUyLzAvMzIzMDMyMmUzMTMwMmUzMzMyMmUzMDJmMzIzMzJk
MzIzNDIwM2QzZTIwMzkzNDM2MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHKCiAwDQYJKoZIhvcNAQEL
BQADggEBALjiqphtMKBhR8vYr9lzkcBt2L1rCAU9qipQ9yhU5kR0xocGsMxpiXAZ
la1VQ3tvRhbZb456LpSqdn2apiRT76CQX2GMc+/BdPKIAhZJDFY+BBeMe9/pLIpX
KJC99DW3izGFs0NY/HBz+ajtlIbcvK0RVGItp3Vlsozlvvp6Vj1dkB305mwLd/4x
p+Cm2wzdgSiNCGxaGg/CMPsAempLFidCXQIwYR+7BXIhNeKMPWI4wdLyI/po2h48
HVxVPuNizpWudtd8S7CE1f3otU1p6zpCvtuv5l/usQ9VQBPpdbNnHtieO/Nd5XtQ
sgMXXNMUSiyOyBQ2V1rRbB4AH1QYkbI=
-----END CERTIFICATE-----
Generated at Mon Sep 2 05:27:56 2024 by rpki-client on console-ams.rpki-client.org