Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/d4488d56-6ead-4ce4-8d33-2dcf080d0876/0/3130332e3136362e32382e302f32332d3234203d3e20313338303839.roa
File:                     3130332e3136362e32382e302f32332d3234203d3e20313338303839.roa (raw, json)
Hash identifier:          MWlC9i5GB6AqBHkgSeJrfus+OCza6tec1d95UnU/BGo=
Subject key identifier:   72:4C:2F:3E:8F:19:9A:05:78:B5:39:81:3B:B4:A5:9C:A2:D9:42:93
Certificate issuer:       /CN=75124AA5DD7D2B53783B8C956570CF3235324A6C
Certificate serial:       51D16C832DACF79A33BCA92E216A1DA45DE127AD
Authority key identifier: 75:12:4A:A5:DD:7D:2B:53:78:3B:8C:95:65:70:CF:32:35:32:4A:6C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/75124AA5DD7D2B53783B8C956570CF3235324A6C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/d4488d56-6ead-4ce4-8d33-2dcf080d0876/0/3130332e3136362e32382e302f32332d3234203d3e20313338303839.roa
Signing time:             Wed 05 Jul 2023 04:00:01 +0000
ROA not before:           Wed 05 Jul 2023 03:55:01 +0000
ROA not after:            Wed 03 Jul 2024 04:00:01 +0000
asID:                     138089
IP address blocks:        103.166.28.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Jun 2024 16:40:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:d1:6c:83:2d:ac:f7:9a:33:bc:a9:2e:21:6a:1d:a4:5d:e1:27:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75124AA5DD7D2B53783B8C956570CF3235324A6C
        Validity
            Not Before: Jul  5 03:55:01 2023 GMT
            Not After : Jul  3 04:00:01 2024 GMT
        Subject: CN=724C2F3E8F199A0578B539813BB4A59CA2D94293
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:5a:d6:40:b8:4b:e7:76:e3:6b:be:14:e4:15:
                    fe:97:65:f7:de:8b:9f:04:2f:77:24:77:d8:a5:44:
                    27:1b:d2:c1:01:d9:74:da:2a:38:af:f4:07:9e:e8:
                    67:ea:3e:f5:fc:97:9a:4d:b0:25:4a:8e:c0:a4:a9:
                    3a:ef:bd:54:8a:63:66:b6:24:48:e0:91:6a:21:11:
                    65:32:7b:a4:c4:9c:40:ba:a7:84:f5:43:e4:16:ed:
                    09:e3:e7:7d:17:04:ad:42:55:6b:84:49:3e:9d:cd:
                    c0:1d:9a:b7:0a:b9:b6:4d:21:d9:44:2b:8c:9e:68:
                    b2:66:c3:02:f6:43:b8:22:dc:5c:66:3b:69:57:ec:
                    a8:22:fd:d4:63:1e:2c:98:c2:65:9c:03:8b:f6:3f:
                    ff:a3:3b:9e:33:91:bc:d3:70:03:e0:0e:a4:56:e2:
                    6b:68:0d:f5:4b:11:4e:a4:16:ee:f3:1a:da:67:5c:
                    b0:b3:a9:ab:10:07:60:aa:be:f6:64:8e:48:d9:07:
                    61:fd:d8:8e:d4:b6:e5:51:dd:76:4a:00:e9:e2:42:
                    55:b5:a5:31:38:c2:32:42:3e:30:94:97:3b:37:84:
                    6c:aa:ad:01:16:0d:7c:dc:f9:4a:0b:d4:5c:06:a7:
                    de:9c:34:75:c3:1a:78:fc:21:13:6a:3c:6b:c5:8a:
                    f8:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:4C:2F:3E:8F:19:9A:05:78:B5:39:81:3B:B4:A5:9C:A2:D9:42:93
            X509v3 Authority Key Identifier:
                keyid:75:12:4A:A5:DD:7D:2B:53:78:3B:8C:95:65:70:CF:32:35:32:4A:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/d4488d56-6ead-4ce4-8d33-2dcf080d0876/0/75124AA5DD7D2B53783B8C956570CF3235324A6C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/75124AA5DD7D2B53783B8C956570CF3235324A6C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d4488d56-6ead-4ce4-8d33-2dcf080d0876/0/3130332e3136362e32382e302f32332d3234203d3e20313338303839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.166.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         38:46:16:eb:f7:16:b9:b7:ab:87:d0:e6:0e:72:76:9d:80:3a:
         05:72:aa:5f:5a:15:af:c9:e0:c2:48:b9:cd:b3:d3:9e:1d:6f:
         49:95:17:e7:5f:0c:79:46:31:2e:68:48:4e:b4:37:6a:1d:84:
         eb:bf:66:cc:46:bc:7a:05:f1:3b:b7:41:9c:9d:ce:56:df:df:
         fa:67:98:c6:c3:8d:6f:f9:62:ee:56:87:87:d9:50:68:f7:61:
         7d:9e:78:8f:53:f2:25:5e:17:9b:4a:a5:24:01:5e:3d:f8:22:
         84:a4:ab:a6:f9:5b:18:29:c5:a5:56:ba:c6:6f:f9:af:1f:59:
         f6:f6:13:d5:84:29:25:32:41:59:10:f5:eb:42:d3:6b:86:c7:
         e0:93:a9:3e:f2:cf:33:86:1d:d3:d2:a3:06:73:b5:d1:a4:5b:
         e4:f8:85:c8:94:d3:59:4f:8a:70:f0:ae:c0:66:fb:9b:86:18:
         f8:a0:1b:f9:c6:07:5d:48:cf:38:6b:02:80:cc:08:23:ae:44:
         be:24:16:be:18:a1:c4:36:e9:6b:40:a8:e5:81:e1:5a:6b:54:
         be:c6:89:3e:5f:39:9a:8c:64:b9:58:6f:01:f5:ad:f3:8f:6f:
         a7:00:98:af:82:8b:5d:08:30:f3:b8:60:27:fd:10:b5:4d:7c:
         ff:ac:4f:41
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUUdFsgy2s95ozvKkuIWodpF3hJ60wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzUxMjRBQTVERDdEMkI1Mzc4M0I4Qzk1NjU3MENGMzIz
NTMyNEE2QzAeFw0yMzA3MDUwMzU1MDFaFw0yNDA3MDMwNDAwMDFaMDMxMTAvBgNV
BAMTKDcyNEMyRjNFOEYxOTlBMDU3OEI1Mzk4MTNCQjRBNTlDQTJEOTQyOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0WtZAuEvnduNrvhTkFf6XZffe
i58EL3ckd9ilRCcb0sEB2XTaKjiv9Aee6GfqPvX8l5pNsCVKjsCkqTrvvVSKY2a2
JEjgkWohEWUye6TEnEC6p4T1Q+QW7Qnj530XBK1CVWuEST6dzcAdmrcKubZNIdlE
K4yeaLJmwwL2Q7gi3FxmO2lX7Kgi/dRjHiyYwmWcA4v2P/+jO54zkbzTcAPgDqRW
4mtoDfVLEU6kFu7zGtpnXLCzqasQB2CqvvZkjkjZB2H92I7UtuVR3XZKAOniQlW1
pTE4wjJCPjCUlzs3hGyqrQEWDXzc+UoL1FwGp96cNHXDGnj8IRNqPGvFivjRAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUckwvPo8ZmgV4tTmBO7SlnKLZQpMwHwYDVR0j
BBgwFoAUdRJKpd19K1N4O4yVZXDPMjUySmwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
NDQ4OGQ1Ni02ZWFkLTRjZTQtOGQzMy0yZGNmMDgwZDA4NzYvMC83NTEyNEFBNURE
N0QyQjUzNzgzQjhDOTU2NTcwQ0YzMjM1MzI0QTZDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNzUxMjRBQTVERDdEMkI1Mzc4M0I4Qzk1NjU3MENGMzIzNTMy
NEE2Qy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Q0NDg4ZDU2LTZlYWQtNGNlNC04
ZDMzLTJkY2YwODBkMDg3Ni8wLzMxMzAzMzJlMzEzNjM2MmUzMjM4MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzODM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ6YcMA0GCSqG
SIb3DQEBCwUAA4IBAQA4Rhbr9xa5t6uH0OYOcnadgDoFcqpfWhWvyeDCSLnNs9Oe
HW9JlRfnXwx5RjEuaEhOtDdqHYTrv2bMRrx6BfE7t0Gcnc5W39/6Z5jGw41v+WLu
VoeH2VBo92F9nniPU/IlXhebSqUkAV49+CKEpKum+VsYKcWlVrrGb/mvH1n29hPV
hCklMkFZEPXrQtNrhsfgk6k+8s8zhh3T0qMGc7XRpFvk+IXIlNNZT4pw8K7AZvub
hhj4oBv5xgddSM84awKAzAgjrkS+JBa+GKHENulrQKjlgeFaa1S+xok+XzmajGS5
WG8B9a3zj2+nAJivgotdCDDzuGAn/RC1TXz/rE9B
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:16 2024 by rpki-client on console-fra.rpki-client.org