Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/3230322e38372e3138302e302f32342d3234203d3e203338373638.roa
File:                     3230322e38372e3138302e302f32342d3234203d3e203338373638.roa (raw, json)
Hash identifier:          onMmQM6HLERG9XiarsbW/PthzTNlSFmTEahzOKCyCMM=
Subject key identifier:   C4:81:17:F3:9E:B0:3C:0C:AB:3B:A2:85:4F:A6:5D:18:E1:D7:75:1E
Certificate issuer:       /CN=6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC
Certificate serial:       15CA4469657C748549D2C848C3C8612FF9B24792
Authority key identifier: 6A:D9:56:36:B6:B3:E0:D5:F9:0E:E4:1F:3C:3D:6D:51:F8:FC:06:EC
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/3230322e38372e3138302e302f32342d3234203d3e203338373638.roa
Signing time:             Sat 06 Apr 2024 05:00:03 +0000
ROA not before:           Sat 06 Apr 2024 04:55:03 +0000
ROA not after:            Sat 05 Apr 2025 05:00:03 +0000
asID:                     38768
IP address blocks:        202.87.180.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 11 Sep 2024 02:27:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:ca:44:69:65:7c:74:85:49:d2:c8:48:c3:c8:61:2f:f9:b2:47:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC
        Validity
            Not Before: Apr  6 04:55:03 2024 GMT
            Not After : Apr  5 05:00:03 2025 GMT
        Subject: CN=C48117F39EB03C0CAB3BA2854FA65D18E1D7751E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d5:e8:60:7a:5b:a4:3d:c8:8f:71:26:9b:67:
                    7c:e7:2e:42:a5:de:05:1a:1b:32:93:fc:90:ee:a9:
                    03:9d:c8:10:9f:cd:21:4b:68:a7:6e:47:2b:94:97:
                    0a:28:a0:20:91:a2:fa:0e:89:05:fa:49:75:fa:46:
                    fd:e5:1b:7c:09:70:29:29:c5:bc:70:8f:6c:6f:be:
                    cb:2e:e7:19:70:ae:f9:ba:18:66:5b:03:a4:d5:28:
                    cd:4a:b6:25:08:be:f4:68:b0:37:7d:af:85:84:8e:
                    30:d1:de:02:8f:2e:d1:b6:ea:a6:ca:5c:3f:4a:d0:
                    a0:88:0a:d4:69:1a:f6:b3:50:7c:af:b6:44:68:42:
                    3e:d0:74:2d:3a:be:2c:72:a8:7d:9b:69:c2:6a:71:
                    74:4e:2a:4e:d3:9e:2d:70:50:a7:36:9a:55:11:95:
                    ae:90:b4:2d:90:37:fb:01:37:76:81:00:e1:7b:aa:
                    c4:94:48:df:9b:be:d0:6c:d2:c9:7e:bf:a6:d6:09:
                    05:76:4f:d2:dd:0c:73:eb:63:43:28:87:cc:32:26:
                    d9:7c:ae:d3:04:3c:31:c8:57:91:10:e8:05:2a:b8:
                    be:03:0e:ac:99:1f:9e:5e:d1:ee:e6:76:a5:43:4d:
                    1c:23:9c:cb:9a:6b:da:a1:48:05:47:09:64:99:75:
                    8d:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:81:17:F3:9E:B0:3C:0C:AB:3B:A2:85:4F:A6:5D:18:E1:D7:75:1E
            X509v3 Authority Key Identifier:
                keyid:6A:D9:56:36:B6:B3:E0:D5:F9:0E:E4:1F:3C:3D:6D:51:F8:FC:06:EC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/3230322e38372e3138302e302f32342d3234203d3e203338373638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.87.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:12:7d:14:98:cb:8c:2b:d9:e8:65:4e:a8:0e:ec:e0:b2:f9:
         e6:02:be:e3:e1:61:87:9d:67:b2:0a:5b:4e:4d:b7:d4:1f:82:
         ce:14:50:67:ea:c8:7f:da:af:28:39:05:62:17:e9:38:8b:2e:
         35:2f:de:f3:30:f7:87:53:9a:63:ba:ba:d9:7f:8c:f8:60:9b:
         d3:ea:dc:ec:74:d9:7e:c2:36:af:9e:0d:0b:b2:a5:d1:45:d1:
         cb:75:52:6c:0f:b4:5c:ae:1d:d5:88:53:bf:b9:2d:ee:c2:ce:
         9d:01:1d:29:59:b1:ff:e8:dd:eb:92:85:8f:ac:ce:39:e0:11:
         38:50:5e:68:86:3f:06:f1:fc:5b:7a:83:2a:2d:c6:70:c8:a2:
         cd:4b:1d:ce:ba:48:0f:bb:0d:2d:55:8b:db:26:3d:ef:4b:72:
         cb:6f:98:32:5b:2c:f9:f5:88:12:0c:cb:32:49:db:a5:07:89:
         46:36:17:da:90:0f:22:bf:a0:b0:7c:4f:54:b1:a1:34:9f:8a:
         de:e2:fd:f6:85:d3:e0:0b:0e:f8:15:16:8a:eb:30:17:4c:27:
         45:dd:3b:72:0b:27:ad:8d:01:48:18:ca:b3:a7:99:f2:1f:bf:
         00:06:7c:76:d8:b4:53:c2:e6:01:8c:c2:70:df:b4:18:0b:98:
         f7:c4:2e:15
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUFcpEaWV8dIVJ0shIw8hhL/myR5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkFEOTU2MzZCNkIzRTBENUY5MEVFNDFGM0MzRDZENTFG
OEZDMDZFQzAeFw0yNDA0MDYwNDU1MDNaFw0yNTA0MDUwNTAwMDNaMDMxMTAvBgNV
BAMTKEM0ODExN0YzOUVCMDNDMENBQjNCQTI4NTRGQTY1RDE4RTFENzc1MUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ1ehgelukPciPcSabZ3znLkKl
3gUaGzKT/JDuqQOdyBCfzSFLaKduRyuUlwoooCCRovoOiQX6SXX6Rv3lG3wJcCkp
xbxwj2xvvssu5xlwrvm6GGZbA6TVKM1KtiUIvvRosDd9r4WEjjDR3gKPLtG26qbK
XD9K0KCICtRpGvazUHyvtkRoQj7QdC06vixyqH2bacJqcXROKk7Tni1wUKc2mlUR
la6QtC2QN/sBN3aBAOF7qsSUSN+bvtBs0sl+v6bWCQV2T9LdDHPrY0Moh8wyJtl8
rtMEPDHIV5EQ6AUquL4DDqyZH55e0e7mdqVDTRwjnMuaa9qhSAVHCWSZdY0NAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUxIEX856wPAyrO6KFT6ZdGOHXdR4wHwYDVR0j
BBgwFoAUatlWNraz4NX5DuQfPD1tUfj8BuwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
ODczNDlmYi00NjVlLTRlOGItYTk3NC05MGU5MzliY2IwZmIvMC82QUQ5NTYzNkI2
QjNFMEQ1RjkwRUU0MUYzQzNENkQ1MUY4RkMwNkVDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkFEOTU2MzZCNkIzRTBENUY5MEVFNDFGM0MzRDZENTFGOEZD
MDZFQy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U4NzM0OWZiLTQ2NWUtNGU4Yi1h
OTc0LTkwZTkzOWJjYjBmYi8wLzMyMzAzMjJlMzgzNzJlMzEzODMwMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMpXtDANBgkqhkiG
9w0BAQsFAAOCAQEADBJ9FJjLjCvZ6GVOqA7s4LL55gK+4+Fhh51nsgpbTk231B+C
zhRQZ+rIf9qvKDkFYhfpOIsuNS/e8zD3h1OaY7q62X+M+GCb0+rc7HTZfsI2r54N
C7Kl0UXRy3VSbA+0XK4d1YhTv7kt7sLOnQEdKVmx/+jd65KFj6zOOeAROFBeaIY/
BvH8W3qDKi3GcMiizUsdzrpID7sNLVWL2yY970tyy2+YMlss+fWIEgzLMknbpQeJ
RjYX2pAPIr+gsHxPVLGhNJ+K3uL99oXT4AsO+BUWiuswF0wnRd07cgsnrY0BSBjK
s6eZ8h+/AAZ8dti0U8LmAYzCcN+0GAuY98QuFQ==
-----END CERTIFICATE-----
Generated at Wed Sep 11 05:04:08 2024 by rpki-client on console-ams.rpki-client.org