Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/3135372e36362e32302e302f32342d3234203d3e20313533303636.roa
File:                     3135372e36362e32302e302f32342d3234203d3e20313533303636.roa (raw, json)
Hash identifier:          GeDhxC/scHSGon7wDNax2fpzbYrC5n1VOSdMMCYLPXc=
Subject key identifier:   C8:00:97:73:CB:09:8E:E6:A5:B1:5D:11:23:D7:F9:00:4F:9C:55:C3
Certificate issuer:       /CN=7ABD31DD828DD58C9D91180021903EA04D8EB58E
Certificate serial:       55DD4DE98A839028A9B769C1C19F5E1947B3BDF0
Authority key identifier: 7A:BD:31:DD:82:8D:D5:8C:9D:91:18:00:21:90:3E:A0:4D:8E:B5:8E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7ABD31DD828DD58C9D91180021903EA04D8EB58E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/3135372e36362e32302e302f32342d3234203d3e20313533303636.roa
Signing time:             Fri 19 Jul 2024 02:27:21 +0000
ROA not before:           Fri 19 Jul 2024 02:22:21 +0000
ROA not after:            Fri 18 Jul 2025 02:27:21 +0000
asID:                     153066
IP address blocks:        157.66.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 01 Aug 2024 05:03:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:dd:4d:e9:8a:83:90:28:a9:b7:69:c1:c1:9f:5e:19:47:b3:bd:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ABD31DD828DD58C9D91180021903EA04D8EB58E
        Validity
            Not Before: Jul 19 02:22:21 2024 GMT
            Not After : Jul 18 02:27:21 2025 GMT
        Subject: CN=C8009773CB098EE6A5B15D1123D7F9004F9C55C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:59:cd:0f:02:fd:e8:36:4c:17:21:8c:b6:06:
                    b0:17:6a:37:5a:60:3c:76:d6:67:ea:26:77:68:a6:
                    78:9f:63:d6:98:aa:78:19:07:fa:33:31:29:8e:45:
                    46:8f:f2:d5:51:52:dd:a6:87:4d:35:cb:33:60:3c:
                    07:4e:db:41:71:ce:60:9c:af:12:76:8c:de:68:63:
                    63:4d:fe:5c:e3:e1:14:4b:77:cf:eb:63:23:51:93:
                    ec:e7:ae:99:d5:10:80:bd:a2:d5:13:f7:78:c6:14:
                    51:50:4c:cc:31:d7:ed:c9:72:1c:3b:3d:8c:bf:ff:
                    2c:3b:2e:d4:a3:c7:b0:fe:53:18:3c:7e:4b:36:14:
                    27:46:77:a0:71:6a:64:23:6c:21:48:c7:4f:d9:84:
                    94:4b:fa:2c:34:54:a5:2c:80:ea:d0:95:1a:5b:1f:
                    93:7b:4f:e4:fd:6b:09:ce:96:d6:6e:f2:a1:da:24:
                    7c:ec:4f:e8:70:be:1f:41:0d:fa:08:48:35:98:e3:
                    b3:c8:33:81:c2:69:c6:08:a5:6a:db:dc:ff:2a:8e:
                    78:ab:fb:b9:82:13:28:5d:a6:c5:f0:fa:85:60:53:
                    f6:af:76:bb:bb:e8:ce:2d:1d:9f:71:2f:37:d9:e0:
                    61:4c:1c:90:9c:3c:82:1c:87:b3:0b:78:40:79:40:
                    96:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:00:97:73:CB:09:8E:E6:A5:B1:5D:11:23:D7:F9:00:4F:9C:55:C3
            X509v3 Authority Key Identifier:
                keyid:7A:BD:31:DD:82:8D:D5:8C:9D:91:18:00:21:90:3E:A0:4D:8E:B5:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/7ABD31DD828DD58C9D91180021903EA04D8EB58E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7ABD31DD828DD58C9D91180021903EA04D8EB58E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/3135372e36362e32302e302f32342d3234203d3e20313533303636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.66.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:13:a0:16:e0:d5:75:31:1e:47:aa:45:c7:56:da:ca:7c:09:
         10:5c:eb:53:df:35:7c:ff:4f:49:d1:da:1d:0d:a5:30:b8:0b:
         2e:6d:fd:b9:15:9d:7e:a4:77:40:71:c5:b8:4b:33:de:6d:dc:
         a1:13:96:2a:21:35:1e:85:f8:4a:db:8e:59:de:af:f3:dd:e0:
         7c:39:3a:34:d6:7c:de:77:0b:2b:27:fb:6a:b9:bc:a2:17:e2:
         38:39:d0:f3:35:e7:94:73:b8:c8:52:35:20:e9:51:62:f1:43:
         f5:dc:a8:04:4d:11:b0:08:9a:c9:6a:3e:8b:99:c7:a0:cb:f3:
         ae:54:93:e6:d4:bf:c4:f4:cf:ef:dd:41:26:aa:a1:95:16:5f:
         e8:f3:7c:3c:70:9f:e0:de:6b:3d:52:5d:66:8e:3f:f1:35:d7:
         87:6c:d8:b9:b6:54:ec:31:71:8a:4a:6f:34:71:a8:6c:b8:68:
         c8:80:51:2d:27:85:d9:2a:52:e0:3f:7a:c8:39:0a:36:a7:a8:
         28:84:5b:b3:84:d9:ca:92:27:de:4e:a5:18:2c:fb:f9:5b:7a:
         a5:38:f6:43:1f:2e:38:22:f0:d4:a4:57:cb:4c:6b:4b:11:06:
         b6:f9:84:dc:73:1f:1c:46:5a:c5:d6:f9:7f:a1:e7:02:c2:71:
         5c:aa:71:45
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUVd1N6YqDkCipt2nBwZ9eGUezvfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0FCRDMxREQ4MjhERDU4QzlEOTExODAwMjE5MDNFQTA0
RDhFQjU4RTAeFw0yNDA3MTkwMjIyMjFaFw0yNTA3MTgwMjI3MjFaMDMxMTAvBgNV
BAMTKEM4MDA5NzczQ0IwOThFRTZBNUIxNUQxMTIzRDdGOTAwNEY5QzU1QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSWc0PAv3oNkwXIYy2BrAXajda
YDx21mfqJndopnifY9aYqngZB/ozMSmORUaP8tVRUt2mh001yzNgPAdO20FxzmCc
rxJ2jN5oY2NN/lzj4RRLd8/rYyNRk+znrpnVEIC9otUT93jGFFFQTMwx1+3Jchw7
PYy//yw7LtSjx7D+Uxg8fks2FCdGd6BxamQjbCFIx0/ZhJRL+iw0VKUsgOrQlRpb
H5N7T+T9awnOltZu8qHaJHzsT+hwvh9BDfoISDWY47PIM4HCacYIpWrb3P8qjnir
+7mCEyhdpsXw+oVgU/avdru76M4tHZ9xLzfZ4GFMHJCcPIIch7MLeEB5QJblAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUyACXc8sJjualsV0RI9f5AE+cVcMwHwYDVR0j
BBgwFoAUer0x3YKN1YydkRgAIZA+oE2OtY4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
NWY1ZWYxOC02ZmZhLTRkNjktOGMwYy0zNTE4Y2ZhODc1OGUvMC83QUJEMzFERDgy
OERENThDOUQ5MTE4MDAyMTkwM0VBMDREOEVCNThFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvN0FCRDMxREQ4MjhERDU4QzlEOTExODAwMjE5MDNFQTA0RDhF
QjU4RS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Y1ZjVlZjE4LTZmZmEtNGQ2OS04
YzBjLTM1MThjZmE4NzU4ZS8wLzMxMzUzNzJlMzYzNjJlMzIzMDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMzMwMzYzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ1CFDANBgkqhkiG
9w0BAQsFAAOCAQEAmhOgFuDVdTEeR6pFx1baynwJEFzrU981fP9PSdHaHQ2lMLgL
Lm39uRWdfqR3QHHFuEsz3m3coROWKiE1HoX4StuOWd6v893gfDk6NNZ83ncLKyf7
arm8ohfiODnQ8zXnlHO4yFI1IOlRYvFD9dyoBE0RsAiayWo+i5nHoMvzrlST5tS/
xPTP791BJqqhlRZf6PN8PHCf4N5rPVJdZo4/8TXXh2zYubZU7DFxikpvNHGobLho
yIBRLSeF2SpS4D96yDkKNqeoKIRbs4TZypIn3k6lGCz7+Vt6pTj2Qx8uOCLw1KRX
y0xrSxEGtvmE3HMfHEZaxdb5f6HnAsJxXKpxRQ==
-----END CERTIFICATE-----
Generated at Thu Aug 1 06:17:40 2024 by rpki-client on console-ams.rpki-client.org