Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/3135372e36362e32312e302f32342d3234203d3e20313533303636.roa
File:                     3135372e36362e32312e302f32342d3234203d3e20313533303636.roa (raw, json)
Hash identifier:          G8KxXzH+GL/skP1LT/p0isQugHHTqrSn45YD32SzHtQ=
Subject key identifier:   CD:28:88:62:FE:0C:34:19:B5:6C:1E:90:B3:C5:39:29:6D:29:9F:8C
Certificate issuer:       /CN=7ABD31DD828DD58C9D91180021903EA04D8EB58E
Certificate serial:       748041412F165355FC2AE53E9910DE55A2D45D89
Authority key identifier: 7A:BD:31:DD:82:8D:D5:8C:9D:91:18:00:21:90:3E:A0:4D:8E:B5:8E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7ABD31DD828DD58C9D91180021903EA04D8EB58E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/3135372e36362e32312e302f32342d3234203d3e20313533303636.roa
Signing time:             Fri 19 Jul 2024 02:28:20 +0000
ROA not before:           Fri 19 Jul 2024 02:23:20 +0000
ROA not after:            Fri 18 Jul 2025 02:28:20 +0000
asID:                     153066
IP address blocks:        157.66.21.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Aug 2024 03:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:80:41:41:2f:16:53:55:fc:2a:e5:3e:99:10:de:55:a2:d4:5d:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ABD31DD828DD58C9D91180021903EA04D8EB58E
        Validity
            Not Before: Jul 19 02:23:20 2024 GMT
            Not After : Jul 18 02:28:20 2025 GMT
        Subject: CN=CD288862FE0C3419B56C1E90B3C539296D299F8C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f9:59:11:fb:8c:7c:f3:15:7d:b5:f9:2b:07:
                    8c:21:9a:31:cb:2c:55:a3:19:ae:3d:39:3e:95:5a:
                    24:38:2a:58:ce:fe:fa:02:8a:19:b8:45:06:d2:7c:
                    98:28:56:de:35:94:1f:70:ee:6c:d1:73:47:f1:76:
                    4d:3e:91:c5:07:36:37:a6:2b:10:a5:82:52:8f:9b:
                    a8:9e:32:32:bb:ad:86:ed:43:16:5f:0b:af:77:0a:
                    83:b5:ed:04:f0:f0:aa:04:98:d1:23:ee:24:ea:47:
                    05:70:9d:07:5b:16:77:37:2d:8c:ae:7d:a9:32:2a:
                    8b:2d:5f:a9:96:7b:2a:e4:01:e9:20:09:db:19:c4:
                    af:f1:0f:f2:44:ec:be:2d:27:8b:cd:32:e3:7e:83:
                    e5:b8:c6:b8:63:56:d1:c7:44:e9:9e:c6:65:ad:19:
                    39:0f:40:e6:96:35:29:fc:9b:49:1d:f0:25:57:b7:
                    1d:17:f0:e5:dd:93:78:76:09:b9:7e:2c:60:7f:a4:
                    c2:34:06:39:44:20:22:4e:7d:b8:36:91:c5:56:fe:
                    d4:32:4c:dd:f3:77:93:e8:ff:02:cd:dd:c7:34:33:
                    24:82:ba:ed:5b:dc:a7:81:26:bc:79:2c:1e:6b:90:
                    bb:f3:b6:3d:a0:21:ea:58:76:6c:fe:41:3f:6d:f0:
                    42:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:28:88:62:FE:0C:34:19:B5:6C:1E:90:B3:C5:39:29:6D:29:9F:8C
            X509v3 Authority Key Identifier:
                keyid:7A:BD:31:DD:82:8D:D5:8C:9D:91:18:00:21:90:3E:A0:4D:8E:B5:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/7ABD31DD828DD58C9D91180021903EA04D8EB58E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7ABD31DD828DD58C9D91180021903EA04D8EB58E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/3135372e36362e32312e302f32342d3234203d3e20313533303636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.66.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:d0:6a:27:4f:36:45:3a:20:07:50:df:77:34:4f:8a:cd:69:
         f6:60:e8:21:5f:62:ae:69:b6:c7:76:45:8d:41:3f:12:2b:0f:
         46:f7:cc:f6:8f:ac:d8:c5:44:00:ee:d8:c3:e4:1b:52:d9:18:
         ca:03:a0:b4:2b:81:8b:ca:26:cd:12:9e:4d:c2:6d:69:d4:e9:
         7c:3d:e7:64:96:a0:8e:3e:60:9a:2e:ba:b9:4f:fb:0d:d3:5c:
         63:96:68:ae:aa:46:d8:e3:d3:a2:34:7a:32:36:61:24:78:cb:
         1a:81:51:ad:ed:b2:3d:a7:fa:52:96:ef:94:01:f1:4e:4b:3a:
         8d:0c:79:3a:68:8d:67:84:ac:99:35:5c:dc:a6:e2:7c:1d:76:
         ee:6f:86:a3:f2:89:75:74:fa:bd:e6:f4:fa:2c:12:c8:9f:7c:
         aa:9c:5c:f6:e4:d9:61:2e:52:0d:f3:31:11:35:40:7a:d7:3e:
         4e:45:7e:97:f3:70:79:76:03:ac:24:ec:20:71:ed:29:6d:2e:
         9c:2d:a8:cd:0a:2e:ce:53:6e:35:fb:ec:46:90:d3:a4:3f:df:
         75:80:20:7b:60:5e:bb:34:5d:80:a3:b2:fe:03:d6:d0:13:00:
         f1:d9:38:fc:36:00:c4:a4:62:7f:cd:0d:6e:c3:d0:c8:ad:7a:
         c9:6f:f8:00
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUdIBBQS8WU1X8KuU+mRDeVaLUXYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0FCRDMxREQ4MjhERDU4QzlEOTExODAwMjE5MDNFQTA0
RDhFQjU4RTAeFw0yNDA3MTkwMjIzMjBaFw0yNTA3MTgwMjI4MjBaMDMxMTAvBgNV
BAMTKENEMjg4ODYyRkUwQzM0MTlCNTZDMUU5MEIzQzUzOTI5NkQyOTlGOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI+VkR+4x88xV9tfkrB4whmjHL
LFWjGa49OT6VWiQ4KljO/voCihm4RQbSfJgoVt41lB9w7mzRc0fxdk0+kcUHNjem
KxClglKPm6ieMjK7rYbtQxZfC693CoO17QTw8KoEmNEj7iTqRwVwnQdbFnc3LYyu
fakyKostX6mWeyrkAekgCdsZxK/xD/JE7L4tJ4vNMuN+g+W4xrhjVtHHROmexmWt
GTkPQOaWNSn8m0kd8CVXtx0X8OXdk3h2Cbl+LGB/pMI0BjlEICJOfbg2kcVW/tQy
TN3zd5Po/wLN3cc0MySCuu1b3KeBJrx5LB5rkLvztj2gIepYdmz+QT9t8ELDAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUzSiIYv4MNBm1bB6Qs8U5KW0pn4wwHwYDVR0j
BBgwFoAUer0x3YKN1YydkRgAIZA+oE2OtY4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
NWY1ZWYxOC02ZmZhLTRkNjktOGMwYy0zNTE4Y2ZhODc1OGUvMC83QUJEMzFERDgy
OERENThDOUQ5MTE4MDAyMTkwM0VBMDREOEVCNThFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvN0FCRDMxREQ4MjhERDU4QzlEOTExODAwMjE5MDNFQTA0RDhF
QjU4RS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Y1ZjVlZjE4LTZmZmEtNGQ2OS04
YzBjLTM1MThjZmE4NzU4ZS8wLzMxMzUzNzJlMzYzNjJlMzIzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMzMwMzYzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ1CFTANBgkqhkiG
9w0BAQsFAAOCAQEAvtBqJ082RTogB1DfdzRPis1p9mDoIV9irmm2x3ZFjUE/EisP
RvfM9o+s2MVEAO7Yw+QbUtkYygOgtCuBi8omzRKeTcJtadTpfD3nZJagjj5gmi66
uU/7DdNcY5ZorqpG2OPTojR6MjZhJHjLGoFRre2yPaf6UpbvlAHxTks6jQx5OmiN
Z4SsmTVc3KbifB127m+Go/KJdXT6veb0+iwSyJ98qpxc9uTZYS5SDfMxETVAetc+
TkV+l/NweXYDrCTsIHHtKW0unC2ozQouzlNuNfvsRpDTpD/fdYAge2BeuzRdgKOy
/gPW0BMA8dk4/DYAxKRif80NbsPQyK16yW/4AA==
-----END CERTIFICATE-----
Generated at Fri Aug 2 05:16:58 2024 by rpki-client on console-fra.rpki-client.org