Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/14/326130353a646663363a393230303a3a2f34302d3438203d3e20313937353337.roa
File:                     326130353a646663363a393230303a3a2f34302d3438203d3e20313937353337.roa (raw, json)
Hash identifier:          dAIqIpWol1i1EYlrBkkeKh0WM83ZRseUcdhLG5GXdqY=
Subject key identifier:   B2:D3:41:E6:21:97:37:ED:F7:E5:1E:14:24:4F:CD:6C:73:DC:F0:1C
Certificate issuer:       /CN=83A7D195284957F50D83CDF37583C8652095A716
Certificate serial:       2DFB6C42FA4AA0BCE2755978416C820829801BAB
Authority key identifier: 83:A7:D1:95:28:49:57:F5:0D:83:CD:F3:75:83:C8:65:20:95:A7:16
Authority info access:    rsync://dev.tw/rpki/August/13/83A7D195284957F50D83CDF37583C8652095A716.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/14/326130353a646663363a393230303a3a2f34302d3438203d3e20313937353337.roa
Signing time:             Thu 20 Jun 2024 05:23:05 +0000
ROA not before:           Thu 20 Jun 2024 05:18:05 +0000
ROA not after:            Thu 19 Jun 2025 05:23:05 +0000
asID:                     197537
IP address blocks:        2a05:dfc6:9200::/40 maxlen: 48

Validation:               Failed, certificate revoked on Fri 11 Oct 2024 07:22:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:fb:6c:42:fa:4a:a0:bc:e2:75:59:78:41:6c:82:08:29:80:1b:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83A7D195284957F50D83CDF37583C8652095A716
        Validity
            Not Before: Jun 20 05:18:05 2024 GMT
            Not After : Jun 19 05:23:05 2025 GMT
        Subject: CN=B2D341E6219737EDF7E51E14244FCD6C73DCF01C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:9c:8c:d2:37:5e:fc:a9:3f:52:f0:f6:28:1d:
                    44:16:76:05:70:af:94:b3:c5:20:69:72:e6:4f:1d:
                    90:9c:97:9e:c8:9c:87:6c:6d:8f:31:91:85:8a:b3:
                    10:68:d4:06:42:ad:83:83:8d:54:c1:70:df:9b:d2:
                    f1:aa:10:46:b9:e1:38:0b:b4:c5:27:d4:22:da:db:
                    fa:7d:6f:50:04:a2:8f:4e:01:b8:4d:e7:d8:6e:a5:
                    02:c4:7c:57:e2:7d:88:75:e0:9c:7f:45:26:65:0a:
                    41:07:63:a1:40:56:c3:73:40:a5:18:c7:dc:af:11:
                    c2:10:9a:ec:b8:04:32:58:25:45:fe:a7:2c:3e:f7:
                    73:f6:36:6f:06:d5:eb:cd:ad:7e:16:65:85:cf:21:
                    12:ad:bc:13:82:76:50:be:cf:83:8e:5b:dd:99:25:
                    f1:99:76:a7:5b:ea:e8:38:f1:d6:4c:61:db:01:ec:
                    62:b1:df:21:5a:13:80:03:39:e9:9f:01:df:ad:10:
                    0c:e2:f4:08:1d:03:72:32:49:6b:e1:cc:cc:c8:9e:
                    b4:d0:c5:27:0a:48:86:2b:27:21:9f:75:cd:73:06:
                    e7:74:70:1c:84:0d:03:81:d2:ca:53:6d:9d:e2:9f:
                    7b:20:8e:b8:78:ec:f2:f6:c1:76:71:64:cc:82:25:
                    cd:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:D3:41:E6:21:97:37:ED:F7:E5:1E:14:24:4F:CD:6C:73:DC:F0:1C
            X509v3 Authority Key Identifier:
                keyid:83:A7:D1:95:28:49:57:F5:0D:83:CD:F3:75:83:C8:65:20:95:A7:16

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/14/83A7D195284957F50D83CDF37583C8652095A716.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/13/83A7D195284957F50D83CDF37583C8652095A716.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/14/326130353a646663363a393230303a3a2f34302d3438203d3e20313937353337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc6:9200::/40

    Signature Algorithm: sha256WithRSAEncryption
         37:55:d3:c5:34:6b:84:72:f3:ce:13:44:93:2d:27:19:04:f8:
         40:13:8e:5d:9d:81:06:73:61:3e:88:29:9c:c8:df:f3:fb:a4:
         f5:62:2b:4c:9a:98:d6:b0:4c:a1:4a:42:50:1e:80:fc:32:b3:
         20:b7:02:a1:09:c2:f8:5a:7e:5a:ec:73:d0:dc:aa:c5:ca:be:
         31:fb:aa:f2:76:61:55:df:13:41:32:7a:f7:f3:1a:42:92:53:
         6c:95:31:eb:3e:49:de:93:1a:43:a7:f6:13:0d:0d:d9:43:c0:
         c8:3b:45:69:92:ff:78:48:8e:93:07:33:49:7c:d2:b8:89:58:
         2f:d0:39:0d:ba:9e:19:39:fc:f1:4f:94:3e:bb:03:e0:21:da:
         51:64:01:e4:dd:23:32:eb:f9:d5:0c:93:d3:f3:4f:6a:e2:87:
         d3:05:b4:e7:5c:85:21:0a:4d:4f:67:03:26:0a:d1:6e:91:87:
         1c:c8:97:91:c6:e0:e5:16:b9:21:4f:fd:d5:65:0a:bc:14:71:
         79:eb:33:20:34:35:be:8b:d5:76:26:b2:f0:ea:a7:cd:f2:13:
         0c:bd:77:03:b9:37:30:37:39:40:02:45:cb:fd:93:30:19:bf:
         5e:50:ac:1f:b1:e2:b5:02:d8:b0:09:c9:6c:5d:13:a8:1b:c9:
         9e:ef:d2:ca
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIULftsQvpKoLzidVl4QWyCCCmAG6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODNBN0QxOTUyODQ5NTdGNTBEODNDREYzNzU4M0M4NjUy
MDk1QTcxNjAeFw0yNDA2MjAwNTE4MDVaFw0yNTA2MTkwNTIzMDVaMDMxMTAvBgNV
BAMTKEIyRDM0MUU2MjE5NzM3RURGN0U1MUUxNDI0NEZDRDZDNzNEQ0YwMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDonIzSN178qT9S8PYoHUQWdgVw
r5SzxSBpcuZPHZCcl57InIdsbY8xkYWKsxBo1AZCrYODjVTBcN+b0vGqEEa54TgL
tMUn1CLa2/p9b1AEoo9OAbhN59hupQLEfFfifYh14Jx/RSZlCkEHY6FAVsNzQKUY
x9yvEcIQmuy4BDJYJUX+pyw+93P2Nm8G1evNrX4WZYXPIRKtvBOCdlC+z4OOW92Z
JfGZdqdb6ug48dZMYdsB7GKx3yFaE4ADOemfAd+tEAzi9AgdA3IySWvhzMzInrTQ
xScKSIYrJyGfdc1zBud0cByEDQOB0spTbZ3in3sgjrh47PL2wXZxZMyCJc2lAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUstNB5iGXN+335R4UJE/NbHPc8BwwHwYDVR0j
BBgwFoAUg6fRlShJV/UNg83zdYPIZSCVpxYwDgYDVR0PAQH/BAQDAgeAMIGGBgNV
HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4ZmRlZWMwYzAxOTAzM2RiZGVjYzRmYTQvMTQvODNBN0QxOTUy
ODQ5NTdGNTBEODNDREYzNzU4M0M4NjUyMDk1QTcxNi5jcmwwZgYIKwYBBQUHAQEE
WjBYMFYGCCsGAQUFBzAChkpyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC8xMy84
M0E3RDE5NTI4NDk1N0Y1MEQ4M0NERjM3NTgzQzg2NTIwOTVBNzE2LmNlcjCBrQYI
KwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6Ly9ycGtpLXJwcy5h
cmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmOGZkZWVjMGMwMTkwMzNkYmRlY2M0
ZmE0LzE0LzMyNjEzMDM1M2E2NDY2NjMzNjNhMzkzMjMwMzAzYTNhMmYzNDMwMmQz
NDM4MjAzZDNlMjAzMTM5MzczNTMzMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqBd/GkjANBgkqhkiG
9w0BAQsFAAOCAQEAN1XTxTRrhHLzzhNEky0nGQT4QBOOXZ2BBnNhPogpnMjf8/uk
9WIrTJqY1rBMoUpCUB6A/DKzILcCoQnC+Fp+Wuxz0Nyqxcq+Mfuq8nZhVd8TQTJ6
9/MaQpJTbJUx6z5J3pMaQ6f2Ew0N2UPAyDtFaZL/eEiOkwczSXzSuIlYL9A5Dbqe
GTn88U+UPrsD4CHaUWQB5N0jMuv51QyT0/NPauKH0wW051yFIQpNT2cDJgrRbpGH
HMiXkcbg5Ra5IU/91WUKvBRxeeszIDQ1vovVdiay8OqnzfITDL13A7k3MDc5QAJF
y/2TMBm/XlCsH7HitQLYsAnJbF0TqBvJnu/Syg==
-----END CERTIFICATE-----
Generated at Fri Oct 11 09:41:01 2024 by rpki-client on console-ams.rpki-client.org