Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/8/32332e3134392e3135322e302f32342d3234203d3e20323132383935.roa
File:                     32332e3134392e3135322e302f32342d3234203d3e20323132383935.roa (raw, json)
Hash identifier:          JYf0onTxJeU8CCCH3S3XXAs4PbLdIxgxzBOzr3Q2eJk=
Subject key identifier:   F1:E3:A2:B6:A2:55:30:B6:87:66:90:2F:E9:71:D6:5E:F9:2C:12:A7
Certificate issuer:       /CN=BC4F1527A35AD66A653E112A8738D6435D525513
Certificate serial:       3C43366B4EE95E53C95E809BE4049EC9ED24566C
Authority key identifier: BC:4F:15:27:A3:5A:D6:6A:65:3E:11:2A:87:38:D6:43:5D:52:55:13
Authority info access:    rsync://dev.tw/rpki/August/4/BC4F1527A35AD66A653E112A8738D6435D525513.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/8/32332e3134392e3135322e302f32342d3234203d3e20323132383935.roa
Signing time:             Thu 20 Jun 2024 05:23:02 +0000
ROA not before:           Thu 20 Jun 2024 05:18:02 +0000
ROA not after:            Thu 19 Jun 2025 05:23:02 +0000
asID:                     212895
IP address blocks:        23.149.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 03 Oct 2024 22:02:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:43:36:6b:4e:e9:5e:53:c9:5e:80:9b:e4:04:9e:c9:ed:24:56:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BC4F1527A35AD66A653E112A8738D6435D525513
        Validity
            Not Before: Jun 20 05:18:02 2024 GMT
            Not After : Jun 19 05:23:02 2025 GMT
        Subject: CN=F1E3A2B6A25530B68766902FE971D65EF92C12A7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:c2:e5:a0:82:f6:9e:e2:40:71:51:c1:87:2f:
                    ac:bd:b1:5a:ac:ca:ff:ab:5b:20:0b:2b:e3:64:27:
                    c0:a7:6f:03:63:4f:80:a7:4b:eb:49:58:20:e5:7d:
                    b5:e6:6e:21:f0:83:06:00:42:52:db:0e:bf:1a:68:
                    de:1f:f7:fa:3f:c4:7f:70:75:73:d1:8d:fe:4d:9d:
                    1b:31:95:d5:68:d6:5a:e3:1e:84:8e:d7:05:e2:a0:
                    6f:36:14:99:c5:cf:84:5e:17:67:48:df:19:14:05:
                    87:23:2c:15:dc:b5:de:a1:e4:45:5c:af:bc:c7:4e:
                    2f:ed:fd:5c:eb:f2:50:33:26:e0:61:50:10:e7:9d:
                    9f:85:ca:5a:6c:fa:2a:98:0a:0c:c4:ae:2b:dc:d6:
                    c1:d1:80:f3:c9:18:d3:0a:ce:f1:8a:52:31:36:03:
                    83:df:4f:f3:3f:fd:48:20:0e:ab:5b:ba:fb:91:1f:
                    78:ea:99:e7:88:d1:c6:a7:06:db:fe:aa:9e:78:e5:
                    c9:07:e5:f7:3e:5c:45:f7:6c:f7:ca:48:43:32:be:
                    e0:34:d9:c2:2b:fa:8c:a1:94:f8:5e:8a:dc:43:83:
                    f3:3a:ba:bd:61:f8:51:f1:bd:f9:67:8a:40:c8:af:
                    aa:11:1c:b7:7a:98:bb:57:84:75:a4:43:85:7d:39:
                    a3:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:E3:A2:B6:A2:55:30:B6:87:66:90:2F:E9:71:D6:5E:F9:2C:12:A7
            X509v3 Authority Key Identifier:
                keyid:BC:4F:15:27:A3:5A:D6:6A:65:3E:11:2A:87:38:D6:43:5D:52:55:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/8/BC4F1527A35AD66A653E112A8738D6435D525513.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/4/BC4F1527A35AD66A653E112A8738D6435D525513.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/8/32332e3134392e3135322e302f32342d3234203d3e20323132383935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.149.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:4c:db:87:58:85:be:7c:99:33:98:48:41:d6:94:de:43:22:
         0a:9d:82:6e:8d:73:77:b5:78:ac:20:70:c8:8c:0e:f5:2b:44:
         00:54:50:85:bb:91:02:a7:af:27:1b:31:a0:5f:8d:5b:ff:65:
         07:90:56:d9:67:d5:c9:00:9e:39:ac:31:86:8a:38:c6:da:e5:
         9a:6c:a8:67:ea:6d:94:68:9d:b9:8e:58:93:2d:32:d1:5d:94:
         d7:6a:03:71:44:08:94:35:aa:23:94:5d:9d:17:39:b9:bf:ee:
         4d:65:89:5c:69:cb:da:a6:d9:b7:7f:d9:cb:11:1e:cc:1d:9c:
         77:69:46:b9:f4:4d:60:f4:60:bf:de:05:0a:06:e8:32:d0:5a:
         e3:1d:5e:c9:03:b4:a8:f1:fc:c1:a6:c1:2c:8d:18:7a:e1:ac:
         91:b6:2d:c7:2b:8c:78:e3:65:6d:a4:58:0d:10:00:05:3a:e0:
         8a:67:4c:8e:15:f4:48:36:72:d7:54:de:84:a9:58:d4:21:ca:
         6f:24:13:22:8b:8c:eb:f2:82:88:74:ad:b0:14:1e:68:7d:dd:
         c0:39:70:2e:64:4b:6e:88:97:22:a3:43:8a:c6:78:29:60:5a:
         40:4e:aa:2a:a1:91:41:0b:a6:34:f8:44:83:17:53:c5:e8:f5:
         47:03:df:42
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIUPEM2a07pXlPJXoCb5ASeye0kVmwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkM0RjE1MjdBMzVBRDY2QTY1M0UxMTJBODczOEQ2NDM1
RDUyNTUxMzAeFw0yNDA2MjAwNTE4MDJaFw0yNTA2MTkwNTIzMDJaMDMxMTAvBgNV
BAMTKEYxRTNBMkI2QTI1NTMwQjY4NzY2OTAyRkU5NzFENjVFRjkyQzEyQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjwuWggvae4kBxUcGHL6y9sVqs
yv+rWyALK+NkJ8CnbwNjT4CnS+tJWCDlfbXmbiHwgwYAQlLbDr8aaN4f9/o/xH9w
dXPRjf5NnRsxldVo1lrjHoSO1wXioG82FJnFz4ReF2dI3xkUBYcjLBXctd6h5EVc
r7zHTi/t/Vzr8lAzJuBhUBDnnZ+Fylps+iqYCgzErivc1sHRgPPJGNMKzvGKUjE2
A4PfT/M//UggDqtbuvuRH3jqmeeI0canBtv+qp545ckH5fc+XEX3bPfKSEMyvuA0
2cIr+oyhlPheitxDg/M6ur1h+FHxvflnikDIr6oRHLd6mLtXhHWkQ4V9OaMhAgMB
AAGjggIlMIICITAdBgNVHQ4EFgQU8eOitqJVMLaHZpAv6XHWXvksEqcwHwYDVR0j
BBgwFoAUvE8VJ6Na1mplPhEqhzjWQ11SVRMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4ZmRlZWMwYzAxOTAzM2RiZGVjYzRmYTQvOC9CQzRGMTUyN0Ez
NUFENjZBNjUzRTExMkE4NzM4RDY0MzVENTI1NTEzLmNybDBlBggrBgEFBQcBAQRZ
MFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzQvQkM0
RjE1MjdBMzVBRDY2QTY1M0UxMTJBODczOEQ2NDM1RDUyNTUxMy5jZXIwgaQGCCsG
AQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjhmZGVlYzBjMDE5MDMzZGJkZWNjNGZh
NC84LzMyMzMyZTMxMzQzOTJlMzEzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIw
MzIzMTMyMzgzOTM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAF5WYMA0GCSqGSIb3DQEBCwUAA4IBAQAO
TNuHWIW+fJkzmEhB1pTeQyIKnYJujXN3tXisIHDIjA71K0QAVFCFu5ECp68nGzGg
X41b/2UHkFbZZ9XJAJ45rDGGijjG2uWabKhn6m2UaJ25jliTLTLRXZTXagNxRAiU
NaojlF2dFzm5v+5NZYlcacvaptm3f9nLER7MHZx3aUa59E1g9GC/3gUKBugy0Frj
HV7JA7So8fzBpsEsjRh64ayRti3HK4x442VtpFgNEAAFOuCKZ0yOFfRINnLXVN6E
qVjUIcpvJBMii4zr8oKIdK2wFB5ofd3AOXAuZEtuiJcio0OKxngpYFpATqoqoZFB
C6Y0+ESDF1PF6PVHA99C
-----END CERTIFICATE-----
Generated at Thu Oct 3 23:36:10 2024 by rpki-client on console-fra.rpki-client.org