Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1375/T7JQBgtQCe9NJUaW5loWBX-SEBM.roa
File:                     T7JQBgtQCe9NJUaW5loWBX-SEBM.roa (raw, json)
Hash identifier:          7OK1kJ6ReIIQNIb/HQzgm7qrrCc212/9ym0FmN8Mu08=
Subject key identifier:   4F:B2:50:06:0B:50:09:EF:4D:25:46:96:E6:5A:16:05:7F:92:10:13
Certificate issuer:       /CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658
Certificate serial:       140E
Authority key identifier: 3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/T7JQBgtQCe9NJUaW5loWBX-SEBM.roa
Signing time:             Mon 11 Dec 2023 06:38:28 +0000
ROA not before:           Mon 11 Dec 2023 06:38:28 +0000
ROA not after:            Tue 08 Oct 2024 00:16:33 +0000
asID:                     132369
IP address blocks:        45.115.228.0/22 maxlen: 24
                          45.127.216.0/22 maxlen: 24
                          103.56.8.0/22 maxlen: 24
                          103.196.204.0/22 maxlen: 24
                          103.207.48.0/22 maxlen: 24
                          210.16.104.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 00:19:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5134 (0x140e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658
        Validity
            Not Before: Dec 11 06:38:28 2023 GMT
            Not After : Oct  8 00:16:33 2024 GMT
        Subject: CN=4FB250060B5009EF4D254696E65A16057F921013
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d7:c9:a3:13:09:aa:65:eb:8d:94:94:9f:2e:
                    de:7d:9a:23:d6:3a:35:f2:1f:36:c2:07:73:6e:6d:
                    85:fe:24:7a:87:ba:2d:aa:97:ca:d6:12:06:58:5e:
                    05:8c:ac:1e:e7:cd:e3:59:48:2a:b9:1c:b4:28:e8:
                    73:f9:78:ea:bd:5d:c7:e1:d7:c6:7e:6a:13:46:4a:
                    f2:1a:ee:5d:48:57:0b:b9:44:4b:c4:2f:54:78:a8:
                    ae:cc:75:78:cc:ad:fc:ea:e8:58:86:b1:73:85:43:
                    6e:d5:9f:23:68:ed:9a:e4:6b:76:79:f2:d6:fb:ed:
                    23:b5:ee:3e:7e:67:b7:f4:e1:67:9b:8c:fd:c4:14:
                    43:0d:15:3c:14:e1:3f:8e:b1:7d:91:7f:9a:a3:30:
                    74:6f:c3:95:97:d8:95:37:63:73:ba:89:5e:43:c5:
                    2c:e8:f6:1b:83:a2:56:d7:06:a0:87:e5:a6:74:b2:
                    ca:06:13:d9:85:68:c1:e1:86:00:c7:1c:6a:76:48:
                    2b:2b:4b:8e:65:80:c6:bc:a6:b2:c4:18:c7:d4:c1:
                    c2:8d:0f:17:af:de:45:ae:f5:8a:db:37:34:ac:40:
                    11:6a:a0:b0:3d:f0:14:6a:89:24:26:f6:56:60:d0:
                    b5:58:83:bf:b0:0d:f1:b1:ea:05:41:75:d9:a0:88:
                    c1:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:B2:50:06:0B:50:09:EF:4D:25:46:96:E6:5A:16:05:7F:92:10:13
            X509v3 Authority Key Identifier:
                keyid:3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/T7JQBgtQCe9NJUaW5loWBX-SEBM.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.115.228.0/22
                  45.127.216.0/22
                  103.56.8.0/22
                  103.196.204.0/22
                  103.207.48.0/22
                  210.16.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0e:b9:ce:38:e1:5a:fe:ce:3e:9a:64:11:f6:5e:1c:10:ec:12:
         b1:b2:6c:fc:28:bd:0f:e1:68:b0:7b:2a:bc:96:f0:19:50:62:
         a3:b1:99:3a:02:67:b6:f6:29:2d:09:ad:07:c7:64:7b:23:96:
         73:77:4a:5a:0b:46:95:ad:be:8f:a2:14:9f:67:6d:38:ae:a9:
         21:bb:b5:8a:a0:e3:20:b4:d5:d7:c8:f5:51:a9:2f:ef:eb:56:
         39:20:d1:9a:2b:c3:99:03:c1:31:9c:67:4c:5f:eb:27:0c:43:
         13:06:b3:0e:d8:3a:26:d7:e2:15:a6:20:6b:ee:3b:19:33:27:
         b3:26:1b:6d:3c:d0:25:31:64:0a:58:32:c6:f1:30:e8:29:05:
         40:a4:c8:5f:a6:6c:3d:87:ad:03:13:d9:b8:30:61:8f:2c:84:
         3a:5d:8a:c5:41:13:85:67:be:b7:1c:af:e8:25:93:20:dc:00:
         6f:63:d0:19:83:66:6f:14:42:57:a4:c1:fc:03:ff:c2:d4:4c:
         3e:b5:56:54:e9:1b:ae:d2:6a:a8:d5:a4:0e:71:e7:fd:81:00:
         c6:b2:a8:e0:46:13:a8:c1:cf:d5:5f:a3:3f:f0:6c:e9:77:6a:
         67:d9:5e:78:02:36:13:f7:6d:36:4f:3e:6f:cb:eb:a1:d6:9e:
         f3:d4:cd:17
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgICFA4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FC
QThCNDI1MjMyQkU1ODk2ODM5NkRFMzJBOEVCNUEwNUVFQTY1ODAeFw0yMzEyMTEw
NjM4MjhaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDRGQjI1MDA2MEI1MDA5
RUY0RDI1NDY5NkU2NUExNjA1N0Y5MjEwMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq18mjEwmqZeuNlJSfLt59miPWOjXyHzbCB3NubYX+JHqHui2q
l8rWEgZYXgWMrB7nzeNZSCq5HLQo6HP5eOq9Xcfh18Z+ahNGSvIa7l1IVwu5REvE
L1R4qK7MdXjMrfzq6FiGsXOFQ27VnyNo7Zrka3Z58tb77SO17j5+Z7f04WebjP3E
FEMNFTwU4T+OsX2Rf5qjMHRvw5WX2JU3Y3O6iV5DxSzo9huDolbXBqCH5aZ0ssoG
E9mFaMHhhgDHHGp2SCsrS45lgMa8prLEGMfUwcKNDxev3kWu9YrbNzSsQBFqoLA9
8BRqiSQm9lZg0LVYg7+wDfGx6gVBddmgiMFvAgMBAAGjggIRMIICDTAdBgNVHQ4E
FgQUT7JQBgtQCe9NJUaW5loWBX+SEBMwHwYDVR0jBBgwFoAUOrqLQlIyvliWg5be
MqjrWgXuplgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
NS9PcnFMUWxJeXZsaVdnNWJlTXFqcldnWHVwbGcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09ycUxRbEl5dmxpV2c1YmVNcWpyV2dYdXBsZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzNzUvVDdKUUJndFFDZTlO
SlVhVzVsb1dCWC1TRUJNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEw
JAMEAi1z5AMEAi1/2AMEAmc4CAMEAmfEzAMEAmfPMAMEAtIQaDANBgkqhkiG9w0B
AQsFAAOCAQEADrnOOOFa/s4+mmQR9l4cEOwSsbJs/Ci9D+FosHsqvJbwGVBio7GZ
OgJntvYpLQmtB8dkeyOWc3dKWgtGla2+j6IUn2dtOK6pIbu1iqDjILTV18j1Uakv
7+tWOSDRmivDmQPBMZxnTF/rJwxDEwazDtg6JtfiFaYga+47GTMnsyYbbTzQJTFk
ClgyxvEw6CkFQKTIX6ZsPYetAxPZuDBhjyyEOl2KxUEThWe+txyv6CWTINwAb2PQ
GYNmbxRCV6TB/AP/wtRMPrVWVOkbrtJqqNWkDnHn/YEAxrKo4EYTqMHP1V+jP/Bs
6XdqZ9leeAI2E/dtNk8+b8vrodae89TNFw==
-----END CERTIFICATE-----
Generated at Tue Sep 24 01:53:40 2024 by rpki-client on console-ams.rpki-client.org