Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/Yn02BaYfU6zzzHCnF9Y7UeACizU.roa
File:                     Yn02BaYfU6zzzHCnF9Y7UeACizU.roa (raw, json)
Hash identifier:          tpzRxn2YBv8JFot87RTI/f2YYprjyd7VgTsOdDsCGw0=
Subject key identifier:   62:7D:36:05:A6:1F:53:AC:F3:CC:70:A7:17:D6:3B:51:E0:02:8B:35
Certificate issuer:       /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial:       19F0
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/Yn02BaYfU6zzzHCnF9Y7UeACizU.roa
Signing time:             Wed 13 Mar 2024 01:21:12 +0000
ROA not before:           Wed 13 Mar 2024 01:21:12 +0000
ROA not after:            Fri 31 Jan 2025 01:13:46 +0000
asID:                     209242
IP address blocks:        103.244.116.0/22 maxlen: 24
                          103.244.118.0/24 maxlen: 24
                          103.244.119.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Sep 2024 11:20:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6640 (0x19f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
        Validity
            Not Before: Mar 13 01:21:12 2024 GMT
            Not After : Jan 31 01:13:46 2025 GMT
        Subject: CN=627D3605A61F53ACF3CC70A717D63B51E0028B35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:23:14:47:d2:0f:fe:3a:d8:0c:52:cf:c3:2d:
                    55:3d:6e:ab:a5:dc:c8:2b:ab:3a:5f:68:10:a4:42:
                    51:ae:a4:6c:63:53:5c:96:3e:c4:96:35:44:7a:54:
                    ce:bb:1e:86:83:3c:b2:1f:c6:10:00:c2:d6:2d:24:
                    c8:c5:e1:02:eb:35:48:fc:3e:7e:bd:6e:a6:84:6f:
                    ba:4f:70:9c:d5:0c:a4:75:d9:c3:fe:0d:7c:e0:73:
                    85:07:63:94:8b:a1:e4:59:0f:83:33:5b:37:ff:81:
                    fb:95:de:41:60:2b:cc:31:aa:1a:3f:3e:20:04:67:
                    79:65:6d:4e:54:3d:14:1d:ab:aa:3d:df:4e:c5:5a:
                    96:f2:26:1c:1d:27:7b:f5:d6:21:28:e6:39:2f:5c:
                    39:2b:03:36:fd:d2:a0:ae:d0:61:c5:73:a0:05:cd:
                    16:40:be:20:7a:36:29:7b:f3:50:b1:25:b0:0b:c3:
                    89:9f:a8:e9:ea:9f:c3:6d:e9:59:23:39:20:88:53:
                    18:c1:04:6e:a4:8d:3e:77:34:9b:be:60:3c:6b:d2:
                    fa:7c:92:d3:1e:59:d9:44:65:54:e5:2e:64:e9:f1:
                    11:80:02:ff:f3:64:03:a9:d2:99:44:77:fd:14:90:
                    80:24:66:9e:da:54:9b:b4:06:b7:68:9c:17:13:63:
                    60:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:7D:36:05:A6:1F:53:AC:F3:CC:70:A7:17:D6:3B:51:E0:02:8B:35
            X509v3 Authority Key Identifier:
                keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/Yn02BaYfU6zzzHCnF9Y7UeACizU.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.244.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6b:2c:1c:9f:80:84:13:f0:a9:10:6f:84:2d:07:26:3d:9c:a4:
         cc:2b:0d:30:f3:73:0a:e3:6b:7a:54:7f:63:97:59:36:c1:48:
         01:fe:de:78:1d:32:2b:e3:f9:a1:96:c6:7c:21:64:9d:bc:53:
         31:b8:f8:fb:dd:d5:e9:92:c5:65:54:69:4f:37:6d:78:63:e6:
         ad:ce:d5:32:ee:09:bb:51:12:b1:74:bd:0b:07:1c:f7:7a:fb:
         f3:22:d3:ae:7f:43:b0:3a:fc:0e:05:09:a8:3e:3d:f5:39:51:
         da:d7:02:38:d1:fa:12:20:c4:f1:0e:6f:b1:3c:6c:21:c7:91:
         fb:d5:f0:3d:f0:18:51:e1:98:f7:52:b5:b1:80:5a:96:b9:17:
         24:d6:0a:73:ba:15:78:03:e8:08:14:7e:11:31:f5:35:d0:b7:
         82:cd:03:3a:14:72:e8:c3:14:be:2c:29:a2:22:ad:ea:5d:31:
         26:b4:ba:36:41:60:f4:bc:e4:84:dd:d4:ac:fc:9e:40:74:87:
         12:84:15:1c:16:c2:80:dd:93:c2:d7:15:23:b8:14:e2:2f:dc:
         04:fa:d4:a5:e6:7e:8d:6e:ed:b8:dc:bf:42:16:06:c2:8e:64:
         ce:e1:96:dc:8b:98:5f:12:9d:ee:81:c3:d2:33:05:dd:08:42:
         10:b8:88:6d
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICGfAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDAzMTMw
MTIxMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYyN0QzNjA1QTYxRjUz
QUNGM0NDNzBBNzE3RDYzQjUxRTAwMjhCMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdIxRH0g/+OtgMUs/DLVU9bqul3MgrqzpfaBCkQlGupGxjU1yW
PsSWNUR6VM67HoaDPLIfxhAAwtYtJMjF4QLrNUj8Pn69bqaEb7pPcJzVDKR12cP+
DXzgc4UHY5SLoeRZD4MzWzf/gfuV3kFgK8wxqho/PiAEZ3llbU5UPRQdq6o9307F
WpbyJhwdJ3v11iEo5jkvXDkrAzb90qCu0GHFc6AFzRZAviB6Nil781CxJbALw4mf
qOnqn8Nt6VkjOSCIUxjBBG6kjT53NJu+YDxr0vp8ktMeWdlEZVTlLmTp8RGAAv/z
ZAOp0plEd/0UkIAkZp7aVJu0BrdonBcTY2CvAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUYn02BaYfU6zzzHCnF9Y7UeACizUwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvWW4wMkJhWWZVNnp6
ekhDbkY5WTdVZUFDaXpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmf0dDANBgkqhkiG9w0BAQsFAAOCAQEAaywcn4CEE/CpEG+ELQcmPZykzCsN
MPNzCuNrelR/Y5dZNsFIAf7eeB0yK+P5oZbGfCFknbxTMbj4+93V6ZLFZVRpTzdt
eGPmrc7VMu4Ju1ESsXS9Cwcc93r78yLTrn9DsDr8DgUJqD499TlR2tcCONH6EiDE
8Q5vsTxsIceR+9XwPfAYUeGY91K1sYBalrkXJNYKc7oVeAPoCBR+ETH1NdC3gs0D
OhRy6MMUviwpoiKt6l0xJrS6NkFg9LzkhN3UrPyeQHSHEoQVHBbCgN2TwtcVI7gU
4i/cBPrUpeZ+jW7tuNy/QhYGwo5kzuGW3IuYXxKd7oHD0jMF3QhCELiIbQ==
-----END CERTIFICATE-----
Generated at Thu Sep 12 14:04:23 2024 by rpki-client on console-ams.rpki-client.org