Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2834/lzoTxw0z_rmsMDvnAjNqZ187BJA.roa
File:                     lzoTxw0z_rmsMDvnAjNqZ187BJA.roa (raw, json)
Hash identifier:          JzHzWnjIJUFHcwGpxHFRQ1hkHDUq5M6fkQs4v/4tBZA=
Subject key identifier:   97:3A:13:C7:0D:33:FE:B9:AC:30:3B:E7:02:33:6A:67:5F:3B:04:90
Certificate issuer:       /CN=81B493ACCB42998BFF000B3DE106FB5771A48D5A
Certificate serial:       145A
Authority key identifier: 81:B4:93:AC:CB:42:99:8B:FF:00:0B:3D:E1:06:FB:57:71:A4:8D:5A
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/gbSTrMtCmYv_AAs94Qb7V3GkjVo.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2834/lzoTxw0z_rmsMDvnAjNqZ187BJA.roa
Signing time:             Sat 03 Feb 2024 02:48:59 +0000
ROA not before:           Sat 03 Feb 2024 02:48:59 +0000
ROA not after:            Fri 07 Jun 2024 02:16:11 +0000
asID:                     21859
IP address blocks:        103.125.250.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 24 May 2024 02:24:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5210 (0x145a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81B493ACCB42998BFF000B3DE106FB5771A48D5A
        Validity
            Not Before: Feb  3 02:48:59 2024 GMT
            Not After : Jun  7 02:16:11 2024 GMT
        Subject: CN=973A13C70D33FEB9AC303BE702336A675F3B0490
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:80:af:b7:74:06:fe:3c:36:69:87:6e:1e:a8:
                    d5:7e:0a:af:53:c9:91:2b:f6:2e:14:b5:6c:0b:e6:
                    bd:ef:73:99:df:31:c1:6e:57:04:ac:dd:ee:bf:37:
                    f7:e7:5b:07:a5:74:ce:45:07:b4:a7:ca:aa:50:f2:
                    c1:9b:e4:f5:93:46:fc:b0:a2:04:19:a0:75:a6:2e:
                    9d:96:fd:e6:fe:0b:cb:12:fe:d7:b3:02:51:ec:7c:
                    87:c3:83:cc:52:bd:16:77:cd:39:6c:ae:8d:65:4e:
                    52:34:7a:f4:e6:84:11:0a:2b:78:88:1c:ed:75:8d:
                    99:e6:50:20:ec:a6:6e:b3:29:04:e9:3c:48:8c:b7:
                    92:c7:f8:8d:59:4a:53:81:c7:fc:1f:f1:b1:bd:70:
                    3e:4c:28:73:e7:53:1f:d4:69:71:aa:34:4a:f2:86:
                    73:af:17:f5:ab:11:b0:94:80:e6:fd:70:cd:13:d1:
                    59:61:a2:23:54:0f:1a:fd:fd:20:f7:ac:26:48:69:
                    9c:93:3c:38:8a:31:bc:c9:1a:3a:b9:70:96:b2:b3:
                    da:ec:0c:c2:bb:a7:b7:de:e9:73:45:29:e9:5f:82:
                    99:1f:76:0d:3e:af:f8:76:83:bc:c7:f2:d6:ce:3b:
                    08:a9:ed:82:ee:90:d3:c7:b3:9a:7d:79:fa:5a:f7:
                    c7:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:3A:13:C7:0D:33:FE:B9:AC:30:3B:E7:02:33:6A:67:5F:3B:04:90
            X509v3 Authority Key Identifier:
                keyid:81:B4:93:AC:CB:42:99:8B:FF:00:0B:3D:E1:06:FB:57:71:A4:8D:5A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2834/gbSTrMtCmYv_AAs94Qb7V3GkjVo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/gbSTrMtCmYv_AAs94Qb7V3GkjVo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2834/lzoTxw0z_rmsMDvnAjNqZ187BJA.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.125.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:48:5e:c4:60:ec:3a:9f:7a:df:c5:a6:51:8e:21:28:ce:c1:
         f5:84:5e:bb:22:05:4a:04:ba:5a:ad:43:80:7b:ee:08:37:51:
         90:bf:d8:4e:17:04:03:07:97:26:da:00:35:59:54:24:bc:01:
         99:b5:cc:5d:4b:47:65:82:97:1c:6d:53:bd:6c:ac:ef:88:c1:
         23:d5:57:d7:07:41:d7:05:c8:da:96:c4:0b:5b:88:03:80:8b:
         ee:73:65:ed:b8:32:13:70:d8:6d:6c:0f:3e:7c:5e:f9:42:2f:
         bd:da:69:51:a7:1d:d2:30:65:dc:75:0c:f2:97:5d:28:ab:4c:
         b0:74:b5:e4:d7:6f:7b:7c:31:e2:0f:77:6d:ae:7e:db:66:e0:
         c1:98:b7:da:e4:e6:d4:04:68:b8:78:46:98:f7:46:d3:6e:49:
         ee:39:4b:fd:db:58:14:9c:4c:d9:02:8a:de:9a:e2:e4:e6:20:
         6d:4f:9f:a1:5e:2e:20:d0:70:17:f1:72:19:4b:3f:db:4b:f3:
         44:13:79:d1:56:5c:bb:fa:3c:f4:92:7a:6d:bc:d3:90:ca:78:
         b6:10:1e:af:a1:a9:18:91:20:4a:55:79:c0:b7:fd:f2:e1:9a:
         ce:0d:d6:8d:89:60:65:06:61:7c:61:54:75:a2:78:88:84:b4:
         f7:8f:8c:9f
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODFC
NDkzQUNDQjQyOTk4QkZGMDAwQjNERTEwNkZCNTc3MUE0OEQ1QTAeFw0yNDAyMDMw
MjQ4NTlaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDk3M0ExM0M3MEQzM0ZF
QjlBQzMwM0JFNzAyMzM2QTY3NUYzQjA0OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOgK+3dAb+PDZph24eqNV+Cq9TyZEr9i4UtWwL5r3vc5nfMcFu
VwSs3e6/N/fnWweldM5FB7SnyqpQ8sGb5PWTRvywogQZoHWmLp2W/eb+C8sS/tez
AlHsfIfDg8xSvRZ3zTlsro1lTlI0evTmhBEKK3iIHO11jZnmUCDspm6zKQTpPEiM
t5LH+I1ZSlOBx/wf8bG9cD5MKHPnUx/UaXGqNEryhnOvF/WrEbCUgOb9cM0T0Vlh
oiNUDxr9/SD3rCZIaZyTPDiKMbzJGjq5cJays9rsDMK7p7fe6XNFKelfgpkfdg0+
r/h2g7zH8tbOOwip7YLukNPHs5p9efpa98f9AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUlzoTxw0z/rmsMDvnAjNqZ187BJAwHwYDVR0jBBgwFoAUgbSTrMtCmYv/AAs9
4Qb7V3GkjVowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgz
NC9nYlNUck10Q21Zdl9BQXM5NFFiN1YzR2tqVm8uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2diU1RyTXRDbVl2X0FBczk0UWI3VjNHa2pWby5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MzQvbHpvVHh3MHpfcm1z
TUR2bkFqTnFaMTg3QkpBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGd9+jANBgkqhkiG9w0BAQsFAAOCAQEAx0hexGDsOp9638WmUY4hKM7B9YRe
uyIFSgS6Wq1DgHvuCDdRkL/YThcEAweXJtoANVlUJLwBmbXMXUtHZYKXHG1TvWys
74jBI9VX1wdB1wXI2pbEC1uIA4CL7nNl7bgyE3DYbWwPPnxe+UIvvdppUacd0jBl
3HUM8pddKKtMsHS15Ndve3wx4g93ba5+22bgwZi32uTm1ARouHhGmPdG025J7jlL
/dtYFJxM2QKK3pri5OYgbU+foV4uINBwF/FyGUs/20vzRBN50VZcu/o89JJ6bbzT
kMp4thAer6GpGJEgSlV5wLf98uGazg3WjYlgZQZhfGFUdaJ4iIS094+Mnw==
-----END CERTIFICATE-----
Generated at Fri May 24 02:54:56 2024 by rpki-client on console-fra.rpki-client.org