Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2841/3kjNtkidAoErsrBp5gKOIPHuGfw.roa
File:                     3kjNtkidAoErsrBp5gKOIPHuGfw.roa (raw, json)
Hash identifier:          ar4H+pcKNVE/3xIg92G71Vz4h92JE1lp2PquBtHf+LY=
Subject key identifier:   DE:48:CD:B6:48:9D:02:81:2B:B2:B0:69:E6:02:8E:20:F1:EE:19:FC
Certificate issuer:       /CN=51A5666D323BF842F6044CE71059773E2271B013
Certificate serial:       15CB
Authority key identifier: 51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/3kjNtkidAoErsrBp5gKOIPHuGfw.roa
Signing time:             Wed 13 Mar 2024 01:22:43 +0000
ROA not before:           Wed 13 Mar 2024 01:22:43 +0000
ROA not after:            Tue 08 Oct 2024 00:16:33 +0000
asID:                     54600
IP address blocks:        103.126.100.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 24 Sep 2024 00:19:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5579 (0x15cb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51A5666D323BF842F6044CE71059773E2271B013
        Validity
            Not Before: Mar 13 01:22:43 2024 GMT
            Not After : Oct  8 00:16:33 2024 GMT
        Subject: CN=DE48CDB6489D02812BB2B069E6028E20F1EE19FC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:b5:d9:6f:31:fe:df:b0:d3:05:61:fd:3b:de:
                    88:42:78:36:ab:91:d0:65:7d:8e:0d:f5:0f:f1:24:
                    17:08:5f:f8:16:d3:60:fc:16:0d:9c:37:2d:4e:ce:
                    07:e2:60:52:c1:e7:78:88:2e:3d:52:c5:1f:8b:29:
                    e1:0d:56:3e:85:d9:42:db:80:63:6f:df:80:54:ae:
                    80:ad:47:4f:08:a2:91:28:11:f3:34:1f:c9:c9:eb:
                    2c:cf:2c:c7:d4:07:83:e1:d2:e8:e9:a5:e1:93:1f:
                    e0:24:b7:c6:f2:95:eb:45:7e:5d:63:c9:57:18:8b:
                    a5:6e:58:ce:9f:e3:b0:ed:71:6d:34:9b:f8:ee:0a:
                    d3:13:ae:c0:65:e5:24:51:ef:18:f4:af:da:fe:99:
                    f7:1b:33:e9:dc:d7:66:ba:45:39:19:ac:96:8e:42:
                    9f:f0:fc:77:b3:f4:f8:35:28:19:c0:38:f2:43:da:
                    73:29:39:cd:a3:82:0d:49:23:8e:13:6b:7b:92:0b:
                    98:f7:00:83:aa:fa:3a:6d:c4:17:50:46:42:f2:13:
                    99:d0:00:cd:fe:9c:d5:82:d0:9f:df:ef:7f:c6:9b:
                    c0:2e:fc:67:78:5f:70:56:87:9b:3a:10:e2:b3:4e:
                    48:98:49:cb:e8:28:78:aa:23:54:76:25:a8:82:b4:
                    c8:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:48:CD:B6:48:9D:02:81:2B:B2:B0:69:E6:02:8E:20:F1:EE:19:FC
            X509v3 Authority Key Identifier:
                keyid:51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/3kjNtkidAoErsrBp5gKOIPHuGfw.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.126.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4f:dd:9d:9e:15:f2:66:85:20:52:58:ab:a0:15:a2:c3:c1:ec:
         87:67:b0:0d:6e:6c:eb:5b:f0:77:c1:78:92:ea:5a:e7:03:85:
         bd:ce:bf:0b:55:1c:bf:93:aa:7f:52:d8:3a:70:76:c5:49:c6:
         25:db:d5:bb:d2:53:83:18:66:a1:86:6e:c2:36:e7:00:03:fa:
         d6:c1:19:70:49:54:31:db:a8:ba:d9:af:7d:08:c8:c2:eb:43:
         bc:76:6b:77:16:0c:52:ea:5b:f8:8a:c4:3d:08:1b:e9:ff:df:
         33:d9:e6:19:a0:41:3b:c1:93:a6:8d:05:bd:b2:42:48:a7:88:
         3b:ef:14:80:3c:05:ca:67:93:c2:8c:21:b1:2e:c0:91:06:0f:
         30:c2:c7:f1:66:4c:94:72:7b:2c:76:c0:09:b7:f5:05:ce:8d:
         00:a3:8d:f3:9d:e0:23:5e:46:ef:5f:a5:ff:4e:e7:bb:3f:42:
         d0:b0:33:46:86:f6:cd:cd:d6:73:7b:a1:97:79:c9:32:e7:9d:
         b5:f1:83:4d:73:52:69:0a:6b:52:c4:33:cd:e0:8b:9d:49:53:
         d5:5e:ed:a2:a9:34:86:69:b3:1e:11:95:99:8a:f8:ae:30:4f:
         65:bb:ea:d6:39:a1:89:9c:52:9a:69:47:6a:09:0e:0d:d8:8d:
         50:99:d7:53
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFcswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFB
NTY2NkQzMjNCRjg0MkY2MDQ0Q0U3MTA1OTc3M0UyMjcxQjAxMzAeFw0yNDAzMTMw
MTIyNDNaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKERFNDhDREI2NDg5RDAy
ODEyQkIyQjA2OUU2MDI4RTIwRjFFRTE5RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDttdlvMf7fsNMFYf073ohCeDarkdBlfY4N9Q/xJBcIX/gW02D8
Fg2cNy1OzgfiYFLB53iILj1SxR+LKeENVj6F2ULbgGNv34BUroCtR08IopEoEfM0
H8nJ6yzPLMfUB4Ph0ujppeGTH+Akt8byletFfl1jyVcYi6VuWM6f47DtcW00m/ju
CtMTrsBl5SRR7xj0r9r+mfcbM+nc12a6RTkZrJaOQp/w/Hez9Pg1KBnAOPJD2nMp
Oc2jgg1JI44Ta3uSC5j3AIOq+jptxBdQRkLyE5nQAM3+nNWC0J/f73/Gm8Au/Gd4
X3BWh5s6EOKzTkiYScvoKHiqI1R2JaiCtMiTAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU3kjNtkidAoErsrBp5gKOIPHuGfwwHwYDVR0jBBgwFoAUUaVmbTI7+EL2BEzn
EFl3PiJxsBMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg0
MS9VYVZtYlRJNy1FTDJCRXpuRUZsM1BpSnhzQk0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1VhVm1iVEk3LUVMMkJFem5FRmwzUGlKeHNCTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4NDEvM2tqTnRraWRBb0Vy
c3JCcDVnS09JUEh1R2Z3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmd+ZDANBgkqhkiG9w0BAQsFAAOCAQEAT92dnhXyZoUgUliroBWiw8Hsh2ew
DW5s61vwd8F4kupa5wOFvc6/C1Ucv5Oqf1LYOnB2xUnGJdvVu9JTgxhmoYZuwjbn
AAP61sEZcElUMduoutmvfQjIwutDvHZrdxYMUupb+IrEPQgb6f/fM9nmGaBBO8GT
po0FvbJCSKeIO+8UgDwFymeTwowhsS7AkQYPMMLH8WZMlHJ7LHbACbf1Bc6NAKON
853gI15G71+l/07nuz9C0LAzRob2zc3Wc3uhl3nJMuedtfGDTXNSaQprUsQzzeCL
nUlT1V7toqk0hmmzHhGVmYr4rjBPZbvq1jmhiZxSmmlHagkODdiNUJnXUw==
-----END CERTIFICATE-----
Generated at Tue Sep 24 01:46:28 2024 by rpki-client on console-fra.rpki-client.org