Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3040/Ktcr_IqxPZLVnSg5M1-NSFPqSg4.roa
File:                     Ktcr_IqxPZLVnSg5M1-NSFPqSg4.roa (raw, json)
Hash identifier:          tFsmiygYkUAjLi340GeyvwH9PS4DT6HbIEfMiLPYgVM=
Subject key identifier:   2A:D7:2B:FC:8A:B1:3D:92:D5:9D:28:39:33:5F:8D:48:53:EA:4A:0E
Certificate issuer:       /CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5
Certificate serial:       13B7
Authority key identifier: 03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/Ktcr_IqxPZLVnSg5M1-NSFPqSg4.roa
Signing time:             Fri 19 May 2023 05:55:08 +0000
ROA not before:           Fri 19 May 2023 05:55:08 +0000
ROA not after:            Wed 27 Mar 2024 01:13:10 +0000
asID:                     49544
IP address blocks:        2406:d140::/32 maxlen: 48
                          2406:d140:8000::/34 maxlen: 48

Validation:               Failed, certificate revoked on Wed 13 Mar 2024 01:23:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5047 (0x13b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5
        Validity
            Not Before: May 19 05:55:08 2023 GMT
            Not After : Mar 27 01:13:10 2024 GMT
        Subject: CN=2AD72BFC8AB13D92D59D2839335F8D4853EA4A0E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:81:bf:e0:60:19:dc:bb:0e:37:67:58:5f:1a:
                    fc:64:87:c6:29:33:ec:9c:2f:15:84:d1:7f:82:39:
                    ee:f4:bb:c5:64:f5:b6:6a:6f:47:c8:27:10:32:3c:
                    c4:5b:14:94:8d:eb:b0:31:97:47:f1:7d:64:55:d2:
                    0d:35:8a:51:01:34:b4:51:ff:78:c3:07:20:91:fc:
                    52:0d:0e:df:85:53:87:7e:d1:f9:16:04:10:41:57:
                    0c:75:d6:89:9c:fb:3b:26:ee:bb:00:37:92:13:4f:
                    84:bd:bd:1c:2a:21:a7:78:22:0b:40:7b:40:92:b2:
                    6e:a9:f5:9f:bb:8f:06:32:38:94:1c:7a:5c:45:fa:
                    8b:cd:89:b4:c9:b7:67:ee:62:eb:05:2f:e7:66:a1:
                    da:1b:8e:ef:f2:5c:0f:79:ee:c4:cb:d3:61:cb:fc:
                    07:73:3d:86:6c:41:73:ab:43:40:af:c4:4a:e6:58:
                    a8:47:25:cc:0f:29:1d:b3:89:df:24:38:cc:86:e0:
                    c9:62:85:05:56:53:e2:70:a1:ea:69:f7:d0:be:d4:
                    37:9a:35:d6:28:ee:dd:42:6c:ec:84:39:17:07:3b:
                    68:ee:75:e9:0f:6c:0e:36:3a:21:f1:cb:6f:eb:f6:
                    ee:b9:0f:33:7a:a7:10:0a:65:c3:85:2f:a9:3b:18:
                    b5:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:D7:2B:FC:8A:B1:3D:92:D5:9D:28:39:33:5F:8D:48:53:EA:4A:0E
            X509v3 Authority Key Identifier:
                keyid:03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/Ktcr_IqxPZLVnSg5M1-NSFPqSg4.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:d140::/32

    Signature Algorithm: sha256WithRSAEncryption
         67:ed:be:b8:b8:3a:89:9a:d2:c0:73:e3:21:3a:cc:2f:d6:f5:
         f1:c1:26:6a:d5:fe:4e:a6:45:9f:85:dd:e4:c8:84:3e:b8:33:
         b4:ec:f0:0e:20:32:49:4e:48:28:b2:4b:b3:cb:89:83:27:d5:
         e9:0c:86:4e:00:e3:03:07:b3:72:99:97:f1:67:3a:3d:f5:bf:
         bd:20:02:d7:1b:1e:b6:f0:bd:c2:0d:b9:b6:5d:98:7f:63:10:
         91:57:60:3e:c0:3d:7f:2c:fe:3b:15:0c:eb:4f:7a:7f:10:76:
         e7:e9:dc:da:fe:cc:84:0a:50:34:97:bf:c3:10:a4:9c:a0:c7:
         97:76:ef:9a:5e:d6:97:56:16:1b:d9:51:40:42:7b:40:20:42:
         43:71:71:c2:52:17:e3:fb:47:b4:02:74:da:7d:9e:63:26:62:
         30:5d:60:e1:b8:3e:4b:bd:66:de:d4:fd:25:e5:d8:4a:d8:8f:
         94:ce:6a:41:ce:d7:7d:29:38:0b:d2:4e:00:a2:e4:36:56:6c:
         28:1d:c0:e2:1e:e3:98:5f:aa:e2:23:67:04:8b:71:0e:05:25:
         30:c9:9c:f4:ec:e4:29:0f:9e:b8:ce:6e:74:76:f4:4b:c8:ea:
         0f:72:2b:32:5d:8a:7b:b7:4a:11:58:50:bd:0e:4c:56:13:91:
         be:71:4a:2b
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICE7cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDNG
MDc1RDlDNkYxOERDMDlCREE2MkI3MDg3RUE4MERDNUI3MTFDNTAeFw0yMzA1MTkw
NTU1MDhaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDJBRDcyQkZDOEFCMTNE
OTJENTlEMjgzOTMzNUY4RDQ4NTNFQTRBMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7gb/gYBncuw43Z1hfGvxkh8YpM+ycLxWE0X+COe70u8Vk9bZq
b0fIJxAyPMRbFJSN67Axl0fxfWRV0g01ilEBNLRR/3jDByCR/FINDt+FU4d+0fkW
BBBBVwx11omc+zsm7rsAN5ITT4S9vRwqIad4IgtAe0CSsm6p9Z+7jwYyOJQcelxF
+ovNibTJt2fuYusFL+dmodobju/yXA957sTL02HL/AdzPYZsQXOrQ0CvxErmWKhH
JcwPKR2zid8kOMyG4MlihQVWU+Jwoepp99C+1DeaNdYo7t1CbOyEORcHO2judekP
bA42OiHxy2/r9u65DzN6pxAKZcOFL6k7GLX/AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUKtcr/IqxPZLVnSg5M1+NSFPqSg4wHwYDVR0jBBgwFoAUA/B12cbxjcCb2mK3
CH6oDcW3EcUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
MC9BX0IxMmNieGpjQ2IybUszQ0g2b0RjVzNFY1UuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FfQjEyY2J4amNDYjJtSzNDSDZvRGNXM0VjVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDAvS3Rjcl9JcXhQWkxW
blNnNU0xLU5TRlBxU2c0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQG0UAwDQYJKoZIhvcNAQELBQADggEBAGftvri4Ooma0sBz4yE6zC/W9fHB
JmrV/k6mRZ+F3eTIhD64M7Ts8A4gMklOSCiyS7PLiYMn1ekMhk4A4wMHs3KZl/Fn
Oj31v70gAtcbHrbwvcINubZdmH9jEJFXYD7APX8s/jsVDOtPen8Qdufp3Nr+zIQK
UDSXv8MQpJygx5d275pe1pdWFhvZUUBCe0AgQkNxccJSF+P7R7QCdNp9nmMmYjBd
YOG4Pku9Zt7U/SXl2ErYj5TOakHO130pOAvSTgCi5DZWbCgdwOIe45hfquIjZwSL
cQ4FJTDJnPTs5CkPnrjObnR29EvI6g9yKzJdinu3ShFYUL0OTFYTkb5xSis=
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org