Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3040/lCWtQ45g-tHqrMSnN0X9wNrgdcI.roa
File:                     lCWtQ45g-tHqrMSnN0X9wNrgdcI.roa (raw, json)
Hash identifier:          qkEduBz5386vlYK+14JYeNzOhjUnIJUgu37doAOqFRg=
Subject key identifier:   94:25:AD:43:8E:60:FA:D1:EA:AC:C4:A7:37:45:FD:C0:DA:E0:75:C2
Certificate issuer:       /CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5
Certificate serial:       13B9
Authority key identifier: 03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/lCWtQ45g-tHqrMSnN0X9wNrgdcI.roa
Signing time:             Fri 19 May 2023 05:55:08 +0000
ROA not before:           Fri 19 May 2023 05:55:08 +0000
ROA not after:            Wed 27 Mar 2024 01:13:10 +0000
asID:                     131484
IP address blocks:        103.159.122.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Mar 2024 01:23:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5049 (0x13b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5
        Validity
            Not Before: May 19 05:55:08 2023 GMT
            Not After : Mar 27 01:13:10 2024 GMT
        Subject: CN=9425AD438E60FAD1EAACC4A73745FDC0DAE075C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:99:bc:ad:ab:00:d8:d5:8e:03:fb:db:a2:d3:
                    23:9f:6e:69:a0:4f:97:01:ed:fd:87:36:55:06:42:
                    b6:4a:f3:c2:6a:80:07:2e:f9:e1:43:a5:ef:ea:12:
                    1c:aa:24:38:20:e0:90:ab:0a:89:b2:ed:a5:75:0b:
                    66:ab:14:04:f8:6f:8e:f0:2a:2d:32:3e:2f:d6:2e:
                    88:23:82:10:ea:67:97:8c:be:fa:15:c7:8d:4a:c9:
                    81:7e:f9:7d:24:b2:07:35:0f:2a:6f:24:e3:1e:64:
                    ca:75:a1:65:20:1d:a5:9d:3d:f3:4b:20:75:1e:bb:
                    f2:50:e3:24:6f:bb:fe:1d:40:91:fe:d2:c7:d4:ec:
                    45:30:4e:27:70:7b:9b:79:ca:14:31:24:26:7b:ff:
                    64:41:5b:1c:11:17:cd:87:7d:37:1b:94:0b:27:76:
                    51:2a:87:c5:0a:5c:93:e2:64:94:a1:18:88:09:f6:
                    04:d5:5a:ea:4a:93:68:b5:be:31:e4:29:7a:a1:6d:
                    b8:84:14:0a:02:e0:00:f8:f3:4d:12:aa:3e:50:77:
                    5d:f7:ba:b0:1c:23:6f:a7:a5:23:f8:fe:46:f8:cd:
                    c8:19:a3:a8:52:03:58:04:b7:dc:31:39:9c:bb:ca:
                    44:10:c3:1b:7a:3e:40:8e:01:7b:7b:72:71:bb:c5:
                    1e:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:25:AD:43:8E:60:FA:D1:EA:AC:C4:A7:37:45:FD:C0:DA:E0:75:C2
            X509v3 Authority Key Identifier:
                keyid:03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/lCWtQ45g-tHqrMSnN0X9wNrgdcI.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.159.122.0/23

    Signature Algorithm: sha256WithRSAEncryption
         56:9a:5a:22:cf:cd:63:08:69:e2:f8:f7:eb:47:96:d7:70:21:
         0b:ee:5a:09:19:a3:99:e9:f6:72:59:d2:2a:42:60:82:b5:2b:
         0f:0c:f3:cc:9c:05:35:09:32:c2:ba:19:db:5b:58:6b:54:8c:
         31:01:13:67:93:fb:b2:43:0f:72:de:f5:58:1d:05:63:3d:3c:
         b5:fe:17:51:d2:7f:73:88:8a:84:94:ce:1b:18:1d:f5:63:dc:
         bd:20:f0:4f:f1:cc:08:75:2f:e2:32:b6:eb:2f:d7:c2:04:8a:
         34:4a:a7:45:3e:a4:d6:1d:8c:52:0a:ea:fe:13:f3:cd:7d:2f:
         6f:0a:44:81:00:45:71:d6:42:15:cc:3d:cd:9b:7b:e1:3f:22:
         a2:bf:46:57:36:87:5a:9d:53:b9:f2:a3:e8:d2:3f:ec:b7:01:
         54:91:c8:07:f3:a7:81:fc:49:e9:36:bf:f0:eb:0d:35:b1:85:
         45:79:44:06:f1:8b:ed:fe:74:20:8b:72:af:44:c6:5e:b4:e2:
         a2:64:cf:e0:58:b5:c9:ee:e1:e7:45:26:72:86:ca:5e:7d:41:
         69:70:6f:54:84:50:15:38:85:8e:61:59:15:9c:71:dd:91:1e:
         5d:af:36:4b:cd:87:96:a9:a1:5b:eb:d2:78:19:ee:e3:66:c1:
         d6:8f:07:41
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICE7kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDNG
MDc1RDlDNkYxOERDMDlCREE2MkI3MDg3RUE4MERDNUI3MTFDNTAeFw0yMzA1MTkw
NTU1MDhaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDk0MjVBRDQzOEU2MEZB
RDFFQUFDQzRBNzM3NDVGREMwREFFMDc1QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfmbytqwDY1Y4D+9ui0yOfbmmgT5cB7f2HNlUGQrZK88JqgAcu
+eFDpe/qEhyqJDgg4JCrComy7aV1C2arFAT4b47wKi0yPi/WLogjghDqZ5eMvvoV
x41KyYF++X0ksgc1DypvJOMeZMp1oWUgHaWdPfNLIHUeu/JQ4yRvu/4dQJH+0sfU
7EUwTidwe5t5yhQxJCZ7/2RBWxwRF82HfTcblAsndlEqh8UKXJPiZJShGIgJ9gTV
WupKk2i1vjHkKXqhbbiEFAoC4AD4800Sqj5Qd133urAcI2+npSP4/kb4zcgZo6hS
A1gEt9wxOZy7ykQQwxt6PkCOAXt7cnG7xR7RAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUlCWtQ45g+tHqrMSnN0X9wNrgdcIwHwYDVR0jBBgwFoAUA/B12cbxjcCb2mK3
CH6oDcW3EcUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
MC9BX0IxMmNieGpjQ2IybUszQ0g2b0RjVzNFY1UuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FfQjEyY2J4amNDYjJtSzNDSDZvRGNXM0VjVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDAvbENXdFE0NWctdEhx
ck1Tbk4wWDl3TnJnZGNJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWefejANBgkqhkiG9w0BAQsFAAOCAQEAVppaIs/NYwhp4vj360eW13AhC+5a
CRmjmen2clnSKkJggrUrDwzzzJwFNQkywroZ21tYa1SMMQETZ5P7skMPct71WB0F
Yz08tf4XUdJ/c4iKhJTOGxgd9WPcvSDwT/HMCHUv4jK26y/XwgSKNEqnRT6k1h2M
Ugrq/hPzzX0vbwpEgQBFcdZCFcw9zZt74T8ior9GVzaHWp1TufKj6NI/7LcBVJHI
B/OngfxJ6Ta/8OsNNbGFRXlEBvGL7f50IItyr0TGXrTiomTP4Fi1ye7h50UmcobK
Xn1BaXBvVIRQFTiFjmFZFZxx3ZEeXa82S82HlqmhW+vSeBnu42bB1o8HQQ==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org