Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/y1gzzJuuR_cYpZu809gcgi3VIFg.roa
File: y1gzzJuuR_cYpZu809gcgi3VIFg.roa (raw, json)
Hash identifier: 3fJHzf2d5862ff45tZ697FWcFkHvtBttosjMPVg1thw=
Subject key identifier: CB:58:33:CC:9B:AE:47:F7:18:A5:9B:BC:D3:D8:1C:82:2D:D5:20:58
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 05B1
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/y1gzzJuuR_cYpZu809gcgi3VIFg.roa
Signing time: Thu 19 Oct 2023 02:57:49 +0000
ROA not before: Thu 19 Oct 2023 02:57:49 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 62387
IP address blocks: 123.98.76.0/22 maxlen: 24
123.98.84.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1457 (0x5b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Oct 19 02:57:49 2023 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=CB5833CC9BAE47F718A59BBCD3D81C822DD52058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:81:5d:1c:d2:99:41:45:d9:c4:03:aa:db:db:
ae:80:1a:9f:d2:1e:f8:35:15:a1:a2:34:83:83:12:
77:85:29:72:d3:20:e8:a0:81:63:8e:bb:06:10:82:
af:1b:e5:80:29:a9:f1:90:a4:0e:56:ff:7e:1b:ed:
85:9e:86:65:91:cd:24:0b:94:3e:75:ad:d2:44:17:
13:e5:68:52:92:69:18:53:79:ab:31:b2:fb:d1:21:
9f:7c:db:a0:9a:c2:26:b3:0b:b4:8b:c4:ab:aa:99:
d1:3b:2a:36:29:46:69:b6:ea:38:ec:e4:b5:98:4e:
8b:37:b2:ab:6d:97:83:6f:2c:bd:94:74:bb:dd:1e:
40:23:ba:60:60:18:17:46:a8:61:08:ff:01:87:77:
43:de:e6:5b:57:f1:c3:90:9e:57:30:e2:3c:3f:9c:
22:83:6e:01:88:c7:74:95:15:a9:79:8a:01:21:67:
b5:99:10:be:ba:45:37:a5:57:5d:08:b3:c9:79:5e:
60:14:e7:6b:e1:37:28:d5:0a:36:22:ff:71:43:62:
bf:2a:76:71:8d:a6:fb:a1:0c:9a:db:0d:86:d7:45:
2b:0c:47:d9:f3:0f:c4:45:64:60:61:ab:6b:f5:ae:
61:11:f6:9b:ea:00:bf:98:c7:74:ba:4f:c6:ce:5d:
2f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:58:33:CC:9B:AE:47:F7:18:A5:9B:BC:D3:D8:1C:82:2D:D5:20:58
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/y1gzzJuuR_cYpZu809gcgi3VIFg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.76.0/22
123.98.84.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:9d:45:1a:03:78:a2:f7:30:ec:b4:6f:92:0f:99:a9:1b:60:
e1:01:1a:fe:26:6b:43:7d:f8:71:b8:5e:56:c4:03:80:da:bb:
f9:02:ec:75:36:85:49:9b:1e:b9:7d:6d:e2:3c:74:ec:6d:9d:
9f:b1:df:82:ed:d6:bf:3b:bd:a8:42:e7:51:fe:e1:16:64:10:
73:92:b2:40:91:65:87:04:22:de:75:11:1d:cf:28:02:9f:a7:
68:c6:ff:5f:d0:71:31:a4:10:88:2a:01:f0:ae:72:1a:69:13:
2f:3d:34:7c:83:b8:c9:04:69:de:a0:01:54:55:c9:40:75:6f:
11:79:1f:8a:f2:f5:ff:4b:85:ab:11:f8:01:4e:e0:b2:24:d7:
c8:f2:bc:8a:2c:05:0b:63:ef:69:32:a4:30:1e:9a:f9:83:aa:
7a:0b:b6:61:d3:52:2b:fb:53:42:e6:d5:0b:01:8a:b1:0e:4c:
12:46:cb:f2:dc:4a:e4:f7:f6:f9:ea:a7:9c:34:01:c1:f8:47:
c9:58:29:04:8e:c7:73:93:d2:d3:c1:23:c9:79:bc:de:a6:c8:
d3:ba:ee:2e:80:d8:11:ef:96:08:89:81:78:c1:db:46:68:e1:
b0:08:18:58:56:20:49:6e:3b:aa:9d:af:62:75:96:47:04:5f:
df:10:fc:f0
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICBbEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzEwMTkw
MjU3NDlaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKENCNTgzM0NDOUJBRTQ3
RjcxOEE1OUJCQ0QzRDgxQzgyMkRENTIwNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUgV0c0plBRdnEA6rb266AGp/SHvg1FaGiNIODEneFKXLTIOig
gWOOuwYQgq8b5YApqfGQpA5W/34b7YWehmWRzSQLlD51rdJEFxPlaFKSaRhTeasx
svvRIZ9826CawiazC7SLxKuqmdE7KjYpRmm26jjs5LWYTos3sqttl4NvLL2UdLvd
HkAjumBgGBdGqGEI/wGHd0Pe5ltX8cOQnlcw4jw/nCKDbgGIx3SVFal5igEhZ7WZ
EL66RTelV10Is8l5XmAU52vhNyjVCjYi/3FDYr8qdnGNpvuhDJrbDYbXRSsMR9nz
D8RFZGBhq2v1rmER9pvqAL+Yx3S6T8bOXS/ZAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUy1gzzJuuR/cYpZu809gcgi3VIFgwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL3kxZ3p6SnV1Ul9jWXBa
dTgwOWdjZ2kzVklGZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BAJ7YkwDBAJ7YlQwDQYJKoZIhvcNAQELBQADggEBAG+dRRoDeKL3MOy0b5IPmakb
YOEBGv4ma0N9+HG4XlbEA4Dau/kC7HU2hUmbHrl9beI8dOxtnZ+x34Lt1r87vahC
51H+4RZkEHOSskCRZYcEIt51ER3PKAKfp2jG/1/QcTGkEIgqAfCuchppEy89NHyD
uMkEad6gAVRVyUB1bxF5H4ry9f9LhasR+AFO4LIk18jyvIosBQtj72kypDAemvmD
qnoLtmHTUiv7U0Lm1QsBirEOTBJGy/LcSuT39vnqp5w0AcH4R8lYKQSOx3OT0tPB
I8l5vN6myNO67i6A2BHvlgiJgXjB20Zo4bAIGFhWIEluO6qdr2J1lkcEX98Q/PA=
Generated at Sun Oct 22 13:03:26 2023 by rpki-client on console-fra.rpki-client.org