Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/756/jBiytfL7R4bdCt5L52cCHkNslik.roa
File:                     jBiytfL7R4bdCt5L52cCHkNslik.roa (raw, json)
Hash identifier:          OuInJN6Mjg9KbmRREaxSFI+VczKUM8pp1o1JwSDTDhs=
Subject key identifier:   8C:18:B2:B5:F2:FB:47:86:DD:0A:DE:4B:E7:67:02:1E:43:6C:96:29
Certificate issuer:       /CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404
Certificate serial:       06E1
Authority key identifier: 59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/jBiytfL7R4bdCt5L52cCHkNslik.roa
Signing time:             Thu 18 May 2023 07:23:15 +0000
ROA not before:           Thu 18 May 2023 07:23:15 +0000
ROA not after:            Wed 27 Mar 2024 01:13:10 +0000
asID:                     398704
IP address blocks:        103.232.144.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Mar 2024 01:20:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1761 (0x6e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404
        Validity
            Not Before: May 18 07:23:15 2023 GMT
            Not After : Mar 27 01:13:10 2024 GMT
        Subject: CN=8C18B2B5F2FB4786DD0ADE4BE767021E436C9629
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:6c:2a:c7:9a:b0:53:30:06:f5:9a:0e:30:06:
                    89:75:94:eb:94:eb:91:59:29:43:ca:04:ff:46:91:
                    fb:1a:b2:3b:26:c5:98:6c:dd:49:e9:ca:3b:99:aa:
                    a9:22:20:7f:3f:0f:28:39:6b:c3:fc:2c:23:79:a1:
                    5e:25:7d:bc:2d:22:f0:93:3e:3f:f1:46:8f:4b:16:
                    d0:72:24:dd:5e:a2:49:14:e8:c0:60:4a:9e:63:8d:
                    2c:fc:58:a1:0d:24:2a:d7:0b:13:19:ed:0a:74:ea:
                    94:14:27:3a:81:f8:95:c7:ac:e3:b0:e1:92:dc:5b:
                    7f:d9:e7:c9:33:e7:99:b8:0c:e4:9d:9d:6c:d5:41:
                    e5:a4:91:92:5c:1e:d1:e9:0e:13:0b:9e:9f:79:22:
                    76:dd:78:f9:3a:f8:d3:cf:e7:52:b0:78:f0:25:e9:
                    45:aa:e1:45:3c:00:bf:c1:42:71:5f:65:6c:9a:0e:
                    c7:c8:4c:84:28:8e:79:8c:da:4c:2b:7b:85:e8:2b:
                    9d:cc:35:51:0f:d1:d1:c2:14:ab:be:2d:70:79:a0:
                    ee:f9:40:39:43:09:b0:db:a4:f8:2c:e0:79:44:9b:
                    78:dd:fd:cf:64:b1:d3:53:71:42:14:07:c8:3d:69:
                    37:f1:17:84:0c:a0:96:12:11:04:e1:9a:08:21:2f:
                    17:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:18:B2:B5:F2:FB:47:86:DD:0A:DE:4B:E7:67:02:1E:43:6C:96:29
            X509v3 Authority Key Identifier:
                keyid:59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/jBiytfL7R4bdCt5L52cCHkNslik.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.232.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:b3:f2:bf:fc:f7:40:68:ce:f5:f5:ed:43:28:f1:f2:bb:54:
         ad:4f:89:ea:a9:c9:3b:38:5e:b7:6e:3a:14:40:cf:5c:df:25:
         6c:47:f3:2e:15:6a:7b:f7:9f:4a:0c:ff:9e:ec:20:5e:15:6a:
         87:47:90:51:11:60:00:cf:bf:f3:f1:6f:59:e1:88:ae:74:a0:
         21:dd:60:82:b3:66:68:8c:35:93:15:71:1e:b2:85:97:fb:60:
         59:fe:2e:93:f7:6a:ce:ef:df:71:e0:12:0f:5e:6a:02:d6:ee:
         7c:76:21:32:36:8d:04:91:6f:6e:91:f1:04:d1:c2:2b:3f:e4:
         b7:d6:a9:c4:be:73:3b:37:94:bf:76:d6:16:79:d5:22:72:ac:
         8c:ab:9a:b0:8f:4a:52:85:75:b5:4c:4c:31:e5:1c:4e:60:6b:
         df:8e:d0:61:b0:44:a5:3a:71:ef:50:b1:3b:0c:c5:44:d0:07:
         e6:0f:8a:cd:6f:38:b1:6f:5b:99:84:bf:f6:24:cc:91:eb:56:
         2b:6b:e5:de:f5:91:d9:3c:16:1d:f1:11:91:33:ae:80:b6:ad:
         3a:ce:d0:15:2f:07:39:aa:17:0d:cb:73:4d:45:c6:75:3c:33:
         20:80:3d:d4:8f:76:09:1a:8e:45:6e:71:a6:36:19:06:e4:d9:
         4a:98:08:19
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICBuEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTkx
QzVCMDNDOTdDRTBGRTNFQzc4RTIzQzY4NTZGNzkyQzIwRDQwNDAeFw0yMzA1MTgw
NzIzMTVaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDhDMThCMkI1RjJGQjQ3
ODZERDBBREU0QkU3NjcwMjFFNDM2Qzk2MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMbCrHmrBTMAb1mg4wBol1lOuU65FZKUPKBP9GkfsasjsmxZhs
3UnpyjuZqqkiIH8/Dyg5a8P8LCN5oV4lfbwtIvCTPj/xRo9LFtByJN1eokkU6MBg
Sp5jjSz8WKENJCrXCxMZ7Qp06pQUJzqB+JXHrOOw4ZLcW3/Z58kz55m4DOSdnWzV
QeWkkZJcHtHpDhMLnp95InbdePk6+NPP51KwePAl6UWq4UU8AL/BQnFfZWyaDsfI
TIQojnmM2kwre4XoK53MNVEP0dHCFKu+LXB5oO75QDlDCbDbpPgs4HlEm3jd/c9k
sdNTcUIUB8g9aTfxF4QMoJYSEQThmgghLxedAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUjBiytfL7R4bdCt5L52cCHkNslikwHwYDVR0jBBgwFoAUWRxbA8l84P4+x44j
xoVveSwg1AQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2
L1dSeGJBOGw4NFA0LXg0NGp4b1Z2ZVN3ZzFBUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvV1J4YkE4bDg0UDQteDQ0anhvVnZlU3dnMUFRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2L2pCaXl0Zkw3UjRiZEN0
NUw1MmNDSGtOc2xpay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn6JAwDQYJKoZIhvcNAQELBQADggEBAJyz8r/890BozvX17UMo8fK7VK1Pieqp
yTs4XrduOhRAz1zfJWxH8y4Vanv3n0oM/57sIF4VaodHkFERYADPv/Pxb1nhiK50
oCHdYIKzZmiMNZMVcR6yhZf7YFn+LpP3as7v33HgEg9eagLW7nx2ITI2jQSRb26R
8QTRwis/5LfWqcS+czs3lL921hZ51SJyrIyrmrCPSlKFdbVMTDHlHE5ga9+O0GGw
RKU6ce9QsTsMxUTQB+YPis1vOLFvW5mEv/YkzJHrVitr5d71kdk8Fh3xEZEzroC2
rTrO0BUvBzmqFw3Lc01FxnU8MyCAPdSPdgkajkVucaY2GQbk2UqYCBk=
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org