Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/767/9jGT2d7EzAXpdAngni132uGATjU.roa
File:                     9jGT2d7EzAXpdAngni132uGATjU.roa (raw, json)
Hash identifier:          pt81msDdgZE+XkdqAvFtIlTwtRSIAN/Ljhrd6mp3VEQ=
Subject key identifier:   F6:31:93:D9:DE:C4:CC:05:E9:74:09:E0:9E:2D:77:DA:E1:80:4E:35
Certificate issuer:       /CN=CC8CF726F2323299108744D6930BEF18D677445D
Certificate serial:       0BEB
Authority key identifier: CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/9jGT2d7EzAXpdAngni132uGATjU.roa
Signing time:             Mon 14 Aug 2023 04:34:26 +0000
ROA not before:           Mon 14 Aug 2023 04:34:26 +0000
ROA not after:            Fri 07 Jun 2024 02:16:11 +0000
asID:                     48024
IP address blocks:        2403:3d80::/32 maxlen: 32

Validation:               Failed, certificate revoked on Fri 24 May 2024 02:25:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3051 (0xbeb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CC8CF726F2323299108744D6930BEF18D677445D
        Validity
            Not Before: Aug 14 04:34:26 2023 GMT
            Not After : Jun  7 02:16:11 2024 GMT
        Subject: CN=F63193D9DEC4CC05E97409E09E2D77DAE1804E35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:90:55:f2:53:88:66:62:35:ba:3e:4b:fa:11:
                    74:25:b8:81:d9:44:bf:18:26:ac:4d:e8:39:90:af:
                    cd:a7:8c:d0:35:dd:8d:7a:8a:b9:10:bd:66:8d:a0:
                    6d:ab:ca:f1:ba:4d:02:44:73:a0:1e:89:0b:3b:f7:
                    ce:9b:72:88:7e:12:c6:61:59:dc:98:db:c6:e0:f4:
                    7f:08:11:78:fb:fe:98:b8:0d:9e:81:be:72:fb:c7:
                    50:49:30:22:d6:21:90:6f:37:7c:ec:ac:62:0f:f8:
                    17:a8:e8:c7:32:83:e5:51:bd:41:7f:f8:c7:c2:cf:
                    1b:7d:2b:0b:f3:6c:f1:33:41:12:b4:02:7e:51:cf:
                    c5:1e:ea:2f:55:d0:45:c8:a0:46:f0:25:d5:34:41:
                    f9:8e:39:15:63:85:f5:28:6f:7a:e4:2b:b3:f1:95:
                    76:3a:a4:66:ea:f0:0f:ba:26:2d:82:5a:42:b9:ce:
                    3e:77:9b:5c:30:19:c4:23:cf:00:11:91:be:0e:28:
                    77:45:38:76:15:ed:5b:06:e3:23:28:d7:41:fd:0c:
                    30:01:1f:ef:d4:59:5e:50:a6:3d:13:5c:93:9a:59:
                    71:e6:cf:38:6a:ed:b3:eb:f1:96:ed:43:48:7f:be:
                    19:8f:f8:e4:4f:07:6d:91:75:23:bd:af:c3:e9:75:
                    63:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:31:93:D9:DE:C4:CC:05:E9:74:09:E0:9E:2D:77:DA:E1:80:4E:35
            X509v3 Authority Key Identifier:
                keyid:CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/9jGT2d7EzAXpdAngni132uGATjU.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:3d80::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:73:c3:3b:dd:a5:d1:08:10:15:66:84:b7:9b:e4:94:09:50:
         99:dd:9c:56:5d:1c:1b:11:bf:fc:91:e3:0d:db:c8:20:96:ff:
         8f:33:be:a0:c1:0e:06:35:32:02:f1:4e:27:42:e4:34:24:0b:
         32:09:36:0a:b5:7b:d1:67:bc:8a:ce:b4:ad:9a:0a:03:7f:58:
         80:8f:d3:19:b8:c5:14:53:bf:02:fd:2d:29:a6:a7:b4:b8:a9:
         40:a5:bc:d1:fb:5c:5d:02:72:f5:8a:5a:41:95:fa:82:0f:13:
         8e:2e:7d:78:7a:ba:0b:69:9e:31:81:32:90:11:62:3d:35:af:
         ab:cb:cc:b3:c1:01:d5:9e:f3:a9:4c:f1:48:e2:a0:af:f1:82:
         68:84:45:be:6e:2b:cb:cd:da:f5:52:52:c6:67:67:a1:21:eb:
         b9:19:f1:fd:6a:da:6c:a2:28:1c:69:15:19:9e:ad:d1:61:8e:
         17:9f:f3:02:a6:9b:2f:6e:90:eb:c8:d6:b5:a0:38:0f:b5:2a:
         a4:bd:96:49:78:7f:bb:f2:e5:e2:43:d7:2e:25:49:24:50:c8:
         c6:18:ac:e0:57:2b:ae:c3:3b:09:c4:6a:08:04:3d:7d:e4:10:
         20:b4:71:29:9a:d5:31:64:cb:c6:be:64:40:0c:60:69:e5:1b:
         53:b4:aa:f9
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC+swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0M4
Q0Y3MjZGMjMyMzI5OTEwODc0NEQ2OTMwQkVGMThENjc3NDQ1RDAeFw0yMzA4MTQw
NDM0MjZaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKEY2MzE5M0Q5REVDNEND
MDVFOTc0MDlFMDlFMkQ3N0RBRTE4MDRFMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrkFXyU4hmYjW6Pkv6EXQluIHZRL8YJqxN6DmQr82njNA13Y16
irkQvWaNoG2ryvG6TQJEc6AeiQs7986bcoh+EsZhWdyY28bg9H8IEXj7/pi4DZ6B
vnL7x1BJMCLWIZBvN3zsrGIP+Beo6Mcyg+VRvUF/+MfCzxt9KwvzbPEzQRK0An5R
z8Ue6i9V0EXIoEbwJdU0QfmOORVjhfUob3rkK7PxlXY6pGbq8A+6Ji2CWkK5zj53
m1wwGcQjzwARkb4OKHdFOHYV7VsG4yMo10H9DDABH+/UWV5Qpj0TXJOaWXHmzzhq
7bPr8ZbtQ0h/vhmP+ORPB22RdSO9r8PpdWNvAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU9jGT2d7EzAXpdAngni132uGATjUwHwYDVR0jBBgwFoAUzIz3JvIyMpkQh0TW
kwvvGNZ3RF0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3
L3pJejNKdkl5TXBrUWgwVFdrd3Z2R05aM1JGMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvekl6M0p2SXlNcGtRaDBUV2t3dnZHTlozUkYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3LzlqR1QyZDdFekFYcGRB
bmduaTEzMnVHQVRqVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkAz2AMA0GCSqGSIb3DQEBCwUAA4IBAQBlc8M73aXRCBAVZoS3m+SUCVCZ3ZxW
XRwbEb/8keMN28gglv+PM76gwQ4GNTIC8U4nQuQ0JAsyCTYKtXvRZ7yKzrStmgoD
f1iAj9MZuMUUU78C/S0ppqe0uKlApbzR+1xdAnL1ilpBlfqCDxOOLn14eroLaZ4x
gTKQEWI9Na+ry8yzwQHVnvOpTPFI4qCv8YJohEW+bivLzdr1UlLGZ2ehIeu5GfH9
atpsoigcaRUZnq3RYY4Xn/MCppsvbpDryNa1oDgPtSqkvZZJeH+78uXiQ9cuJUkk
UMjGGKzgVyuuwzsJxGoIBD195BAgtHEpmtUxZMvGvmRADGBp5RtTtKr5
-----END CERTIFICATE-----
Generated at Fri May 24 02:54:56 2024 by rpki-client on console-fra.rpki-client.org