Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911E403/A1CCECFEF8BB11EA87B1DE6BC4F9AE02/FDCED1D4776B11EE883A322CC4F9AE02.roa
File:                     FDCED1D4776B11EE883A322CC4F9AE02.roa (raw, json)
Hash identifier:          p+QgMOAR1sXkkPQPdVwp/HtnP+lUoFqPK0n81iWm9sc=
Subject key identifier:   4D:16:02:DB:BC:C6:E4:C9:D9:AB:CB:80:AF:C6:D8:1D:C3:3A:CF:98
Certificate issuer:       /CN=A911E403/serialNumber=5FE30CAF6F5A32C919D335AA94D0E7333CD05435
Certificate serial:       06B2
Authority key identifier: 5F:E3:0C:AF:6F:5A:32:C9:19:D3:35:AA:94:D0:E7:33:3C:D0:54:35
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X-MMr29aMskZ0zWqlNDnMzzQVDU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911E403/A1CCECFEF8BB11EA87B1DE6BC4F9AE02/FDCED1D4776B11EE883A322CC4F9AE02.roa
Signing time:             Mon 30 Oct 2023 21:33:40 +0000
ROA not before:           Mon 30 Oct 2023 21:33:40 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     2
IP address blocks:        203.34.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 30 Oct 2023 22:09:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1714 (0x6b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911E403/serialNumber=5FE30CAF6F5A32C919D335AA94D0E7333CD05435
        Validity
            Not Before: Oct 30 21:33:40 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=65402134-c29e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f7:b1:70:e1:54:cf:07:45:cc:6a:a8:b9:41:
                    47:b8:96:42:b7:5f:a5:79:37:e2:bb:44:2a:1e:c2:
                    ed:5b:3b:7e:e5:fa:04:7e:21:f2:fa:e5:6b:69:7b:
                    88:90:23:84:9c:64:71:d9:de:23:1f:fe:10:53:c1:
                    97:f3:5f:f0:54:32:19:67:6a:59:70:b1:9d:e2:24:
                    20:7c:89:62:5a:9c:f2:2a:ee:f8:eb:52:30:14:c5:
                    0f:c5:a8:be:bd:37:4b:fb:1b:8f:27:b5:83:98:70:
                    34:ae:c0:fc:f1:8a:6b:ed:cc:03:ea:e2:ff:c1:5c:
                    5a:4a:ac:a1:76:e2:34:6e:db:3d:67:11:ed:f8:7f:
                    9c:e7:08:33:41:2e:2d:da:f9:78:9a:42:4d:63:b0:
                    31:ae:45:66:60:92:64:25:82:38:d7:b9:8e:e0:f7:
                    67:10:0f:f9:a2:d0:a3:e0:77:a5:b3:2f:80:40:92:
                    12:60:47:08:ac:67:b3:18:3b:fb:5c:03:94:19:5c:
                    23:84:13:f3:6a:7f:55:d8:4b:17:45:79:f7:a3:27:
                    62:04:a7:bc:15:1f:36:54:01:0a:69:8b:97:8d:4e:
                    90:34:ce:c5:79:89:ce:8c:6f:d2:40:ca:02:de:e7:
                    2d:4f:83:0e:f1:93:4f:ca:b1:ea:0f:c8:53:56:02:
                    e7:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:16:02:DB:BC:C6:E4:C9:D9:AB:CB:80:AF:C6:D8:1D:C3:3A:CF:98
            X509v3 Authority Key Identifier:
                keyid:5F:E3:0C:AF:6F:5A:32:C9:19:D3:35:AA:94:D0:E7:33:3C:D0:54:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911E403/A1CCECFEF8BB11EA87B1DE6BC4F9AE02/X-MMr29aMskZ0zWqlNDnMzzQVDU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X-MMr29aMskZ0zWqlNDnMzzQVDU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E403/A1CCECFEF8BB11EA87B1DE6BC4F9AE02/FDCED1D4776B11EE883A322CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.34.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:c4:6f:ec:22:39:a0:5b:b0:a4:ff:6b:29:00:c1:21:a9:f3:
         cd:f6:74:56:4a:72:0e:b2:e5:70:df:51:63:75:09:d0:81:0c:
         65:84:45:86:b8:2d:8c:92:29:4f:7c:76:85:8f:df:73:4d:b8:
         f5:00:74:c2:a2:0d:b9:eb:2c:2f:a7:a7:6c:12:61:b3:db:5c:
         6c:53:3b:ba:e7:f5:70:89:cb:78:23:25:00:39:87:c5:ac:23:
         91:76:72:03:33:03:59:d1:a6:15:0c:f5:3a:ae:f6:c0:72:26:
         11:58:54:39:7e:1e:1e:71:32:a3:0c:d8:ff:9e:bb:e8:33:45:
         85:04:8d:f0:ec:41:31:ea:93:48:a5:4b:71:98:19:dd:44:29:
         69:a2:c4:dd:4b:3a:0d:0b:0f:b2:d5:48:d1:63:71:fd:30:f1:
         7c:73:54:c4:1d:cb:af:a1:42:93:ee:4f:46:84:76:a4:2b:98:
         c0:e4:c7:a8:62:4b:09:fe:ac:0e:ac:1d:38:5e:7b:dd:79:0f:
         3c:5e:6e:6a:7f:41:61:77:11:47:21:43:13:43:c0:22:a6:97:
         33:07:de:80:94:e3:f0:59:fb:8d:04:d5:b3:10:3f:1d:11:a6:
         b1:72:04:c0:d8:ab:ad:1b:24:36:4c:d4:82:dd:24:28:2e:e1:
         40:f8:90:e9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBrIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUU0MDMxMTAvBgNVBAUTKDVGRTMwQ0FGNkY1QTMyQzkxOUQzMzVBQTk0RDBFNzMz
M0NEMDU0MzUwHhcNMjMxMDMwMjEzMzQwWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQwMjEzNC1jMjllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuPexcOFUzwdFzGqouUFHuJZCt1+leTfiu0QqHsLtWzt+5foEfiHy+uVraXuI
kCOEnGRx2d4jH/4QU8GX81/wVDIZZ2pZcLGd4iQgfIliWpzyKu7461IwFMUPxai+
vTdL+xuPJ7WDmHA0rsD88Ypr7cwD6uL/wVxaSqyhduI0bts9ZxHt+H+c5wgzQS4t
2vl4mkJNY7AxrkVmYJJkJYI417mO4PdnEA/5otCj4Helsy+AQJISYEcIrGezGDv7
XAOUGVwjhBPzan9V2EsXRXn3oydiBKe8FR82VAEKaYuXjU6QNM7FeYnOjG/SQMoC
3uctT4MO8ZNPyrHqD8hTVgLn2wIDAQABo4IClTCCApEwHQYDVR0OBBYEFE0WAtu8
xuTJ2avLgK/G2B3DOs+YMB8GA1UdIwQYMBaAFF/jDK9vWjLJGdM1qpTQ5zM80FQ1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTQwMy9BMUNDRUNGRUY4
QkIxMUVBODdCMURFNkJDNEY5QUUwMi9YLU1NcjI5YU1za1oweldxbE5Ebk16elFW
RFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1gtTU1yMjlhTXNrWjB6V3FsTkRuTXp6UVZEVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUU0MDMvQTFDQ0VDRkVGOEJCMTFFQTg3QjFERTZCQzRGOUFFMDIvRkRDRUQxRDQ3
NzZCMTFFRTg4M0EzMjJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIgswDQYJKoZIhvcNAQELBQADggEBACTEb+wiOaBbsKT/
aykAwSGp8832dFZKcg6y5XDfUWN1CdCBDGWERYa4LYySKU98doWP33NNuPUAdMKi
DbnrLC+np2wSYbPbXGxTO7rn9XCJy3gjJQA5h8WsI5F2cgMzA1nRphUM9Tqu9sBy
JhFYVDl+Hh5xMqMM2P+eu+gzRYUEjfDsQTHqk0ilS3GYGd1EKWmixN1LOg0LD7LV
SNFjcf0w8XxzVMQdy6+hQpPuT0aEdqQrmMDkx6hiSwn+rA6sHThee915Dzxebmp/
QWF3EUchQxNDwCKmlzMH3oCU4/BZ+40E1bMQPx0RprFyBMDYq60bJDZM1ILdJCgu
4UD4kOk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org