Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9138EEB/F49114802BC311EFB85FFB65C4F9AE02/38D3EA222BC511EFAF5CEF67C4F9AE02.roa
File:                     38D3EA222BC511EFAF5CEF67C4F9AE02.roa (raw, json)
Hash identifier:          I9GyYrAPg7bbV8sWi6M3qBaLCpu56e2L38wBckakpuU=
Subject key identifier:   2F:9C:6C:10:A5:0B:56:7C:98:81:3E:E0:34:DE:D8:16:89:1E:C3:18
Certificate issuer:       /CN=A9138EEB/serialNumber=A619950CCA646487AB9BD44A41F7F6C9B409B3D7
Certificate serial:       02
Authority key identifier: A6:19:95:0C:CA:64:64:87:AB:9B:D4:4A:41:F7:F6:C9:B4:09:B3:D7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/phmVDMpkZIerm9RKQff2ybQJs9c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9138EEB/F49114802BC311EFB85FFB65C4F9AE02/38D3EA222BC511EFAF5CEF67C4F9AE02.roa
Signing time:             Sun 16 Jun 2024 09:45:53 +0000
ROA not before:           Sun 16 Jun 2024 09:45:53 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     137409
IP address blocks:        202.27.230.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Jun 2024 06:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9138EEB/serialNumber=A619950CCA646487AB9BD44A41F7F6C9B409B3D7
        Validity
            Not Before: Jun 16 09:45:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=666eb451-9402
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:2a:8c:71:5c:ce:ef:24:70:81:74:1d:a4:59:
                    83:31:47:94:c4:6f:73:0f:d7:9f:fa:6d:f9:d1:cf:
                    8b:71:6a:51:de:81:3d:34:de:6f:1d:57:89:78:9d:
                    3c:f8:05:73:f7:11:11:be:90:40:a2:ec:bd:c6:b9:
                    c3:d5:d7:7b:c9:03:13:7b:1d:fc:3f:0d:98:fa:00:
                    54:9f:a2:01:97:90:54:f3:3a:60:32:78:84:e9:f1:
                    61:bc:73:b6:78:b9:1b:2a:9f:f1:68:9a:a5:b0:09:
                    70:12:2f:d0:7b:ac:d7:75:8f:0a:3d:9c:2c:fa:68:
                    69:9e:df:db:d6:33:4b:ad:3b:af:4f:13:73:24:3d:
                    d0:d2:1b:fe:fc:59:6b:30:c7:f0:49:34:c3:a1:ab:
                    15:c9:9d:6b:ab:9a:92:b3:cc:1f:29:19:3d:8a:25:
                    68:23:96:9d:0c:de:37:9f:cc:5b:2f:ff:0c:a5:92:
                    96:69:a7:11:37:b7:fe:02:a1:13:d3:74:85:35:b9:
                    ab:9e:5b:e5:6c:81:4a:2e:d6:13:8e:45:9e:5f:ba:
                    2c:f2:dd:fa:44:e0:7b:68:53:c1:bb:80:95:ff:9c:
                    36:36:0a:2b:42:bd:9a:40:71:e3:cf:be:a2:2d:34:
                    90:3d:85:04:20:3d:ae:46:14:87:ea:a5:b4:c0:1f:
                    d5:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:9C:6C:10:A5:0B:56:7C:98:81:3E:E0:34:DE:D8:16:89:1E:C3:18
            X509v3 Authority Key Identifier:
                keyid:A6:19:95:0C:CA:64:64:87:AB:9B:D4:4A:41:F7:F6:C9:B4:09:B3:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9138EEB/F49114802BC311EFB85FFB65C4F9AE02/phmVDMpkZIerm9RKQff2ybQJs9c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/phmVDMpkZIerm9RKQff2ybQJs9c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138EEB/F49114802BC311EFB85FFB65C4F9AE02/38D3EA222BC511EFAF5CEF67C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.27.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0c:6a:f2:88:8e:f1:68:ad:dd:df:73:dc:08:00:36:98:a7:7b:
         35:9f:17:f2:1e:93:8e:dc:8f:ca:d9:47:1d:22:b9:c0:69:3d:
         d4:d7:f0:89:f4:a9:cd:e6:7a:84:bb:7b:38:f0:3d:a4:8a:f9:
         eb:77:89:8f:4d:df:1f:69:cb:c1:20:b9:67:64:37:25:14:ce:
         b4:8a:7a:11:47:6c:dd:77:a8:0a:39:3e:18:ca:6c:cb:90:51:
         7b:ca:75:46:7f:34:29:01:78:3f:31:c6:d2:97:3a:65:f2:fb:
         3f:69:e2:74:75:95:b2:71:f6:3a:df:f4:b9:ec:4f:06:d1:86:
         c6:34:9c:03:66:18:48:7f:3c:02:90:2f:6d:e2:32:fa:a6:b0:
         45:98:fb:50:dd:40:38:82:df:9c:a3:56:2e:f9:6d:c7:db:38:
         6f:7b:e8:53:8c:32:95:30:bf:2f:c8:d1:16:85:ce:07:c4:71:
         4e:61:04:bb:a4:02:a4:0f:33:ee:05:19:3a:95:0a:5b:7a:e1:
         c8:0e:17:fb:e8:8d:ce:05:c2:20:9d:74:71:c6:96:b3:d0:a4:
         dd:0c:90:1a:87:2c:95:b0:6d:96:42:3f:7f:55:fc:83:b6:22:
         ac:a7:c4:33:e3:79:5d:a0:de:0d:6c:5b:07:5b:8b:2b:f4:ff:
         5c:63:30:62
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
OEVFQjExMC8GA1UEBRMoQTYxOTk1MENDQTY0NjQ4N0FCOUJENDRBNDFGN0Y2QzlC
NDA5QjNENzAeFw0yNDA2MTYwOTQ1NTNaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NmViNDUxLTk0MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIKoxxXM7vJHCBdB2kWYMxR5TEb3MP15/6bfnRz4txalHegT003m8dV4l4nTz4
BXP3ERG+kECi7L3GucPV13vJAxN7Hfw/DZj6AFSfogGXkFTzOmAyeITp8WG8c7Z4
uRsqn/FomqWwCXASL9B7rNd1jwo9nCz6aGme39vWM0utO69PE3MkPdDSG/78WWsw
x/BJNMOhqxXJnWurmpKzzB8pGT2KJWgjlp0M3jefzFsv/wylkpZppxE3t/4CoRPT
dIU1uaueW+VsgUou1hOORZ5fuizy3fpE4HtoU8G7gJX/nDY2CitCvZpAcePPvqIt
NJA9hQQgPa5GFIfqpbTAH9XTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUL5xsEKUL
VnyYgT7gNN7YFokewxgwHwYDVR0jBBgwFoAUphmVDMpkZIerm9RKQff2ybQJs9cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4RUVCL0Y0OTExNDgwMkJD
MzExRUZCODVGRkI2NUM0RjlBRTAyL3BobVZETXBrWkllcm05UktRZmYyeWJRSnM5
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcGhtVkRNcGtaSWVybTlSS1FmZjJ5YlFKczljLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
OEVFQi9GNDkxMTQ4MDJCQzMxMUVGQjg1RkZCNjVDNEY5QUUwMi8zOEQzRUEyMjJC
QzUxMUVGQUY1Q0VGNjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcob5jANBgkqhkiG9w0BAQsFAAOCAQEADGryiI7xaK3d33Pc
CAA2mKd7NZ8X8h6TjtyPytlHHSK5wGk91NfwifSpzeZ6hLt7OPA9pIr563eJj03f
H2nLwSC5Z2Q3JRTOtIp6EUds3XeoCjk+GMpsy5BRe8p1Rn80KQF4PzHG0pc6ZfL7
P2nidHWVsnH2Ot/0uexPBtGGxjScA2YYSH88ApAvbeIy+qawRZj7UN1AOILfnKNW
Lvltx9s4b3voU4wylTC/L8jRFoXOB8RxTmEEu6QCpA8z7gUZOpUKW3rhyA4X++iN
zgXCIJ10ccaWs9Ck3QyQGocslbBtlkI/f1X8g7YirKfEM+N5XaDeDWxbB1uLK/T/
XGMwYg==
-----END CERTIFICATE-----
Generated at Mon Jun 17 09:01:58 2024 by rpki-client on console-fra.rpki-client.org