Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/A22C946CB3D011EB950C7559C4F9AE02.roa
File:                     A22C946CB3D011EB950C7559C4F9AE02.roa (raw, json)
Hash identifier:          t3EFRBF+PLfouJQDpoB/zlBtHSXK2DY5Qk/k/wad1ks=
Subject key identifier:   2E:67:A2:58:21:BC:A5:EA:92:BB:6E:88:50:58:8F:62:F8:1E:60:D0
Certificate issuer:       /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial:       3456
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/A22C946CB3D011EB950C7559C4F9AE02.roa
Signing time:             Wed 04 Oct 2023 14:50:34 +0000
ROA not before:           Wed 04 Oct 2023 14:50:34 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     35554
IP address blocks:        175.29.0.0/18 maxlen: 24
                          175.29.64.0/19 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Mar 2024 18:09:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13398 (0x3456)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
        Validity
            Not Before: Oct  4 14:50:34 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=651d7bb9-46c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:7b:f3:ff:08:9f:a0:dc:5e:59:cd:23:45:d9:
                    15:73:c9:d2:d4:fa:62:5b:a3:fe:05:5e:79:8c:d7:
                    ee:d2:e7:7c:b0:6e:1e:67:c2:bb:93:f1:01:4b:d5:
                    2c:8e:ff:c0:0b:74:8d:ab:5e:af:3e:fd:be:4f:3f:
                    34:2e:30:23:a3:50:e3:59:26:c0:71:7e:54:54:1d:
                    00:f7:83:0d:54:61:38:64:3b:f2:42:3e:15:8c:06:
                    98:b7:50:82:2e:c6:08:3c:a2:d0:5a:0f:18:36:0b:
                    57:d7:b0:3c:b3:ae:5f:c0:13:55:b7:70:19:2b:ca:
                    39:2f:c3:28:b2:07:43:a1:17:4c:e5:d8:74:21:8c:
                    f9:1a:5e:b1:d0:3e:5b:d4:4b:b6:79:4d:60:cf:79:
                    f7:b7:d0:8c:15:d4:0a:53:d2:7f:0c:8e:0a:51:10:
                    a7:fc:8a:e5:5d:10:c5:15:7d:47:ee:c3:17:7b:9b:
                    15:68:27:c5:29:08:71:2d:f4:df:50:12:b3:a9:5f:
                    c2:5d:c2:86:a6:6f:ee:61:a0:33:b1:75:22:33:f9:
                    b5:b8:b8:b2:ff:35:03:e3:55:15:52:16:84:bc:94:
                    ec:96:6a:f0:ea:be:a5:24:4f:56:3b:97:c4:a9:61:
                    04:c9:d9:91:4c:d9:72:41:15:2b:9d:70:e5:be:64:
                    36:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:67:A2:58:21:BC:A5:EA:92:BB:6E:88:50:58:8F:62:F8:1E:60:D0
            X509v3 Authority Key Identifier:
                keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/A22C946CB3D011EB950C7559C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.29.0.0-175.29.95.255

    Signature Algorithm: sha256WithRSAEncryption
         11:28:e4:09:b9:2b:71:c3:6e:71:1d:69:ed:e8:f2:49:73:36:
         96:e4:7b:38:80:4e:be:ad:5a:d4:22:f5:3b:a0:5d:d3:6d:b1:
         25:74:2d:30:89:56:4f:cb:19:c8:e3:ca:25:21:48:7b:1a:58:
         ba:84:47:68:4d:6b:97:1f:17:ef:7e:aa:02:d1:c2:34:8d:6b:
         7f:64:76:b4:c4:df:9a:50:61:7b:88:65:14:02:74:69:71:f4:
         de:eb:80:c6:e8:e9:f8:53:68:0c:45:fe:c2:f1:f4:3a:32:0f:
         14:66:b7:32:bb:d2:8f:42:3b:bf:1e:02:3d:67:fe:0a:33:29:
         b5:43:49:e3:ca:be:12:a2:d2:4f:71:d1:ed:a9:95:5a:81:5e:
         4e:e8:61:ec:57:ea:fe:30:02:b2:51:dc:61:f4:34:42:40:41:
         b3:e0:54:b1:ea:ec:e8:4c:39:76:d8:e9:b9:84:90:3e:52:b4:
         e6:52:41:a2:e1:2a:9e:b0:66:e1:a7:f4:15:70:0b:41:ec:c4:
         54:e8:12:af:ed:b0:01:e4:73:16:c3:75:65:49:b2:bf:7d:cf:
         08:13:a5:9d:73:a8:38:c7:ea:91:03:f8:90:cc:e0:9b:c0:f1:
         1f:c5:f5:56:13:ba:65:e5:21:72:c0:a2:ce:65:50:da:45:20:
         5e:d1:0e:23
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgICNFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjMxMDA0MTQ1MDM0WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkN2JiOS00NmMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzXvz/wifoNxeWc0jRdkVc8nS1PpiW6P+BV55jNfu0ud8sG4eZ8K7k/EBS9Us
jv/AC3SNq16vPv2+Tz80LjAjo1DjWSbAcX5UVB0A94MNVGE4ZDvyQj4VjAaYt1CC
LsYIPKLQWg8YNgtX17A8s65fwBNVt3AZK8o5L8MosgdDoRdM5dh0IYz5Gl6x0D5b
1Eu2eU1gz3n3t9CMFdQKU9J/DI4KURCn/IrlXRDFFX1H7sMXe5sVaCfFKQhxLfTf
UBKzqV/CXcKGpm/uYaAzsXUiM/m1uLiy/zUD41UVUhaEvJTslmrw6r6lJE9WO5fE
qWEEydmRTNlyQRUrnXDlvmQ2iwIDAQABo4ICnDCCApgwHQYDVR0OBBYEFC5nolgh
vKXqkrtuiFBYj2L4HmDQMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvQTIyQzk0NkNC
M0QwMTFFQjk1MEM3NTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQcBAf8E
FzAVMBMEAgABMA0wCwMDAK8dAwQFrx1AMA0GCSqGSIb3DQEBCwUAA4IBAQARKOQJ
uStxw25xHWnt6PJJczaW5Hs4gE6+rVrUIvU7oF3TbbEldC0wiVZPyxnI48olIUh7
Gli6hEdoTWuXHxfvfqoC0cI0jWt/ZHa0xN+aUGF7iGUUAnRpcfTe64DG6On4U2gM
Rf7C8fQ6Mg8UZrcyu9KPQju/HgI9Z/4KMym1Q0njyr4SotJPcdHtqZVagV5O6GHs
V+r+MAKyUdxh9DRCQEGz4FSx6uzoTDl22Om5hJA+UrTmUkGi4SqesGbhp/QVcAtB
7MRU6BKv7bAB5HMWw3VlSbK/fc8IE6Wdc6g4x+qRA/iQzOCbwPEfxfVWE7pl5SFy
wKLOZVDaRSBe0Q4j
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org