Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9153490/99198F12D05411EEAF799F16C4F9AE02/CAE7AF84D06211EE926C9844C4F9AE02.roa
File:                     CAE7AF84D06211EE926C9844C4F9AE02.roa (raw, json)
Hash identifier:          i/7JZLzuFKPst4RbapR7+1qcDY3W2rEPElOf1XzkoCs=
Subject key identifier:   F5:59:35:92:F8:C0:0F:80:8C:64:36:A7:08:00:F4:D9:9F:0A:94:50
Certificate issuer:       /CN=A9153490/serialNumber=137353D0E8C145A580CB00BC3222089C4048AE51
Certificate serial:       03
Authority key identifier: 13:73:53:D0:E8:C1:45:A5:80:CB:00:BC:32:22:08:9C:40:48:AE:51
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E3NT0OjBRaWAywC8MiIInEBIrlE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9153490/99198F12D05411EEAF799F16C4F9AE02/CAE7AF84D06211EE926C9844C4F9AE02.roa
Signing time:             Wed 21 Feb 2024 02:42:02 +0000
ROA not before:           Wed 21 Feb 2024 02:42:02 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     139623
IP address blocks:        2401:7f20::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 26 Mar 2024 21:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9153490/serialNumber=137353D0E8C145A580CB00BC3222089C4048AE51
        Validity
            Not Before: Feb 21 02:42:02 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=65d562fa-60af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:3d:23:1b:64:18:c9:37:e6:be:0d:76:d8:12:
                    6f:97:1c:2c:01:b9:62:45:55:f7:20:90:75:61:f1:
                    88:e9:54:7f:fa:2e:eb:f0:2e:9d:40:ba:bf:f2:55:
                    8d:94:50:f3:b4:51:c3:7e:b5:1a:2d:1d:71:98:89:
                    8a:b1:32:ad:a9:9f:05:1f:e9:5c:91:b9:56:92:a2:
                    43:82:05:af:d4:6a:44:6d:51:69:54:33:52:27:6a:
                    8d:b2:45:d6:37:7e:e8:c4:96:49:0b:c3:97:47:ec:
                    af:77:44:36:51:43:7f:45:8b:76:23:d9:65:51:1a:
                    51:cf:dc:f3:6a:dd:e3:87:91:ee:00:e7:dd:6b:7e:
                    14:d7:3f:65:73:e5:d9:95:40:45:7a:d3:72:00:82:
                    95:4a:7d:2a:f3:5c:11:2c:15:f7:3b:5a:5c:bd:81:
                    80:4f:be:42:2f:7d:44:7f:8a:03:b9:a2:83:03:98:
                    d7:44:9a:4b:f9:d8:c1:3f:8a:52:7c:5f:ca:49:ec:
                    7c:cc:80:3d:90:14:31:4c:14:33:87:67:b7:81:8a:
                    7f:f6:74:22:04:61:ef:8f:4c:6f:c2:bd:6a:6a:05:
                    11:da:c6:bd:d6:3a:1d:b3:eb:50:f1:1b:47:4e:87:
                    bd:ec:8b:02:30:29:cd:86:4b:76:17:4f:df:ba:4a:
                    34:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:59:35:92:F8:C0:0F:80:8C:64:36:A7:08:00:F4:D9:9F:0A:94:50
            X509v3 Authority Key Identifier:
                keyid:13:73:53:D0:E8:C1:45:A5:80:CB:00:BC:32:22:08:9C:40:48:AE:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9153490/99198F12D05411EEAF799F16C4F9AE02/E3NT0OjBRaWAywC8MiIInEBIrlE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E3NT0OjBRaWAywC8MiIInEBIrlE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153490/99198F12D05411EEAF799F16C4F9AE02/CAE7AF84D06211EE926C9844C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:7f20::/32

    Signature Algorithm: sha256WithRSAEncryption
         7d:79:41:47:67:1c:6a:e4:ba:a6:c8:92:bd:92:16:d8:bf:75:
         e4:12:81:b6:df:63:ce:60:c9:23:99:1f:9d:de:a9:e6:31:17:
         b9:1b:dd:74:b2:08:ba:0a:0c:57:de:a8:20:7e:d8:71:c6:53:
         e2:84:12:df:71:51:19:76:be:c9:f0:bc:13:91:78:79:7d:ec:
         5e:3a:4a:1b:a7:a3:e1:c2:b9:ea:eb:6b:c1:e8:1b:99:2b:a9:
         dd:62:c8:87:35:4e:c5:78:4b:fc:ce:e3:1e:ca:9a:74:cd:5e:
         11:f5:6c:83:93:24:44:4b:33:e2:fd:9e:75:f6:0e:7c:13:5e:
         c3:53:38:ae:f6:04:a6:92:63:af:83:cc:67:f4:bb:3e:be:25:
         1b:bb:91:71:7b:4f:87:29:77:25:17:bb:3e:de:43:90:1f:c8:
         53:6e:0a:29:a7:ec:c3:d7:4c:17:cd:0a:5a:7f:2a:cc:74:ec:
         8c:c8:07:28:49:13:e8:e1:1c:b4:de:6d:a8:43:df:1e:a1:74:
         0f:d1:f2:f9:78:04:e8:0f:54:82:64:d4:a7:4b:ff:83:8d:40:
         f6:e2:a7:62:3c:cf:5c:39:d5:b3:4c:ca:ef:77:f3:f5:0e:eb:
         5c:ac:31:68:77:ad:66:6c:72:15:84:31:87:35:1f:d8:3e:1d:
         30:14:a4:c6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
MzQ5MDExMC8GA1UEBRMoMTM3MzUzRDBFOEMxNDVBNTgwQ0IwMEJDMzIyMjA4OUM0
MDQ4QUU1MTAeFw0yNDAyMjEwMjQyMDJaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZDU2MmZhLTYwYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQChPSMbZBjJN+a+DXbYEm+XHCwBuWJFVfcgkHVh8YjpVH/6LuvwLp1Aur/yVY2U
UPO0UcN+tRotHXGYiYqxMq2pnwUf6VyRuVaSokOCBa/UakRtUWlUM1Inao2yRdY3
fujElkkLw5dH7K93RDZRQ39Fi3Yj2WVRGlHP3PNq3eOHke4A591rfhTXP2Vz5dmV
QEV603IAgpVKfSrzXBEsFfc7Wly9gYBPvkIvfUR/igO5ooMDmNdEmkv52ME/ilJ8
X8pJ7HzMgD2QFDFMFDOHZ7eBin/2dCIEYe+PTG/CvWpqBRHaxr3WOh2z61DxG0dO
h73siwIwKc2GS3YXT9+6SjTHAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQU9Vk1kvjA
D4CMZDanCAD02Z8KlFAwHwYDVR0jBBgwFoAUE3NT0OjBRaWAywC8MiIInEBIrlEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUzNDkwLzk5MTk4RjEyRDA1
NDExRUVBRjc5OUYxNkM0RjlBRTAyL0UzTlQwT2pCUmFXQXl3QzhNaUlJbkVCSXJs
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRTNOVDBPakJSYVdBeXdDOE1pSUluRUJJcmxFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MzQ5MC85OTE5OEYxMkQwNTQxMUVFQUY3OTlGMTZDNEY5QUUwMi9DQUU3QUY4NEQw
NjIxMUVFOTI2Qzk4NDRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBfyAwDQYJKoZIhvcNAQELBQADggEBAH15QUdnHGrkuqbI
kr2SFti/deQSgbbfY85gySOZH53eqeYxF7kb3XSyCLoKDFfeqCB+2HHGU+KEEt9x
URl2vsnwvBOReHl97F46Shuno+HCuerra8HoG5krqd1iyIc1TsV4S/zO4x7KmnTN
XhH1bIOTJERLM+L9nnX2DnwTXsNTOK72BKaSY6+DzGf0uz6+JRu7kXF7T4cpdyUX
uz7eQ5AfyFNuCimn7MPXTBfNClp/Ksx07IzIByhJE+jhHLTebahD3x6hdA/R8vl4
BOgPVIJk1KdL/4ONQPbip2I8z1w51bNMyu938/UO61ysMWh3rWZschWEMYc1H9g+
HTAUpMY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org