Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/E695D03EAAE811EEA8432E10C4F9AE02.roa
File:                     E695D03EAAE811EEA8432E10C4F9AE02.roa (raw, json)
Hash identifier:          3emN+r1Ajd6iOf50J73z2fNMGV9Kka06rtIZ8l9hWKA=
Subject key identifier:   E6:88:E1:4E:A6:9C:90:96:D0:90:FA:1B:35:40:C8:54:26:74:AC:9E
Certificate issuer:       /CN=A915ADC4/serialNumber=1DD1CBBC5DF5BDFABBB3ADAF12B00256B7F18D12
Certificate serial:       09
Authority key identifier: 1D:D1:CB:BC:5D:F5:BD:FA:BB:B3:AD:AF:12:B0:02:56:B7:F1:8D:12
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdHLvF31vfq7s62vErACVrfxjRI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/E695D03EAAE811EEA8432E10C4F9AE02.roa
Signing time:             Thu 04 Jan 2024 10:06:17 +0000
ROA not before:           Thu 04 Jan 2024 10:06:17 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     152300
IP address blocks:        2401:72a0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sat 06 Jan 2024 20:23:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9 (0x9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915ADC4/serialNumber=1DD1CBBC5DF5BDFABBB3ADAF12B00256B7F18D12
        Validity
            Not Before: Jan  4 10:06:17 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65968319-57d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:82:a1:b9:24:ca:7b:05:00:44:37:e6:d0:5e:
                    28:9e:51:63:c8:e9:ca:80:fa:c1:15:15:d8:79:e0:
                    da:dc:3a:02:bb:91:fd:57:a2:31:43:ee:59:03:26:
                    9f:5b:cd:4f:fe:10:a1:00:b9:cf:04:28:c7:80:a6:
                    52:83:71:91:de:9f:e5:ed:cb:9c:16:f3:4b:44:c2:
                    2e:0b:77:48:9d:4a:6d:8b:2e:d3:a3:ee:13:4d:23:
                    69:77:e1:4e:49:b1:02:12:9a:4d:f4:4c:04:61:0c:
                    87:5c:a2:67:10:47:d5:e6:c5:88:f0:33:14:6a:b3:
                    04:47:e9:c3:ee:79:38:07:a4:3b:51:30:2c:ad:e7:
                    94:78:cc:14:de:22:4f:b8:83:6a:ab:d4:3a:d8:1f:
                    6c:74:3c:83:db:e9:bb:5c:bf:47:e5:ba:2a:1d:3f:
                    92:b4:67:fd:a2:c4:ca:16:bd:7d:b9:87:b9:da:ec:
                    ac:c2:3b:00:9c:3e:74:2c:c2:2c:c1:90:76:8d:6b:
                    b4:85:4b:46:ac:67:b8:c3:f3:51:fd:28:24:7e:4d:
                    c5:3c:e2:d4:d8:48:dc:e6:65:18:ea:4d:9d:77:65:
                    05:b3:4b:a1:e9:e0:c8:eb:2e:22:d9:01:ae:0a:c5:
                    84:30:39:7c:26:9e:f0:4c:c8:e1:a9:f2:f6:28:4a:
                    5b:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:88:E1:4E:A6:9C:90:96:D0:90:FA:1B:35:40:C8:54:26:74:AC:9E
            X509v3 Authority Key Identifier:
                keyid:1D:D1:CB:BC:5D:F5:BD:FA:BB:B3:AD:AF:12:B0:02:56:B7:F1:8D:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/HdHLvF31vfq7s62vErACVrfxjRI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdHLvF31vfq7s62vErACVrfxjRI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/E695D03EAAE811EEA8432E10C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:72a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         5c:d3:1d:83:3e:b1:d2:98:54:3a:42:86:56:ff:22:b9:e4:83:
         85:26:b9:a9:ad:9c:e1:e8:6d:71:da:61:9d:24:f1:db:fe:ca:
         8b:df:0e:e7:82:3e:8b:f7:ea:5a:b6:a5:9f:1b:e8:63:d1:6a:
         80:c1:8b:4a:9a:b9:b3:2c:bd:7e:e2:e8:37:c2:ea:41:5a:25:
         2e:32:7a:fb:81:b9:17:40:41:b3:04:32:09:3d:90:3c:9b:f2:
         9b:3c:1e:0a:c9:0b:9d:af:e3:24:eb:46:9b:c8:5d:ee:90:4c:
         03:ae:5a:d4:16:53:1d:a9:be:25:98:cf:d3:24:03:37:ba:44:
         fc:93:35:6b:79:bb:bb:65:c5:b8:e7:58:f3:3d:43:19:6a:06:
         88:22:e7:e4:75:d1:99:50:26:89:b3:bf:f3:2f:3d:0c:84:eb:
         fe:a0:6a:60:6a:64:36:76:32:d0:f9:43:02:87:dc:ff:92:ca:
         00:c7:ae:c1:07:3c:1f:3d:f1:34:a3:f4:2f:60:d8:93:f8:3b:
         30:5d:8b:d2:fa:4b:f3:34:1a:94:c0:e9:ab:69:9c:e6:64:96:
         ba:7f:78:0a:eb:f7:90:a6:fc:97:dc:df:6f:43:39:46:07:e9:
         df:2d:04:36:d0:e3:fe:c9:8b:4c:e2:7d:73:6b:76:5d:b8:b6:
         06:84:e3:db
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QURDNDExMC8GA1UEBRMoMUREMUNCQkM1REY1QkRGQUJCQjNBREFGMTJCMDAyNTZC
N0YxOEQxMjAeFw0yNDAxMDQxMDA2MTdaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OTY4MzE5LTU3ZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDrgqG5JMp7BQBEN+bQXiieUWPI6cqA+sEVFdh54NrcOgK7kf1XojFD7lkDJp9b
zU/+EKEAuc8EKMeAplKDcZHen+Xty5wW80tEwi4Ld0idSm2LLtOj7hNNI2l34U5J
sQISmk30TARhDIdcomcQR9XmxYjwMxRqswRH6cPueTgHpDtRMCyt55R4zBTeIk+4
g2qr1DrYH2x0PIPb6btcv0fluiodP5K0Z/2ixMoWvX25h7na7KzCOwCcPnQswizB
kHaNa7SFS0asZ7jD81H9KCR+TcU84tTYSNzmZRjqTZ13ZQWzS6Hp4MjrLiLZAa4K
xYQwOXwmnvBMyOGp8vYoSlszAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQU5ojhTqac
kJbQkPobNUDIVCZ0rJ4wHwYDVR0jBBgwFoAUHdHLvF31vfq7s62vErACVrfxjRIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVBREM0LzYxNDE1RjU4QTlG
NzExRUU4RUI0OEQyMkM0RjlBRTAyL0hkSEx2RjMxdmZxN3M2MnZFckFDVnJmeGpS
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSGRITHZGMzF2ZnE3czYydkVyQUNWcmZ4alJJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QURDNC82MTQxNUY1OEE5RjcxMUVFOEVCNDhEMjJDNEY5QUUwMi9FNjk1RDAzRUFB
RTgxMUVFQTg0MzJFMTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBcqAwDQYJKoZIhvcNAQELBQADggEBAFzTHYM+sdKYVDpC
hlb/Irnkg4UmuamtnOHobXHaYZ0k8dv+yovfDueCPov36lq2pZ8b6GPRaoDBi0qa
ubMsvX7i6DfC6kFaJS4yevuBuRdAQbMEMgk9kDyb8ps8HgrJC52v4yTrRpvIXe6Q
TAOuWtQWUx2pviWYz9MkAze6RPyTNWt5u7tlxbjnWPM9QxlqBogi5+R10ZlQJomz
v/MvPQyE6/6gamBqZDZ2MtD5QwKH3P+SygDHrsEHPB898TSj9C9g2JP4OzBdi9L6
S/M0GpTA6atpnOZklrp/eArr95Cm/Jfc329DOUYH6d8tBDbQ4/7Ji0zifXNrdl24
tgaE49s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org