Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91625DB/11939D10906911EEB23D7425C4F9AE02/680D30F0906B11EE9C5DD17BC4F9AE02.roa
File:                     680D30F0906B11EE9C5DD17BC4F9AE02.roa (raw, json)
Hash identifier:          epCpJgVM1FB1dSSTi5xCCp4o1cAnTK7JT9v8wSCG7S0=
Subject key identifier:   9A:B6:FC:9A:06:72:AC:99:65:04:3C:C6:31:26:75:69:75:67:77:8A
Certificate issuer:       /CN=A91625DB/serialNumber=7BE230153CFF9001642DBC9B24F85D0CC282364E
Certificate serial:       0E
Authority key identifier: 7B:E2:30:15:3C:FF:90:01:64:2D:BC:9B:24:F8:5D:0C:C2:82:36:4E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e-IwFTz_kAFkLbybJPhdDMKCNk4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91625DB/11939D10906911EEB23D7425C4F9AE02/680D30F0906B11EE9C5DD17BC4F9AE02.roa
Signing time:             Fri 01 Dec 2023 17:02:28 +0000
ROA not before:           Fri 01 Dec 2023 17:02:28 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     152176
IP address blocks:        210.87.64.0/24 maxlen: 24
                          210.87.65.0/24 maxlen: 24
                          2001:df3:3d40::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 03 Dec 2023 19:23:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14 (0xe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91625DB/serialNumber=7BE230153CFF9001642DBC9B24F85D0CC282364E
        Validity
            Not Before: Dec  1 17:02:28 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=656a11a3-4b6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:af:6a:bb:bd:53:2c:d5:98:f4:a1:3e:76:e1:
                    65:41:0f:44:9a:2f:38:4b:3b:c9:a9:dc:fe:97:57:
                    29:da:c0:d6:05:36:d5:e1:a5:12:2a:b1:81:98:02:
                    d9:b7:4a:c6:7a:41:0b:83:96:b9:41:88:c4:77:38:
                    82:48:80:4e:38:62:04:8e:6f:ef:00:ad:3f:61:21:
                    0c:13:54:f6:cd:a1:cc:84:5e:43:42:07:5c:c3:74:
                    9e:d5:b4:97:c3:cf:cf:13:df:fc:9f:86:a5:c5:d3:
                    ea:40:92:12:bd:12:b7:22:63:73:9c:33:c0:48:de:
                    02:22:a2:a8:7c:27:b2:bf:14:d6:43:f5:a1:a5:90:
                    0a:30:c4:9f:d9:a1:82:40:74:46:ee:e1:2b:d7:42:
                    e2:e7:ce:85:d3:44:ab:8f:46:3e:e0:47:39:47:96:
                    c5:79:49:07:9b:7b:1c:29:61:99:c2:f0:b4:f2:c7:
                    a2:90:b9:22:11:09:ab:90:f6:3c:78:6d:2d:79:2e:
                    7b:f0:4e:2f:ae:21:65:fe:a7:54:b0:0d:73:9d:fc:
                    9b:9d:66:59:bf:5c:b8:e9:d6:77:b9:ee:d8:02:7d:
                    d8:fa:3e:ae:cd:71:10:26:77:ba:f0:dd:98:81:5b:
                    70:7b:bd:18:54:b9:6c:1a:35:82:d4:9c:fe:8c:45:
                    3b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:B6:FC:9A:06:72:AC:99:65:04:3C:C6:31:26:75:69:75:67:77:8A
            X509v3 Authority Key Identifier:
                keyid:7B:E2:30:15:3C:FF:90:01:64:2D:BC:9B:24:F8:5D:0C:C2:82:36:4E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91625DB/11939D10906911EEB23D7425C4F9AE02/e-IwFTz_kAFkLbybJPhdDMKCNk4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/e-IwFTz_kAFkLbybJPhdDMKCNk4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91625DB/11939D10906911EEB23D7425C4F9AE02/680D30F0906B11EE9C5DD17BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.87.64.0/23
                IPv6:
                  2001:df3:3d40::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:56:20:ae:ff:f0:5b:ba:4d:32:e5:c0:67:2f:af:c7:82:23:
         e0:19:c9:13:87:ac:8e:e0:c2:46:a4:21:e5:31:5a:9e:ac:1f:
         29:7f:f2:7a:0c:98:e6:4a:19:42:9d:5a:59:b0:9a:55:5f:33:
         61:15:e6:d8:f3:51:6f:05:55:31:c1:84:33:77:32:a9:cf:f8:
         2d:c7:ae:52:72:18:d2:83:4f:32:ac:2b:ed:d5:dc:3a:bb:d5:
         49:7a:c9:61:5f:8e:51:aa:d6:fc:b4:68:67:b9:a5:83:c1:a3:
         1b:a5:d6:11:c5:80:dc:03:4f:18:33:1d:7d:d9:20:a3:b6:d9:
         b6:ae:16:4b:4f:9b:85:71:04:41:c3:9b:0c:e8:ff:3b:7e:af:
         12:90:92:ea:4e:86:a8:3b:59:29:b6:3c:cd:38:8f:b3:53:7f:
         1a:3d:4d:4e:ef:bf:5b:a7:21:85:bb:0c:2c:a9:a3:fc:4a:01:
         3a:73:61:27:c2:af:a7:24:d0:1e:12:e3:a1:91:c7:65:34:db:
         55:2d:f5:9c:8d:04:35:92:f9:26:d8:99:69:b5:68:80:be:b4:
         93:b0:83:a0:3a:db:df:4b:de:46:e0:52:66:98:e0:8a:6b:6a:
         ee:86:30:f7:dc:6d:c1:d5:64:9d:32:0c:26:74:a0:dd:49:97:
         6d:49:e9:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MjVEQjExMC8GA1UEBRMoN0JFMjMwMTUzQ0ZGOTAwMTY0MkRCQzlCMjRGODVEMEND
MjgyMzY0RTAeFw0yMzEyMDExNzAyMjhaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NmExMWEzLTRiNmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCsr2q7vVMs1Zj0oT524WVBD0SaLzhLO8mp3P6XVynawNYFNtXhpRIqsYGYAtm3
SsZ6QQuDlrlBiMR3OIJIgE44YgSOb+8ArT9hIQwTVPbNocyEXkNCB1zDdJ7VtJfD
z88T3/yfhqXF0+pAkhK9ErciY3OcM8BI3gIioqh8J7K/FNZD9aGlkAowxJ/ZoYJA
dEbu4SvXQuLnzoXTRKuPRj7gRzlHlsV5SQebexwpYZnC8LTyx6KQuSIRCauQ9jx4
bS15LnvwTi+uIWX+p1SwDXOd/JudZlm/XLjp1ne57tgCfdj6Pq7NcRAmd7rw3ZiB
W3B7vRhUuWwaNYLUnP6MRTuBAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUmrb8mgZy
rJllBDzGMSZ1aXVnd4owHwYDVR0jBBgwFoAUe+IwFTz/kAFkLbybJPhdDMKCNk4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYyNURCLzExOTM5RDEwOTA2
OTExRUVCMjNENzQyNUM0RjlBRTAyL2UtSXdGVHpfa0FGa0xieWJKUGhkRE1LQ05r
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZS1Jd0ZUel9rQUZrTGJ5YkpQaGRETUtDTms0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MjVEQi8xMTkzOUQxMDkwNjkxMUVFQjIzRDc0MjVDNEY5QUUwMi82ODBEMzBGMDkw
NkIxMUVFOUM1REQxN0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAdJXQDAPBAIAAjAJAwcAIAEN8z1AMA0GCSqGSIb3DQEBCwUA
A4IBAQCRViCu//Bbuk0y5cBnL6/HgiPgGckTh6yO4MJGpCHlMVqerB8pf/J6DJjm
ShlCnVpZsJpVXzNhFebY81FvBVUxwYQzdzKpz/gtx65SchjSg08yrCvt1dw6u9VJ
eslhX45Rqtb8tGhnuaWDwaMbpdYRxYDcA08YMx192SCjttm2rhZLT5uFcQRBw5sM
6P87fq8SkJLqToaoO1kptjzNOI+zU38aPU1O779bpyGFuwwsqaP8SgE6c2Enwq+n
JNAeEuOhkcdlNNtVLfWcjQQ1kvkm2JlptWiAvrSTsIOgOtvfS95G4FJmmOCKa2ru
hjD33G3B1WSdMgwmdKDdSZdtSend
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:09 2024 by rpki-client on console-fra.rpki-client.org