Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/02E7C9A629AC11E793618B6BC4F9AE02.roa
File:                     02E7C9A629AC11E793618B6BC4F9AE02.roa (raw, json)
Hash identifier:          Zsv/kKMxG1Mg42/9wooAIhBTIkgYHLrAjvk1hPgEhZA=
Subject key identifier:   43:1F:DB:16:CB:C4:A5:20:8A:26:3A:D2:11:29:E0:F7:A5:D8:4A:0B
Certificate issuer:       /CN=A916A447/serialNumber=1F68258C526C5DBC715434357D380020146440EF
Certificate serial:       274D
Authority key identifier: 1F:68:25:8C:52:6C:5D:BC:71:54:34:35:7D:38:00:20:14:64:40:EF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2gljFJsXbxxVDQ1fTgAIBRkQO8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/02E7C9A629AC11E793618B6BC4F9AE02.roa
Signing time:             Thu 04 Jan 2024 16:12:31 +0000
ROA not before:           Thu 04 Jan 2024 16:12:30 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     17770
IP address blocks:        182.161.0.0/19 maxlen: 19
                          202.124.160.0/21 maxlen: 21
                          202.124.168.0/21 maxlen: 21
                          2402:4000:f000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Wed 12 Jun 2024 07:42:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10061 (0x274d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916A447/serialNumber=1F68258C526C5DBC715434357D380020146440EF
        Validity
            Not Before: Jan  4 16:12:30 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=6596d8ee-86f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:61:39:38:20:bf:45:2b:42:38:a5:5c:ef:6f:
                    ca:d4:e4:2a:bc:90:e2:b9:a3:4e:a4:ff:d1:d8:3c:
                    12:98:e3:1b:d8:c4:48:50:3a:36:77:3e:b5:bd:a8:
                    e6:bf:6c:01:5f:e5:69:41:cc:39:ed:d5:30:09:87:
                    ea:a1:7e:bc:54:8b:33:92:e6:c4:ec:99:a7:4f:c6:
                    81:05:d2:8e:8d:51:08:36:60:45:23:5c:98:4d:05:
                    0a:ea:6f:aa:ab:8a:c7:9f:c7:3c:ee:2d:c4:a8:da:
                    c6:23:5d:4f:21:50:16:ab:33:8d:ba:7d:f4:82:17:
                    7e:17:31:75:05:06:0f:7f:89:32:45:41:8e:b3:33:
                    95:a3:a8:2b:b0:fa:42:31:39:5a:16:1c:c5:5c:0a:
                    28:1f:cd:88:36:92:0b:dc:3f:db:37:db:95:12:96:
                    02:b8:1e:14:51:6b:2c:d9:b1:a1:da:8c:f5:71:44:
                    b6:63:a4:f0:b8:3e:4c:4e:39:88:f9:28:05:f0:26:
                    2b:07:32:60:7f:ea:91:d2:2d:f0:cd:4b:16:15:57:
                    f7:eb:82:e7:e5:f3:90:56:56:e0:23:d0:f3:31:bd:
                    50:3f:a9:96:f9:e6:7c:d4:b4:4d:95:f9:1a:8a:d4:
                    3c:90:01:e5:bb:34:33:9b:40:cc:f9:de:5c:f5:0d:
                    03:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:1F:DB:16:CB:C4:A5:20:8A:26:3A:D2:11:29:E0:F7:A5:D8:4A:0B
            X509v3 Authority Key Identifier:
                keyid:1F:68:25:8C:52:6C:5D:BC:71:54:34:35:7D:38:00:20:14:64:40:EF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/H2gljFJsXbxxVDQ1fTgAIBRkQO8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H2gljFJsXbxxVDQ1fTgAIBRkQO8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A447/D2075814A09C11E4B50E7B15C4F9AE02/02E7C9A629AC11E793618B6BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.161.0.0/19
                  202.124.160.0/20
                IPv6:
                  2402:4000:f000::/36

    Signature Algorithm: sha256WithRSAEncryption
         69:df:f0:9b:81:0d:ae:8c:ce:14:ec:0a:cc:dd:54:2f:35:1a:
         eb:bf:37:ab:3b:e0:88:7b:ef:5b:f8:07:f2:ac:82:f3:b5:72:
         62:9b:c1:fe:c2:df:11:0a:14:83:54:b8:61:b2:29:80:a1:58:
         14:bd:82:3f:b4:b5:a6:fd:ae:81:84:1a:f9:f9:89:97:57:64:
         a4:f1:60:04:af:71:52:c7:01:2f:86:67:32:3e:2c:78:b0:09:
         6e:50:5e:d0:7e:d2:48:d3:e4:e8:b2:62:aa:c0:a7:09:24:85:
         44:c7:0f:23:81:38:fe:ca:59:6b:2f:d3:2c:76:67:1e:37:98:
         7a:0e:0f:ac:73:50:75:72:11:98:fb:75:65:84:69:30:e1:a1:
         81:52:43:82:cf:f8:45:2c:50:61:c8:eb:a0:ec:6b:1d:82:1c:
         a1:f7:9a:c0:03:0c:34:c2:2a:f9:ab:10:64:d7:3b:ca:64:c2:
         ea:96:50:43:06:2c:b3:b1:28:b8:ab:5f:cf:ff:a4:ad:eb:4c:
         92:ff:9b:e7:58:4a:76:3d:54:6f:e8:81:cf:fc:e6:58:f2:f6:
         d5:9e:e3:35:50:db:0b:0a:91:75:2b:42:ae:b0:da:d5:41:b4:
         cb:b5:6a:93:68:c8:6d:ff:1d:6d:fd:ef:e7:3f:2b:a5:8e:68:
         44:0d:9d:92
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICJ00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE0NDcxMTAvBgNVBAUTKDFGNjgyNThDNTI2QzVEQkM3MTU0MzQzNTdEMzgwMDIw
MTQ2NDQwRUYwHhcNMjQwMTA0MTYxMjMwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk2ZDhlZS04NmYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnWE5OCC/RStCOKVc72/K1OQqvJDiuaNOpP/R2DwSmOMb2MRIUDo2dz61vajm
v2wBX+VpQcw57dUwCYfqoX68VIszkubE7JmnT8aBBdKOjVEINmBFI1yYTQUK6m+q
q4rHn8c87i3EqNrGI11PIVAWqzONun30ghd+FzF1BQYPf4kyRUGOszOVo6grsPpC
MTlaFhzFXAooH82INpIL3D/bN9uVEpYCuB4UUWss2bGh2oz1cUS2Y6TwuD5MTjmI
+SgF8CYrBzJgf+qR0i3wzUsWFVf364Ln5fOQVlbgI9DzMb1QP6mW+eZ81LRNlfka
itQ8kAHluzQzm0DM+d5c9Q0DQQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFEMf2xbL
xKUgiiY60hEp4Pel2EoLMB8GA1UdIwQYMBaAFB9oJYxSbF28cVQ0NX04ACAUZEDv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTQ0Ny9EMjA3NTgxNEEw
OUMxMUU0QjUwRTdCMTVDNEY5QUUwMi9IMmdsakZKc1hieHhWRFExZlRnQUlCUmtR
TzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0gyZ2xqRkpzWGJ4eFZEUTFmVGdBSUJSa1FPOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE0NDcvRDIwNzU4MTRBMDlDMTFFNEI1MEU3QjE1QzRGOUFFMDIvMDJFN0M5QTYy
OUFDMTFFNzkzNjE4QjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMBIEAgABMAwDBAW2oQADBATKfKAwDgQCAAIwCAMGBCQCQADwMA0GCSqGSIb3
DQEBCwUAA4IBAQBp3/CbgQ2ujM4U7ArM3VQvNRrrvzerO+CIe+9b+AfyrILztXJi
m8H+wt8RChSDVLhhsimAoVgUvYI/tLWm/a6BhBr5+YmXV2Sk8WAEr3FSxwEvhmcy
Pix4sAluUF7QftJI0+TosmKqwKcJJIVExw8jgTj+yllrL9MsdmceN5h6Dg+sc1B1
chGY+3VlhGkw4aGBUkOCz/hFLFBhyOug7Gsdghyh95rAAww0wir5qxBk1zvKZMLq
llBDBiyzsSi4q1/P/6St60yS/5vnWEp2PVRv6IHP/OZY8vbVnuM1UNsLCpF1K0Ku
sNrVQbTLtWqTaMht/x1t/e/nPyuljmhEDZ2S
-----END CERTIFICATE-----
Generated at Wed Jun 12 11:19:00 2024 by rpki-client on console-fra.rpki-client.org