Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/615256767E1711ED9825061BC4F9AE02.roa
File:                     615256767E1711ED9825061BC4F9AE02.roa (raw, json)
Hash identifier:          UIQQZseWz9ap8JTMoDK0GH7KeYFFMXI+47Er0UM+NcU=
Subject key identifier:   D5:A1:16:EF:AD:97:F1:0C:F2:03:36:6A:3A:FF:59:3F:93:70:EA:B0
Certificate issuer:       /CN=A9171634/serialNumber=3FC971292CE91A591A8CDFA7D1AE09CA46E03E87
Certificate serial:       3341
Authority key identifier: 3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/615256767E1711ED9825061BC4F9AE02.roa
Signing time:             Tue 02 May 2023 15:10:40 +0000
ROA not before:           Tue 02 May 2023 15:10:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     37989
IP address blocks:        203.123.48.0/21 maxlen: 27
                          2405:fc00::/32 maxlen: 48

Validation:               Failed, certificate revoked on Sun 28 May 2023 08:20:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13121 (0x3341)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9171634/serialNumber=3FC971292CE91A591A8CDFA7D1AE09CA46E03E87
        Validity
            Not Before: May  2 15:10:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=645127ef-7690
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:f3:44:12:b3:5e:f9:21:ad:d3:9b:83:99:ef:
                    66:77:f8:38:1b:e3:34:7e:6e:1e:6c:8d:10:19:01:
                    08:ab:92:67:e3:2d:36:b7:ea:0f:8c:0e:91:f4:0a:
                    33:5b:66:e1:f8:be:db:d5:10:e4:c3:f8:6c:63:5c:
                    37:52:be:02:91:ca:3f:f2:21:98:92:68:46:a1:e8:
                    10:7f:35:1f:b0:98:7e:be:f6:9c:80:b7:44:6e:c2:
                    f0:ef:3f:6f:64:28:48:b3:9d:5d:ae:7d:c6:36:a7:
                    12:0d:95:76:7f:8d:41:b2:f7:d1:f7:1f:b7:7d:30:
                    b1:37:2d:52:4f:14:96:4b:8b:09:4f:70:34:0d:d0:
                    30:f6:7e:d4:31:ac:ee:8c:49:bc:9a:f0:f6:62:b7:
                    4a:a2:fc:a5:ab:9d:be:7b:1f:bc:99:4c:2c:e7:54:
                    5f:5e:7a:c6:7d:d4:b8:b9:ac:d2:27:dc:ee:c5:4c:
                    7d:8c:b6:49:b9:c9:05:d9:86:ea:70:20:12:25:64:
                    c7:73:89:2d:32:07:4b:27:8d:7c:f7:5e:f9:b2:2a:
                    48:5b:1f:3a:1f:56:3e:3e:1d:f8:ac:a8:43:98:ae:
                    37:bd:57:d6:01:79:ac:84:2e:14:ca:0e:fd:75:a0:
                    43:c8:54:ac:37:58:a0:33:81:c1:a8:c1:0c:8d:53:
                    8e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:A1:16:EF:AD:97:F1:0C:F2:03:36:6A:3A:FF:59:3F:93:70:EA:B0
            X509v3 Authority Key Identifier:
                keyid:3F:C9:71:29:2C:E9:1A:59:1A:8C:DF:A7:D1:AE:09:CA:46:E0:3E:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/P8lxKSzpGlkajN-n0a4JykbgPoc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P8lxKSzpGlkajN-n0a4JykbgPoc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171634/942B83BC1D9011E2A36166F008B02CD2/615256767E1711ED9825061BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.123.48.0/21
                IPv6:
                  2405:fc00::/32

    Signature Algorithm: sha256WithRSAEncryption
         42:34:01:15:73:8e:94:56:09:fb:36:bd:ab:c8:10:d2:03:5e:
         b0:7d:2b:0f:61:05:7c:24:a7:6a:54:b4:80:bc:e2:4c:dd:1e:
         42:a5:88:c4:24:b8:21:e6:b0:72:e5:35:ae:ce:95:95:4d:fb:
         28:f4:12:ea:a9:b3:88:03:02:29:fc:94:35:41:4a:e7:0b:db:
         13:65:10:93:38:6a:8c:30:61:c7:09:7a:5f:0d:9d:15:e5:1a:
         cb:74:1c:29:f1:2a:6c:8a:e4:eb:7a:92:71:46:22:5e:db:6f:
         41:29:12:61:4a:91:24:cf:91:ea:ff:5c:66:d8:f1:ae:13:ee:
         54:ca:21:f9:b1:78:8f:62:c6:5b:30:ff:98:d4:32:86:51:8a:
         8d:9e:fc:94:54:f7:4e:d8:c7:ce:b9:41:74:1f:8f:83:eb:cf:
         5f:1f:fb:d5:b5:69:c2:5a:71:61:1e:87:b2:2d:bc:8b:7e:d4:
         c4:33:6c:b5:09:f4:82:dd:42:5d:76:f0:01:f3:8e:62:ab:79:
         9f:05:b4:92:10:cf:81:83:2e:44:55:a3:c5:16:8d:bd:4b:55:
         61:e4:ac:6a:7d:fc:b8:20:87:24:44:e8:e1:8e:95:dc:4e:c7:
         9a:0a:4e:f3:7e:34:8c:f6:63:f3:3f:74:3a:34:df:77:0e:9f:
         c2:ca:5e:95
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICM0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE2MzQxMTAvBgNVBAUTKDNGQzk3MTI5MkNFOTFBNTkxQThDREZBN0QxQUUwOUNB
NDZFMDNFODcwHhcNMjMwNTAyMTUxMDQwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUxMjdlZi03NjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3/NEErNe+SGt05uDme9md/g4G+M0fm4ebI0QGQEIq5Jn4y02t+oPjA6R9Aoz
W2bh+L7b1RDkw/hsY1w3Ur4Ckco/8iGYkmhGoegQfzUfsJh+vvacgLdEbsLw7z9v
ZChIs51drn3GNqcSDZV2f41BsvfR9x+3fTCxNy1STxSWS4sJT3A0DdAw9n7UMazu
jEm8mvD2YrdKovylq52+ex+8mUws51RfXnrGfdS4uazSJ9zuxUx9jLZJuckF2Ybq
cCASJWTHc4ktMgdLJ4189175sipIWx86H1Y+Ph34rKhDmK43vVfWAXmshC4Uyg79
daBDyFSsN1igM4HBqMEMjVOOxwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFNWhFu+t
l/EM8gM2ajr/WT+TcOqwMB8GA1UdIwQYMBaAFD/JcSks6RpZGozfp9GuCcpG4D6H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTYzNC85NDJCODNCQzFE
OTAxMUUyQTM2MTY2RjAwOEIwMkNEMi9QOGx4S1N6cEdsa2FqTi1uMGE0SnlrYmdQ
b2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A4bHhLU3pwR2xrYWpOLW4wYTRKeWtiZ1BvYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE2MzQvOTQyQjgzQkMxRDkwMTFFMkEzNjE2NkYwMDhCMDJDRDIvNjE1MjU2NzY3
RTE3MTFFRDk4MjUwNjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAPLezAwDQQCAAIwBwMFACQF/AAwDQYJKoZIhvcNAQELBQAD
ggEBAEI0ARVzjpRWCfs2vavIENIDXrB9Kw9hBXwkp2pUtIC84kzdHkKliMQkuCHm
sHLlNa7OlZVN+yj0Euqps4gDAin8lDVBSucL2xNlEJM4aowwYccJel8NnRXlGst0
HCnxKmyK5Ot6knFGIl7bb0EpEmFKkSTPker/XGbY8a4T7lTKIfmxeI9ixlsw/5jU
MoZRio2e/JRU907Yx865QXQfj4Prz18f+9W1acJacWEeh7ItvIt+1MQzbLUJ9ILd
Ql128AHzjmKreZ8FtJIQz4GDLkRVo8UWjb1LVWHkrGp9/LgghyRE6OGOldxOx5oK
TvN+NIz2Y/M/dDo033cOn8LKXpU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org