Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/48CF90D607D311EF92897C22C4F9AE02.roa
File:                     48CF90D607D311EF92897C22C4F9AE02.roa (raw, json)
Hash identifier:          myEk8cZqxcgj9OabWylpdEiY8LnjMJxFtebfC9JKgdY=
Subject key identifier:   B0:B1:7D:54:C3:1A:F9:42:81:DB:FC:17:A8:CF:61:8B:B4:80:6B:55
Certificate issuer:       /CN=A917CE22/serialNumber=62C4182C003EFCFA38DDAF4EF904FB04FE5B564A
Certificate serial:       06D9
Authority key identifier: 62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/48CF90D607D311EF92897C22C4F9AE02.roa
Signing time:             Wed 01 May 2024 15:55:52 +0000
ROA not before:           Wed 01 May 2024 15:55:52 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     64050
IP address blocks:        202.181.0.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 13 May 2024 10:50:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1753 (0x6d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917CE22/serialNumber=62C4182C003EFCFA38DDAF4EF904FB04FE5B564A
        Validity
            Not Before: May  1 15:55:52 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=66326607-3e33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b1:73:83:a7:62:8c:f6:c7:b6:e8:6d:5d:a0:
                    8f:e8:f5:15:ce:0a:b7:53:18:86:55:cb:d3:52:92:
                    b9:d3:0b:7a:37:70:27:ab:fd:e2:f7:4d:02:16:07:
                    f3:89:1e:57:a9:af:cc:7b:c3:83:8b:11:5d:cf:8c:
                    ec:10:3a:2d:da:ed:ef:9b:28:8e:0a:81:45:f3:60:
                    0d:2d:47:1e:3a:65:58:ff:6c:90:97:0d:8a:4c:e4:
                    de:9a:36:b2:ba:3c:92:16:c6:22:8e:df:9c:0a:57:
                    b6:8f:1d:b0:1b:b9:5a:e8:de:09:95:c9:d1:58:8e:
                    ab:26:2f:22:2b:43:d4:2c:54:5c:32:f6:dd:8d:48:
                    58:b3:ac:cd:32:6a:ea:6b:39:31:1d:2c:98:13:9f:
                    a3:76:65:01:61:b3:ad:b3:3f:6c:1a:bb:e2:05:21:
                    a8:a3:67:89:5d:5c:9c:50:21:dd:c6:ef:70:6f:a8:
                    c8:d7:d6:33:ae:b7:9a:ef:d8:69:e7:74:04:6d:d3:
                    69:73:09:c2:04:6f:79:30:a9:1d:2f:b2:28:fa:fb:
                    96:7a:9c:3c:29:26:85:1b:1f:64:3c:b1:dd:d1:cd:
                    5e:12:6e:9d:24:74:90:fa:21:ed:66:d5:68:89:88:
                    9d:3b:f6:28:3d:e1:6e:59:04:33:0d:d9:9c:8e:05:
                    a6:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:B1:7D:54:C3:1A:F9:42:81:DB:FC:17:A8:CF:61:8B:B4:80:6B:55
            X509v3 Authority Key Identifier:
                keyid:62:C4:18:2C:00:3E:FC:FA:38:DD:AF:4E:F9:04:FB:04:FE:5B:56:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/YsQYLAA-_Po43a9O-QT7BP5bVko.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YsQYLAA-_Po43a9O-QT7BP5bVko.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CE22/12FA811A177B11EB84634C36C4F9AE02/48CF90D607D311EF92897C22C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.181.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         80:5c:3b:1f:86:43:e4:91:25:be:cf:53:59:ff:45:5a:7a:04:
         61:d9:cc:82:12:c5:d7:af:64:ce:8c:46:f3:cc:71:41:06:f2:
         ce:72:6f:f6:bc:1d:a1:f4:ac:50:cd:d4:15:f1:0e:f7:88:33:
         da:70:4a:84:ea:62:41:0b:f1:8b:60:a1:7e:0b:54:75:b0:e4:
         75:ec:ac:80:61:f3:e3:ff:8c:18:c5:16:99:8e:d9:62:e3:93:
         2f:38:bb:a0:15:70:4b:b0:da:9b:00:1a:fd:34:74:5f:09:27:
         d2:cd:45:73:d7:76:44:e2:af:41:09:3a:a9:7d:82:3c:6d:df:
         9a:ac:f7:42:b0:54:15:a4:47:8c:0a:c4:d5:04:22:47:b6:bc:
         62:63:99:62:c3:61:fc:76:4d:a6:8b:22:7e:8b:71:a4:18:e8:
         a0:20:55:4a:95:38:74:67:95:e4:e9:39:ee:51:fa:ba:59:26:
         02:55:6e:a0:b9:26:50:a7:1d:ab:49:c8:60:4d:8a:53:e1:c3:
         f5:69:a6:ab:94:56:fb:42:43:35:d0:68:73:59:3a:d7:71:f8:
         6c:ba:4d:c6:1a:f7:75:a8:8c:17:2b:89:5c:8e:29:29:bc:cc:
         09:2c:a6:63:39:a6:00:1c:eb:91:0d:e3:ab:37:e5:93:2b:24:
         94:95:dc:78
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBtkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0NFMjIxMTAvBgNVBAUTKDYyQzQxODJDMDAzRUZDRkEzOEREQUY0RUY5MDRGQjA0
RkU1QjU2NEEwHhcNMjQwNTAxMTU1NTUyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMyNjYwNy0zZTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAubFzg6dijPbHtuhtXaCP6PUVzgq3UxiGVcvTUpK50wt6N3Anq/3i900CFgfz
iR5Xqa/Me8ODixFdz4zsEDot2u3vmyiOCoFF82ANLUceOmVY/2yQlw2KTOTemjay
ujySFsYijt+cCle2jx2wG7la6N4JlcnRWI6rJi8iK0PULFRcMvbdjUhYs6zNMmrq
azkxHSyYE5+jdmUBYbOtsz9sGrviBSGoo2eJXVycUCHdxu9wb6jI19Yzrrea79hp
53QEbdNpcwnCBG95MKkdL7Io+vuWepw8KSaFGx9kPLHd0c1eEm6dJHSQ+iHtZtVo
iYidO/YoPeFuWQQzDdmcjgWmsQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLCxfVTD
GvlCgdv8F6jPYYu0gGtVMB8GA1UdIwQYMBaAFGLEGCwAPvz6ON2vTvkE+wT+W1ZK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0UyMi8xMkZBODExQTE3
N0IxMUVCODQ2MzRDMzZDNEY5QUUwMi9Zc1FZTEFBLV9QbzQzYTlPLVFUN0JQNWJW
a28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lzUVlMQUEtX1BvNDNhOU8tUVQ3QlA1YlZrby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0NFMjIvMTJGQTgxMUExNzdCMTFFQjg0NjM0QzM2QzRGOUFFMDIvNDhDRjkwRDYw
N0QzMTFFRjkyODk3QzIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKtQAwDQYJKoZIhvcNAQELBQADggEBAIBcOx+GQ+SRJb7P
U1n/RVp6BGHZzIISxdevZM6MRvPMcUEG8s5yb/a8HaH0rFDN1BXxDveIM9pwSoTq
YkEL8YtgoX4LVHWw5HXsrIBh8+P/jBjFFpmO2WLjky84u6AVcEuw2psAGv00dF8J
J9LNRXPXdkTir0EJOql9gjxt35qs90KwVBWkR4wKxNUEIke2vGJjmWLDYfx2TaaL
In6LcaQY6KAgVUqVOHRnleTpOe5R+rpZJgJVbqC5JlCnHatJyGBNilPhw/VppquU
VvtCQzXQaHNZOtdx+Gy6TcYa93WojBcriVyOKSm8zAkspmM5pgAc65EN46s35ZMr
JJSV3Hg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org