Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/170422382C1411EE97E63084C4F9AE02.roa
File:                     170422382C1411EE97E63084C4F9AE02.roa (raw, json)
Hash identifier:          OvjxbkJI2Jb7nCA50SKWHSLHMAg8682CeBosehc/ntw=
Subject key identifier:   0D:94:79:87:A1:28:A5:88:14:1A:FE:07:01:4D:0C:2C:0B:A0:C0:13
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       024B
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/170422382C1411EE97E63084C4F9AE02.roa
Signing time:             Sat 26 Aug 2023 06:34:56 +0000
ROA not before:           Sat 26 Aug 2023 06:34:56 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     9443
IP address blocks:        203.32.7.0/24 maxlen: 24
                          203.32.25.0/24 maxlen: 24
                          203.32.26.0/24 maxlen: 24
                          203.32.28.0/24 maxlen: 24
                          203.32.32.0/24 maxlen: 24
                          203.32.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Sep 2023 23:07:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 587 (0x24b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Aug 26 06:34:56 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=64e99d10-2d60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e3:6e:30:10:da:47:35:a1:1c:b7:5d:d9:a3:
                    e8:32:ef:54:ec:3d:01:e1:ef:fc:c0:6f:dd:b5:5d:
                    0a:6e:8c:d4:2f:84:57:9d:82:37:ec:b9:02:9f:bb:
                    d7:72:76:b8:06:81:99:56:b2:a2:21:61:14:2a:43:
                    b2:a0:9f:c2:59:82:d7:2d:ef:63:58:cc:b4:91:8a:
                    c6:8d:b9:1a:c4:c9:0f:40:a0:97:22:18:29:29:9d:
                    1d:d6:30:8a:f8:b3:b8:22:c1:69:f4:88:c2:91:1e:
                    05:fc:2a:a3:2f:4c:5e:d1:8a:ee:6e:f5:d7:f7:a4:
                    34:2f:56:f4:8b:f1:77:8d:ae:2d:51:71:70:c8:e8:
                    bc:3f:e3:1e:8e:3f:98:da:94:f3:d7:2c:fb:92:22:
                    82:83:66:6d:cb:60:b8:88:54:a8:5e:eb:4b:7a:10:
                    df:59:04:a7:2f:1a:3a:5c:4d:d8:cf:e0:50:ad:b8:
                    26:4b:c4:69:4d:a2:0e:0f:65:51:5b:2a:ba:69:b0:
                    18:e4:db:4b:39:02:29:21:b8:61:e9:f7:85:4d:b4:
                    7a:f4:e8:23:6b:7e:8e:c1:8a:17:b8:fb:32:9a:f7:
                    5f:86:a6:8c:ed:02:02:42:ed:2e:bc:35:d9:66:ec:
                    de:24:bc:c2:bf:19:5f:fe:5d:d5:1e:37:ce:81:79:
                    54:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:94:79:87:A1:28:A5:88:14:1A:FE:07:01:4D:0C:2C:0B:A0:C0:13
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/170422382C1411EE97E63084C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.7.0/24
                  203.32.25.0-203.32.26.255
                  203.32.28.0/24
                  203.32.32.0/24
                  203.32.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:8e:a0:e4:33:1f:2d:72:e8:42:0d:30:30:7f:81:0c:61:86:
         05:5f:46:80:e6:37:53:42:0a:0f:c2:c9:c8:db:d2:5f:35:0c:
         bc:3f:68:47:78:f6:c1:f3:7a:dd:dc:ea:94:6d:8e:28:93:d4:
         76:ad:07:2c:32:0d:29:a3:a4:6a:5c:72:f9:4a:f2:0c:e5:3e:
         3e:f8:43:15:56:8f:6d:1b:32:b7:c5:d8:05:0e:37:72:c1:77:
         9c:f4:57:3a:87:6d:63:0f:54:36:bf:5b:0f:a9:f2:16:ed:75:
         dc:a1:48:b2:95:96:80:b4:0b:c3:9e:54:4f:55:f4:80:3e:9a:
         53:a0:9c:af:d8:7d:c2:ae:2b:85:a2:b3:54:e5:dd:26:8e:71:
         f3:ec:5c:28:5f:d2:26:57:6f:02:65:a7:99:40:ad:14:72:c2:
         bd:82:e5:3d:d7:cc:e6:22:3d:b7:96:1e:b3:32:dc:b7:a9:01:
         18:60:d9:95:97:5f:3e:69:2d:a6:aa:b2:eb:33:0d:55:fb:43:
         8b:e8:53:25:fc:6a:66:66:fb:f6:40:ea:14:8d:99:32:06:11:
         0a:30:be:48:37:04:19:0a:d0:75:25:20:df:6a:17:f8:e0:c4:
         c7:6c:e7:6b:27:8a:35:db:f4:1d:95:cb:d0:b2:ac:e6:6c:65:
         99:e2:a3:6f
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICAkswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwODI2MDYzNDU2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGU5OWQxMC0yZDYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo+NuMBDaRzWhHLdd2aPoMu9U7D0B4e/8wG/dtV0KbozUL4RXnYI37LkCn7vX
cna4BoGZVrKiIWEUKkOyoJ/CWYLXLe9jWMy0kYrGjbkaxMkPQKCXIhgpKZ0d1jCK
+LO4IsFp9IjCkR4F/CqjL0xe0YrubvXX96Q0L1b0i/F3ja4tUXFwyOi8P+Mejj+Y
2pTz1yz7kiKCg2Zty2C4iFSoXutLehDfWQSnLxo6XE3Yz+BQrbgmS8RpTaIOD2VR
Wyq6abAY5NtLOQIpIbhh6feFTbR69Ogja36OwYoXuPsymvdfhqaM7QICQu0uvDXZ
ZuzeJLzCvxlf/l3VHjfOgXlUTQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFA2UeYeh
KKWIFBr+BwFNDCwLoMATMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvMTcwNDIyMzgy
QzE0MTFFRTk3RTYzMDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBADLIAcwDAMEAMsgGQMEAMsgGgMEAMsgHAMEAMsgIAMEAMsg
JjANBgkqhkiG9w0BAQsFAAOCAQEASI6g5DMfLXLoQg0wMH+BDGGGBV9GgOY3U0IK
D8LJyNvSXzUMvD9oR3j2wfN63dzqlG2OKJPUdq0HLDINKaOkalxy+UryDOU+PvhD
FVaPbRsyt8XYBQ43csF3nPRXOodtYw9UNr9bD6nyFu113KFIspWWgLQLw55UT1X0
gD6aU6Ccr9h9wq4rhaKzVOXdJo5x8+xcKF/SJldvAmWnmUCtFHLCvYLlPdfM5iI9
t5YeszLct6kBGGDZlZdfPmktpqqy6zMNVftDi+hTJfxqZmb79kDqFI2ZMgYRCjC+
SDcEGQrQdSUg32oX+ODEx2znayeKNdv0HZXL0LKs5mxlmeKjbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org