Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/6CEDCBCA389611EEB0C2A164C4F9AE02.roa
File:                     6CEDCBCA389611EEB0C2A164C4F9AE02.roa (raw, json)
Hash identifier:          PMcU3WFOADVM6866vJrW+czJQpHJOQbM4ByfUsP3Mv8=
Subject key identifier:   22:7E:5F:08:20:13:28:42:77:A2:1A:36:05:BB:8E:A7:61:7D:57:B1
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       023E
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/6CEDCBCA389611EEB0C2A164C4F9AE02.roa
Signing time:             Fri 11 Aug 2023 22:29:06 +0000
ROA not before:           Fri 11 Aug 2023 22:29:06 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     197450
IP address blocks:        203.32.25.0/24 maxlen: 24
                          203.32.28.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 26 Aug 2023 06:32:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 574 (0x23e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Aug 11 22:29:06 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=64d6b632-a41b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:31:87:60:98:77:25:ed:a9:17:e5:18:5b:b3:
                    4f:2a:13:49:38:04:51:75:2e:ac:3d:b4:ec:0b:52:
                    cd:72:47:6e:93:eb:95:85:50:3a:27:24:ed:27:31:
                    ce:6d:b8:db:7d:e3:a4:0d:b8:bf:f9:4a:6c:cb:58:
                    2c:f5:1f:a7:92:f3:ae:96:00:d5:3a:6a:79:e7:b0:
                    02:bb:50:a5:5d:12:16:45:c1:ce:d5:6e:68:e5:8c:
                    c4:69:39:4e:c5:da:d2:b4:33:af:65:d8:c6:f3:b6:
                    ea:0c:2a:af:fb:ff:8d:53:4e:95:90:19:7b:b6:af:
                    7f:e6:d3:7c:e6:66:2b:5a:3f:b0:23:c9:2e:f7:3b:
                    94:e8:37:c2:c3:88:81:9e:32:9b:49:29:33:f5:ab:
                    d7:3e:d4:dc:75:e9:79:9e:c2:f3:3c:8b:4e:d6:8f:
                    3a:49:05:a9:04:51:72:be:4c:b0:c5:06:6c:0c:5b:
                    f7:72:f1:cc:e8:c8:06:7c:d7:55:a4:bc:5f:c9:90:
                    e9:cc:64:93:fe:47:1f:90:20:59:21:0b:ef:79:65:
                    3d:d0:1b:1d:e4:ce:ab:b1:20:40:2b:ee:8a:db:6f:
                    7d:26:9e:f9:11:78:50:a9:94:fb:ef:49:06:ab:30:
                    81:a1:dd:00:e8:83:fc:c5:d9:b4:b8:d2:8e:a6:bd:
                    6c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:7E:5F:08:20:13:28:42:77:A2:1A:36:05:BB:8E:A7:61:7D:57:B1
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/6CEDCBCA389611EEB0C2A164C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.25.0/24
                  203.32.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:d4:59:34:3b:47:d9:8e:1f:e2:38:5b:0a:8b:aa:70:d6:b8:
         76:00:66:7e:a8:63:06:57:d9:68:2b:8c:57:6c:54:f2:9d:08:
         47:68:9e:1e:03:82:7f:b0:66:ea:94:39:75:1d:d7:fa:5a:5e:
         16:41:c4:8d:70:f5:20:0e:88:2d:75:41:ae:e7:97:fe:36:72:
         b8:51:f0:1d:28:65:80:47:09:1d:f0:57:2f:cf:65:af:2e:72:
         d6:f2:a8:2c:2c:36:eb:a9:20:1b:30:49:f0:b6:15:76:dc:66:
         bd:1e:a5:b5:65:98:0a:18:04:ec:a1:7d:73:7e:40:4c:9c:ee:
         cf:39:d4:2d:2f:b3:6b:d1:1c:e8:12:05:8e:2f:54:70:1f:41:
         10:9c:b1:5f:f7:a2:f6:85:98:9c:25:a2:d1:c6:25:70:19:bf:
         33:11:ac:8b:5b:d5:c0:29:49:cf:2d:34:27:a6:af:72:1e:8f:
         fd:68:90:d6:89:88:f7:c3:27:00:48:91:6b:ed:5f:9c:21:99:
         96:ed:2d:51:ad:6d:0e:ee:7c:5a:18:57:ed:b6:4b:09:71:7b:
         57:97:18:7a:bf:f7:a5:8c:53:ff:60:4b:57:ab:74:39:2c:e3:
         c3:3d:5e:bc:66:c8:df:5f:a8:77:56:c4:15:b1:4a:13:f6:4c:
         3e:28:06:36
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAj4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwODExMjIyOTA2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ2YjYzMi1hNDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAszGHYJh3Je2pF+UYW7NPKhNJOARRdS6sPbTsC1LNckduk+uVhVA6JyTtJzHO
bbjbfeOkDbi/+Upsy1gs9R+nkvOulgDVOmp557ACu1ClXRIWRcHO1W5o5YzEaTlO
xdrStDOvZdjG87bqDCqv+/+NU06VkBl7tq9/5tN85mYrWj+wI8ku9zuU6DfCw4iB
njKbSSkz9avXPtTcdel5nsLzPItO1o86SQWpBFFyvkywxQZsDFv3cvHM6MgGfNdV
pLxfyZDpzGST/kcfkCBZIQvveWU90Bsd5M6rsSBAK+6K2299Jp75EXhQqZT770kG
qzCBod0A6IP8xdm0uNKOpr1sjwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCJ+Xwgg
EyhCd6IaNgW7jqdhfVexMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNkNFRENCQ0Ez
ODk2MTFFRUIwQzJBMTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLIBkDBADLIBwwDQYJKoZIhvcNAQELBQADggEBAJrUWTQ7
R9mOH+I4WwqLqnDWuHYAZn6oYwZX2WgrjFdsVPKdCEdonh4Dgn+wZuqUOXUd1/pa
XhZBxI1w9SAOiC11Qa7nl/42crhR8B0oZYBHCR3wVy/PZa8uctbyqCwsNuupIBsw
SfC2FXbcZr0epbVlmAoYBOyhfXN+QEyc7s851C0vs2vRHOgSBY4vVHAfQRCcsV/3
ovaFmJwlotHGJXAZvzMRrItb1cApSc8tNCemr3Iej/1okNaJiPfDJwBIkWvtX5wh
mZbtLVGtbQ7ufFoYV+22Swlxe1eXGHq/96WMU/9gS1erdDks48M9XrxmyN9fqHdW
xBWxShP2TD4oBjY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org