Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/A0304A265D9E11EEA51C1383C4F9AE02.roa
File:                     A0304A265D9E11EEA51C1383C4F9AE02.roa (raw, json)
Hash identifier:          0AYFQy60tbTcT/RT/kvBT6ygUaxFz2l7xDTAd8tzJOU=
Subject key identifier:   2F:69:44:D5:50:B7:7E:7F:65:2C:B9:FA:4D:D8:CC:C7:CA:41:D2:AB
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       0280
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/A0304A265D9E11EEA51C1383C4F9AE02.roa
Signing time:             Thu 28 Sep 2023 01:30:37 +0000
ROA not before:           Thu 28 Sep 2023 01:30:37 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        203.32.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 31 Oct 2023 22:57:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 640 (0x280)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Sep 28 01:30:37 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=6514d73d-4118
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:d8:d5:aa:e9:5c:50:ff:9a:40:5e:07:e6:2e:
                    0d:8c:a0:c1:72:b4:37:52:8a:df:ec:c4:35:e9:7f:
                    d3:f0:10:8a:09:22:fd:b6:52:17:13:1d:a1:a3:5c:
                    e0:32:c9:49:67:1e:68:91:47:81:42:18:f4:c7:80:
                    d0:4e:ad:cd:86:10:40:89:ff:95:4c:cf:03:13:01:
                    9d:73:d1:2b:83:1a:f7:2d:70:1c:59:a3:2f:9e:f2:
                    a4:45:6f:62:55:09:71:66:ff:ac:3e:89:4a:e3:7c:
                    c8:c5:0e:1e:bb:04:95:5a:5a:90:1e:e6:4a:fe:1b:
                    ff:96:3a:d3:9a:95:d6:ca:c0:bb:27:65:8c:c3:ea:
                    68:28:d0:60:8f:fb:de:91:1c:2e:ab:11:26:ff:f6:
                    ce:e0:b3:27:cc:46:8a:f2:94:b5:ba:83:1f:a5:41:
                    a6:0a:8c:c1:04:66:7f:b5:68:ff:b7:ba:0a:67:af:
                    ce:12:6f:da:17:5e:db:c8:53:40:20:c9:e8:8e:d3:
                    41:ee:5a:93:05:b8:db:13:02:51:b2:5e:2e:7b:b6:
                    9f:66:31:9a:5f:ce:a6:2d:86:8f:57:3d:1b:10:b3:
                    b2:16:8d:b9:7e:97:09:d8:99:ee:70:8f:8a:d0:15:
                    ac:58:42:2d:09:d3:a4:30:d0:47:8e:d7:9c:d1:63:
                    5f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:69:44:D5:50:B7:7E:7F:65:2C:B9:FA:4D:D8:CC:C7:CA:41:D2:AB
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/A0304A265D9E11EEA51C1383C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:7e:32:3e:4a:02:81:c8:fa:f3:81:4c:f3:f0:fb:ee:29:c0:
         7b:7b:30:c8:8f:3f:90:72:c8:15:0c:09:70:ce:ba:d2:b1:c9:
         99:60:1c:69:f8:d7:1c:2a:f4:7b:81:d1:62:d1:22:88:dd:72:
         10:6e:d3:d4:2e:33:a1:ac:66:23:08:01:97:4e:ef:e2:e6:a7:
         83:20:e8:c3:dc:7f:54:78:a6:95:bf:7a:7d:0b:08:d5:1b:c3:
         0a:59:07:72:d7:25:e0:66:14:6f:f1:2c:75:66:47:28:4f:75:
         76:c7:a9:cc:e0:a7:79:17:c3:c7:94:85:59:2d:ad:a2:4c:1c:
         ef:c7:8e:d0:04:25:5d:b7:18:02:c8:09:4b:63:d7:8b:75:ab:
         93:df:94:aa:4f:5e:04:e2:1f:59:f3:bd:af:0a:b2:dd:10:df:
         ef:22:27:85:33:5d:9a:f9:49:4d:67:cc:10:45:3e:af:42:c7:
         4a:20:9b:bc:07:04:20:e7:26:54:7d:85:25:10:87:18:d3:dc:
         f3:1b:6f:66:57:c3:65:85:7f:4b:9a:d0:d8:d7:30:2e:4d:4f:
         3e:e2:7c:14:d4:65:ca:ec:7e:aa:93:4d:d7:73:16:dd:5e:2e:
         ce:72:5d:6c:d2:1c:b9:91:31:e5:5e:af:ec:fd:74:10:2d:7a:
         9a:14:de:b6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAoAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwOTI4MDEzMDM3WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE0ZDczZC00MTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAytjVqulcUP+aQF4H5i4NjKDBcrQ3Uorf7MQ16X/T8BCKCSL9tlIXEx2ho1zg
MslJZx5okUeBQhj0x4DQTq3NhhBAif+VTM8DEwGdc9Ergxr3LXAcWaMvnvKkRW9i
VQlxZv+sPolK43zIxQ4euwSVWlqQHuZK/hv/ljrTmpXWysC7J2WMw+poKNBgj/ve
kRwuqxEm//bO4LMnzEaK8pS1uoMfpUGmCozBBGZ/tWj/t7oKZ6/OEm/aF17byFNA
IMnojtNB7lqTBbjbEwJRsl4ue7afZjGaX86mLYaPVz0bELOyFo25fpcJ2JnucI+K
0BWsWEItCdOkMNBHjtec0WNfywIDAQABo4IClTCCApEwHQYDVR0OBBYEFC9pRNVQ
t35/ZSy5+k3YzMfKQdKrMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvQTAzMDRBMjY1
RDlFMTFFRUE1MUMxMzgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIBkwDQYJKoZIhvcNAQELBQADggEBAId+Mj5KAoHI+vOB
TPPw++4pwHt7MMiPP5ByyBUMCXDOutKxyZlgHGn41xwq9HuB0WLRIojdchBu09Qu
M6GsZiMIAZdO7+Lmp4Mg6MPcf1R4ppW/en0LCNUbwwpZB3LXJeBmFG/xLHVmRyhP
dXbHqczgp3kXw8eUhVktraJMHO/HjtAEJV23GALICUtj14t1q5PflKpPXgTiH1nz
va8Kst0Q3+8iJ4UzXZr5SU1nzBBFPq9Cx0ogm7wHBCDnJlR9hSUQhxjT3PMbb2ZX
w2WFf0ua0NjXMC5NTz7ifBTUZcrsfqqTTddzFt1eLs5yXWzSHLmRMeVer+z9dBAt
epoU3rY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org