Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/D1EA5D1EDFE311EE96DA7031C4F9AE02.roa
File:                     D1EA5D1EDFE311EE96DA7031C4F9AE02.roa (raw, json)
Hash identifier:          IzMYYqpB5syGNk8SHbKplppiLNad21zeUf8HEl86yvo=
Subject key identifier:   83:9F:13:5C:F6:37:F5:F6:2B:38:64:68:69:62:A6:24:92:81:F7:D5
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       0340
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/D1EA5D1EDFE311EE96DA7031C4F9AE02.roa
Signing time:             Fri 15 Mar 2024 21:10:55 +0000
ROA not before:           Fri 15 Mar 2024 21:10:55 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     150110
IP address blocks:        203.32.26.0/24 maxlen: 24
                          203.32.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Mar 2024 08:05:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 832 (0x340)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Mar 15 21:10:55 2024 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=65f4b95f-c00d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:38:9e:8c:99:4c:ac:41:eb:d3:bc:06:5e:2c:
                    30:41:9b:ca:59:89:11:42:d5:f7:24:5a:6b:7d:0c:
                    2c:9f:bf:75:e9:97:65:88:05:c6:86:6b:6a:cf:bb:
                    8e:97:1a:2c:1d:61:57:f2:4e:f6:7a:2b:63:b3:62:
                    f2:ae:55:9a:96:38:14:21:e4:04:65:a1:d2:2b:b2:
                    6b:db:5f:58:63:fc:55:5f:54:b0:26:18:0d:71:47:
                    1d:4e:32:57:d3:72:53:b3:fc:5c:40:54:e5:52:06:
                    35:c4:ac:d1:f7:f2:a4:4e:ca:9f:2d:90:67:2f:f6:
                    03:44:fc:63:a6:d5:a9:af:49:29:c4:75:99:2b:16:
                    ae:16:5c:bc:69:69:23:86:1d:1d:c5:17:b8:0f:d4:
                    b5:1b:31:36:43:7d:92:a8:ad:be:1c:8b:61:c6:d1:
                    68:72:6e:a5:0f:76:c2:26:d1:30:7d:e7:ae:c3:e6:
                    41:14:db:1c:8f:03:3a:b7:4b:0b:97:98:44:d9:6c:
                    31:13:b6:af:5e:18:68:b9:6a:24:5d:44:7d:d6:bf:
                    b9:58:7f:62:9f:ad:3e:2f:f5:9b:b8:82:f5:b6:32:
                    5e:5e:c7:ea:a4:40:de:c4:67:fa:ee:38:fc:bb:03:
                    da:10:58:f4:23:0f:fa:b4:9d:00:ec:ab:02:17:32:
                    9c:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:9F:13:5C:F6:37:F5:F6:2B:38:64:68:69:62:A6:24:92:81:F7:D5
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/D1EA5D1EDFE311EE96DA7031C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.26.0/24
                  203.32.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:0b:53:dd:95:54:0b:8c:06:61:d4:7c:4d:55:a2:78:3a:0b:
         1b:9d:a8:03:9b:13:e8:91:98:61:d5:5a:5d:64:ec:80:df:98:
         96:7b:a6:91:aa:56:4a:d1:19:f9:3a:95:dc:18:9c:d2:ec:4e:
         d2:d7:b7:b5:cc:22:af:42:b8:71:35:09:c4:1b:c2:25:a0:a6:
         de:df:5e:63:6c:78:c2:a9:49:ef:0a:e2:21:97:f1:4a:4f:58:
         e7:f6:8d:54:bf:60:19:49:a5:89:df:e4:d4:3b:b3:3a:73:4f:
         8b:ac:9f:11:eb:9d:a8:bd:53:52:11:d9:5f:56:9a:a2:b4:66:
         80:b5:e8:d1:f9:3c:a8:4a:93:30:9e:45:2c:26:7b:25:58:77:
         ab:0c:4d:45:b5:37:52:ad:0c:21:78:02:d5:e1:0b:a0:92:aa:
         aa:a6:5d:62:ed:b9:63:61:4e:ae:59:5e:fa:14:15:37:64:45:
         17:58:a5:54:16:e1:73:a7:b4:3f:e9:ba:03:91:ea:dc:f4:63:
         47:a2:98:a8:a5:50:13:05:d4:04:be:6c:4b:b1:65:de:52:de:
         17:dd:79:27:51:4d:ae:b9:b1:0b:fb:a4:6b:5f:87:31:20:4a:
         33:82:b5:b6:f5:d2:f4:a2:89:c3:0e:20:63:d6:e8:be:fd:8e:
         26:1f:5a:e5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA0AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQwMzE1MjExMDU1WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWY0Yjk1Zi1jMDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnjiejJlMrEHr07wGXiwwQZvKWYkRQtX3JFprfQwsn7916ZdliAXGhmtqz7uO
lxosHWFX8k72eitjs2LyrlWaljgUIeQEZaHSK7Jr219YY/xVX1SwJhgNcUcdTjJX
03JTs/xcQFTlUgY1xKzR9/KkTsqfLZBnL/YDRPxjptWpr0kpxHWZKxauFly8aWkj
hh0dxRe4D9S1GzE2Q32SqK2+HIthxtFocm6lD3bCJtEwfeeuw+ZBFNscjwM6t0sL
l5hE2WwxE7avXhhouWokXUR91r+5WH9in60+L/WbuIL1tjJeXsfqpEDexGf67jj8
uwPaEFj0Iw/6tJ0A7KsCFzKcWQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIOfE1z2
N/X2KzhkaGlipiSSgffVMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvRDFFQTVEMUVE
RkUzMTFFRTk2REE3MDMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLIBoDBADLICYwDQYJKoZIhvcNAQELBQADggEBACoLU92V
VAuMBmHUfE1Vong6CxudqAObE+iRmGHVWl1k7IDfmJZ7ppGqVkrRGfk6ldwYnNLs
TtLXt7XMIq9CuHE1CcQbwiWgpt7fXmNseMKpSe8K4iGX8UpPWOf2jVS/YBlJpYnf
5NQ7szpzT4usnxHrnai9U1IR2V9WmqK0ZoC16NH5PKhKkzCeRSwmeyVYd6sMTUW1
N1KtDCF4AtXhC6CSqqqmXWLtuWNhTq5ZXvoUFTdkRRdYpVQW4XOntD/pugOR6tz0
Y0eimKilUBMF1AS+bEuxZd5S3hfdeSdRTa65sQv7pGtfhzEgSjOCtbb10vSiicMO
IGPW6L79jiYfWuU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:46 2024 by rpki-client on console-ams.rpki-client.org