Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/FAC6E68067E411ED8B778E73C4F9AE02.roa
File:                     FAC6E68067E411ED8B778E73C4F9AE02.roa (raw, json)
Hash identifier:          4zJmxjl5rg2Ez3l1z1qKu4xZ/6AZDQG1TLXu9f5yn/Q=
Subject key identifier:   F4:19:AF:C4:E1:4D:47:26:E7:7A:14:68:02:2B:76:14:7E:C1:64:BA
Certificate issuer:       /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial:       01FD
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/FAC6E68067E411ED8B778E73C4F9AE02.roa
Signing time:             Thu 01 Jun 2023 06:54:46 +0000
ROA not before:           Thu 01 Jun 2023 06:54:46 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     135073
IP address blocks:        203.32.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 21 Sep 2023 00:18:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 509 (0x1fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
        Validity
            Not Before: Jun  1 06:54:46 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=647840b6-6897
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:7c:fd:8b:9f:ec:b5:a5:73:4b:6e:eb:d4:0d:
                    12:76:09:3d:11:44:62:da:f1:fe:40:fe:f8:28:26:
                    f1:25:54:18:93:7d:e2:a6:50:f6:87:63:8a:c8:64:
                    39:eb:6b:f5:b7:f5:59:6b:58:0c:8a:2a:28:14:ee:
                    81:c3:c8:48:63:63:81:f9:2b:f0:46:ce:55:f4:22:
                    5f:02:dc:75:b1:4d:8d:6a:24:af:8b:a7:68:84:17:
                    8e:f7:6b:34:77:a9:d9:24:d7:c8:2b:24:de:f7:d7:
                    33:51:a6:e8:0b:0a:58:5c:ef:af:29:c1:a7:dd:cd:
                    1f:71:8e:bb:87:3d:80:be:92:4e:ea:61:d5:69:56:
                    bb:0c:c2:2d:51:06:93:48:dd:15:0d:cf:90:4c:5c:
                    62:00:14:86:cc:a8:9d:b1:96:59:f5:52:95:66:1f:
                    71:1a:a4:04:81:66:08:18:ca:93:93:9b:15:ce:bf:
                    50:de:c8:ba:ac:0b:ed:9f:4d:24:fc:81:49:48:b2:
                    ce:ff:05:b9:99:78:66:9f:5c:90:0b:fd:9f:e6:ea:
                    2c:b4:fd:8d:80:cb:ad:1d:b6:01:22:73:7e:62:81:
                    9c:ce:a3:73:d9:e3:ea:64:d0:57:65:f9:88:8d:76:
                    c3:a9:25:48:95:3f:b1:07:df:39:67:32:ec:71:d7:
                    85:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:19:AF:C4:E1:4D:47:26:E7:7A:14:68:02:2B:76:14:7E:C1:64:BA
            X509v3 Authority Key Identifier:
                keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/FAC6E68067E411ED8B778E73C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.32.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:de:2f:81:24:39:23:f6:1d:78:a5:fa:3d:81:85:bb:71:cf:
         06:4a:60:94:05:13:b0:59:5d:8d:a2:2e:6b:1e:47:f0:5d:5a:
         fd:0e:4d:b7:c8:b4:c3:44:a6:84:57:d0:a0:8e:34:a9:75:11:
         52:fe:38:fa:f0:40:a8:ca:f5:b7:5e:24:c5:ec:02:1d:4f:2c:
         03:bc:96:22:9c:7d:e0:09:b4:2a:28:4a:88:02:90:89:59:15:
         ad:5e:27:21:d8:32:ab:6d:fd:73:56:64:88:30:e4:59:fa:82:
         e9:ae:4f:02:ed:e0:7d:78:6c:e5:84:1a:ea:9c:4b:9b:7d:0f:
         d9:a7:80:c3:19:07:05:43:c1:2d:70:05:4d:62:37:84:23:44:
         b8:35:c2:9a:34:cb:97:16:da:cc:da:c0:26:10:08:ef:ad:9e:
         ad:48:3d:59:34:48:99:58:7e:ba:5f:fb:d6:cb:e1:7a:20:a0:
         1a:bf:7b:24:53:22:f3:66:84:6b:f1:0a:a4:52:32:0e:e8:79:
         da:5e:ab:61:47:29:2b:b3:6a:1d:3d:65:ff:84:2d:86:8d:f0:
         5d:81:bb:0e:c0:b8:8c:60:2a:52:a9:0f:b5:f4:3d:da:71:a1:
         ab:22:74:a5:49:14:12:5b:79:10:f0:1a:6f:e1:4c:ca:7c:99:
         c0:10:8c:c4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwNjAxMDY1NDQ2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc4NDBiNi02ODk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyHz9i5/staVzS27r1A0Sdgk9EURi2vH+QP74KCbxJVQYk33iplD2h2OKyGQ5
62v1t/VZa1gMiiooFO6Bw8hIY2OB+SvwRs5V9CJfAtx1sU2NaiSvi6dohBeO92s0
d6nZJNfIKyTe99czUaboCwpYXO+vKcGn3c0fcY67hz2AvpJO6mHVaVa7DMItUQaT
SN0VDc+QTFxiABSGzKidsZZZ9VKVZh9xGqQEgWYIGMqTk5sVzr9Q3si6rAvtn00k
/IFJSLLO/wW5mXhmn1yQC/2f5uostP2NgMutHbYBInN+YoGczqNz2ePqZNBXZfmI
jXbDqSVIlT+xB985ZzLscdeFiwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPQZr8Th
TUcm53oUaAIrdhR+wWS6MB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvRkFDNkU2ODA2
N0U0MTFFRDhCNzc4RTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLICgwDQYJKoZIhvcNAQELBQADggEBAHHeL4EkOSP2HXil
+j2BhbtxzwZKYJQFE7BZXY2iLmseR/BdWv0OTbfItMNEpoRX0KCONKl1EVL+OPrw
QKjK9bdeJMXsAh1PLAO8liKcfeAJtCooSogCkIlZFa1eJyHYMqtt/XNWZIgw5Fn6
gumuTwLt4H14bOWEGuqcS5t9D9mngMMZBwVDwS1wBU1iN4QjRLg1wpo0y5cW2sza
wCYQCO+tnq1IPVk0SJlYfrpf+9bL4XogoBq/eyRTIvNmhGvxCqRSMg7oedpeq2FH
KSuzah09Zf+ELYaN8F2Buw7AuIxgKlKpD7X0PdpxoasidKVJFBJbeRDwGm/hTMp8
mcAQjMQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org