Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/6986C7C4B97611EDA5587F22C4F9AE02.roa
File:                     6986C7C4B97611EDA5587F22C4F9AE02.roa (raw, json)
Hash identifier:          XgD1iLElerAMqvEr6q9uLb5M5BL8E3uv6CwpkgU0K7s=
Subject key identifier:   17:89:0F:AE:DD:45:6F:1C:C0:8B:A4:D8:5E:FE:96:0D:F8:4F:E9:01
Certificate issuer:       /CN=A919E1AE/serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
Certificate serial:       07C5
Authority key identifier: 53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/6986C7C4B97611EDA5587F22C4F9AE02.roa
Signing time:             Tue 08 Aug 2023 21:18:15 +0000
ROA not before:           Tue 08 Aug 2023 21:18:15 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     17924
IP address blocks:        45.64.240.0/22 maxlen: 24
                          49.130.0.0/15 maxlen: 15
                          49.130.0.0/17 maxlen: 18
                          49.130.128.0/24 maxlen: 24
                          49.130.129.0/24 maxlen: 24
                          49.130.130.0/24 maxlen: 24
                          49.130.131.0/24 maxlen: 24
                          49.130.136.0/21 maxlen: 21
                          49.130.144.0/20 maxlen: 20
                          49.130.160.0/19 maxlen: 19
                          49.130.192.0/18 maxlen: 18
                          49.131.0.0/17 maxlen: 18
                          49.131.128.0/17 maxlen: 17
                          103.1.16.0/22 maxlen: 22
                          121.202.0.0/15 maxlen: 15
                          121.202.0.0/18 maxlen: 18
                          121.202.64.0/19 maxlen: 19
                          121.202.96.0/20 maxlen: 20
                          121.202.124.0/24 maxlen: 24
                          121.202.126.0/24 maxlen: 24
                          121.202.127.0/24 maxlen: 24
                          121.202.128.0/17 maxlen: 17
                          121.202.131.0/24 maxlen: 24
                          121.202.132.0/24 maxlen: 24
                          121.202.137.0/24 maxlen: 24
                          121.202.142.0/24 maxlen: 24
                          121.202.150.0/24 maxlen: 24
                          121.202.160.0/19 maxlen: 19
                          121.202.206.0/24 maxlen: 24
                          121.202.232.0/22 maxlen: 22
                          121.202.236.0/22 maxlen: 22
                          121.202.251.0/24 maxlen: 24
                          121.202.252.0/24 maxlen: 24
                          121.202.253.0/24 maxlen: 24
                          121.202.254.0/24 maxlen: 24
                          121.203.0.0/20 maxlen: 20
                          121.203.16.0/20 maxlen: 20
                          121.203.32.0/20 maxlen: 20
                          121.203.48.0/20 maxlen: 20
                          121.203.64.0/18 maxlen: 18
                          121.203.64.0/21 maxlen: 21
                          121.203.72.0/21 maxlen: 21
                          121.203.80.0/21 maxlen: 21
                          121.203.88.0/21 maxlen: 21
                          121.203.96.0/21 maxlen: 21
                          121.203.104.0/21 maxlen: 21
                          121.203.112.0/21 maxlen: 21
                          121.203.120.0/21 maxlen: 21
                          121.203.128.0/18 maxlen: 18
                          121.203.192.0/19 maxlen: 19
                          121.203.224.0/20 maxlen: 20
                          121.203.240.0/21 maxlen: 21
                          121.203.248.0/21 maxlen: 21
                          180.219.0.0/16 maxlen: 16
                          180.219.0.0/20 maxlen: 24
                          180.219.16.0/20 maxlen: 24
                          180.219.32.0/20 maxlen: 24
                          180.219.48.0/20 maxlen: 24
                          180.219.64.0/20 maxlen: 24
                          180.219.80.0/20 maxlen: 24
                          180.219.96.0/20 maxlen: 24
                          180.219.112.0/20 maxlen: 24
                          180.219.128.0/20 maxlen: 24
                          180.219.144.0/20 maxlen: 24
                          180.219.160.0/20 maxlen: 24
                          180.219.176.0/20 maxlen: 24
                          180.219.192.0/19 maxlen: 19
                          180.219.192.0/20 maxlen: 24
                          180.219.208.0/21 maxlen: 24
                          180.219.216.0/21 maxlen: 24
                          180.219.224.0/19 maxlen: 19
                          180.219.224.0/21 maxlen: 24
                          180.219.232.0/21 maxlen: 24
                          180.219.240.0/21 maxlen: 24
                          180.219.248.0/21 maxlen: 24
                          182.152.0.0/15 maxlen: 15
                          182.152.0.0/17 maxlen: 17
                          182.152.128.0/17 maxlen: 17
                          182.152.128.0/21 maxlen: 21
                          182.152.136.0/21 maxlen: 21
                          182.152.144.0/21 maxlen: 21
                          182.152.152.0/21 maxlen: 21
                          182.152.160.0/21 maxlen: 21
                          182.152.168.0/21 maxlen: 21
                          182.152.176.0/21 maxlen: 21
                          182.152.184.0/21 maxlen: 21
                          182.152.192.0/21 maxlen: 21
                          182.152.200.0/21 maxlen: 21
                          182.152.208.0/21 maxlen: 21
                          182.152.216.0/21 maxlen: 21
                          182.152.224.0/21 maxlen: 21
                          182.152.232.0/21 maxlen: 21
                          182.152.240.0/21 maxlen: 21
                          182.152.248.0/21 maxlen: 21
                          182.153.0.0/18 maxlen: 19
                          182.153.64.0/19 maxlen: 19
                          182.153.128.0/19 maxlen: 19
                          182.153.160.0/19 maxlen: 19
                          182.153.192.0/19 maxlen: 19
                          182.153.224.0/19 maxlen: 19
                          182.153.248.0/21 maxlen: 21
                          203.78.32.0/21 maxlen: 21
                          203.78.32.0/24 maxlen: 24
                          203.78.36.0/24 maxlen: 24
                          203.78.37.0/24 maxlen: 24
                          203.78.40.0/22 maxlen: 22
                          203.78.40.0/24 maxlen: 24
                          203.78.41.0/24 maxlen: 24
                          203.78.42.0/24 maxlen: 24
                          2407:b400::/32 maxlen: 32
                          2407:b400:31:11::/64 maxlen: 64
                          2407:b400:51:3::/64 maxlen: 64

Validation:               Failed, certificate revoked on Wed 27 Mar 2024 04:33:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1989 (0x7c5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919E1AE/serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
        Validity
            Not Before: Aug  8 21:18:15 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64d2b117-ddac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:6f:08:d9:df:53:bc:b4:59:29:93:84:b9:53:
                    2f:b6:63:f2:d4:71:ec:d8:51:0a:22:63:87:6f:89:
                    e7:00:fd:25:73:b2:7f:81:ba:f4:8b:f3:96:7b:db:
                    3d:45:0c:1d:37:84:2a:73:af:51:84:c0:f9:9a:43:
                    36:1c:44:1a:3c:01:1c:b5:27:6c:f0:b8:26:24:2f:
                    54:f2:22:92:45:98:a3:e2:3f:9f:2f:64:ae:64:b6:
                    c7:36:7e:ea:d7:2f:a8:1f:57:65:59:8d:a6:a8:fc:
                    a8:bb:76:f0:5a:50:a3:11:a5:17:20:cf:80:24:37:
                    9e:8b:79:98:07:53:39:07:76:ec:eb:2e:cf:02:ea:
                    27:52:12:82:76:4e:70:c3:bd:1c:cc:b9:2b:74:b4:
                    00:f0:9c:6c:78:ee:c3:b8:43:b4:f8:47:99:4d:da:
                    7a:00:b2:62:bd:05:42:9b:d0:41:1a:7c:26:5d:18:
                    c6:7f:ad:bd:2f:55:bd:7b:45:16:a4:0f:64:11:a5:
                    bd:48:65:aa:d3:75:66:5d:36:20:69:a0:06:3e:cd:
                    a0:62:fb:09:e7:a0:9b:0b:b2:11:df:f6:30:97:50:
                    46:7e:d4:4e:05:e2:80:08:94:53:1e:07:d8:28:49:
                    c4:f9:3c:09:27:0f:47:cf:e7:66:f3:47:08:1c:fa:
                    30:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:89:0F:AE:DD:45:6F:1C:C0:8B:A4:D8:5E:FE:96:0D:F8:4F:E9:01
            X509v3 Authority Key Identifier:
                keyid:53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/6986C7C4B97611EDA5587F22C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.64.240.0/22
                  49.130.0.0/15
                  103.1.16.0/22
                  121.202.0.0/15
                  180.219.0.0/16
                  182.152.0.0/15
                  203.78.32.0-203.78.43.255
                IPv6:
                  2407:b400::/32

    Signature Algorithm: sha256WithRSAEncryption
         7b:f5:93:b6:fa:99:84:89:5f:1a:f4:a3:cb:e5:ea:5a:b1:41:
         4b:db:b2:4c:1e:04:f6:ef:82:a2:ca:b0:bc:9c:59:d0:6d:07:
         50:d6:fc:8a:01:7d:07:c0:28:c8:ef:00:c2:6f:b4:b2:c5:15:
         85:e8:92:bd:dc:f5:a6:be:30:88:fe:bf:5c:eb:3b:00:e1:e0:
         7d:03:eb:7b:76:55:a0:c3:d2:d5:02:80:26:b4:ac:9f:c0:d9:
         98:8c:09:30:b7:50:7c:be:22:93:98:92:25:bd:3c:df:21:f5:
         5f:63:fb:a5:95:b5:86:80:6c:03:30:5a:24:12:22:7d:20:e7:
         f6:94:8f:8f:4e:c1:b4:5f:67:5c:b9:85:5d:49:77:91:b4:a7:
         ab:ec:ee:37:06:24:09:9c:fb:be:59:bf:05:bd:4e:ab:97:e3:
         9e:bb:10:fb:89:10:95:31:ed:9a:a4:bd:b5:c4:08:9c:e9:b5:
         de:15:26:7e:c9:91:2d:cf:56:5b:4d:bd:04:01:b0:c9:42:65:
         d3:1e:06:0d:a0:eb:e1:f2:f0:41:a9:d7:1e:42:7e:c4:ca:15:
         e6:30:a4:08:a7:d4:ae:d5:a4:d8:1e:d1:7e:56:ae:9f:5c:09:
         b5:59:23:31:02:56:b0:20:c1:da:6d:1f:15:b2:bf:c1:f1:0d:
         d4:c4:f1:11
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgICB8UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUUxQUUxMTAvBgNVBAUTKDUzQkRFMjZEODI1RjY3N0Y5QUM0Mjg2RjlBNjc2NjFG
NUM0OUI1NjkwHhcNMjMwODA4MjExODE1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQyYjExNy1kZGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5W8I2d9TvLRZKZOEuVMvtmPy1HHs2FEKImOHb4nnAP0lc7J/gbr0i/OWe9s9
RQwdN4Qqc69RhMD5mkM2HEQaPAEctSds8LgmJC9U8iKSRZij4j+fL2SuZLbHNn7q
1y+oH1dlWY2mqPyou3bwWlCjEaUXIM+AJDeei3mYB1M5B3bs6y7PAuonUhKCdk5w
w70czLkrdLQA8JxseO7DuEO0+EeZTdp6ALJivQVCm9BBGnwmXRjGf629L1W9e0UW
pA9kEaW9SGWq03VmXTYgaaAGPs2gYvsJ56CbC7IR3/Ywl1BGftROBeKACJRTHgfY
KEnE+TwJJw9Hz+dm80cIHPowoQIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFBeJD67d
RW8cwIuk2F7+lg34T+kBMB8GA1UdIwQYMBaAFFO94m2CX2d/msQob5pnZh9cSbVp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTFBRS9CNDBCQjFCOEIx
MkUxMUVBOUE5NUI1NkFDNEY5QUUwMi9VNzNpYllKZlozLWF4Q2h2bW1kbUgxeEp0
V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3M2liWUpmWjMtYXhDaHZtbWRtSDF4SnRXay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUUxQUUvQjQwQkIxQjhCMTJFMTFFQTlBOTVCNTZBQzRGOUFFMDIvNjk4NkM3QzRC
OTc2MTFFREE1NTg3RjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E
RzBFMDQEAgABMC4DBAItQPADAwExggMEAmcBEAMDAXnKAwMAtNsDAwG2mDAMAwQF
y04gAwQCy04oMA0EAgACMAcDBQAkB7QAMA0GCSqGSIb3DQEBCwUAA4IBAQB79ZO2
+pmEiV8a9KPL5epasUFL27JMHgT274KiyrC8nFnQbQdQ1vyKAX0HwCjI7wDCb7Sy
xRWF6JK93PWmvjCI/r9c6zsA4eB9A+t7dlWgw9LVAoAmtKyfwNmYjAkwt1B8viKT
mJIlvTzfIfVfY/ullbWGgGwDMFokEiJ9IOf2lI+PTsG0X2dcuYVdSXeRtKer7O43
BiQJnPu+Wb8FvU6rl+OeuxD7iRCVMe2apL21xAic6bXeFSZ+yZEtz1ZbTb0EAbDJ
QmXTHgYNoOvh8vBBqdceQn7EyhXmMKQIp9Su1aTYHtF+Vq6fXAm1WSMxAlawIMHa
bR8Vsr/B8Q3UxPER
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:49 2024 by rpki-client on console-ams.rpki-client.org