Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/23AEB186BE8911EDAA7DD379C4F9AE02.roa
File:                     23AEB186BE8911EDAA7DD379C4F9AE02.roa (raw, json)
Hash identifier:          nVjeTSrgbqssYgAJw3FCInSFuOA1NFYv4wSY+1dsNy4=
Subject key identifier:   E4:E0:AE:A0:E1:05:31:86:D0:6C:EB:C5:DF:7B:4E:01:D2:DE:FC:7E
Certificate issuer:       /CN=A91A4C60/serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099
Certificate serial:       0D12
Authority key identifier: 9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/23AEB186BE8911EDAA7DD379C4F9AE02.roa
Signing time:             Fri 24 Nov 2023 17:31:06 +0000
ROA not before:           Fri 24 Nov 2023 17:31:06 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     209554
IP address blocks:        2001:df1:4580::/48 maxlen: 48
                          2405:84c0::/48 maxlen: 48
                          2405:84c0:2000::/36 maxlen: 40
                          2405:84c0:4000::/36 maxlen: 40
                          2405:84c0:5000::/36 maxlen: 40
                          2405:84c0:6800::/40 maxlen: 44
                          2405:84c0:6f00::/40 maxlen: 44

Validation:               Failed, certificate revoked on Wed 13 Dec 2023 13:32:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3346 (0xd12)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A4C60/serialNumber=9EF9E4376E36653275C7963598D6B45B70AF8099
        Validity
            Not Before: Nov 24 17:31:06 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=6560ddda-8068
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:26:1c:3a:12:c7:e5:c6:96:59:dc:2d:a7:66:
                    62:0a:fe:11:5c:13:c9:98:e6:f0:8e:26:75:2b:bc:
                    2a:8e:31:35:00:62:7a:7e:d0:44:cd:48:ad:e9:ba:
                    b2:c6:bc:de:69:f3:0d:ee:5e:9a:06:cf:dd:4f:98:
                    21:de:b1:3b:cd:35:77:2a:c7:bd:65:18:77:77:03:
                    18:d7:89:47:9e:ef:c8:c0:5b:5c:ec:42:58:f4:9d:
                    c3:68:48:54:45:30:7f:2f:62:2d:40:a6:77:65:43:
                    3b:19:ae:af:a8:41:91:2c:cc:ee:c9:37:70:14:0b:
                    d4:2b:f3:34:c2:62:29:a0:c9:3d:7a:70:cc:c2:9e:
                    41:e0:7b:a5:be:e5:bb:1f:53:68:97:41:fd:cd:6e:
                    58:8b:c4:9f:32:c5:8c:8e:09:6a:4f:87:83:2a:3b:
                    35:2c:f7:aa:8d:ee:7e:f4:39:3d:b2:f3:aa:55:81:
                    d1:46:00:58:d5:b5:06:1f:0c:b6:b9:d8:41:84:18:
                    60:01:e3:62:da:8d:23:f9:4f:36:fe:a5:e6:e3:61:
                    1c:40:2a:96:33:75:03:59:25:46:69:17:b2:c8:36:
                    9b:bf:90:00:ec:33:dd:a0:cd:5d:17:9c:6b:6e:86:
                    bb:fc:59:a6:51:77:c3:46:2a:6c:25:e4:5c:63:60:
                    f0:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:E0:AE:A0:E1:05:31:86:D0:6C:EB:C5:DF:7B:4E:01:D2:DE:FC:7E
            X509v3 Authority Key Identifier:
                keyid:9E:F9:E4:37:6E:36:65:32:75:C7:96:35:98:D6:B4:5B:70:AF:80:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvnkN242ZTJ1x5Y1mNa0W3CvgJk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4C60/B526FF74D84111E9A4521413C4F9AE02/23AEB186BE8911EDAA7DD379C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df1:4580::/48
                  2405:84c0::/48
                  2405:84c0:2000::/36
                  2405:84c0:4000::/35
                  2405:84c0:6800::/40
                  2405:84c0:6f00::/40

    Signature Algorithm: sha256WithRSAEncryption
         1d:96:52:cc:0f:92:44:c5:a0:a6:b2:23:bb:51:b1:6c:f6:e0:
         d8:85:09:55:19:91:30:74:80:a1:f9:68:1b:27:64:22:cc:d6:
         f8:3c:c4:cb:0f:e1:57:8e:c7:5a:1d:7a:55:8c:6d:43:4a:e0:
         92:a7:eb:ef:c2:13:42:a9:89:b8:0e:10:23:f0:ef:68:15:18:
         ae:c0:16:3e:9f:1e:29:06:6f:95:8a:5d:1d:ab:80:a5:68:14:
         1f:4d:01:57:c0:65:73:8d:a1:75:15:44:24:57:4d:ec:9b:76:
         be:47:a6:b5:09:ca:2e:fd:7c:85:2f:6e:c3:1d:0d:2f:91:ee:
         26:28:f9:91:08:1a:8b:bf:73:aa:b3:6c:90:f9:92:64:6c:5d:
         1a:9e:e8:73:3b:72:8c:31:bb:6b:43:b7:cf:3d:8f:c5:6b:bc:
         69:b1:d4:75:cf:30:c5:f2:39:85:54:8d:05:65:83:40:ba:b9:
         11:19:b8:6c:76:20:2d:fd:03:31:bd:fc:45:40:5f:59:8b:bf:
         6b:3d:2f:c8:a3:60:a0:68:f0:3a:37:62:25:05:3b:ab:5f:16:
         53:56:1d:53:00:6e:4c:1f:27:20:a9:4c:94:9f:61:08:4b:ef:
         5d:d2:99:62:0a:8d:90:68:23:57:85:93:ee:1a:89:d8:71:bd:
         f7:89:8e:36
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICDRIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRDNjAxMTAvBgNVBAUTKDlFRjlFNDM3NkUzNjY1MzI3NUM3OTYzNTk4RDZCNDVC
NzBBRjgwOTkwHhcNMjMxMTI0MTczMTA2WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTYwZGRkYS04MDY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxyYcOhLH5caWWdwtp2ZiCv4RXBPJmObwjiZ1K7wqjjE1AGJ6ftBEzUit6bqy
xrzeafMN7l6aBs/dT5gh3rE7zTV3Kse9ZRh3dwMY14lHnu/IwFtc7EJY9J3DaEhU
RTB/L2ItQKZ3ZUM7Ga6vqEGRLMzuyTdwFAvUK/M0wmIpoMk9enDMwp5B4HulvuW7
H1Nol0H9zW5Yi8SfMsWMjglqT4eDKjs1LPeqje5+9Dk9svOqVYHRRgBY1bUGHwy2
udhBhBhgAeNi2o0j+U82/qXm42EcQCqWM3UDWSVGaReyyDabv5AA7DPdoM1dF5xr
boa7/FmmUXfDRipsJeRcY2Dw+wIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFOTgrqDh
BTGG0Gzrxd97TgHS3vx+MB8GA1UdIwQYMBaAFJ755DduNmUydceWNZjWtFtwr4CZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEM2MC9CNTI2RkY3NEQ4
NDExMUU5QTQ1MjE0MTNDNEY5QUUwMi9udm5rTjI0MlpUSjF4NVkxbU5hMFczQ3Zn
SmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL252bmtOMjQyWlRKMXg1WTFtTmEwVzNDdmdKay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRDNjAvQjUyNkZGNzREODQxMTFFOUE0NTIxNDEzQzRGOUFFMDIvMjNBRUIxODZC
RTg5MTFFREFBN0REMzc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MDgEAgACMDIDBwAgAQ3xRYADBwAkBYTAAAADBgQkBYTAIAMGBSQFhMBAAwYA
JAWEwGgDBgAkBYTAbzANBgkqhkiG9w0BAQsFAAOCAQEAHZZSzA+SRMWgprIju1Gx
bPbg2IUJVRmRMHSAofloGydkIszW+DzEyw/hV47HWh16VYxtQ0rgkqfr78ITQqmJ
uA4QI/DvaBUYrsAWPp8eKQZvlYpdHauApWgUH00BV8Blc42hdRVEJFdN7Jt2vkem
tQnKLv18hS9uwx0NL5HuJij5kQgai79zqrNskPmSZGxdGp7ocztyjDG7a0O3zz2P
xWu8abHUdc8wxfI5hVSNBWWDQLq5ERm4bHYgLf0DMb38RUBfWYu/az0vyKNgoGjw
OjdiJQU7q18WU1YdUwBuTB8nIKlMlJ9hCEvvXdKZYgqNkGgjV4WT7hqJ2HG994mO
Ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org