Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5098/C6809196AC9711E6A491DC17C4F9AE02/24BFD1FA731411EEA4392358C4F9AE02.roa
File:                     24BFD1FA731411EEA4392358C4F9AE02.roa (raw, json)
Hash identifier:          yDte/FVHOcndtRv0iRGX08sbpZc9kgQboulpwzfi1+E=
Subject key identifier:   A0:7E:93:F4:17:20:23:F1:6C:59:14:4E:E8:1A:1F:A1:47:84:B0:B9
Certificate issuer:       /CN=A91A5098/serialNumber=099714A70E6F401289108209D6A7F4859F9800CC
Certificate serial:       1C52
Authority key identifier: 09:97:14:A7:0E:6F:40:12:89:10:82:09:D6:A7:F4:85:9F:98:00:CC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZcUpw5vQBKJEIIJ1qf0hZ-YAMw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A5098/C6809196AC9711E6A491DC17C4F9AE02/24BFD1FA731411EEA4392358C4F9AE02.roa
Signing time:             Wed 25 Oct 2023 08:54:45 +0000
ROA not before:           Wed 25 Oct 2023 08:54:45 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     45204
IP address blocks:        180.149.64.0/18 maxlen: 21
                          180.149.69.14/32 maxlen: 32
                          180.149.90.0/24 maxlen: 24
                          180.149.91.0/24 maxlen: 24
                          180.149.93.0/24 maxlen: 24
                          180.149.94.0/24 maxlen: 24
                          180.149.95.0/24 maxlen: 24
                          180.149.96.0/24 maxlen: 24
                          180.149.97.0/24 maxlen: 24
                          180.149.98.0/24 maxlen: 24
                          180.149.99.0/24 maxlen: 24
                          180.149.100.0/22 maxlen: 24
                          180.149.112.0/24 maxlen: 24
                          180.149.117.0/24 maxlen: 24
                          180.149.118.0/24 maxlen: 24
                          2401:d600::/32 maxlen: 32

Validation:               Failed, certificate revoked on Sat 16 Mar 2024 03:45:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7250 (0x1c52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A5098/serialNumber=099714A70E6F401289108209D6A7F4859F9800CC
        Validity
            Not Before: Oct 25 08:54:45 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=6538d7d5-41f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b6:56:36:6a:4b:68:32:b6:3c:0d:01:95:13:
                    6f:db:0e:09:6a:d2:da:1b:52:c4:0b:53:6b:8e:57:
                    83:ed:02:30:a0:98:f2:27:f0:81:8c:d7:b7:fd:de:
                    b3:6e:2e:fa:e5:2c:7f:fc:75:21:d4:56:58:df:24:
                    32:20:d2:aa:8a:d3:0b:24:92:f8:d6:3c:f8:aa:83:
                    38:51:c9:3b:8b:52:6d:12:ae:65:b9:b7:11:45:88:
                    b7:64:91:ed:73:f4:ab:a0:0e:6e:76:b9:7f:88:4c:
                    6b:8e:df:13:9e:75:3f:a3:b9:3a:4e:a3:a9:9a:bf:
                    13:34:8d:df:1e:a3:50:28:6b:15:0c:fa:da:04:1e:
                    fe:33:af:91:dc:ef:25:d6:c7:74:cc:48:1e:34:c9:
                    1a:b4:8d:9c:ea:00:3d:48:78:43:f3:c3:01:19:d1:
                    19:e1:02:73:af:81:b9:cc:61:df:ba:4f:09:ef:08:
                    20:9e:d0:d8:98:73:67:f1:c4:dc:06:ea:85:61:11:
                    ca:6f:29:12:25:1b:2c:46:01:c3:f4:9f:33:2f:77:
                    fe:75:2f:b1:b9:ed:63:78:a8:ea:6d:2d:d0:71:c3:
                    77:9e:4f:d4:65:1f:5c:9b:70:b0:c7:6c:14:fd:76:
                    ca:2f:00:26:8a:ea:60:1e:da:95:25:7b:d8:26:8c:
                    ff:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:7E:93:F4:17:20:23:F1:6C:59:14:4E:E8:1A:1F:A1:47:84:B0:B9
            X509v3 Authority Key Identifier:
                keyid:09:97:14:A7:0E:6F:40:12:89:10:82:09:D6:A7:F4:85:9F:98:00:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A5098/C6809196AC9711E6A491DC17C4F9AE02/CZcUpw5vQBKJEIIJ1qf0hZ-YAMw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZcUpw5vQBKJEIIJ1qf0hZ-YAMw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5098/C6809196AC9711E6A491DC17C4F9AE02/24BFD1FA731411EEA4392358C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.149.64.0/18
                IPv6:
                  2401:d600::/32

    Signature Algorithm: sha256WithRSAEncryption
         31:d8:11:00:e8:d3:5a:b4:bd:f1:33:03:e6:33:5e:6e:69:1e:
         52:62:eb:4a:5e:91:18:e8:05:7a:49:c8:1d:b5:26:67:35:be:
         d4:fb:6d:d5:6f:97:43:6b:b9:fb:8e:ec:8f:47:ed:bf:f8:1a:
         41:83:bc:ed:34:e0:b2:15:4c:5b:47:72:78:37:72:50:fe:93:
         72:45:3d:de:6a:24:94:ac:cf:11:a7:f5:b3:a0:34:06:9d:3c:
         e4:13:58:5d:4f:9e:f6:5a:e4:e0:d3:78:e5:43:6a:ad:9f:3d:
         d7:03:25:76:b8:26:a3:67:8e:ca:8c:dd:e6:f7:ce:ad:87:fb:
         02:bd:80:a9:e1:8c:35:d6:5c:47:c2:4e:b9:24:a6:b6:1f:57:
         e0:01:da:91:96:1c:75:78:05:0c:a7:50:3f:c5:05:7a:06:78:
         51:6d:a1:1b:66:53:85:42:21:84:67:62:4b:5e:0e:d6:fd:60:
         c1:8e:19:0f:d3:d1:42:24:e1:f2:46:0f:e2:64:31:9a:e4:b7:
         36:4f:9c:26:63:99:01:9f:0f:bf:27:f9:00:b4:f1:90:c3:1d:
         77:ad:fc:06:5a:44:7b:30:53:d2:6a:48:97:89:d0:b2:2f:de:
         04:18:51:4f:5b:ad:53:e8:84:77:ce:01:52:02:9e:b4:12:d5:
         99:c0:18:22
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICHFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTUwOTgxMTAvBgNVBAUTKDA5OTcxNEE3MEU2RjQwMTI4OTEwODIwOUQ2QTdGNDg1
OUY5ODAwQ0MwHhcNMjMxMDI1MDg1NDQ1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTM4ZDdkNS00MWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv7ZWNmpLaDK2PA0BlRNv2w4JatLaG1LEC1NrjleD7QIwoJjyJ/CBjNe3/d6z
bi765Sx//HUh1FZY3yQyINKqitMLJJL41jz4qoM4Uck7i1JtEq5lubcRRYi3ZJHt
c/SroA5udrl/iExrjt8TnnU/o7k6TqOpmr8TNI3fHqNQKGsVDPraBB7+M6+R3O8l
1sd0zEgeNMkatI2c6gA9SHhD88MBGdEZ4QJzr4G5zGHfuk8J7wggntDYmHNn8cTc
BuqFYRHKbykSJRssRgHD9J8zL3f+dS+xue1jeKjqbS3QccN3nk/UZR9cm3Cwx2wU
/XbKLwAmiupgHtqVJXvYJoz/SwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKB+k/QX
ICPxbFkUTugaH6FHhLC5MB8GA1UdIwQYMBaAFAmXFKcOb0ASiRCCCdan9IWfmADM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTA5OC9DNjgwOTE5NkFD
OTcxMUU2QTQ5MURDMTdDNEY5QUUwMi9DWmNVcHc1dlFCS0pFSUlKMXFmMGhaLVlB
TXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NaY1VwdzV2UUJLSkVJSUoxcWYwaFotWUFNdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTUwOTgvQzY4MDkxOTZBQzk3MTFFNkE0OTFEQzE3QzRGOUFFMDIvMjRCRkQxRkE3
MzE0MTFFRUE0MzkyMzU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAa0lUAwDQQCAAIwBwMFACQB1gAwDQYJKoZIhvcNAQELBQAD
ggEBADHYEQDo01q0vfEzA+YzXm5pHlJi60pekRjoBXpJyB21Jmc1vtT7bdVvl0Nr
ufuO7I9H7b/4GkGDvO004LIVTFtHcng3clD+k3JFPd5qJJSszxGn9bOgNAadPOQT
WF1PnvZa5ODTeOVDaq2fPdcDJXa4JqNnjsqM3eb3zq2H+wK9gKnhjDXWXEfCTrkk
prYfV+AB2pGWHHV4BQynUD/FBXoGeFFtoRtmU4VCIYRnYkteDtb9YMGOGQ/T0UIk
4fJGD+JkMZrktzZPnCZjmQGfD78n+QC08ZDDHXet/AZaRHswU9JqSJeJ0LIv3gQY
UU9brVPohHfOAVICnrQS1ZnAGCI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:53 2024 by rpki-client on console-ams.rpki-client.org