Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/0DA166E69A4C11EE807F8412C4F9AE02.roa
File:                     0DA166E69A4C11EE807F8412C4F9AE02.roa (raw, json)
Hash identifier:          a58Knd/FrHbEZ17w6X50kE1V5aCn+HHkg1FWBhbtTEE=
Subject key identifier:   90:2C:D0:B3:7B:61:06:F8:34:67:3B:FF:38:68:F0:72:A6:E8:6E:4F
Certificate issuer:       /CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
Certificate serial:       0704
Authority key identifier: 3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/0DA166E69A4C11EE807F8412C4F9AE02.roa
Signing time:             Wed 31 Jan 2024 00:12:29 +0000
ROA not before:           Wed 31 Jan 2024 00:12:29 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     16509
IP address blocks:        202.139.236.0/22 maxlen: 24
                          202.139.252.0/24 maxlen: 24
                          202.148.147.0/24 maxlen: 24
                          203.27.226.0/23 maxlen: 24
                          210.247.144.0/20 maxlen: 24
                          210.247.238.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Sun 11 Feb 2024 23:28:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1796 (0x704)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CB7AB/serialNumber=3DE9D3DFF6E048FD908146502E4F08E456F3D9BC
        Validity
            Not Before: Jan 31 00:12:29 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65b9906d-7c0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:99:e3:de:92:14:b3:f4:4d:ee:b9:f8:ed:b0:
                    88:33:2b:5b:bf:4c:01:56:a0:1f:56:19:55:5b:d3:
                    d0:05:84:45:b5:5c:25:76:b2:cb:7f:2d:c2:79:ca:
                    f9:6e:4e:e1:04:03:48:f0:17:81:81:89:2c:97:af:
                    05:c5:33:b7:4c:f0:d1:d0:d5:23:a3:49:f4:b3:53:
                    f3:38:04:2d:7c:3e:1a:f8:77:32:0a:3d:f3:21:09:
                    3b:b2:41:5e:02:f1:4c:65:ee:ea:c9:ee:3f:d6:79:
                    04:40:f7:52:cf:1c:a2:05:df:ff:71:7a:5e:76:99:
                    fe:c4:5f:17:2c:b6:34:ef:07:a9:c4:8f:df:f4:a1:
                    38:a6:69:ba:31:ad:41:be:58:42:3d:1a:71:6c:d4:
                    00:3d:76:61:be:53:9e:1f:21:a2:69:51:2b:1f:43:
                    fc:56:d3:01:e2:ad:7e:55:c1:38:eb:c8:4e:7d:95:
                    6a:e7:11:ee:0c:65:fa:de:dd:ad:35:68:87:24:00:
                    1e:3e:6c:ea:b7:1f:5c:20:18:1b:d3:64:4f:1b:c1:
                    c7:fa:96:1c:f8:15:b5:d8:0d:fd:56:4a:fc:c9:c0:
                    71:a3:7d:49:ba:2d:88:95:8a:78:29:f2:7a:fb:7a:
                    20:9f:f3:17:8c:a7:0b:d1:56:8b:9a:10:16:3d:8d:
                    ca:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:2C:D0:B3:7B:61:06:F8:34:67:3B:FF:38:68:F0:72:A6:E8:6E:4F
            X509v3 Authority Key Identifier:
                keyid:3D:E9:D3:DF:F6:E0:48:FD:90:81:46:50:2E:4F:08:E4:56:F3:D9:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/PenT3_bgSP2QgUZQLk8I5Fbz2bw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PenT3_bgSP2QgUZQLk8I5Fbz2bw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB7AB/56786568400911EBA374225BC4F9AE02/0DA166E69A4C11EE807F8412C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.139.236.0/22
                  202.139.252.0/24
                  202.148.147.0/24
                  203.27.226.0/23
                  210.247.144.0/20
                  210.247.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         64:70:57:29:71:18:53:c6:6a:f7:bf:82:50:83:aa:c6:91:d6:
         d5:70:81:e7:32:f6:fa:c8:c9:59:ed:93:cb:0b:a7:36:0d:62:
         28:12:8a:30:36:37:28:31:89:23:48:e5:fa:03:30:d1:1d:12:
         91:89:83:a5:aa:63:1d:71:ef:da:94:b7:56:35:49:54:19:35:
         89:fa:44:0b:44:05:ca:da:1c:a1:fc:87:89:df:b1:81:d6:94:
         fb:cc:21:59:b1:3d:18:b2:20:b8:31:75:90:ed:b5:85:2d:e4:
         34:16:ea:cf:00:b7:e0:7d:f9:10:01:df:5e:7d:46:0b:6e:5c:
         c4:b3:da:e7:64:fd:56:6c:5f:d4:41:6f:bb:cd:a5:f7:eb:7c:
         d2:ea:34:dd:6c:08:61:6a:cf:a7:64:a1:6d:d1:90:71:0d:7f:
         bf:e4:67:15:0c:9c:9a:96:ab:03:e3:a7:60:7c:e9:2a:2e:02:
         bf:b2:67:58:74:83:a8:ef:96:9c:f1:4e:88:37:2b:71:ea:e3:
         d1:1a:8b:a8:3a:a3:74:b7:e5:ab:cd:fc:7f:84:64:0d:0f:dc:
         31:59:28:70:72:c0:9c:88:18:79:93:7f:65:95:1e:34:f6:6d:
         43:b0:18:fa:61:51:68:62:c3:6f:29:e9:1b:a8:d1:2d:e7:eb:
         d5:7d:67:56
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICBwQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0I3QUIxMTAvBgNVBAUTKDNERTlEM0RGRjZFMDQ4RkQ5MDgxNDY1MDJFNEYwOEU0
NTZGM0Q5QkMwHhcNMjQwMTMxMDAxMjI5WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5OTA2ZC03YzBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwpnj3pIUs/RN7rn47bCIMytbv0wBVqAfVhlVW9PQBYRFtVwldrLLfy3Cecr5
bk7hBANI8BeBgYksl68FxTO3TPDR0NUjo0n0s1PzOAQtfD4a+HcyCj3zIQk7skFe
AvFMZe7qye4/1nkEQPdSzxyiBd//cXpedpn+xF8XLLY07wepxI/f9KE4pmm6Ma1B
vlhCPRpxbNQAPXZhvlOeHyGiaVErH0P8VtMB4q1+VcE468hOfZVq5xHuDGX63t2t
NWiHJAAePmzqtx9cIBgb02RPG8HH+pYc+BW12A39Vkr8ycBxo31Jui2IlYp4KfJ6
+3ogn/MXjKcL0VaLmhAWPY3KXQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFJAs0LN7
YQb4NGc7/zho8HKm6G5PMB8GA1UdIwQYMBaAFD3p09/24Ej9kIFGUC5PCORW89m8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjdBQi81Njc4NjU2ODQw
MDkxMUVCQTM3NDIyNUJDNEY5QUUwMi9QZW5UM19iZ1NQMlFnVVpRTGs4STVGYnoy
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BlblQzX2JnU1AyUWdVWlFMazhJNUZiejJidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0I3QUIvNTY3ODY1Njg0MDA5MTFFQkEzNzQyMjVCQzRGOUFFMDIvMERBMTY2RTY5
QTRDMTFFRTgwN0Y4NDEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBALKi+wDBADKi/wDBADKlJMDBAHLG+IDBATS95ADBAHS9+4w
DQYJKoZIhvcNAQELBQADggEBAGRwVylxGFPGave/glCDqsaR1tVwgecy9vrIyVnt
k8sLpzYNYigSijA2NygxiSNI5foDMNEdEpGJg6WqYx1x79qUt1Y1SVQZNYn6RAtE
BcraHKH8h4nfsYHWlPvMIVmxPRiyILgxdZDttYUt5DQW6s8At+B9+RAB3159Rgtu
XMSz2udk/VZsX9RBb7vNpffrfNLqNN1sCGFqz6dkoW3RkHENf7/kZxUMnJqWqwPj
p2B86SouAr+yZ1h0g6jvlpzxTog3K3Hq49Eai6g6o3S35avN/H+EZA0P3DFZKHBy
wJyIGHmTf2WVHjT2bUOwGPphUWhiw28p6Ruo0S3n69V9Z1Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:41 2024 by rpki-client on console-fra.rpki-client.org