Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/A00B9E90A21011EE9C264712C4F9AE02.roa
File:                     A00B9E90A21011EE9C264712C4F9AE02.roa (raw, json)
Hash identifier:          YqVGCW8zmqoDtdu93ZvYc4iN91IEnD28sGChMhQGlnc=
Subject key identifier:   DB:A1:14:EC:94:B4:1E:28:DC:C1:13:1C:2D:BA:23:30:3D:6D:5A:15
Certificate issuer:       /CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD
Certificate serial:       0B95
Authority key identifier: DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/A00B9E90A21011EE9C264712C4F9AE02.roa
Signing time:             Sun 24 Dec 2023 03:57:59 +0000
ROA not before:           Sun 24 Dec 2023 03:57:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     4864
IP address blocks:        2404:d580::/120 maxlen: 120

Validation:               Failed, certificate revoked on Sun 24 Dec 2023 06:40:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2965 (0xb95)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD
        Validity
            Not Before: Dec 24 03:57:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6587ac46-ee9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:e1:a2:c1:39:07:e2:08:f9:d7:7c:2d:c6:45:
                    2d:db:50:72:6d:ed:04:08:ef:d9:75:3d:4a:8a:34:
                    34:1d:a5:a5:1b:ee:50:30:5b:31:33:bc:6b:07:a9:
                    f0:3f:43:7f:ba:0d:a1:d4:9d:29:ab:2a:a3:91:c7:
                    ba:ac:5c:a5:62:02:f1:0c:55:06:23:46:45:ec:7f:
                    f3:57:b5:ae:ed:7e:a0:c0:af:35:62:99:7b:c1:9f:
                    a0:80:a9:a8:22:6d:ee:08:28:d1:f8:e1:dd:22:14:
                    ad:f3:83:fc:dc:94:30:0b:27:18:c3:63:58:ba:f6:
                    eb:fc:07:74:da:73:1f:2a:2b:ce:c1:5f:35:2f:e6:
                    17:8d:60:e3:2c:40:70:7e:b4:1b:8b:18:7d:04:ea:
                    4e:2e:97:87:1a:54:ab:2a:cd:b5:ee:5a:6c:5f:68:
                    b8:6c:bc:57:b6:2e:9d:2d:50:53:2a:8d:04:4d:eb:
                    46:52:22:94:7a:59:b1:79:32:32:bb:f7:13:4c:fd:
                    d0:44:27:5c:23:a2:1f:7c:6c:ad:58:ab:67:7a:31:
                    e2:b0:48:08:ce:d9:32:b0:ce:03:ac:a0:e4:5b:66:
                    29:9f:77:88:5c:ac:00:53:d7:75:df:3a:3b:dc:9d:
                    65:e8:b0:a2:07:1f:18:d6:80:32:75:da:cb:20:1e:
                    5b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:A1:14:EC:94:B4:1E:28:DC:C1:13:1C:2D:BA:23:30:3D:6D:5A:15
            X509v3 Authority Key Identifier:
                keyid:DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/A00B9E90A21011EE9C264712C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:d580::/120

    Signature Algorithm: sha256WithRSAEncryption
         75:35:b8:4a:21:a4:61:db:e5:82:45:77:35:6d:20:b9:9e:fa:
         02:cf:50:d2:79:8f:f2:78:b7:c9:e2:6d:6c:2f:a1:0d:b9:80:
         2e:59:ee:ae:41:3e:dd:e1:cf:2a:36:1a:b5:79:3c:12:84:45:
         ad:07:07:82:6d:69:ec:f1:a3:b2:32:a1:ed:86:30:af:42:e4:
         ea:32:90:51:31:54:18:e9:54:fd:32:9e:97:4a:43:60:34:ff:
         d3:14:13:fa:3e:93:8a:96:bb:93:ec:9f:c0:69:e2:40:17:79:
         92:4e:17:b1:71:54:39:02:51:7b:0d:27:ad:76:95:b9:e6:45:
         2b:04:be:6a:de:9b:ff:75:2d:d0:57:20:90:3f:d4:e1:04:79:
         89:be:05:5d:03:70:cc:58:b7:4d:5d:a4:9b:d8:e1:a2:c9:68:
         e8:f1:db:69:b4:6e:cb:34:1f:e1:c8:45:f2:b2:26:86:58:3a:
         66:d4:12:90:90:0d:de:89:c7:a4:3c:0b:0d:d1:aa:c4:8e:09:
         7b:d1:91:27:e0:4a:77:f1:30:11:21:ea:c6:44:bd:37:3b:60:
         35:63:91:f4:0d:fd:43:b5:43:ba:cf:b0:ea:8e:2d:57:b4:57:
         01:6a:4c:ba:6f:db:9c:b4:40:9a:dc:d6:0a:21:7e:7e:3d:cb:
         f0:fd:57:fd
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICC5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCRTMxMTAvBgNVBAUTKERFNTA1NDJCRUExMDgyMDFBNzcyQzAwQkM5RjI1MUFE
MTdGQTk2Q0QwHhcNMjMxMjI0MDM1NzU5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTg3YWM0Ni1lZTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3+GiwTkH4gj513wtxkUt21Bybe0ECO/ZdT1KijQ0HaWlG+5QMFsxM7xrB6nw
P0N/ug2h1J0pqyqjkce6rFylYgLxDFUGI0ZF7H/zV7Wu7X6gwK81Ypl7wZ+ggKmo
Im3uCCjR+OHdIhSt84P83JQwCycYw2NYuvbr/Ad02nMfKivOwV81L+YXjWDjLEBw
frQbixh9BOpOLpeHGlSrKs217lpsX2i4bLxXti6dLVBTKo0ETetGUiKUelmxeTIy
u/cTTP3QRCdcI6IffGytWKtnejHisEgIztkysM4DrKDkW2Ypn3eIXKwAU9d13zo7
3J1l6LCiBx8Y1oAyddrLIB5biwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFNuhFOyU
tB4o3METHC26IzA9bVoVMB8GA1UdIwQYMBaAFN5QVCvqEIIBp3LAC8nyUa0X+pbN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUJFMy84MEFFMTBDNjA0
NTAxMUVBQkE4MkM0MTVDNEY5QUUwMi8zbEJVSy1vUWdnR25jc0FMeWZKUnJSZjZs
czAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNsQlVLLW9RZ2dHbmNzQUx5ZkpSclJmNmxzMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCRTMvODBBRTEwQzYwNDUwMTFFQUJBODJDNDE1QzRGOUFFMDIvQTAwQjlFOTBB
MjEwMTFFRTlDMjY0NzEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDEAAkBNWAAAAAAAAAAAAAAAAwDQYJKoZIhvcNAQELBQADggEB
AHU1uEohpGHb5YJFdzVtILme+gLPUNJ5j/J4t8nibWwvoQ25gC5Z7q5BPt3hzyo2
GrV5PBKERa0HB4Jtaezxo7Iyoe2GMK9C5OoykFExVBjpVP0ynpdKQ2A0/9MUE/o+
k4qWu5Psn8Bp4kAXeZJOF7FxVDkCUXsNJ612lbnmRSsEvmrem/91LdBXIJA/1OEE
eYm+BV0DcMxYt01dpJvY4aLJaOjx22m0bss0H+HIRfKyJoZYOmbUEpCQDd6Jx6Q8
Cw3RqsSOCXvRkSfgSnfxMBEh6sZEvTc7YDVjkfQN/UO1Q7rPsOqOLVe0VwFqTLpv
25y0QJrc1gohfn49y/D9V/0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org