Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9112320/28C6CCE6A9F011EE9315ED6CC4F9AE02/D8064A2EA9FA11EEBF4A7747C4F9AE02.roa
File:                     D8064A2EA9FA11EEBF4A7747C4F9AE02.roa (raw, json)
Hash identifier:          IQftd3bTUswo8aFlwSkImHGMWI7OVY9sTO6CU3H+bJU=
Subject key identifier:   A1:C7:F6:0D:E2:44:17:CD:5B:67:35:50:97:85:04:2C:88:B0:D6:AD
Certificate issuer:       /CN=A9112320/serialNumber=77EC48692D042702978DCD0B68E940B8D7723E52
Certificate serial:       02
Authority key identifier: 77:EC:48:69:2D:04:27:02:97:8D:CD:0B:68:E9:40:B8:D7:72:3E:52
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/d-xIaS0EJwKXjc0LaOlAuNdyPlI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9112320/28C6CCE6A9F011EE9315ED6CC4F9AE02/D8064A2EA9FA11EEBF4A7747C4F9AE02.roa
Signing time:             Wed 03 Jan 2024 05:42:13 +0000
ROA not before:           Wed 03 Jan 2024 05:42:13 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     140344
IP address blocks:        157.10.54.0/24 maxlen: 24
                          157.10.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 26 Mar 2024 03:53:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9112320/serialNumber=77EC48692D042702978DCD0B68E940B8D7723E52
        Validity
            Not Before: Jan  3 05:42:13 2024 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=6594f3b4-3f9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:80:49:4b:aa:a9:98:c7:24:48:b2:a0:b8:ef:
                    e1:a3:af:4e:d5:00:a8:69:99:13:47:4f:70:df:03:
                    c0:df:1d:40:04:b1:0d:7f:55:b9:34:5e:4e:b3:81:
                    94:80:45:ba:50:b1:c0:0f:5a:56:a1:83:64:8c:3a:
                    45:4f:c3:77:4a:08:bd:96:dd:41:f2:e8:f4:71:a7:
                    25:2a:77:ef:6f:e7:ec:a8:d3:96:7e:23:2e:3a:54:
                    06:f8:66:ca:59:9a:98:b5:c1:5d:a9:33:68:97:d2:
                    bc:02:1b:6a:46:7f:13:1e:bb:27:c2:3d:e9:88:ac:
                    f9:34:f6:1f:92:f4:14:67:5b:ac:7d:b0:5d:1a:88:
                    a8:35:9f:2b:b0:56:3d:38:50:a0:54:24:b4:d1:4f:
                    20:c7:79:c2:81:ae:04:17:31:72:2b:c2:0b:a2:6a:
                    ea:bf:bf:55:ca:c0:88:83:c8:94:3c:f3:6d:3e:4f:
                    8d:5d:8d:7a:fc:73:50:62:d5:3c:50:85:2d:45:ae:
                    19:f5:42:ef:3f:c6:af:b4:24:22:5b:74:b3:10:e7:
                    7d:b6:de:78:72:bd:a3:96:ff:93:78:45:f6:c3:92:
                    c7:6b:d5:ed:e0:78:eb:dc:51:07:3b:31:46:7a:de:
                    f8:38:95:33:a6:5b:84:a7:8d:1a:16:a9:b2:60:db:
                    19:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:C7:F6:0D:E2:44:17:CD:5B:67:35:50:97:85:04:2C:88:B0:D6:AD
            X509v3 Authority Key Identifier:
                keyid:77:EC:48:69:2D:04:27:02:97:8D:CD:0B:68:E9:40:B8:D7:72:3E:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9112320/28C6CCE6A9F011EE9315ED6CC4F9AE02/d-xIaS0EJwKXjc0LaOlAuNdyPlI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/d-xIaS0EJwKXjc0LaOlAuNdyPlI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9112320/28C6CCE6A9F011EE9315ED6CC4F9AE02/D8064A2EA9FA11EEBF4A7747C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.10.54.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:5d:b5:79:5b:d4:73:ab:12:be:4c:29:e7:de:50:d0:71:92:
         bc:e3:7f:7d:eb:f6:a9:87:15:97:b3:d0:f7:ae:cc:02:2a:da:
         77:f7:42:27:fa:b0:56:39:42:49:40:b8:ba:7b:f1:b9:94:9e:
         f9:d8:e1:66:99:d4:d2:e7:96:5f:6b:05:00:55:d8:14:5b:b1:
         a5:11:04:06:ce:18:ee:9e:f1:c4:24:97:ce:c1:0d:1d:32:b1:
         65:c7:47:1f:63:40:62:5c:3d:65:2c:b7:b5:2d:73:79:fa:3b:
         7a:a0:eb:76:0d:f1:11:4e:ad:ef:26:76:66:6c:45:0d:0a:b6:
         03:d3:8e:c2:f5:c3:a1:ba:e1:34:e9:bb:b9:a4:74:87:7e:78:
         63:8a:ac:73:85:5e:46:fd:69:e4:dd:99:05:b1:e3:75:13:1a:
         a0:55:aa:fb:55:45:f3:96:51:4d:b5:91:31:c2:e2:d5:b7:f8:
         d1:d5:78:11:8a:85:45:04:c0:6f:16:52:77:d1:52:f7:2a:9a:
         b7:e6:d7:73:2f:38:64:3e:15:86:50:6d:af:17:65:17:61:a9:
         55:40:66:1a:0d:e4:ef:47:18:18:12:a8:3a:32:87:0f:01:8a:
         47:23:00:69:2e:37:8d:d8:2f:c0:65:fd:f1:1e:91:a6:70:32:
         11:b0:f0:eb
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MjMyMDExMC8GA1UEBRMoNzdFQzQ4NjkyRDA0MjcwMjk3OERDRDBCNjhFOTQwQjhE
NzcyM0U1MjAeFw0yNDAxMDMwNTQyMTNaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OTRmM2I0LTNmOWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDlgElLqqmYxyRIsqC47+Gjr07VAKhpmRNHT3DfA8DfHUAEsQ1/Vbk0Xk6zgZSA
RbpQscAPWlahg2SMOkVPw3dKCL2W3UHy6PRxpyUqd+9v5+yo05Z+Iy46VAb4ZspZ
mpi1wV2pM2iX0rwCG2pGfxMeuyfCPemIrPk09h+S9BRnW6x9sF0aiKg1nyuwVj04
UKBUJLTRTyDHecKBrgQXMXIrwguiauq/v1XKwIiDyJQ8820+T41djXr8c1Bi1TxQ
hS1Frhn1Qu8/xq+0JCJbdLMQ53223nhyvaOW/5N4RfbDksdr1e3geOvcUQc7MUZ6
3vg4lTOmW4SnjRoWqbJg2xnhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUocf2DeJE
F81bZzVQl4UELIiw1q0wHwYDVR0jBBgwFoAUd+xIaS0EJwKXjc0LaOlAuNdyPlIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEyMzIwLzI4QzZDQ0U2QTlG
MDExRUU5MzE1RUQ2Q0M0RjlBRTAyL2QteElhUzBFSndLWGpjMExhT2xBdU5keVBs
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvZC14SWFTMEVKd0tYamMwTGFPbEF1TmR5UGxJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MjMyMC8yOEM2Q0NFNkE5RjAxMUVFOTMxNUVENkNDNEY5QUUwMi9EODA2NEEyRUE5
RkExMUVFQkY0QTc3NDdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0KNjANBgkqhkiG9w0BAQsFAAOCAQEACF21eVvUc6sSvkwp
595Q0HGSvON/fev2qYcVl7PQ967MAirad/dCJ/qwVjlCSUC4unvxuZSe+djhZpnU
0ueWX2sFAFXYFFuxpREEBs4Y7p7xxCSXzsENHTKxZcdHH2NAYlw9ZSy3tS1zefo7
eqDrdg3xEU6t7yZ2ZmxFDQq2A9OOwvXDobrhNOm7uaR0h354Y4qsc4VeRv1p5N2Z
BbHjdRMaoFWq+1VF85ZRTbWRMcLi1bf40dV4EYqFRQTAbxZSd9FS9yqat+bXcy84
ZD4VhlBtrxdlF2GpVUBmGg3k70cYGBKoOjKHDwGKRyMAaS43jdgvwGX98R6RpnAy
EbDw6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:54 2024 by rpki-client on console-fra.rpki-client.org