Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/DF340988F3C611EE897F4A51C4F9AE02.roa
File:                     DF340988F3C611EE897F4A51C4F9AE02.roa (raw, json)
Hash identifier:          pKvRNRWW6hrEdUXvISbDzFuc4w9f01AFOAlVvrQdW48=
Subject key identifier:   27:03:04:32:22:7B:FE:4A:BC:29:DB:46:8D:5F:69:6D:60:67:50:75
Certificate issuer:       /CN=A91139AB/serialNumber=D10BAF7AA8DB734B952D036087783C6437843C8F
Certificate serial:       55
Authority key identifier: D1:0B:AF:7A:A8:DB:73:4B:95:2D:03:60:87:78:3C:64:37:84:3C:8F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Quveqjbc0uVLQNgh3g8ZDeEPI8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/DF340988F3C611EE897F4A51C4F9AE02.roa
Signing time:             Sat 06 Apr 2024 03:36:37 +0000
ROA not before:           Sat 06 Apr 2024 03:36:37 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     4857
IP address blocks:        202.147.96.0/20 maxlen: 20
                          202.147.112.0/20 maxlen: 24
                          203.82.160.0/20 maxlen: 24
                          203.82.176.0/20 maxlen: 24
                          203.201.64.0/20 maxlen: 24
                          203.201.80.0/20 maxlen: 20
                          203.201.96.0/20 maxlen: 20
                          203.201.112.0/20 maxlen: 24
                          221.120.128.0/20 maxlen: 24
                          221.120.144.0/24 maxlen: 24
                          221.120.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Apr 2024 23:48:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85 (0x55)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91139AB/serialNumber=D10BAF7AA8DB734B952D036087783C6437843C8F
        Validity
            Not Before: Apr  6 03:36:37 2024 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=6610c345-ac10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:57:72:95:87:a8:8b:c5:21:e9:04:18:d7:70:
                    58:ba:ec:bb:91:a8:41:ad:56:ef:63:bc:e5:e2:7a:
                    8a:22:f8:e4:67:11:99:07:f2:ae:86:7a:cf:a9:da:
                    4b:fc:d6:5e:cd:20:23:1f:96:76:f3:f9:e7:66:ea:
                    35:be:b5:d2:90:a1:ea:a1:7e:e1:a3:44:95:b0:74:
                    a6:00:bf:fb:b7:29:a8:15:47:5e:43:e8:83:ba:5e:
                    0c:d8:cc:16:f0:e1:6b:e3:5f:e4:41:96:89:37:fc:
                    13:c5:d8:9e:de:f4:02:00:4e:af:02:4d:d5:50:8e:
                    3e:9a:b6:ff:b6:11:85:e0:cb:18:62:2c:53:52:34:
                    7c:68:05:99:47:9c:fb:f0:0f:64:4d:73:dc:61:b3:
                    38:05:37:b2:40:55:d4:c8:a5:db:1f:89:b4:99:b8:
                    a4:25:46:c1:f8:42:20:6c:e3:1b:d5:55:1c:53:4f:
                    ae:a6:06:b3:90:24:f5:9c:a0:aa:fb:23:06:60:9c:
                    7e:fb:86:7a:66:0d:15:f2:02:59:57:fb:17:d3:23:
                    25:4e:3d:34:64:2d:9e:6d:2d:97:cd:c6:26:a5:2b:
                    ee:85:c3:52:f0:df:87:82:2a:1c:0a:3d:82:10:5b:
                    9e:0f:92:9f:b0:d0:09:2c:ca:76:c8:dc:8d:73:ca:
                    01:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:03:04:32:22:7B:FE:4A:BC:29:DB:46:8D:5F:69:6D:60:67:50:75
            X509v3 Authority Key Identifier:
                keyid:D1:0B:AF:7A:A8:DB:73:4B:95:2D:03:60:87:78:3C:64:37:84:3C:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/0Quveqjbc0uVLQNgh3g8ZDeEPI8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Quveqjbc0uVLQNgh3g8ZDeEPI8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91139AB/158D4906255B11EBA9F5601AC4F9AE02/DF340988F3C611EE897F4A51C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.147.96.0/19
                  203.82.160.0/19
                  203.201.64.0/18
                  221.120.128.0-221.120.145.255

    Signature Algorithm: sha256WithRSAEncryption
         80:bf:aa:58:70:5e:a3:31:b2:a2:96:dc:4a:fd:60:df:ce:4d:
         5c:29:28:82:f6:41:c2:3c:ed:7f:a8:3c:91:6a:2d:b8:4c:97:
         46:26:f7:2a:65:fb:27:50:aa:f6:22:fa:f3:82:49:b5:42:c3:
         fd:c1:df:4d:f0:8e:a0:41:4a:64:a9:86:6a:27:ee:5f:19:22:
         e3:14:ef:c4:a0:fb:52:94:86:8a:68:e3:3b:76:71:cc:ef:1c:
         92:e2:20:3a:c1:01:49:43:44:35:c9:f2:b8:43:ea:5b:5a:d3:
         18:39:71:9a:d2:8f:2d:a3:c5:8e:84:62:c4:01:7c:1d:26:dd:
         21:fb:18:c0:2a:d5:41:dd:9e:b3:60:42:cc:f6:b7:2c:60:7f:
         f9:2b:75:97:f3:90:42:f1:34:87:6a:78:75:b3:7e:75:6c:5e:
         f3:48:38:18:38:32:93:03:f2:32:1f:6e:4e:61:0f:39:82:3c:
         05:92:8c:12:d0:8f:2a:64:df:ec:f7:ac:28:88:ba:77:0c:84:
         6e:a7:a7:5c:98:1a:7e:83:fd:e5:a3:17:c6:71:fe:d2:8a:15:
         98:ab:75:7f:c5:86:db:3c:34:5b:d9:c1:25:93:6f:75:cc:27:
         2e:55:f5:68:4c:35:03:43:2e:9e:42:aa:8f:da:9e:e6:ec:ac:
         e6:7e:ea:41
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIBVTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MzlBQjExMC8GA1UEBRMoRDEwQkFGN0FBOERCNzM0Qjk1MkQwMzYwODc3ODNDNjQz
Nzg0M0M4RjAeFw0yNDA0MDYwMzM2MzdaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MTBjMzQ1LWFjMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCmV3KVh6iLxSHpBBjXcFi67LuRqEGtVu9jvOXieooi+ORnEZkH8q6Ges+p2kv8
1l7NICMflnbz+edm6jW+tdKQoeqhfuGjRJWwdKYAv/u3KagVR15D6IO6XgzYzBbw
4WvjX+RBlok3/BPF2J7e9AIATq8CTdVQjj6atv+2EYXgyxhiLFNSNHxoBZlHnPvw
D2RNc9xhszgFN7JAVdTIpdsfibSZuKQlRsH4QiBs4xvVVRxTT66mBrOQJPWcoKr7
IwZgnH77hnpmDRXyAllX+xfTIyVOPTRkLZ5tLZfNxialK+6Fw1Lw34eCKhwKPYIQ
W54Pkp+w0AksynbI3I1zygFRAgMBAAGjggKvMIICqzAdBgNVHQ4EFgQUJwMEMiJ7
/kq8KdtGjV9pbWBnUHUwHwYDVR0jBBgwFoAU0Quveqjbc0uVLQNgh3g8ZDeEPI8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEzOUFCLzE1OEQ0OTA2MjU1
QjExRUJBOUY1NjAxQUM0RjlBRTAyLzBRdXZlcWpiYzB1VkxRTmdoM2c4WkRlRVBJ
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMFF1dmVxamJjMHVWTFFOZ2gzZzhaRGVFUEk4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MzlBQi8xNThENDkwNjI1NUIxMUVCQTlGNTYwMUFDNEY5QUUwMi9ERjM0MDk4OEYz
QzYxMUVFODk3RjRBNTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIAMEBcqTYAMEBctSoAMEBsvJQDAMAwQH3XiAAwQB3XiQMA0GCSqG
SIb3DQEBCwUAA4IBAQCAv6pYcF6jMbKiltxK/WDfzk1cKSiC9kHCPO1/qDyRai24
TJdGJvcqZfsnUKr2Ivrzgkm1QsP9wd9N8I6gQUpkqYZqJ+5fGSLjFO/EoPtSlIaK
aOM7dnHM7xyS4iA6wQFJQ0Q1yfK4Q+pbWtMYOXGa0o8to8WOhGLEAXwdJt0h+xjA
KtVB3Z6zYELM9rcsYH/5K3WX85BC8TSHanh1s351bF7zSDgYODKTA/IyH25OYQ85
gjwFkowS0I8qZN/s96woiLp3DIRup6dcmBp+g/3loxfGcf7SihWYq3V/xYbbPDRb
2cElk291zCcuVfVoTDUDQy6eQqqP2p7m7KzmfupB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-ams.rpki-client.org