Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912698E/F19A7C949C1C11E992FAFB1BC4F9AE02/D9B4B400E9B111EDBD33DE12C4F9AE02.roa
File:                     D9B4B400E9B111EDBD33DE12C4F9AE02.roa (raw, json)
Hash identifier:          N0hjusof5nzzGD3dWxp2guo6FPN2E6fza7b/fadtapc=
Subject key identifier:   F8:A4:B9:3D:A7:7A:6E:9B:36:23:B1:AA:AE:7A:D0:8A:21:B9:D7:15
Certificate issuer:       /CN=A912698E/serialNumber=C0B9C11B1B160F321B8AEC4CFCDDDAD895FC47DE
Certificate serial:       0CE2
Authority key identifier: C0:B9:C1:1B:1B:16:0F:32:1B:8A:EC:4C:FC:DD:DA:D8:95:FC:47:DE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wLnBGxsWDzIbiuxM_N3a2JX8R94.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912698E/F19A7C949C1C11E992FAFB1BC4F9AE02/D9B4B400E9B111EDBD33DE12C4F9AE02.roa
Signing time:             Wed 03 May 2023 12:55:59 +0000
ROA not before:           Wed 03 May 2023 12:55:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     38136
IP address blocks:        2404:8ac0::/34 maxlen: 34

Validation:               Failed, certificate revoked on Wed 14 Feb 2024 06:56:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3298 (0xce2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912698E/serialNumber=C0B9C11B1B160F321B8AEC4CFCDDDAD895FC47DE
        Validity
            Not Before: May  3 12:55:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=645259df-7367
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:bb:99:5a:3d:c5:c4:ab:31:2e:5b:9f:d7:d9:
                    c6:fc:26:b8:af:0a:2e:34:cd:dd:82:20:d5:b2:c4:
                    4b:1c:28:8e:4f:7f:44:fd:9e:8f:59:d9:4f:19:24:
                    f0:c7:2c:32:21:c5:03:3d:81:85:45:13:74:65:0f:
                    fc:e9:c8:d7:ce:e6:ea:24:18:62:b8:98:d4:e8:4b:
                    89:28:d4:bf:f1:b1:32:b2:09:9a:ef:44:71:9e:a3:
                    55:5c:35:7d:0c:d4:53:42:9a:0a:8e:7f:c2:47:be:
                    71:ef:f7:96:c0:5d:ed:c0:d4:a3:cb:e2:0b:b3:cb:
                    a9:e6:fd:72:80:4b:25:3a:d2:3c:c2:2f:7b:58:f6:
                    90:20:4c:38:06:d5:47:1c:1a:e3:c1:ef:6d:d9:ee:
                    91:f6:dd:d5:6c:9a:e9:be:7f:5b:5f:4c:a7:0e:94:
                    27:c6:e7:f3:8b:39:58:0b:0f:30:f9:3e:04:43:9d:
                    51:54:b1:47:32:46:cc:50:61:ec:d9:92:35:e8:8d:
                    a6:dc:af:77:87:cc:e5:5d:4e:22:07:ce:12:a5:dd:
                    99:fb:11:46:4a:93:25:72:36:c9:b9:c6:7a:77:13:
                    b2:6a:e6:a2:52:8f:f2:d5:32:6a:0e:77:4e:07:e2:
                    c3:12:b3:b9:3d:0b:1f:54:75:05:bd:b9:fa:e4:3c:
                    fe:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:A4:B9:3D:A7:7A:6E:9B:36:23:B1:AA:AE:7A:D0:8A:21:B9:D7:15
            X509v3 Authority Key Identifier:
                keyid:C0:B9:C1:1B:1B:16:0F:32:1B:8A:EC:4C:FC:DD:DA:D8:95:FC:47:DE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912698E/F19A7C949C1C11E992FAFB1BC4F9AE02/wLnBGxsWDzIbiuxM_N3a2JX8R94.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wLnBGxsWDzIbiuxM_N3a2JX8R94.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912698E/F19A7C949C1C11E992FAFB1BC4F9AE02/D9B4B400E9B111EDBD33DE12C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:8ac0::/34

    Signature Algorithm: sha256WithRSAEncryption
         05:c8:9f:d8:57:a3:42:c5:49:ef:9d:95:97:d0:71:f7:85:2b:
         38:ce:8f:e1:54:a1:da:c7:d2:5b:e3:12:8a:00:c3:c5:8c:37:
         18:e7:ef:41:74:4a:f7:07:a8:48:98:cb:6c:f1:4f:f8:e6:ab:
         2c:f8:e8:e5:cf:24:95:01:13:af:8c:10:5a:df:14:0a:17:17:
         bb:54:65:04:c9:ee:d2:9a:ea:bc:95:7c:2e:80:a7:58:f7:71:
         b4:60:ec:be:ff:a4:2f:eb:5f:03:ad:1b:01:8e:79:84:25:a1:
         af:a1:b2:82:03:c5:24:1a:86:d7:2a:94:1c:57:66:4a:f2:f8:
         03:fd:3a:1c:1e:3e:17:d4:eb:e1:40:44:70:c1:9a:0f:0f:90:
         0f:c1:4a:c0:5a:51:14:45:af:9b:6b:3c:35:60:11:da:80:39:
         9f:15:a5:5d:6e:9e:01:47:de:70:7c:cd:b4:48:1c:04:35:2a:
         de:a8:f7:94:65:07:58:57:31:8f:ab:44:fd:6c:5b:7a:ef:66:
         ec:a2:51:68:eb:ea:6b:35:ba:82:ed:31:0b:ec:2f:aa:f3:b6:
         80:18:c2:4a:16:14:78:7a:2e:ce:76:b8:2f:d9:06:5b:7b:02:
         16:f2:0f:36:95:ea:b0:ff:73:22:3b:c8:df:f5:d9:42:be:a5:
         09:72:9d:d1
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICDOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjY5OEUxMTAvBgNVBAUTKEMwQjlDMTFCMUIxNjBGMzIxQjhBRUM0Q0ZDREREQUQ4
OTVGQzQ3REUwHhcNMjMwNTAzMTI1NTU5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUyNTlkZi03MzY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyruZWj3FxKsxLluf19nG/Ca4rwouNM3dgiDVssRLHCiOT39E/Z6PWdlPGSTw
xywyIcUDPYGFRRN0ZQ/86cjXzubqJBhiuJjU6EuJKNS/8bEysgma70RxnqNVXDV9
DNRTQpoKjn/CR75x7/eWwF3twNSjy+ILs8up5v1ygEslOtI8wi97WPaQIEw4BtVH
HBrjwe9t2e6R9t3VbJrpvn9bX0ynDpQnxufzizlYCw8w+T4EQ51RVLFHMkbMUGHs
2ZI16I2m3K93h8zlXU4iB84Spd2Z+xFGSpMlcjbJucZ6dxOyauaiUo/y1TJqDndO
B+LDErO5PQsfVHUFvbn65Dz+eQIDAQABo4IClzCCApMwHQYDVR0OBBYEFPikuT2n
em6bNiOxqq560IohudcVMB8GA1UdIwQYMBaAFMC5wRsbFg8yG4rsTPzd2tiV/Efe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjk4RS9GMTlBN0M5NDlD
MUMxMUU5OTJGQUZCMUJDNEY5QUUwMi93TG5CR3hzV0R6SWJpdXhNX04zYTJKWDhS
OTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dMbkJHeHNXRHpJYml1eE1fTjNhMkpYOFI5NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjY5OEUvRjE5QTdDOTQ5QzFDMTFFOTkyRkFGQjFCQzRGOUFFMDIvRDlCNEI0MDBF
OUIxMTFFREJEMzNERTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgYkBIrAADANBgkqhkiG9w0BAQsFAAOCAQEABcif2FejQsVJ
752Vl9Bx94UrOM6P4VSh2sfSW+MSigDDxYw3GOfvQXRK9weoSJjLbPFP+OarLPjo
5c8klQETr4wQWt8UChcXu1RlBMnu0prqvJV8LoCnWPdxtGDsvv+kL+tfA60bAY55
hCWhr6GyggPFJBqG1yqUHFdmSvL4A/06HB4+F9Tr4UBEcMGaDw+QD8FKwFpRFEWv
m2s8NWAR2oA5nxWlXW6eAUfecHzNtEgcBDUq3qj3lGUHWFcxj6tE/Wxbeu9m7KJR
aOvqazW6gu0xC+wvqvO2gBjCShYUeHouzna4L9kGW3sCFvIPNpXqsP9zIjvI3/XZ
Qr6lCXKd0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:48 2024 by rpki-client on console-ams.rpki-client.org