Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/3DDD46441E0111E9A590C837C4F9AE02.roa
File:                     3DDD46441E0111E9A590C837C4F9AE02.roa (raw, json)
Hash identifier:          075I4wstMOljh5fhw2qpmt9HlOWry9W2Sigc467Jpx4=
Subject key identifier:   71:DD:22:E7:9A:35:91:20:98:89:54:A6:B8:12:08:01:66:39:4B:31
Certificate issuer:       /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial:       369E
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/3DDD46441E0111E9A590C837C4F9AE02.roa
Signing time:             Sat 08 Jul 2023 14:30:45 +0000
ROA not before:           Sat 08 Jul 2023 14:30:45 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     17556
IP address blocks:        114.109.249.0/24 maxlen: 24
                          115.87.70.0/24 maxlen: 24
                          115.87.71.0/24 maxlen: 24
                          115.87.72.0/24 maxlen: 24
                          115.87.73.0/24 maxlen: 24
                          119.46.99.0/24 maxlen: 24
                          210.86.191.0/24 maxlen: 24
                          2001:fb0:10b2::/48 maxlen: 48
                          2001:fb1:3009:1::/64 maxlen: 64
                          2001:fb1:3009:2::/64 maxlen: 64
                          2001:fb1:3009:3::/64 maxlen: 64
                          2001:fb1:3009:5::/64 maxlen: 64
                          2001:fb1:3009:6::/64 maxlen: 64
                          2001:fb1:3009:7::/64 maxlen: 64

Validation:               Failed, certificate revoked on Wed 26 Jul 2023 10:50:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13982 (0x369e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
        Validity
            Not Before: Jul  8 14:30:45 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64a97315-d052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:33:74:62:20:95:64:84:df:38:8c:ff:66:de:
                    97:39:b6:54:31:ce:2f:9d:f6:b7:a7:68:a5:5b:3b:
                    21:8b:e1:84:4f:ef:47:c5:8b:bf:1b:76:93:24:2d:
                    4f:fe:a8:95:80:29:fd:c6:df:c5:0c:0c:54:a9:09:
                    58:e2:39:da:87:27:94:3f:ed:a3:8b:0d:79:55:e5:
                    cc:2a:69:92:16:6f:c5:e8:a4:08:9c:5b:e0:e5:98:
                    a6:d7:50:da:54:b0:6d:f2:f6:a4:8a:73:b0:12:df:
                    7b:f3:79:35:d9:5a:c5:d6:6c:4d:db:cf:df:94:97:
                    7f:4d:81:ed:21:c1:15:71:64:11:f0:68:73:50:1b:
                    ee:5b:dc:ae:a5:b7:dd:e9:5c:e0:da:d5:2d:fa:29:
                    d8:d2:f5:dc:37:21:c6:e0:71:9c:6f:30:4e:78:5a:
                    f7:0d:0f:f9:1c:04:28:31:07:06:16:59:c3:20:41:
                    ef:db:7d:40:74:89:ae:fd:92:78:2f:c8:8d:2c:3e:
                    6a:99:50:ef:ff:df:48:20:eb:2f:5a:3c:69:60:22:
                    26:15:b9:4b:e0:8f:d7:64:ab:11:5f:34:45:21:8e:
                    a4:05:a6:31:b8:67:ab:ec:f3:84:5b:7d:d5:e7:73:
                    cf:6e:a6:1f:6f:da:fb:89:8a:67:d6:e8:6a:ac:e2:
                    ad:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:DD:22:E7:9A:35:91:20:98:89:54:A6:B8:12:08:01:66:39:4B:31
            X509v3 Authority Key Identifier:
                keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/3DDD46441E0111E9A590C837C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.109.249.0/24
                  115.87.70.0-115.87.73.255
                  119.46.99.0/24
                  210.86.191.0/24
                IPv6:
                  2001:fb0:10b2::/48
                  2001:fb1:3009:1::-2001:fb1:3009:3:ffff:ffff:ffff:ffff
                  2001:fb1:3009:5::-2001:fb1:3009:7:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         92:f8:9d:7d:cb:73:25:c7:2c:f8:d1:a6:a2:74:fb:e6:3f:1f:
         7c:05:70:36:24:13:e9:03:53:0f:f6:f4:75:a6:d3:7f:26:df:
         90:96:e9:73:ea:72:86:3e:99:df:12:98:30:bb:cc:b0:70:8c:
         ba:b5:b5:08:56:09:a1:fc:e6:bf:84:ed:91:3c:c4:d9:6a:fa:
         a4:a7:2c:ee:8f:dd:c0:75:f3:36:e2:21:ba:ec:fc:a8:b6:00:
         a0:42:6d:b8:b4:23:37:1b:aa:74:af:87:b1:70:69:ab:8f:98:
         bb:01:92:0a:6d:80:d3:76:7c:ae:0b:fe:dd:b3:fa:2b:39:5a:
         50:33:bf:73:d6:2c:cf:d0:3e:6e:77:e7:ca:bd:3f:7a:86:90:
         7a:53:b2:09:20:48:5e:bb:0a:ad:ad:ea:e5:84:d3:2c:fe:d0:
         9d:26:a9:0f:1b:37:74:d2:69:31:35:1a:18:e4:93:47:24:f9:
         fe:e5:bc:40:d9:5c:86:d2:fd:c1:fb:0d:45:ce:62:b1:f8:dc:
         60:28:cc:06:ef:18:f2:1e:cd:72:f8:5e:31:db:31:ba:ee:15:
         04:97:95:ec:35:24:3d:8a:97:91:df:34:0e:37:5b:db:85:f3:
         eb:ba:21:2d:e7:8b:cb:17:79:bf:67:fb:e3:e4:6a:c8:5a:21:
         fd:97:fe:87
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgICNp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjMwNzA4MTQzMDQ1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE5NzMxNS1kMDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzjN0YiCVZITfOIz/Zt6XObZUMc4vnfa3p2ilWzshi+GET+9HxYu/G3aTJC1P
/qiVgCn9xt/FDAxUqQlY4jnahyeUP+2jiw15VeXMKmmSFm/F6KQInFvg5Zim11Da
VLBt8vakinOwEt9783k12VrF1mxN28/flJd/TYHtIcEVcWQR8GhzUBvuW9yupbfd
6Vzg2tUt+inY0vXcNyHG4HGcbzBOeFr3DQ/5HAQoMQcGFlnDIEHv231AdImu/ZJ4
L8iNLD5qmVDv/99IIOsvWjxpYCImFblL4I/XZKsRXzRFIY6kBaYxuGer7POEW33V
53PPbqYfb9r7iYpn1uhqrOKtTQIDAQABo4IC8DCCAuwwHQYDVR0OBBYEFHHdIuea
NZEgmIlUprgSCAFmOUsxMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvM0RERDQ2NDQx
RTAxMTFFOUE1OTBDODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwegYIKwYBBQUHAQcBAf8E
azBpMCYEAgABMCADBABybfkwDAMEAXNXRgMEAXNXSAMEAHcuYwMEANJWvzA/BAIA
AjA5AwcAIAEPsBCyMBYDCQAgAQ+xMAkAAQMJAiABD7EwCQAAMBYDCQAgAQ+xMAkA
BQMJAyABD7EwCQAAMA0GCSqGSIb3DQEBCwUAA4IBAQCS+J19y3Mlxyz40aaidPvm
Px98BXA2JBPpA1MP9vR1ptN/Jt+Qlulz6nKGPpnfEpgwu8ywcIy6tbUIVgmh/Oa/
hO2RPMTZavqkpyzuj93AdfM24iG67PyotgCgQm24tCM3G6p0r4excGmrj5i7AZIK
bYDTdnyuC/7ds/orOVpQM79z1izP0D5ud+fKvT96hpB6U7IJIEheuwqtrerlhNMs
/tCdJqkPGzd00mkxNRoY5JNHJPn+5bxA2VyG0v3B+w1FzmKx+NxgKMwG7xjyHs1y
+F4x2zG67hUEl5XsNSQ9ipeR3zQON1vbhfPruiEt54vLF3m/Z/vj5GrIWiH9l/6H
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org