Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7FE57EA271C711EEA69FB30CC4F9AE02.roa
File:                     7FE57EA271C711EEA69FB30CC4F9AE02.roa (raw, json)
Hash identifier:          rukPMK1/qrkTW9CCJb0vANXJ2QmkylqF6fPkTC9SbBU=
Subject key identifier:   B1:51:56:BD:E9:14:4A:75:C6:91:ED:F1:2B:44:F2:64:D9:89:81:82
Certificate issuer:       /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial:       0522
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7FE57EA271C711EEA69FB30CC4F9AE02.roa
Signing time:             Mon 23 Oct 2023 17:13:35 +0000
ROA not before:           Mon 23 Oct 2023 17:13:35 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     146961
IP address blocks:        43.247.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 02 Dec 2023 21:53:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1314 (0x522)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
        Validity
            Not Before: Oct 23 17:13:35 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=6536a9bf-b50f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:36:ec:e1:f7:6f:93:d9:8a:8e:54:7a:cf:12:
                    d2:96:85:69:bd:d8:ec:c2:e1:6c:55:ec:57:ba:99:
                    bf:04:eb:a7:e0:fd:f6:96:dd:fa:bc:e7:4d:2a:b9:
                    f9:b7:e6:4c:ed:8f:58:81:9d:a1:d5:ec:99:a6:ce:
                    4e:4d:1d:a8:b9:cf:98:18:3b:15:62:29:61:99:4b:
                    13:23:c5:b2:94:22:71:d8:1b:86:4a:1d:f5:42:86:
                    8e:a9:27:63:cf:12:45:dd:0d:cb:a3:69:c4:5b:98:
                    8a:35:2a:d8:f6:1f:29:00:a3:7f:6f:0e:22:ec:f8:
                    9d:2a:be:34:70:a1:f6:8e:e1:a3:54:67:55:bd:f2:
                    8e:b5:13:b9:1e:43:8e:f5:48:a1:09:be:eb:28:5a:
                    e9:f3:dc:bd:fc:66:97:3f:bf:30:e9:5e:d4:ec:59:
                    8b:f1:75:ce:fb:38:d2:88:bb:17:52:d1:5e:26:7d:
                    a8:02:58:12:af:97:91:a8:a4:1b:c7:95:18:6f:d7:
                    98:50:ef:8f:aa:c7:2e:b6:e9:c9:36:c0:dd:0e:fe:
                    f7:c1:13:2c:d7:c3:01:59:4d:5a:a6:53:a2:6b:84:
                    d6:71:ec:5b:4b:74:b2:38:48:a7:cb:74:e2:7b:90:
                    65:ec:4f:f8:90:f9:55:bd:80:56:42:8c:a2:89:49:
                    f5:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:51:56:BD:E9:14:4A:75:C6:91:ED:F1:2B:44:F2:64:D9:89:81:82
            X509v3 Authority Key Identifier:
                keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7FE57EA271C711EEA69FB30CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.247.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:0f:11:1e:8c:0d:de:fa:51:71:f6:c7:36:c9:b5:ab:2d:5e:
         54:3c:15:e4:20:8e:bb:f2:be:f0:b1:ba:04:40:86:8b:a5:44:
         fa:0e:57:03:9f:8a:c9:43:f8:c6:7c:d0:94:5a:c0:34:45:aa:
         dd:7b:58:12:47:bc:c5:52:e5:40:85:d6:fe:54:17:a7:c6:8a:
         43:0e:ba:35:db:1d:02:14:59:3a:12:5b:de:99:13:8c:85:55:
         9a:79:39:a7:d7:c8:17:43:1f:8c:dd:6d:9d:c0:0c:ff:82:9d:
         b5:b8:73:60:57:96:f9:e2:37:90:79:07:0f:65:fa:1c:c7:4c:
         91:23:0f:ec:d0:7e:68:33:b3:a6:4a:97:ab:75:bd:81:5e:e5:
         c6:59:25:a4:60:3e:75:b4:77:dc:7c:60:8d:69:21:bc:d9:55:
         34:53:bf:65:bd:de:ae:b0:a4:9f:f2:3e:35:37:de:66:b3:cd:
         c7:b8:5d:5f:60:a9:fd:27:2c:98:78:24:99:35:bc:9e:88:ce:
         38:aa:2a:7b:35:54:c5:da:ef:5e:9a:69:16:c3:96:3e:f4:e9:
         d1:23:64:1f:3c:1a:10:0d:9f:57:f8:3a:2e:5c:f0:13:10:6b:
         8c:95:ea:dd:9e:16:cf:1b:61:8e:82:6b:b2:db:94:09:31:93:
         23:72:e8:5e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBSIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMxMDIzMTcxMzM1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTM2YTliZi1iNTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2jbs4fdvk9mKjlR6zxLSloVpvdjswuFsVexXupm/BOun4P32lt36vOdNKrn5
t+ZM7Y9YgZ2h1eyZps5OTR2ouc+YGDsVYilhmUsTI8WylCJx2BuGSh31QoaOqSdj
zxJF3Q3Lo2nEW5iKNSrY9h8pAKN/bw4i7PidKr40cKH2juGjVGdVvfKOtRO5HkOO
9UihCb7rKFrp89y9/GaXP78w6V7U7FmL8XXO+zjSiLsXUtFeJn2oAlgSr5eRqKQb
x5UYb9eYUO+PqscutunJNsDdDv73wRMs18MBWU1aplOia4TWcexbS3SyOEiny3Ti
e5Bl7E/4kPlVvYBWQoyiiUn1FwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLFRVr3p
FEp1xpHt8StE8mTZiYGCMB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvN0ZFNTdFQTI3
MUM3MTFFRUE2OUZCMzBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr94cwDQYJKoZIhvcNAQELBQADggEBALoPER6MDd76UXH2
xzbJtastXlQ8FeQgjrvyvvCxugRAhoulRPoOVwOfislD+MZ80JRawDRFqt17WBJH
vMVS5UCF1v5UF6fGikMOujXbHQIUWToSW96ZE4yFVZp5OafXyBdDH4zdbZ3ADP+C
nbW4c2BXlvniN5B5Bw9l+hzHTJEjD+zQfmgzs6ZKl6t1vYFe5cZZJaRgPnW0d9x8
YI1pIbzZVTRTv2W93q6wpJ/yPjU33mazzce4XV9gqf0nLJh4JJk1vJ6IzjiqKns1
VMXa716aaRbDlj706dEjZB88GhANn1f4Oi5c8BMQa4yV6t2eFs8bYY6Ca7LblAkx
kyNy6F4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:54 2024 by rpki-client on console-ams.rpki-client.org