Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9148C7B/5BFCFF8CD63011EA940DA039C4F9AE02/8D8D8F5A615B11ECAC75D44DC4F9AE02.roa
File:                     8D8D8F5A615B11ECAC75D44DC4F9AE02.roa (raw, json)
Hash identifier:          xWY7POePY66IsMoH66O4OPTyK56iDzWWTGQwpm87gjw=
Subject key identifier:   2A:72:BF:E3:DB:85:0E:0C:31:5F:9F:2D:CB:B4:B1:04:06:36:6D:10
Certificate issuer:       /CN=A9148C7B/serialNumber=7F79665E63BF3CD56DC24A0A70D57F9A942DD1B8
Certificate serial:       0742
Authority key identifier: 7F:79:66:5E:63:BF:3C:D5:6D:C2:4A:0A:70:D5:7F:9A:94:2D:D1:B8
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/f3lmXmO_PNVtwkoKcNV_mpQt0bg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9148C7B/5BFCFF8CD63011EA940DA039C4F9AE02/8D8D8F5A615B11ECAC75D44DC4F9AE02.roa
Signing time:             Thu 12 Oct 2023 15:00:51 +0000
ROA not before:           Thu 12 Oct 2023 15:00:51 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     38742
IP address blocks:        23.88.194.0/24 maxlen: 24
                          23.88.195.0/24 maxlen: 24
                          23.88.196.0/24 maxlen: 24
                          23.88.197.0/24 maxlen: 24
                          23.88.198.0/24 maxlen: 24
                          23.88.199.0/24 maxlen: 24
                          23.88.200.0/24 maxlen: 24
                          23.88.201.0/24 maxlen: 24
                          23.88.202.0/24 maxlen: 24
                          23.88.203.0/24 maxlen: 24
                          23.88.204.0/24 maxlen: 24
                          23.88.205.0/24 maxlen: 24
                          23.88.206.0/24 maxlen: 24
                          23.88.207.0/24 maxlen: 24
                          23.88.208.0/24 maxlen: 24
                          23.88.209.0/24 maxlen: 24
                          23.88.210.0/24 maxlen: 24
                          23.88.211.0/24 maxlen: 24
                          23.88.212.0/22 maxlen: 22
                          23.88.212.0/24 maxlen: 24
                          23.88.213.0/24 maxlen: 24
                          23.88.214.0/24 maxlen: 24
                          23.88.215.0/24 maxlen: 24
                          23.88.216.0/22 maxlen: 22
                          23.88.216.0/24 maxlen: 24
                          23.88.217.0/24 maxlen: 24
                          23.88.218.0/24 maxlen: 24
                          23.88.219.0/24 maxlen: 24
                          23.88.220.0/22 maxlen: 22
                          23.88.220.0/24 maxlen: 24
                          23.88.221.0/24 maxlen: 24
                          152.36.192.0/24 maxlen: 24
                          152.36.194.0/24 maxlen: 24
                          152.36.195.0/24 maxlen: 24
                          152.36.200.0/24 maxlen: 24
                          152.36.202.0/24 maxlen: 24
                          152.36.206.0/24 maxlen: 24
                          152.36.207.0/24 maxlen: 24
                          152.36.209.0/24 maxlen: 24
                          152.36.210.0/24 maxlen: 24
                          152.36.216.0/24 maxlen: 24
                          152.36.217.0/24 maxlen: 24
                          152.36.218.0/24 maxlen: 24
                          152.36.219.0/24 maxlen: 24
                          152.36.220.0/24 maxlen: 24
                          152.36.221.0/24 maxlen: 24
                          152.36.222.0/24 maxlen: 24
                          152.36.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 19 May 2024 14:08:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1858 (0x742)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9148C7B/serialNumber=7F79665E63BF3CD56DC24A0A70D57F9A942DD1B8
        Validity
            Not Before: Oct 12 15:00:51 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=65280a23-0dac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fd:c1:80:cc:0c:66:7b:09:c0:df:52:9c:3c:
                    a5:d2:11:f6:8c:2a:42:8f:c1:46:2c:49:2c:45:2b:
                    24:a7:0e:13:6e:4a:50:62:da:fd:56:74:0a:9d:70:
                    85:e6:d8:6b:44:d8:57:c4:1c:34:51:e6:c3:85:fd:
                    a4:81:58:31:c8:a6:c8:6c:fc:7c:36:38:5d:bd:98:
                    76:d4:12:ae:94:73:3e:ab:f6:e4:6f:eb:5f:9c:26:
                    21:03:82:fe:7e:be:10:d5:bd:ea:10:4c:d1:33:68:
                    64:a4:ea:94:c7:20:33:30:30:22:0f:a9:25:79:39:
                    15:2b:07:75:a7:9c:eb:8a:fa:3e:8d:c7:ce:94:13:
                    45:83:35:85:af:48:e1:0e:94:a6:f4:34:c5:b2:a4:
                    c4:e0:07:2d:36:90:8d:86:5d:c0:94:14:a2:6c:d0:
                    bf:b2:1d:68:fc:37:57:60:2a:03:fe:b6:c2:6f:09:
                    9e:6d:fc:5a:9b:fe:fb:c5:7b:a4:7e:90:6f:6f:59:
                    63:97:af:a8:e1:60:22:8b:02:43:b0:fd:85:3c:4a:
                    e5:ae:2a:30:d0:5f:91:66:84:8f:6c:9f:c4:1d:78:
                    0d:c0:ae:08:6b:2e:cd:51:2a:20:31:35:4d:dc:bf:
                    5d:af:27:a9:fb:e3:75:a9:65:6f:10:e0:aa:a6:08:
                    79:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:72:BF:E3:DB:85:0E:0C:31:5F:9F:2D:CB:B4:B1:04:06:36:6D:10
            X509v3 Authority Key Identifier:
                keyid:7F:79:66:5E:63:BF:3C:D5:6D:C2:4A:0A:70:D5:7F:9A:94:2D:D1:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9148C7B/5BFCFF8CD63011EA940DA039C4F9AE02/f3lmXmO_PNVtwkoKcNV_mpQt0bg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/f3lmXmO_PNVtwkoKcNV_mpQt0bg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148C7B/5BFCFF8CD63011EA940DA039C4F9AE02/8D8D8F5A615B11ECAC75D44DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.88.194.0-23.88.223.255
                  152.36.192.0/24
                  152.36.194.0/23
                  152.36.200.0/24
                  152.36.202.0/24
                  152.36.206.0/23
                  152.36.209.0-152.36.210.255
                  152.36.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3c:4d:22:22:84:bb:ff:47:6b:bb:58:b7:08:a0:e2:85:65:ab:
         d1:0e:40:e5:1d:ec:52:1f:b0:b7:59:15:c8:0c:ee:3b:fb:58:
         e3:00:30:46:0f:bb:71:62:13:2a:3a:66:53:e7:92:4d:a8:af:
         e5:bf:b7:af:99:45:eb:a0:96:cf:46:90:c6:ff:e6:79:30:b9:
         32:2f:2e:5f:74:23:44:67:9c:23:31:39:a4:7b:3e:bc:69:95:
         f2:f8:8c:2c:94:30:03:e8:a8:18:10:52:7f:d3:5f:88:c3:af:
         ce:18:30:56:ea:5b:f5:42:e5:c1:f3:5c:0a:62:a2:2d:a7:7e:
         f5:1c:8f:12:2e:2e:60:b8:8c:7d:c9:61:25:39:4e:41:b2:5f:
         9c:3a:02:dd:0f:61:c2:93:09:86:97:5b:0a:9b:67:ef:27:96:
         7d:22:20:85:ca:95:a5:70:b4:04:d3:84:66:d7:06:24:7a:e4:
         80:ed:57:ba:0e:0d:11:cd:60:bf:dd:94:20:c4:d1:7f:9f:d0:
         dc:83:89:c8:46:68:0f:b3:7e:17:fd:fa:39:a3:c0:bf:e4:bc:
         18:c2:0a:a9:21:95:fe:e3:9a:1d:fa:bc:0b:d9:30:90:3c:4d:
         41:d9:59:df:8e:c4:0c:32:5d:b9:73:3a:85:e5:1f:08:4b:2a:
         74:66:56:b7
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICB0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhDN0IxMTAvBgNVBAUTKDdGNzk2NjVFNjNCRjNDRDU2REMyNEEwQTcwRDU3RjlB
OTQyREQxQjgwHhcNMjMxMDEyMTUwMDUxWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI4MGEyMy0wZGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt/3BgMwMZnsJwN9SnDyl0hH2jCpCj8FGLEksRSskpw4TbkpQYtr9VnQKnXCF
5thrRNhXxBw0UebDhf2kgVgxyKbIbPx8NjhdvZh21BKulHM+q/bkb+tfnCYhA4L+
fr4Q1b3qEEzRM2hkpOqUxyAzMDAiD6kleTkVKwd1p5zrivo+jcfOlBNFgzWFr0jh
DpSm9DTFsqTE4ActNpCNhl3AlBSibNC/sh1o/DdXYCoD/rbCbwmebfxam/77xXuk
fpBvb1ljl6+o4WAiiwJDsP2FPErlriow0F+RZoSPbJ/EHXgNwK4Iay7NUSogMTVN
3L9dryep++N1qWVvEOCqpgh5bwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFCpyv+Pb
hQ4MMV+fLcu0sQQGNm0QMB8GA1UdIwQYMBaAFH95Zl5jvzzVbcJKCnDVf5qULdG4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEM3Qi81QkZDRkY4Q0Q2
MzAxMUVBOTQwREEwMzlDNEY5QUUwMi9mM2xtWG1PX1BOVnR3a29LY05WX21wUXQw
YmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2YzbG1YbU9fUE5WdHdrb0tjTlZfbXBRdDBiZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhDN0IvNUJGQ0ZGOENENjMwMTFFQTk0MERBMDM5QzRGOUFFMDIvOEQ4RDhGNUE2
MTVCMTFFQ0FDNzVENDREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEAwDAMEARdYwgMEBRdYwAMEAJgkwAMEAZgkwgMEAJgkyAMEAJgk
ygMEAZgkzjAMAwQAmCTRAwQAmCTSAwQDmCTYMA0GCSqGSIb3DQEBCwUAA4IBAQA8
TSIihLv/R2u7WLcIoOKFZavRDkDlHexSH7C3WRXIDO47+1jjADBGD7txYhMqOmZT
55JNqK/lv7evmUXroJbPRpDG/+Z5MLkyLy5fdCNEZ5wjMTmkez68aZXy+IwslDAD
6KgYEFJ/01+Iw6/OGDBW6lv1QuXB81wKYqItp371HI8SLi5guIx9yWElOU5Bsl+c
OgLdD2HCkwmGl1sKm2fvJ5Z9IiCFypWlcLQE04Rm1wYkeuSA7Ve6Dg0RzWC/3ZQg
xNF/n9Dcg4nIRmgPs34X/fo5o8C/5LwYwgqpIZX+45od+rwL2TCQPE1B2VnfjsQM
Ml25czqF5R8ISyp0Zla3
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org