Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/ACA389F02A4111EBA1B1BB3DC4F9AE02.roa
File:                     ACA389F02A4111EBA1B1BB3DC4F9AE02.roa (raw, json)
Hash identifier:          lEn6qZpZAwTZUZQg048EV6tx0c0jsjyq013z3w/S0LY=
Subject key identifier:   14:67:38:94:4C:31:10:34:9D:FA:06:89:25:97:98:0F:09:A2:0C:21
Certificate issuer:       /CN=A914DC5D/serialNumber=20F2531A7BA8212D2BB0900D576372D33F846928
Certificate serial:       0659
Authority key identifier: 20:F2:53:1A:7B:A8:21:2D:2B:B0:90:0D:57:63:72:D3:3F:84:69:28
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPJTGnuoIS0rsJANV2Ny0z-EaSg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/ACA389F02A4111EBA1B1BB3DC4F9AE02.roa
Signing time:             Thu 20 Jul 2023 22:39:42 +0000
ROA not before:           Thu 20 Jul 2023 22:39:42 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     133163
IP address blocks:        203.151.10.0/24 maxlen: 24
                          203.151.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 09 Sep 2024 11:02:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1625 (0x659)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914DC5D/serialNumber=20F2531A7BA8212D2BB0900D576372D33F846928
        Validity
            Not Before: Jul 20 22:39:42 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=64b9b7ad-c5c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:4f:84:e8:b1:4a:b4:a1:a6:1a:18:b0:93:d4:
                    3b:5b:27:00:8f:78:28:7a:8e:3c:e5:8e:30:bf:f7:
                    cd:c4:13:4f:c1:08:54:e4:d5:38:9e:b3:64:5d:ac:
                    f4:f0:9c:b4:6b:8b:96:12:c8:84:e0:e4:9d:b2:13:
                    9c:c5:90:6a:b4:0f:ff:02:d8:e1:e3:12:9c:35:50:
                    e8:9a:36:64:2f:61:2a:e7:93:5e:5e:f3:bc:e1:1a:
                    41:54:b2:e9:8b:21:0b:30:ff:d6:4f:b5:35:67:5d:
                    b8:5d:fb:23:91:df:a9:94:58:d0:48:be:86:95:cd:
                    7f:5f:fe:9d:e2:af:9c:36:a5:30:7f:14:78:50:8a:
                    c9:15:2a:b9:c8:33:d2:25:0b:18:c1:fc:99:58:81:
                    33:43:01:ea:2f:86:40:fa:cf:22:16:c2:7a:7e:87:
                    d0:11:4d:c6:ad:ca:ee:8c:08:83:8b:4c:6b:26:bf:
                    5d:6c:eb:4f:aa:74:83:eb:25:ab:d2:6f:0f:7d:69:
                    e0:c6:f3:be:db:4a:61:da:25:eb:2d:0e:be:55:66:
                    4e:37:28:28:de:b0:30:d4:9a:4b:8b:70:74:8d:e6:
                    06:35:de:38:41:63:f8:17:19:02:05:cb:c9:42:62:
                    b0:ab:17:35:4f:86:34:1b:56:54:1b:7f:90:51:fb:
                    49:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:67:38:94:4C:31:10:34:9D:FA:06:89:25:97:98:0F:09:A2:0C:21
            X509v3 Authority Key Identifier:
                keyid:20:F2:53:1A:7B:A8:21:2D:2B:B0:90:0D:57:63:72:D3:3F:84:69:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/IPJTGnuoIS0rsJANV2Ny0z-EaSg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPJTGnuoIS0rsJANV2Ny0z-EaSg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/ACA389F02A4111EBA1B1BB3DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.151.10.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:fa:03:3f:61:7a:21:2c:ae:c2:6e:24:17:b4:aa:c2:17:94:
         f9:19:e4:5d:27:09:71:62:00:2d:a4:dd:54:9f:22:8c:30:7f:
         6f:f2:56:f1:a0:25:13:bd:7c:ea:9e:11:15:87:df:17:00:36:
         97:f3:ed:00:35:8c:a0:38:2e:27:93:cb:f4:cd:15:9d:82:47:
         ba:bf:29:f9:d3:9a:89:71:7c:43:3e:24:2d:f3:21:70:7c:ab:
         6f:c6:cd:91:95:0a:08:c0:08:e7:3a:2f:f7:35:51:a4:cb:5a:
         a5:ea:43:e7:76:6c:1a:97:ff:d3:c7:1c:dd:2d:53:e5:17:0e:
         4b:87:10:89:47:66:84:2a:17:71:25:ba:72:27:3d:2b:eb:aa:
         c4:c0:3a:a3:10:2b:92:a8:61:3a:53:d9:b9:55:de:e4:77:12:
         18:ee:fb:6f:1c:fb:26:37:83:47:f2:53:83:96:7e:95:08:9b:
         d4:d1:41:86:54:00:75:d6:25:a9:4d:7f:1c:80:57:5c:be:bc:
         6d:96:58:47:d7:09:12:53:c5:7c:6b:06:e9:13:e5:7e:df:0a:
         56:02:24:6c:33:51:de:c0:15:b6:4b:9a:3b:85:ad:05:2a:fa:
         8d:0a:b2:05:9e:8c:e6:42:85:41:ea:b4:33:40:2f:5c:91:89:
         e0:d4:a6:89
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBlkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NERDNUQxMTAvBgNVBAUTKDIwRjI1MzFBN0JBODIxMkQyQkIwOTAwRDU3NjM3MkQz
M0Y4NDY5MjgwHhcNMjMwNzIwMjIzOTQyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGI5YjdhZC1jNWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA10+E6LFKtKGmGhiwk9Q7WycAj3goeo485Y4wv/fNxBNPwQhU5NU4nrNkXaz0
8Jy0a4uWEsiE4OSdshOcxZBqtA//Atjh4xKcNVDomjZkL2Eq55NeXvO84RpBVLLp
iyELMP/WT7U1Z124Xfsjkd+plFjQSL6Glc1/X/6d4q+cNqUwfxR4UIrJFSq5yDPS
JQsYwfyZWIEzQwHqL4ZA+s8iFsJ6fofQEU3GrcrujAiDi0xrJr9dbOtPqnSD6yWr
0m8PfWngxvO+20ph2iXrLQ6+VWZONygo3rAw1JpLi3B0jeYGNd44QWP4FxkCBcvJ
QmKwqxc1T4Y0G1ZUG3+QUftJSQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBRnOJRM
MRA0nfoGiSWXmA8JogwhMB8GA1UdIwQYMBaAFCDyUxp7qCEtK7CQDVdjctM/hGko
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REM1RC8zOUU3MTQ2QzJB
MzMxMUVCOTI5REMwN0NDNEY5QUUwMi9JUEpUR251b0lTMHJzSkFOVjJOeTB6LUVh
U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lQSlRHbnVvSVMwcnNKQU5WMk55MHotRWFTZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NERDNUQvMzlFNzE0NkMyQTMzMTFFQjkyOURDMDdDQzRGOUFFMDIvQUNBMzg5RjAy
QTQxMTFFQkExQjFCQjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHLlwowDQYJKoZIhvcNAQELBQADggEBAAX6Az9heiEsrsJu
JBe0qsIXlPkZ5F0nCXFiAC2k3VSfIowwf2/yVvGgJRO9fOqeERWH3xcANpfz7QA1
jKA4LieTy/TNFZ2CR7q/KfnTmolxfEM+JC3zIXB8q2/GzZGVCgjACOc6L/c1UaTL
WqXqQ+d2bBqX/9PHHN0tU+UXDkuHEIlHZoQqF3ElunInPSvrqsTAOqMQK5KoYTpT
2blV3uR3Ehju+28c+yY3g0fyU4OWfpUIm9TRQYZUAHXWJalNfxyAV1y+vG2WWEfX
CRJTxXxrBukT5X7fClYCJGwzUd7AFbZLmjuFrQUq+o0KsgWejOZChUHqtDNAL1yR
ieDUpok=
-----END CERTIFICATE-----
Generated at Mon Sep 9 15:05:13 2024 by rpki-client on console-ams.rpki-client.org