Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915B50D/E682683C7BBC11EF92EE1A66C4F9AE02/3E50121C7BBD11EF976CD066C4F9AE02.roa
File:                     3E50121C7BBD11EF976CD066C4F9AE02.roa (raw, json)
Hash identifier:          oFh5SFkI2EeGP+FxZetZQc0v1P8G1i9tiIqxbAQhiPY=
Subject key identifier:   9B:2E:16:2A:96:89:4E:1C:56:AF:EF:38:6B:BF:D2:5E:F1:4F:7A:59
Certificate issuer:       /CN=A915B50D/serialNumber=B7CF0B270A7FDB1D717AE8B979D1EE0FF88BD44F
Certificate serial:       02
Authority key identifier: B7:CF:0B:27:0A:7F:DB:1D:71:7A:E8:B9:79:D1:EE:0F:F8:8B:D4:4F
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t88LJwp_2x1xeui5edHuD_iL1E8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915B50D/E682683C7BBC11EF92EE1A66C4F9AE02/3E50121C7BBD11EF976CD066C4F9AE02.roa
Signing time:             Thu 26 Sep 2024 04:10:20 +0000
ROA not before:           Thu 26 Sep 2024 04:10:20 +0000
ROA not after:            Tue 30 Sep 2025 00:00:00 +0000
asID:                     153042
IP address blocks:        160.25.18.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 26 Sep 2024 14:19:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915B50D/serialNumber=B7CF0B270A7FDB1D717AE8B979D1EE0FF88BD44F
        Validity
            Not Before: Sep 26 04:10:20 2024 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=66f4deab-9732
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:30:d4:23:a7:f2:47:85:4d:a4:7b:ee:2d:16:
                    da:2b:56:2f:94:e0:e7:50:38:ca:15:32:76:bd:0a:
                    2f:3f:98:16:83:c9:dc:90:cb:08:f7:8b:ba:6c:52:
                    a2:0f:0e:e9:3d:88:b5:f7:a6:89:2a:2c:59:98:34:
                    2e:b9:e0:e1:98:d6:de:ce:cb:c8:ff:82:70:26:62:
                    b6:a0:fe:5b:91:87:f1:33:47:ef:15:7c:fc:10:ba:
                    d1:53:bc:b3:68:0a:e7:b7:98:1b:95:af:9d:78:1c:
                    73:18:1c:15:c0:f7:1f:42:a5:fc:1f:ca:eb:01:55:
                    a6:3a:c3:bd:21:24:40:33:e7:b7:51:43:66:eb:97:
                    8f:ce:46:70:9c:51:f2:ec:f9:00:2d:2d:7a:3b:5c:
                    01:b9:45:e7:fc:3e:7c:3c:63:44:e4:ae:1d:d9:a2:
                    86:15:01:8a:6d:68:fb:1c:69:ae:cc:2c:b3:e0:e8:
                    1c:8b:dd:bd:97:90:bf:76:eb:28:3b:e2:18:48:f3:
                    2f:01:e3:5b:8d:d2:4c:29:29:ec:55:f1:35:ec:5e:
                    68:38:b4:1e:6a:a4:61:09:3a:6a:1b:f5:32:12:4c:
                    02:9f:e9:a8:a2:b9:8f:05:46:a1:e4:b3:ef:4d:d4:
                    d5:24:4b:37:eb:e5:8b:7e:78:e4:63:df:84:be:92:
                    b0:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:2E:16:2A:96:89:4E:1C:56:AF:EF:38:6B:BF:D2:5E:F1:4F:7A:59
            X509v3 Authority Key Identifier:
                keyid:B7:CF:0B:27:0A:7F:DB:1D:71:7A:E8:B9:79:D1:EE:0F:F8:8B:D4:4F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915B50D/E682683C7BBC11EF92EE1A66C4F9AE02/t88LJwp_2x1xeui5edHuD_iL1E8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t88LJwp_2x1xeui5edHuD_iL1E8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B50D/E682683C7BBC11EF92EE1A66C4F9AE02/3E50121C7BBD11EF976CD066C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.25.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:b7:5e:72:f5:91:14:4f:71:fc:f3:59:51:4e:d3:2b:10:5d:
         60:1d:75:72:c5:3a:c5:fd:5d:cc:4b:37:ce:74:26:8e:9a:fb:
         5a:9b:f3:fb:83:6f:9a:72:8f:b9:cf:27:15:5a:a4:c0:8b:ad:
         a8:da:2b:1e:64:9a:9b:a5:31:8a:dd:c3:0d:b7:5c:aa:3c:98:
         e9:49:ba:f6:28:71:c0:87:78:1e:68:bb:d3:6e:85:2d:63:05:
         55:cc:aa:fd:e9:a7:f5:6b:0c:08:51:e4:f5:07:33:77:4b:44:
         40:a4:16:d8:d5:eb:f7:68:ef:45:dd:24:7b:25:a0:bd:39:7d:
         88:6a:c2:15:4e:f2:0b:da:b8:07:c2:6a:07:0c:95:1b:c9:02:
         5c:38:90:b4:8c:6b:d4:cf:34:de:9f:40:9d:32:fa:0b:be:ea:
         07:2f:df:63:63:09:cc:14:0d:b5:8c:9a:38:e1:91:4a:ed:5c:
         b6:2e:00:00:43:df:70:28:a9:2c:e4:d5:96:d2:fb:f6:c8:8e:
         0b:70:96:1f:be:1e:7f:1b:f6:78:9b:b6:d3:78:7e:fa:85:90:
         eb:4d:b5:bc:7e:d8:1e:16:7b:62:3c:1a:a6:b8:ae:4e:76:e1:
         9b:ef:cd:24:ef:20:bc:0a:61:2b:b2:c5:25:e0:32:3e:25:31:
         19:99:4c:f9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QjUwRDExMC8GA1UEBRMoQjdDRjBCMjcwQTdGREIxRDcxN0FFOEI5NzlEMUVFMEZG
ODhCRDQ0RjAeFw0yNDA5MjYwNDEwMjBaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZjRkZWFiLTk3MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWMNQjp/JHhU2ke+4tFtorVi+U4OdQOMoVMna9Ci8/mBaDydyQywj3i7psUqIP
Duk9iLX3pokqLFmYNC654OGY1t7Oy8j/gnAmYrag/luRh/EzR+8VfPwQutFTvLNo
Cue3mBuVr514HHMYHBXA9x9CpfwfyusBVaY6w70hJEAz57dRQ2brl4/ORnCcUfLs
+QAtLXo7XAG5Ref8Pnw8Y0Tkrh3ZooYVAYptaPscaa7MLLPg6ByL3b2XkL926yg7
4hhI8y8B41uN0kwpKexV8TXsXmg4tB5qpGEJOmob9TISTAKf6aiiuY8FRqHks+9N
1NUkSzfr5Yt+eORj34S+krDnAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUmy4WKpaJ
ThxWr+84a7/SXvFPelkwHwYDVR0jBBgwFoAUt88LJwp/2x1xeui5edHuD/iL1E8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVCNTBEL0U2ODI2ODNDN0JC
QzExRUY5MkVFMUE2NkM0RjlBRTAyL3Q4OExKd3BfMngxeGV1aTVlZEh1RF9pTDFF
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvdDg4TEp3cF8yeDF4ZXVpNWVkSHVEX2lMMUU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QjUwRC9FNjgyNjgzQzdCQkMxMUVGOTJFRTFBNjZDNEY5QUUwMi8zRTUwMTIxQzdC
QkQxMUVGOTc2Q0QwNjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAZEjANBgkqhkiG9w0BAQsFAAOCAQEAtrdecvWRFE9x/PNZ
UU7TKxBdYB11csU6xf1dzEs3znQmjpr7Wpvz+4NvmnKPuc8nFVqkwIutqNorHmSa
m6Uxit3DDbdcqjyY6Um69ihxwId4Hmi7026FLWMFVcyq/emn9WsMCFHk9Qczd0tE
QKQW2NXr92jvRd0keyWgvTl9iGrCFU7yC9q4B8JqBwyVG8kCXDiQtIxr1M803p9A
nTL6C77qBy/fY2MJzBQNtYyaOOGRSu1cti4AAEPfcCipLOTVltL79siOC3CWH74e
fxv2eJu203h++oWQ6021vH7YHhZ7YjwapriuTnbhm+/NJO8gvAphK7LFJeAyPiUx
GZlM+Q==
-----END CERTIFICATE-----
Generated at Thu Sep 26 16:12:24 2024 by rpki-client on console-fra.rpki-client.org