Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/648C35AC005B11EEA776642CC4F9AE02.roa
File:                     648C35AC005B11EEA776642CC4F9AE02.roa (raw, json)
Hash identifier:          SVqkKNmh+NS8K4IxB0EvHXU+XvphPElVtHSRyzwxxaI=
Subject key identifier:   B5:3B:E3:E9:B4:47:B8:8A:7E:33:CC:96:E5:51:AA:01:B6:5F:F9:CE
Certificate issuer:       /CN=A916B837/serialNumber=F5522DE313844E96E3EBF38034ECA09BE2AA0AD5
Certificate serial:       01E9
Authority key identifier: F5:52:2D:E3:13:84:4E:96:E3:EB:F3:80:34:EC:A0:9B:E2:AA:0A:D5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9VIt4xOETpbj6_OANOygm-KqCtU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/648C35AC005B11EEA776642CC4F9AE02.roa
Signing time:             Thu 01 Jun 2023 09:05:02 +0000
ROA not before:           Thu 01 Jun 2023 09:05:02 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     151338
IP address blocks:        2400:70e0:bab::/48 maxlen: 48
                          2400:70e0:b000::/48 maxlen: 48
                          2400:70e0:ff00::/40 maxlen: 48

Validation:               Failed, certificate revoked on Thu 06 Jul 2023 07:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 489 (0x1e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916B837/serialNumber=F5522DE313844E96E3EBF38034ECA09BE2AA0AD5
        Validity
            Not Before: Jun  1 09:05:02 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=64785f3e-b0d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:cb:d7:bb:85:d8:6f:68:57:2f:6d:30:42:be:
                    5e:31:be:91:ab:c3:cd:c7:b0:09:14:2d:f0:b8:d5:
                    25:72:b0:eb:a4:f5:85:99:84:85:11:22:f6:50:07:
                    c2:3b:4d:70:d2:41:81:b5:62:77:7f:c9:f1:8d:6f:
                    58:e9:7e:b4:01:43:4a:34:d1:02:ae:3b:c1:dc:36:
                    73:a6:b0:7c:17:75:86:93:d8:55:8f:fd:79:80:b9:
                    63:75:4a:ab:08:3d:6e:b0:28:f4:4c:01:ec:b5:a4:
                    7b:97:b4:44:b7:9d:d7:3e:47:52:91:fe:1b:cf:13:
                    70:74:a8:f7:7e:30:cc:94:9c:9b:91:e7:0c:77:14:
                    71:36:a7:ea:e9:80:05:08:35:e4:29:a3:61:a0:ac:
                    84:80:7b:b4:f1:45:5b:83:47:66:79:6b:7e:00:b8:
                    88:2c:17:7c:bf:03:61:38:f6:e2:6e:74:54:59:d7:
                    b4:9c:4b:e4:71:52:71:e1:60:ea:cf:cf:d3:c1:95:
                    23:be:f2:c1:38:2e:e8:1e:b4:2c:80:99:6a:4d:f3:
                    74:09:36:ae:c4:61:75:ab:eb:08:27:7a:37:eb:f2:
                    52:0f:fd:1e:ab:5f:2e:81:90:79:d8:a7:48:be:17:
                    e9:3e:26:c2:56:85:9f:17:c4:7f:6a:38:ee:4a:4a:
                    be:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:3B:E3:E9:B4:47:B8:8A:7E:33:CC:96:E5:51:AA:01:B6:5F:F9:CE
            X509v3 Authority Key Identifier:
                keyid:F5:52:2D:E3:13:84:4E:96:E3:EB:F3:80:34:EC:A0:9B:E2:AA:0A:D5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/9VIt4xOETpbj6_OANOygm-KqCtU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9VIt4xOETpbj6_OANOygm-KqCtU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/648C35AC005B11EEA776642CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:70e0:bab::/48
                  2400:70e0:b000::/48
                  2400:70e0:ff00::/40

    Signature Algorithm: sha256WithRSAEncryption
         4e:30:6e:ed:45:72:1c:61:5f:53:32:8d:79:1e:a4:cc:ef:64:
         ad:f5:f6:5c:a1:a1:dd:bc:12:65:59:d3:5d:c1:5e:a6:03:91:
         9f:90:64:db:74:5a:0c:9a:4e:d9:b1:b0:6a:8c:be:7c:af:0b:
         fc:1c:51:9d:b1:57:8a:2d:79:22:4b:e7:74:48:1e:96:cc:ab:
         35:0c:14:d0:c4:40:79:d9:e7:74:c8:a2:f7:f6:38:92:8e:44:
         f0:3b:6a:87:fd:0e:54:4b:ac:0c:6f:b3:98:10:be:92:05:8e:
         bc:a2:28:f0:69:0c:96:b6:39:ac:86:4b:eb:72:c9:d6:09:58:
         95:51:be:0a:11:64:1a:e0:5b:74:05:2c:60:11:c5:e9:d0:7e:
         2d:55:45:ac:b0:e2:02:6a:13:f2:c7:f5:33:5a:d5:7a:b7:4a:
         10:60:4c:65:78:0c:ae:5b:75:7b:9c:da:c6:96:37:6a:4e:b0:
         52:ac:b3:b0:d5:b6:a0:1e:62:27:f1:fa:92:a6:d6:c2:50:ca:
         77:f7:5a:ae:c1:fb:af:fd:49:59:7f:6f:13:d7:7b:69:b9:6a:
         99:a4:21:a9:14:63:12:45:c2:0f:d7:74:1e:dd:dd:9b:94:5d:
         46:25:e1:2c:a4:ec:99:4f:fa:e9:c2:a1:d2:9b:06:6e:6b:91:
         7a:e8:fd:69
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICAekwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkI4MzcxMTAvBgNVBAUTKEY1NTIyREUzMTM4NDRFOTZFM0VCRjM4MDM0RUNBMDlC
RTJBQTBBRDUwHhcNMjMwNjAxMDkwNTAyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc4NWYzZS1iMGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp8vXu4XYb2hXL20wQr5eMb6Rq8PNx7AJFC3wuNUlcrDrpPWFmYSFESL2UAfC
O01w0kGBtWJ3f8nxjW9Y6X60AUNKNNECrjvB3DZzprB8F3WGk9hVj/15gLljdUqr
CD1usCj0TAHstaR7l7REt53XPkdSkf4bzxNwdKj3fjDMlJybkecMdxRxNqfq6YAF
CDXkKaNhoKyEgHu08UVbg0dmeWt+ALiILBd8vwNhOPbibnRUWde0nEvkcVJx4WDq
z8/TwZUjvvLBOC7oHrQsgJlqTfN0CTauxGF1q+sIJ3o36/JSD/0eq18ugZB52KdI
vhfpPibCVoWfF8R/ajjuSkq+gQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFLU74+m0
R7iKfjPMluVRqgG2X/nOMB8GA1UdIwQYMBaAFPVSLeMThE6W4+vzgDTsoJviqgrV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjgzNy85RDkwQUI2MkMx
NUExMUVDQTQ0RjUzNjBDNEY5QUUwMi85Vkl0NHhPRVRwYmo2X09BTk95Z20tS3FD
dFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlWSXQ0eE9FVHBiajZfT0FOT3lnbS1LcUN0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkI4MzcvOUQ5MEFCNjJDMTVBMTFFQ0E0NEY1MzYwQzRGOUFFMDIvNjQ4QzM1QUMw
MDVCMTFFRUE3NzY2NDJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgACMBoDBwAkAHDgC6sDBwAkAHDgsAADBgAkAHDg/zANBgkqhkiG9w0B
AQsFAAOCAQEATjBu7UVyHGFfUzKNeR6kzO9krfX2XKGh3bwSZVnTXcFepgORn5Bk
23RaDJpO2bGwaoy+fK8L/BxRnbFXii15IkvndEgelsyrNQwU0MRAednndMii9/Y4
ko5E8Dtqh/0OVEusDG+zmBC+kgWOvKIo8GkMlrY5rIZL63LJ1glYlVG+ChFkGuBb
dAUsYBHF6dB+LVVFrLDiAmoT8sf1M1rVerdKEGBMZXgMrlt1e5zaxpY3ak6wUqyz
sNW2oB5iJ/H6kqbWwlDKd/darsH7r/1JWX9vE9d7ablqmaQhqRRjEkXCD9d0Ht3d
m5RdRiXhLKTsmU/66cKh0psGbmuReuj9aQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org