Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/069F98221CDD11EFB995BF87C4F9AE02.roa
File:                     069F98221CDD11EFB995BF87C4F9AE02.roa (raw, json)
Hash identifier:          sXtws7TA5RAsAbzIBJdNCiQaxedvID1DpIVJtM++TKM=
Subject key identifier:   50:A8:4A:B1:8B:D1:A3:C8:68:3C:2C:F3:45:E9:22:B6:1E:30:39:EB
Certificate issuer:       /CN=A91705D7/serialNumber=AA4405B1BFA96C9C69B029033EF481D8F58A77E5
Certificate serial:       11
Authority key identifier: AA:44:05:B1:BF:A9:6C:9C:69:B0:29:03:3E:F4:81:D8:F5:8A:77:E5
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qkQFsb-pbJxpsCkDPvSB2PWKd-U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/069F98221CDD11EFB995BF87C4F9AE02.roa
Signing time:             Sat 01 Jun 2024 06:54:50 +0000
ROA not before:           Sat 01 Jun 2024 06:54:50 +0000
ROA not after:            Sun 31 Aug 2025 00:00:00 +0000
asID:                     133112
IP address blocks:        160.20.116.0/23 maxlen: 23
                          160.20.116.0/24 maxlen: 24
                          160.20.117.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 29 Jun 2024 09:21:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17 (0x11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91705D7/serialNumber=AA4405B1BFA96C9C69B029033EF481D8F58A77E5
        Validity
            Not Before: Jun  1 06:54:50 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=665ac5b9-523f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:05:7c:a6:71:99:ef:ac:d3:0e:1b:72:27:a0:
                    12:68:60:72:30:8a:84:4d:06:14:5a:92:34:27:03:
                    32:aa:50:40:a2:c5:5e:72:8a:64:b6:f4:7b:a2:d9:
                    5d:ff:98:d2:db:b7:a9:dc:45:da:84:97:0f:78:dc:
                    54:c3:d5:9c:5b:e0:25:9c:52:7f:06:8c:d2:61:71:
                    43:4c:3d:95:a3:d6:02:7a:ec:7e:e9:67:56:a7:f3:
                    66:69:03:fb:1c:c4:33:dc:79:2b:ff:8a:b1:95:12:
                    e8:fa:cf:7c:4f:6b:92:35:df:87:73:14:92:66:1a:
                    23:54:99:1a:fc:13:fc:48:f8:64:fd:94:a0:9d:8c:
                    de:89:0d:36:33:80:50:6f:62:22:30:42:c4:23:2b:
                    9d:32:1a:a4:bf:d7:63:eb:45:1c:e8:93:d6:bc:03:
                    7f:81:af:64:6f:86:3b:b6:26:2e:a0:b8:6d:96:d4:
                    33:07:90:54:9b:48:b7:b4:4f:74:58:95:c0:37:ef:
                    6c:4d:19:eb:f0:37:dc:29:0c:74:b8:11:47:1c:d8:
                    0c:53:cd:3f:ed:c4:1a:c4:b8:7b:bd:fb:63:fa:11:
                    16:01:b6:8a:36:0d:36:71:e2:49:0d:ef:9f:88:fb:
                    50:6d:bb:ee:28:7c:4a:23:1c:ed:b8:5a:4f:17:ef:
                    6a:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:A8:4A:B1:8B:D1:A3:C8:68:3C:2C:F3:45:E9:22:B6:1E:30:39:EB
            X509v3 Authority Key Identifier:
                keyid:AA:44:05:B1:BF:A9:6C:9C:69:B0:29:03:3E:F4:81:D8:F5:8A:77:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/qkQFsb-pbJxpsCkDPvSB2PWKd-U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/qkQFsb-pbJxpsCkDPvSB2PWKd-U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91705D7/96A36AA816D811EFBF901E5FC4F9AE02/069F98221CDD11EFB995BF87C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.20.116.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7c:99:06:f6:e4:bb:15:8e:40:37:62:10:b9:9f:ce:ca:91:e9:
         c0:cd:cd:2e:35:d5:f1:28:39:c8:67:50:43:e3:b4:5b:24:98:
         61:79:da:2d:34:f3:e2:a9:a9:86:ea:8b:f4:01:ac:d8:a1:ec:
         59:c2:52:8b:c1:6c:9e:8f:ae:fd:37:06:9a:83:ff:46:50:00:
         30:63:8e:c4:ce:af:aa:9b:dd:69:08:61:67:76:d3:a1:e5:e1:
         8b:0b:50:d1:8f:7a:77:e6:c4:77:dd:2a:af:7f:be:0a:08:08:
         05:17:fd:8c:fb:53:b7:d5:e1:7f:2d:30:03:78:0b:ba:ae:2b:
         e1:c1:4d:9a:c1:47:a5:7d:a2:57:9f:bf:ae:eb:e5:4a:1c:1f:
         25:1a:cf:8d:26:75:be:31:00:48:ac:2f:f5:07:a1:ea:23:79:
         e5:3a:53:15:de:90:7e:8c:83:30:27:11:62:91:9e:4e:bc:1d:
         09:53:44:8b:04:b7:bf:ed:2c:03:46:40:6e:e0:bd:0f:b2:c8:
         58:f5:95:cf:73:1d:13:9b:31:b6:45:d3:7a:da:b2:48:57:5e:
         79:71:c5:f0:17:2a:86:38:ae:46:b4:5e:c4:50:84:b1:35:f4:
         f7:4b:f4:b9:b8:cd:1a:d6:0a:7d:8b:15:2f:03:fc:cc:a3:96:
         28:0e:49:66
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MDVENzExMC8GA1UEBRMoQUE0NDA1QjFCRkE5NkM5QzY5QjAyOTAzM0VGNDgxRDhG
NThBNzdFNTAeFw0yNDA2MDEwNjU0NTBaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NWFjNWI5LTUyM2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDnBXymcZnvrNMOG3InoBJoYHIwioRNBhRakjQnAzKqUECixV5yimS29Hui2V3/
mNLbt6ncRdqElw943FTD1Zxb4CWcUn8GjNJhcUNMPZWj1gJ67H7pZ1an82ZpA/sc
xDPceSv/irGVEuj6z3xPa5I134dzFJJmGiNUmRr8E/xI+GT9lKCdjN6JDTYzgFBv
YiIwQsQjK50yGqS/12PrRRzok9a8A3+Br2Rvhju2Ji6guG2W1DMHkFSbSLe0T3RY
lcA372xNGevwN9wpDHS4EUcc2AxTzT/txBrEuHu9+2P6ERYBtoo2DTZx4kkN75+I
+1Btu+4ofEojHO24Wk8X72pJAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUUKhKsYvR
o8hoPCzzRekith4wOeswHwYDVR0jBBgwFoAUqkQFsb+pbJxpsCkDPvSB2PWKd+Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwNUQ3Lzk2QTM2QUE4MTZE
ODExRUZCRjkwMUU1RkM0RjlBRTAyL3FrUUZzYi1wYkp4cHNDa0RQdlNCMlBXS2Qt
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvcWtRRnNiLXBiSnhwc0NrRFB2U0IyUFdLZC1VLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MDVENy85NkEzNkFBODE2RDgxMUVGQkY5MDFFNUZDNEY5QUUwMi8wNjlGOTgyMjFD
REQxMUVGQjk5NUJGODdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaAUdDANBgkqhkiG9w0BAQsFAAOCAQEAfJkG9uS7FY5AN2IQ
uZ/OypHpwM3NLjXV8Sg5yGdQQ+O0WySYYXnaLTTz4qmphuqL9AGs2KHsWcJSi8Fs
no+u/TcGmoP/RlAAMGOOxM6vqpvdaQhhZ3bToeXhiwtQ0Y96d+bEd90qr3++CggI
BRf9jPtTt9Xhfy0wA3gLuq4r4cFNmsFHpX2iV5+/ruvlShwfJRrPjSZ1vjEASKwv
9Qeh6iN55TpTFd6QfoyDMCcRYpGeTrwdCVNEiwS3v+0sA0ZAbuC9D7LIWPWVz3Md
E5sxtkXTetqySFdeeXHF8BcqhjiuRrRexFCEsTX090v0ubjNGtYKfYsVLwP8zKOW
KA5JZg==
-----END CERTIFICATE-----
Generated at Sat Jun 29 10:59:24 2024 by rpki-client on console-ams.rpki-client.org