Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/1AF10AC252B211EEACEDED38C4F9AE02.roa
File:                     1AF10AC252B211EEACEDED38C4F9AE02.roa (raw, json)
Hash identifier:          1W8gSScFQHcXt0BR7luRJKEPcDPtmLKZ+p6pBgWYb5s=
Subject key identifier:   0E:15:F1:1F:E3:B4:AE:7A:EB:5F:01:E9:00:F1:54:19:79:5A:01:56
Certificate issuer:       /CN=A9172B7E/serialNumber=A43739BB5F20C14CC5FC49E375587DB3B72237AF
Certificate serial:       12
Authority key identifier: A4:37:39:BB:5F:20:C1:4C:C5:FC:49:E3:75:58:7D:B3:B7:22:37:AF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDc5u18gwUzF_EnjdVh9s7ciN68.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/1AF10AC252B211EEACEDED38C4F9AE02.roa
Signing time:             Thu 14 Sep 2023 03:52:20 +0000
ROA not before:           Thu 14 Sep 2023 03:52:20 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     4648
IP address blocks:        27.96.24.0/21 maxlen: 21
                          27.96.26.0/24 maxlen: 24
                          27.96.30.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Oct 2023 09:42:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18 (0x12)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9172B7E/serialNumber=A43739BB5F20C14CC5FC49E375587DB3B72237AF
        Validity
            Not Before: Sep 14 03:52:20 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=65028374-560e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ce:e1:de:96:3c:e0:f1:c2:a0:45:1b:1d:e2:
                    82:20:e7:77:19:04:36:a5:5a:19:aa:c6:6d:44:93:
                    05:a6:10:0f:1d:66:b9:d7:85:9e:8d:ef:c5:cd:43:
                    7b:7e:3e:a4:7c:0e:e1:67:78:64:6e:28:89:6a:b9:
                    f4:75:f3:6f:f4:3d:9a:86:97:8c:4f:f6:62:cb:ab:
                    ba:eb:75:ae:0c:67:b3:6a:4f:68:b3:25:52:5c:c7:
                    a9:ee:33:a0:6c:2c:fc:37:5a:ff:59:fa:2c:c2:68:
                    07:67:56:b3:59:45:ae:9a:a1:e9:39:c2:3e:29:52:
                    e8:3a:42:90:fe:b1:55:a8:88:26:ec:66:f0:9c:61:
                    5b:f5:13:7c:46:6b:71:b1:58:d7:1b:68:74:ce:cc:
                    11:71:86:ac:2d:bd:ad:03:cb:a5:df:cd:f7:b7:12:
                    8f:1f:13:54:e0:5a:c2:8d:52:a5:ab:e0:cd:60:10:
                    97:16:6b:7d:4b:f9:4b:2e:21:5e:95:c9:a4:fd:c6:
                    c6:0c:bc:9c:df:bd:e0:3b:5e:51:f1:08:d3:4e:6d:
                    46:5b:24:04:df:df:6e:a2:8c:81:4b:26:0d:07:f7:
                    dd:9f:ba:48:55:28:99:22:d1:eb:2d:52:db:61:90:
                    c2:59:87:fe:2f:95:fa:ab:20:c7:aa:2a:fe:d4:25:
                    cc:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:15:F1:1F:E3:B4:AE:7A:EB:5F:01:E9:00:F1:54:19:79:5A:01:56
            X509v3 Authority Key Identifier:
                keyid:A4:37:39:BB:5F:20:C1:4C:C5:FC:49:E3:75:58:7D:B3:B7:22:37:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/pDc5u18gwUzF_EnjdVh9s7ciN68.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDc5u18gwUzF_EnjdVh9s7ciN68.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/1AF10AC252B211EEACEDED38C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.96.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1b:74:ee:e4:ac:e3:24:23:99:2a:0c:6f:86:1b:b3:b1:af:6e:
         f9:99:01:59:1d:ab:ab:db:d9:9c:a1:b9:7e:76:72:59:86:8a:
         5a:9d:b0:eb:16:06:95:b1:3f:3d:11:7b:ed:2b:15:d7:c1:d8:
         1a:16:ff:05:30:48:24:ed:9b:ca:8a:da:9b:e3:4e:ca:00:d0:
         f8:e0:94:4f:cf:63:c6:f6:e9:37:24:a6:34:71:65:9e:75:1a:
         6a:11:ee:ad:a7:b0:70:0f:31:b7:0c:b4:71:71:66:5e:4b:86:
         ad:1f:c8:3c:e7:a6:b5:3a:9e:f2:fe:de:03:34:3a:25:65:33:
         9a:ea:33:1f:ff:b1:69:0d:eb:ee:c3:b2:25:cc:3d:bf:c0:39:
         a1:78:54:c5:0d:73:d1:fd:85:8e:12:b7:b4:c5:e3:23:65:69:
         a0:03:b7:7b:a7:45:8b:f1:40:19:79:84:be:cd:04:13:aa:6c:
         44:92:a8:4a:99:03:87:2b:c8:c6:a4:26:70:77:6e:53:5a:c8:
         10:83:e6:fb:bd:2a:a3:a6:d0:46:1a:0e:34:ff:17:da:8b:f5:
         a0:6b:b5:78:e7:6a:75:dd:98:cc:27:6d:b2:b3:33:ff:ed:30:
         23:de:3b:af:c1:01:21:4b:5e:a3:da:78:7a:ff:b7:bd:5e:4c:
         c3:11:15:76
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkI3RTExMC8GA1UEBRMoQTQzNzM5QkI1RjIwQzE0Q0M1RkM0OUUzNzU1ODdEQjNC
NzIyMzdBRjAeFw0yMzA5MTQwMzUyMjBaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MDI4Mzc0LTU2MGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAzuHeljzg8cKgRRsd4oIg53cZBDalWhmqxm1EkwWmEA8dZrnXhZ6N78XNQ3t+
PqR8DuFneGRuKIlqufR182/0PZqGl4xP9mLLq7rrda4MZ7NqT2izJVJcx6nuM6Bs
LPw3Wv9Z+izCaAdnVrNZRa6aoek5wj4pUug6QpD+sVWoiCbsZvCcYVv1E3xGa3Gx
WNcbaHTOzBFxhqwtva0Dy6Xfzfe3Eo8fE1TgWsKNUqWr4M1gEJcWa31L+UsuIV6V
yaT9xsYMvJzfveA7XlHxCNNObUZbJATf326ijIFLJg0H992fukhVKJki0estUtth
kMJZh/4vlfqrIMeqKv7UJcxhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUDhXxH+O0
rnrrXwHpAPFUGXlaAVYwHwYDVR0jBBgwFoAUpDc5u18gwUzF/EnjdVh9s7ciN68w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQjdFLzczQkM3QUFDNDcx
NzExRUVBNDQ2RTM0NkM0RjlBRTAyL3BEYzV1MThnd1V6Rl9FbmpkVmg5czdjaU42
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcERjNXUxOGd3VXpGX0VuamRWaDlzN2NpTjY4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkI3RS83M0JDN0FBQzQ3MTcxMUVFQTQ0NkUzNDZDNEY5QUUwMi8xQUYxMEFDMjUy
QjIxMUVFQUNFREVEMzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAxtgGDANBgkqhkiG9w0BAQsFAAOCAQEAG3Tu5KzjJCOZKgxv
hhuzsa9u+ZkBWR2rq9vZnKG5fnZyWYaKWp2w6xYGlbE/PRF77SsV18HYGhb/BTBI
JO2byoram+NOygDQ+OCUT89jxvbpNySmNHFlnnUaahHuraewcA8xtwy0cXFmXkuG
rR/IPOemtTqe8v7eAzQ6JWUzmuozH/+xaQ3r7sOyJcw9v8A5oXhUxQ1z0f2FjhK3
tMXjI2VpoAO3e6dFi/FAGXmEvs0EE6psRJKoSpkDhyvIxqQmcHduU1rIEIPm+70q
o6bQRhoONP8X2ov1oGu1eOdqdd2YzCdtsrMz/+0wI947r8EBIUteo9p4ev+3vV5M
wxEVdg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org