Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/ED2D2346471C11EEBC996766C4F9AE02.roa
File:                     ED2D2346471C11EEBC996766C4F9AE02.roa (raw, json)
Hash identifier:          RZBgyHv8PbHlsYuwQTTKnJ/iLVygR9w+Byj32N6tf9I=
Subject key identifier:   B6:83:F2:1F:A8:95:CA:AD:BB:26:B0:68:66:88:0D:67:37:2B:10:E4
Certificate issuer:       /CN=A9172B7E/serialNumber=A43739BB5F20C14CC5FC49E375587DB3B72237AF
Certificate serial:       06
Authority key identifier: A4:37:39:BB:5F:20:C1:4C:C5:FC:49:E3:75:58:7D:B3:B7:22:37:AF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDc5u18gwUzF_EnjdVh9s7ciN68.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/ED2D2346471C11EEBC996766C4F9AE02.roa
Signing time:             Wed 30 Aug 2023 10:06:46 +0000
ROA not before:           Wed 30 Aug 2023 10:06:46 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     4648
IP address blocks:        27.96.24.0/21 maxlen: 21
                          27.96.24.0/24 maxlen: 24
                          27.96.26.0/24 maxlen: 24
                          27.96.30.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Sep 2023 03:52:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9172B7E/serialNumber=A43739BB5F20C14CC5FC49E375587DB3B72237AF
        Validity
            Not Before: Aug 30 10:06:46 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=64ef14b6-cb24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ce:cc:34:1b:f1:f6:4b:d9:e6:48:97:eb:54:
                    cd:4f:6d:8c:f2:2e:5d:c8:0d:a5:01:83:b5:70:4a:
                    1d:66:a9:8c:ff:d0:b0:cf:00:d3:26:b4:3c:fd:b3:
                    cf:bb:5e:f2:a8:af:7b:15:7d:e8:94:e4:5a:e4:8d:
                    0e:56:45:e6:58:9a:27:96:7e:35:4e:d9:0d:d0:1f:
                    cf:6a:cd:a6:92:ef:88:7f:58:b2:77:24:54:87:b3:
                    77:e8:d3:a5:f1:61:63:e8:a8:c9:2c:f0:15:a5:14:
                    fe:39:da:71:5e:13:37:27:b7:0e:04:35:42:fd:17:
                    84:be:94:af:ec:cf:da:fc:30:b2:74:44:87:87:46:
                    9e:48:8b:e8:b7:00:4c:2f:1e:ca:cd:cb:22:92:a0:
                    5e:12:18:43:68:ed:e0:78:90:58:4f:61:5b:10:dc:
                    80:95:27:33:9a:89:f5:ec:a6:e5:56:ec:10:8f:eb:
                    c1:b1:cd:83:07:57:bc:30:27:f7:f1:7a:68:df:44:
                    5e:92:60:56:0b:97:af:1d:32:66:16:1f:0c:b0:94:
                    be:f2:12:29:a8:54:65:66:72:a7:6b:df:91:4e:47:
                    bc:23:fc:fe:66:6c:73:61:bc:b1:6a:d6:13:4e:68:
                    c5:17:74:35:b4:9c:1d:4d:0a:a1:ff:f0:c6:6d:d1:
                    2d:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:83:F2:1F:A8:95:CA:AD:BB:26:B0:68:66:88:0D:67:37:2B:10:E4
            X509v3 Authority Key Identifier:
                keyid:A4:37:39:BB:5F:20:C1:4C:C5:FC:49:E3:75:58:7D:B3:B7:22:37:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/pDc5u18gwUzF_EnjdVh9s7ciN68.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pDc5u18gwUzF_EnjdVh9s7ciN68.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172B7E/73BC7AAC471711EEA446E346C4F9AE02/ED2D2346471C11EEBC996766C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.96.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         b9:3f:c8:45:cd:af:da:44:fc:13:6d:03:b9:8a:b5:66:63:02:
         84:c8:5a:eb:db:59:73:61:8d:63:bf:c9:65:a5:76:47:5c:19:
         46:5b:20:b3:11:b9:09:15:95:f3:0a:5c:e0:e6:df:03:36:fd:
         c6:39:54:c5:0e:7f:80:84:fb:42:7e:a3:4f:e2:1f:da:3c:f2:
         e9:74:0e:48:8e:d9:38:d8:03:98:28:33:15:46:c9:a4:42:1b:
         b3:49:df:b3:22:c5:d8:ed:05:b2:95:c8:57:1e:98:a4:fc:b9:
         13:01:99:3e:dd:b6:f7:d4:56:c5:01:5c:c0:68:4d:5d:cd:9b:
         d0:3f:93:bb:ec:fb:7e:1b:cb:95:a3:35:87:bd:37:fb:33:02:
         db:c7:5b:7f:38:0d:91:99:45:5f:df:70:93:b0:50:c6:a9:94:
         e1:81:3b:cd:31:3f:73:d9:a0:89:8f:66:e0:32:2a:f1:72:64:
         cc:f6:97:86:12:a3:41:fd:1e:8d:eb:ca:1c:29:d1:50:3a:35:
         a5:a6:86:88:c1:00:eb:dd:52:6c:b7:8a:0d:0e:6e:d2:5b:23:
         4d:b1:7d:72:7b:6a:82:d7:e4:06:07:5f:6e:6b:65:35:7c:f0:
         d1:b6:09:ff:c1:ca:59:8f:78:a4:2a:e7:b8:eb:fb:a0:fa:a0:
         34:0a:77:2d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkI3RTExMC8GA1UEBRMoQTQzNzM5QkI1RjIwQzE0Q0M1RkM0OUUzNzU1ODdEQjNC
NzIyMzdBRjAeFw0yMzA4MzAxMDA2NDZaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZWYxNGI2LWNiMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6zsw0G/H2S9nmSJfrVM1PbYzyLl3IDaUBg7VwSh1mqYz/0LDPANMmtDz9s8+7
XvKor3sVfeiU5FrkjQ5WReZYmieWfjVO2Q3QH89qzaaS74h/WLJ3JFSHs3fo06Xx
YWPoqMks8BWlFP452nFeEzcntw4ENUL9F4S+lK/sz9r8MLJ0RIeHRp5Ii+i3AEwv
HsrNyyKSoF4SGENo7eB4kFhPYVsQ3ICVJzOaifXspuVW7BCP68GxzYMHV7wwJ/fx
emjfRF6SYFYLl68dMmYWHwywlL7yEimoVGVmcqdr35FOR7wj/P5mbHNhvLFq1hNO
aMUXdDW0nB1NCqH/8MZt0S3zAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUtoPyH6iV
yq27JrBoZogNZzcrEOQwHwYDVR0jBBgwFoAUpDc5u18gwUzF/EnjdVh9s7ciN68w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQjdFLzczQkM3QUFDNDcx
NzExRUVBNDQ2RTM0NkM0RjlBRTAyL3BEYzV1MThnd1V6Rl9FbmpkVmg5czdjaU42
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcERjNXUxOGd3VXpGX0VuamRWaDlzN2NpTjY4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkI3RS83M0JDN0FBQzQ3MTcxMUVFQTQ0NkUzNDZDNEY5QUUwMi9FRDJEMjM0NjQ3
MUMxMUVFQkM5OTY3NjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAxtgGDANBgkqhkiG9w0BAQsFAAOCAQEAuT/IRc2v2kT8E20D
uYq1ZmMChMha69tZc2GNY7/JZaV2R1wZRlsgsxG5CRWV8wpc4ObfAzb9xjlUxQ5/
gIT7Qn6jT+If2jzy6XQOSI7ZONgDmCgzFUbJpEIbs0nfsyLF2O0FspXIVx6YpPy5
EwGZPt2299RWxQFcwGhNXc2b0D+Tu+z7fhvLlaM1h703+zMC28dbfzgNkZlFX99w
k7BQxqmU4YE7zTE/c9mgiY9m4DIq8XJkzPaXhhKjQf0ejevKHCnRUDo1paaGiMEA
691SbLeKDQ5u0lsjTbF9cntqgtfkBgdfbmtlNXzw0bYJ/8HKWY94pCrnuOv7oPqg
NAp3LQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org