Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FD1853A05AEB11EF8B92C770C4F9AE02.roa
File:                     FD1853A05AEB11EF8B92C770C4F9AE02.roa (raw, json)
Hash identifier:          NfIX+tm/g6wxMbI+YBiwbRgMX9ZTVFox1hU75VnLItA=
Subject key identifier:   59:98:47:C1:69:95:AD:A6:05:E7:BC:52:7E:C1:32:90:7E:3A:6B:D4
Certificate issuer:       /CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
Certificate serial:       04
Authority key identifier: 21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FD1853A05AEB11EF8B92C770C4F9AE02.roa
Signing time:             Thu 15 Aug 2024 09:51:48 +0000
ROA not before:           Thu 15 Aug 2024 09:51:48 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     134534
IP address blocks:        210.7.102.0/24 maxlen: 24
                          210.7.103.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Aug 2024 11:27:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
        Validity
            Not Before: Aug 15 09:51:48 2024 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=66bdcfb4-d46d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:e6:a8:7a:58:63:3c:af:d0:d3:ba:69:d0:53:
                    85:a9:cf:b3:bb:88:4a:c2:6b:6d:5f:b6:52:0b:a9:
                    67:ef:fb:e7:fe:5a:3a:2e:d4:b2:d5:83:65:38:0c:
                    0e:0c:07:cd:57:25:8e:b6:9e:69:09:68:11:ed:2a:
                    e6:34:2d:7a:af:86:6f:37:0a:9e:d2:b4:15:3b:5a:
                    90:cd:18:97:a4:a1:46:38:5c:fa:a4:86:65:35:a3:
                    d5:1c:1e:5f:a9:e5:ab:92:b2:99:16:f1:b6:df:29:
                    c7:fa:2e:00:61:4a:7b:97:74:bd:cb:47:5b:6f:b5:
                    f2:00:9d:73:a5:b1:d2:5a:bd:d3:fa:a8:78:95:a8:
                    f9:a8:cb:17:00:b3:16:a2:99:49:81:1f:4d:c3:45:
                    03:d5:93:ec:40:b8:2f:0e:d2:c6:b8:ea:fd:d0:87:
                    a2:1f:4d:ff:8f:17:ee:ff:ae:f0:ff:69:d7:be:39:
                    d9:85:b7:b0:57:15:11:24:45:bc:5c:ec:2f:5f:b6:
                    49:b3:ab:9d:c6:48:d6:be:54:39:b5:d2:90:76:a0:
                    06:15:21:42:f3:9c:2e:b4:72:01:80:1c:f8:1d:b2:
                    a3:e2:db:1e:2f:0b:82:95:4d:0e:35:b3:a1:a3:8f:
                    f4:ad:61:00:5f:ea:7f:7c:0d:5f:d3:23:e1:dd:44:
                    9d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:98:47:C1:69:95:AD:A6:05:E7:BC:52:7E:C1:32:90:7E:3A:6B:D4
            X509v3 Authority Key Identifier:
                keyid:21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/IdPtIffN68fQDxu3oJURuVze_iM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FD1853A05AEB11EF8B92C770C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.7.102.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9c:27:f3:a5:33:1c:4a:57:b1:87:5f:59:77:f5:7b:39:c4:5c:
         ca:b2:fd:ba:63:d3:3f:1c:f0:80:df:a6:73:18:dc:14:45:dd:
         df:30:a7:ce:50:e4:30:6a:42:52:65:70:a3:64:d6:12:64:f6:
         9a:79:00:40:ab:c0:fd:d9:95:3c:d3:09:16:6d:ea:90:8c:f8:
         97:c2:43:8a:74:d0:ab:6d:6c:5b:92:40:e6:3d:07:01:f5:d7:
         a4:b9:8b:d3:44:b2:29:2c:b2:f4:3e:6b:28:5b:d1:81:5d:5c:
         99:76:c5:1e:3e:57:29:d6:b3:5b:c8:9b:82:73:70:59:58:ce:
         1a:77:a8:7b:5f:77:4f:9a:14:9f:b9:83:e3:32:c8:5a:90:ce:
         60:2e:2b:90:b6:71:0c:9f:fe:f6:99:89:b7:ba:25:b1:e7:7d:
         9f:01:14:69:25:bf:f3:80:e1:83:ab:76:a2:0b:bd:32:fe:b5:
         b6:18:d0:14:12:59:99:03:bc:41:a0:53:dd:f2:fa:3a:84:3a:
         4a:ab:1b:64:8d:62:b8:d7:89:2c:ee:37:76:d4:dd:fb:7a:57:
         44:63:0b:e4:59:40:f7:92:0c:a3:a9:1c:c6:79:71:51:29:ab:
         2c:3e:ab:80:df:b5:fe:26:9c:03:30:02:aa:1b:0b:5c:c7:c6:
         82:dd:c6:6a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MzM2QTExMC8GA1UEBRMoMjFEM0VEMjFGN0NERUJDN0QwMEYxQkI3QTA5NTExQjk1
Q0RFRkUyMzAeFw0yNDA4MTUwOTUxNDhaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YmRjZmI0LWQ0NmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDm5qh6WGM8r9DTumnQU4Wpz7O7iErCa21ftlILqWfv++f+Wjou1LLVg2U4DA4M
B81XJY62nmkJaBHtKuY0LXqvhm83Cp7StBU7WpDNGJekoUY4XPqkhmU1o9UcHl+p
5auSspkW8bbfKcf6LgBhSnuXdL3LR1tvtfIAnXOlsdJavdP6qHiVqPmoyxcAsxai
mUmBH03DRQPVk+xAuC8O0sa46v3Qh6IfTf+PF+7/rvD/ade+OdmFt7BXFREkRbxc
7C9ftkmzq53GSNa+VDm10pB2oAYVIULznC60cgGAHPgdsqPi2x4vC4KVTQ41s6Gj
j/StYQBf6n98DV/TI+HdRJ17AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUWZhHwWmV
raYF57xSfsEykH46a9QwHwYDVR0jBBgwFoAUIdPtIffN68fQDxu3oJURuVze/iMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTczMzZBLzhGNUE5MzU2NUFF
QTExRUY5NEU5M0Q2RUM0RjlBRTAyL0lkUHRJZmZONjhmUUR4dTNvSlVSdVZ6ZV9p
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSWRQdElmZk42OGZRRHh1M29KVVJ1VnplX2lNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MzM2QS84RjVBOTM1NjVBRUExMUVGOTRFOTNENkVDNEY5QUUwMi9GRDE4NTNBMDVB
RUIxMUVGOEI5MkM3NzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAdIHZjANBgkqhkiG9w0BAQsFAAOCAQEAnCfzpTMcSlexh19Z
d/V7OcRcyrL9umPTPxzwgN+mcxjcFEXd3zCnzlDkMGpCUmVwo2TWEmT2mnkAQKvA
/dmVPNMJFm3qkIz4l8JDinTQq21sW5JA5j0HAfXXpLmL00SyKSyy9D5rKFvRgV1c
mXbFHj5XKdazW8ibgnNwWVjOGneoe193T5oUn7mD4zLIWpDOYC4rkLZxDJ/+9pmJ
t7olsed9nwEUaSW/84Dhg6t2ogu9Mv61thjQFBJZmQO8QaBT3fL6OoQ6SqsbZI1i
uNeJLO43dtTd+3pXRGML5FlA95IMo6kcxnlxUSmrLD6rgN+1/iacAzACqhsLXMfG
gt3Gag==
-----END CERTIFICATE-----
Generated at Thu Aug 15 16:42:32 2024 by rpki-client on console-fra.rpki-client.org