Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FD9824685AEB11EF8B92C770C4F9AE02.roa
File:                     FD9824685AEB11EF8B92C770C4F9AE02.roa (raw, json)
Hash identifier:          xgnCsGsq+ky1Hqp3zsqvJ619K5Xw+SACEz9Mx+R0lfc=
Subject key identifier:   E7:AF:1E:5A:70:1C:7A:76:F5:B0:5B:00:E6:5F:0B:67:E2:A8:C4:8A
Certificate issuer:       /CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
Certificate serial:       05
Authority key identifier: 21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FD9824685AEB11EF8B92C770C4F9AE02.roa
Signing time:             Thu 15 Aug 2024 09:51:49 +0000
ROA not before:           Thu 15 Aug 2024 09:51:49 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     18289
IP address blocks:        210.88.188.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 15 Aug 2024 11:27:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
        Validity
            Not Before: Aug 15 09:51:49 2024 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=66bdcfb5-8e9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:9d:fd:30:08:cb:71:be:0e:f8:b7:5f:28:8e:
                    30:e9:dc:e4:4c:2b:f1:dd:e1:43:3a:ae:f6:ff:60:
                    dd:1c:c9:6e:df:ef:5c:a5:29:22:f9:0a:49:ef:f4:
                    03:b6:3f:61:d0:5d:11:74:4a:02:c2:63:29:68:2e:
                    39:b7:51:a3:49:89:44:f3:8f:ed:51:49:7c:6d:e0:
                    4c:1c:0d:2c:9b:4c:74:dd:ef:32:fd:2f:7a:8a:35:
                    ad:4f:da:f3:e0:1f:96:a7:b2:5a:8d:8e:fc:b1:73:
                    0a:01:76:75:c2:ed:a9:1a:a0:a3:7c:40:a8:96:33:
                    71:ef:3f:75:ef:49:0e:84:8d:9a:16:58:6e:91:c7:
                    b5:8f:cf:99:75:cf:32:38:de:6c:ce:5e:9e:21:e2:
                    d1:72:9b:9f:3d:c6:3b:86:95:8a:c3:bc:8b:a4:9e:
                    70:5f:87:b0:9f:41:85:56:16:ff:75:61:04:ae:8c:
                    5a:8c:0b:3a:42:c4:81:3f:fc:b2:39:06:51:d1:ac:
                    51:c1:c2:b9:b3:73:dd:28:bf:c6:4c:e3:20:61:f6:
                    57:37:e1:53:cd:27:43:61:9f:3e:1f:a3:5a:a9:57:
                    ad:37:08:ab:0c:e5:43:cd:b0:80:ef:00:61:86:1a:
                    08:cf:b7:93:28:42:19:7b:d4:6a:87:c0:c0:9f:7b:
                    c0:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:AF:1E:5A:70:1C:7A:76:F5:B0:5B:00:E6:5F:0B:67:E2:A8:C4:8A
            X509v3 Authority Key Identifier:
                keyid:21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/IdPtIffN68fQDxu3oJURuVze_iM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FD9824685AEB11EF8B92C770C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.88.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         05:af:75:45:91:06:ca:94:fa:a6:fe:dd:b6:95:f4:42:da:4c:
         ae:61:5b:75:8d:39:95:6a:ec:79:60:e0:4a:61:e4:f5:cc:ff:
         8b:5b:74:7c:2a:ed:75:28:c9:2e:ab:79:b2:82:b4:d3:ee:49:
         29:6d:7c:3e:63:a9:bd:e2:fa:00:33:01:e1:1a:82:c4:05:c4:
         92:16:a6:5b:a0:aa:85:8c:3d:b5:b8:ef:80:7e:74:97:c7:a3:
         26:09:4f:78:8f:9a:50:b4:d1:71:33:b8:ae:71:74:3b:90:92:
         60:c4:b5:d0:78:b9:3e:a4:2a:84:7b:8e:4d:e5:e5:3a:1a:d1:
         c9:18:28:9f:89:c7:97:b1:d7:5f:eb:93:64:46:22:07:69:4e:
         a2:fe:6f:34:96:d4:5c:95:11:71:6b:fc:39:be:f7:7c:b5:dc:
         94:d1:cd:91:bb:c3:22:e3:2d:fa:16:c9:84:16:b9:55:4e:03:
         14:4f:5e:6a:69:49:03:65:8f:11:f1:af:d2:3e:f5:96:3b:56:
         1b:f5:2d:36:fe:41:67:48:0d:30:1b:fb:ce:fe:e6:d7:8c:e3:
         04:a2:86:c3:18:c0:40:54:f4:8a:ef:87:26:0e:15:f5:d4:59:
         0a:6d:4a:a0:7f:1f:70:9a:00:63:af:93:05:1a:c8:e7:68:67:
         71:c5:dd:63
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MzM2QTExMC8GA1UEBRMoMjFEM0VEMjFGN0NERUJDN0QwMEYxQkI3QTA5NTExQjk1
Q0RFRkUyMzAeFw0yNDA4MTUwOTUxNDlaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YmRjZmI1LThlOWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCknf0wCMtxvg74t18ojjDp3ORMK/Hd4UM6rvb/YN0cyW7f71ylKSL5Cknv9AO2
P2HQXRF0SgLCYyloLjm3UaNJiUTzj+1RSXxt4EwcDSybTHTd7zL9L3qKNa1P2vPg
H5anslqNjvyxcwoBdnXC7akaoKN8QKiWM3HvP3XvSQ6EjZoWWG6Rx7WPz5l1zzI4
3mzOXp4h4tFym589xjuGlYrDvIuknnBfh7CfQYVWFv91YQSujFqMCzpCxIE//LI5
BlHRrFHBwrmzc90ov8ZM4yBh9lc34VPNJ0Nhnz4fo1qpV603CKsM5UPNsIDvAGGG
GgjPt5MoQhl71GqHwMCfe8B5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU568eWnAc
enb1sFsA5l8LZ+KoxIowHwYDVR0jBBgwFoAUIdPtIffN68fQDxu3oJURuVze/iMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTczMzZBLzhGNUE5MzU2NUFF
QTExRUY5NEU5M0Q2RUM0RjlBRTAyL0lkUHRJZmZONjhmUUR4dTNvSlVSdVZ6ZV9p
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSWRQdElmZk42OGZRRHh1M29KVVJ1VnplX2lNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MzM2QS84RjVBOTM1NjVBRUExMUVGOTRFOTNENkVDNEY5QUUwMi9GRDk4MjQ2ODVB
RUIxMUVGOEI5MkM3NzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAtJYvDANBgkqhkiG9w0BAQsFAAOCAQEABa91RZEGypT6pv7d
tpX0QtpMrmFbdY05lWrseWDgSmHk9cz/i1t0fCrtdSjJLqt5soK00+5JKW18PmOp
veL6ADMB4RqCxAXEkhamW6CqhYw9tbjvgH50l8ejJglPeI+aULTRcTO4rnF0O5CS
YMS10Hi5PqQqhHuOTeXlOhrRyRgon4nHl7HXX+uTZEYiB2lOov5vNJbUXJURcWv8
Ob73fLXclNHNkbvDIuMt+hbJhBa5VU4DFE9eamlJA2WPEfGv0j71ljtWG/UtNv5B
Z0gNMBv7zv7m14zjBKKGwxjAQFT0iu+HJg4V9dRZCm1KoH8fcJoAY6+TBRrI52hn
ccXdYw==
-----END CERTIFICATE-----
Generated at Thu Aug 15 16:42:32 2024 by rpki-client on console-fra.rpki-client.org