Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FE07CE765AEB11EF8B92C770C4F9AE02.roa
File:                     FE07CE765AEB11EF8B92C770C4F9AE02.roa (raw, json)
Hash identifier:          YEEzEKcjNFoZw85lT8vUbUE5+xt7ksf0Ce+UajXi+x4=
Subject key identifier:   79:2E:CC:A5:41:50:B8:2D:C7:78:59:D0:D5:F5:70:B8:1F:99:C9:DA
Certificate issuer:       /CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
Certificate serial:       06
Authority key identifier: 21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FE07CE765AEB11EF8B92C770C4F9AE02.roa
Signing time:             Thu 15 Aug 2024 09:51:50 +0000
ROA not before:           Thu 15 Aug 2024 09:51:50 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     2386
IP address blocks:        202.135.21.0/24 maxlen: 24
                          202.135.22.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 15 Aug 2024 11:27:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
        Validity
            Not Before: Aug 15 09:51:50 2024 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=66bdcfb6-c988
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:da:4e:a5:a5:d5:42:22:04:83:04:7b:c8:9a:
                    45:29:fa:0e:3d:7a:da:73:a7:aa:ad:a6:60:7a:fa:
                    09:9c:64:8b:8d:09:2d:8c:4c:1e:2d:db:85:2d:3d:
                    e8:bf:51:e6:2a:5d:e8:a3:92:43:c7:84:c6:96:e9:
                    5c:01:01:e8:fa:00:4a:f0:19:73:19:d7:40:ce:bb:
                    a5:2f:58:af:de:e5:78:f9:eb:0b:d7:f3:a6:fb:2e:
                    c6:9d:56:39:a5:d0:c3:ae:03:4d:62:0f:e3:c4:86:
                    43:50:4c:f8:9d:6a:1c:fd:d9:37:09:04:bd:f1:46:
                    ce:89:2f:b2:c0:e9:49:aa:3c:20:7d:8e:42:a2:aa:
                    57:50:a8:f8:5f:a3:4a:5c:d3:c6:67:af:3e:5a:47:
                    b7:0f:d1:3c:d6:08:2a:26:6f:e8:31:42:65:c0:f7:
                    e3:ff:cc:42:cb:09:16:67:cd:c5:fe:ee:39:59:93:
                    3a:a4:c7:6e:0c:f6:31:35:5d:81:f9:eb:78:e3:bb:
                    a1:38:89:7d:2f:d6:f1:8e:3c:fc:76:e1:60:cf:d4:
                    3c:eb:31:8e:24:58:b7:9e:a8:e0:7c:f1:db:34:b5:
                    a6:a8:ed:03:20:00:8c:b8:f2:b1:b6:e4:62:3f:b2:
                    09:85:96:05:2c:3c:c3:e7:b2:17:73:44:23:41:36:
                    07:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:2E:CC:A5:41:50:B8:2D:C7:78:59:D0:D5:F5:70:B8:1F:99:C9:DA
            X509v3 Authority Key Identifier:
                keyid:21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/IdPtIffN68fQDxu3oJURuVze_iM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FE07CE765AEB11EF8B92C770C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.135.21.0-202.135.22.255

    Signature Algorithm: sha256WithRSAEncryption
         44:06:cf:17:66:17:2f:ee:5b:75:d2:8d:e0:6e:e1:a3:5f:d0:
         48:83:d2:ff:d4:e7:99:eb:53:8d:ee:76:53:10:25:d6:ab:f7:
         6f:a8:2e:ed:df:60:28:53:bb:f3:f2:7a:7f:fe:1f:ff:d9:d4:
         a1:cd:90:fc:20:45:ee:65:62:81:bf:cc:df:8f:54:f1:6e:9e:
         44:3c:5e:31:f6:ca:00:4c:08:cf:f0:b4:af:a5:1b:92:b9:33:
         02:93:0e:3a:a4:f4:65:84:0d:38:43:64:46:25:ff:ed:b8:be:
         89:1b:b5:9a:c1:59:35:ad:35:06:5c:78:4b:71:8d:87:3b:26:
         2b:f1:00:30:81:f4:2b:4f:36:7e:ce:86:53:43:2e:6a:e1:9a:
         fa:5e:81:06:33:b2:76:38:27:24:53:de:46:4c:88:93:ae:51:
         3d:2d:2f:e9:1a:28:92:76:9d:a1:c7:5e:5d:fd:ae:09:dc:1b:
         5e:96:fa:50:79:d3:dd:f4:f8:11:28:27:26:77:28:1a:67:31:
         cd:c1:2e:5b:a9:f9:49:17:e7:b0:5d:08:c0:58:2e:87:34:d3:
         71:d3:8d:5c:cf:c4:76:08:e2:24:fd:9a:3c:2d:67:60:c5:6e:
         7f:1e:9b:4f:ea:ee:0f:16:20:ff:4d:a3:9a:b5:93:a9:2d:45:
         e6:7a:08:ec
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MzM2QTExMC8GA1UEBRMoMjFEM0VEMjFGN0NERUJDN0QwMEYxQkI3QTA5NTExQjk1
Q0RFRkUyMzAeFw0yNDA4MTUwOTUxNTBaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YmRjZmI2LWM5ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDS2k6lpdVCIgSDBHvImkUp+g49etpzp6qtpmB6+gmcZIuNCS2MTB4t24UtPei/
UeYqXeijkkPHhMaW6VwBAej6AErwGXMZ10DOu6UvWK/e5Xj56wvX86b7LsadVjml
0MOuA01iD+PEhkNQTPidahz92TcJBL3xRs6JL7LA6UmqPCB9jkKiqldQqPhfo0pc
08Znrz5aR7cP0TzWCComb+gxQmXA9+P/zELLCRZnzcX+7jlZkzqkx24M9jE1XYH5
63jju6E4iX0v1vGOPPx24WDP1DzrMY4kWLeeqOB88ds0taao7QMgAIy48rG25GI/
sgmFlgUsPMPnshdzRCNBNgfHAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUeS7MpUFQ
uC3HeFnQ1fVwuB+ZydowHwYDVR0jBBgwFoAUIdPtIffN68fQDxu3oJURuVze/iMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTczMzZBLzhGNUE5MzU2NUFF
QTExRUY5NEU5M0Q2RUM0RjlBRTAyL0lkUHRJZmZONjhmUUR4dTNvSlVSdVZ6ZV9p
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSWRQdElmZk42OGZRRHh1M29KVVJ1VnplX2lNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MzM2QS84RjVBOTM1NjVBRUExMUVGOTRFOTNENkVDNEY5QUUwMi9GRTA3Q0U3NjVB
RUIxMUVGOEI5MkM3NzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAyocVAwQAyocWMA0GCSqGSIb3DQEBCwUAA4IBAQBEBs8X
Zhcv7lt10o3gbuGjX9BIg9L/1OeZ61ON7nZTECXWq/dvqC7t32AoU7vz8np//h//
2dShzZD8IEXuZWKBv8zfj1Txbp5EPF4x9soATAjP8LSvpRuSuTMCkw46pPRlhA04
Q2RGJf/tuL6JG7WawVk1rTUGXHhLcY2HOyYr8QAwgfQrTzZ+zoZTQy5q4Zr6XoEG
M7J2OCckU95GTIiTrlE9LS/pGiiSdp2hx15d/a4J3BtelvpQedPd9PgRKCcmdyga
ZzHNwS5bqflJF+ewXQjAWC6HNNNx041cz8R2COIk/Zo8LWdgxW5/HptP6u4PFiD/
TaOatZOpLUXmegjs
-----END CERTIFICATE-----
Generated at Thu Aug 15 17:31:36 2024 by rpki-client on console-ams.rpki-client.org