Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FFEDFB025AEB11EF8B92C770C4F9AE02.roa
File:                     FFEDFB025AEB11EF8B92C770C4F9AE02.roa (raw, json)
Hash identifier:          YbPhE7kOS+7k+tVXkab2bhjps+Wr99YSGSdZ+hBX4cc=
Subject key identifier:   14:E8:51:15:F7:BC:D6:A1:51:3C:9D:16:AD:98:65:1D:54:EC:80:5A
Certificate issuer:       /CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
Certificate serial:       0A
Authority key identifier: 21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FFEDFB025AEB11EF8B92C770C4F9AE02.roa
Signing time:             Thu 15 Aug 2024 09:51:53 +0000
ROA not before:           Thu 15 Aug 2024 09:51:53 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     58414
IP address blocks:        202.135.122.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 15 Aug 2024 11:27:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10 (0xa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917336A/serialNumber=21D3ED21F7CDEBC7D00F1BB7A09511B95CDEFE23
        Validity
            Not Before: Aug 15 09:51:53 2024 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=66bdcfb9-dd9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:06:83:0a:d9:1d:89:82:10:99:90:ec:7e:b1:
                    b5:65:e6:e7:52:7e:19:59:31:da:66:99:55:b4:0e:
                    9a:f6:c7:8e:8c:66:6d:5d:48:d3:6d:67:72:52:7f:
                    cc:bd:a3:2f:a5:a8:44:d4:eb:7b:dc:a1:d5:5a:86:
                    81:c0:a8:9a:40:c3:39:b5:dc:b2:e5:fa:94:9f:fe:
                    5e:09:5b:46:54:3d:9e:64:34:17:5d:b8:ad:c0:21:
                    4a:aa:83:0d:06:e9:f7:75:c7:0a:26:d5:42:b8:be:
                    82:c5:60:28:bc:20:cf:99:0e:48:4a:64:dd:6a:09:
                    ff:47:67:78:23:1c:6e:5e:94:14:03:c4:76:b9:76:
                    cb:9d:d6:ba:d7:c8:f2:91:b3:b0:81:18:73:da:5d:
                    ca:6a:57:61:3e:d6:cb:aa:40:54:88:c8:4a:47:8c:
                    a7:9d:4c:8e:9d:44:06:3f:79:54:85:f4:fe:c0:50:
                    7f:80:8d:ab:48:d9:07:7a:cd:d5:27:40:77:cc:1c:
                    81:a2:ea:bf:0d:e8:a1:31:bb:5a:d1:76:9c:b5:72:
                    ec:7f:9c:b7:c3:38:68:cb:e8:71:83:78:c0:c2:59:
                    f4:a5:2d:5f:ea:a5:21:62:f1:e4:b2:68:d5:a6:fd:
                    cb:15:05:80:27:64:8b:e6:d2:51:11:2c:6e:21:7e:
                    cc:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:E8:51:15:F7:BC:D6:A1:51:3C:9D:16:AD:98:65:1D:54:EC:80:5A
            X509v3 Authority Key Identifier:
                keyid:21:D3:ED:21:F7:CD:EB:C7:D0:0F:1B:B7:A0:95:11:B9:5C:DE:FE:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/IdPtIffN68fQDxu3oJURuVze_iM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IdPtIffN68fQDxu3oJURuVze_iM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917336A/8F5A93565AEA11EF94E93D6EC4F9AE02/FFEDFB025AEB11EF8B92C770C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.135.122.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b6:8c:10:96:a9:24:4a:de:9f:39:78:62:b0:d8:f4:ac:19:1b:
         cc:2f:8d:75:05:03:37:46:90:fe:20:a1:37:e2:76:df:00:cd:
         06:47:c7:d2:ee:de:60:7a:bf:f2:68:92:b1:34:ac:fe:58:e7:
         f0:06:f5:bb:6c:00:a9:8e:d1:d0:17:5e:3c:23:49:53:00:49:
         64:f4:46:b3:a3:ee:ba:f3:cd:68:ff:d8:03:8e:1f:33:7c:55:
         5c:d9:55:88:e3:8e:92:59:6a:88:f3:cf:b7:db:c0:4d:74:80:
         07:d8:a8:84:9c:f1:94:c4:7d:44:c3:04:e7:3b:42:7f:33:24:
         19:bc:4b:a9:10:ce:80:ef:a5:72:db:8e:83:c8:52:26:55:d6:
         c0:36:e7:04:d5:43:99:04:15:4d:61:7d:4b:18:45:15:d7:0c:
         66:9a:c5:40:b4:38:f1:db:57:f9:ac:7b:30:f3:36:5f:bc:02:
         bb:5d:2d:3d:b6:a2:df:db:eb:15:b8:d5:15:b5:9c:e6:ed:30:
         87:16:64:5b:dd:b4:a3:7e:ee:d4:91:e7:c4:ae:92:c4:b3:06:
         25:6c:06:35:bb:a3:43:05:cc:ba:f5:d6:65:89:7b:0b:f3:30:
         2f:7d:1c:7d:d8:b3:4d:31:88:92:43:bb:96:46:a3:9b:c5:8e:
         2f:86:36:9c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MzM2QTExMC8GA1UEBRMoMjFEM0VEMjFGN0NERUJDN0QwMEYxQkI3QTA5NTExQjk1
Q0RFRkUyMzAeFw0yNDA4MTUwOTUxNTNaFw0yNDEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YmRjZmI5LWRkOWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDuBoMK2R2JghCZkOx+sbVl5udSfhlZMdpmmVW0Dpr2x46MZm1dSNNtZ3JSf8y9
oy+lqETU63vcodVahoHAqJpAwzm13LLl+pSf/l4JW0ZUPZ5kNBdduK3AIUqqgw0G
6fd1xwom1UK4voLFYCi8IM+ZDkhKZN1qCf9HZ3gjHG5elBQDxHa5dsud1rrXyPKR
s7CBGHPaXcpqV2E+1suqQFSIyEpHjKedTI6dRAY/eVSF9P7AUH+AjatI2Qd6zdUn
QHfMHIGi6r8N6KExu1rRdpy1cux/nLfDOGjL6HGDeMDCWfSlLV/qpSFi8eSyaNWm
/csVBYAnZIvm0lERLG4hfsw9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUFOhRFfe8
1qFRPJ0WrZhlHVTsgFowHwYDVR0jBBgwFoAUIdPtIffN68fQDxu3oJURuVze/iMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTczMzZBLzhGNUE5MzU2NUFF
QTExRUY5NEU5M0Q2RUM0RjlBRTAyL0lkUHRJZmZONjhmUUR4dTNvSlVSdVZ6ZV9p
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSWRQdElmZk42OGZRRHh1M29KVVJ1VnplX2lNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MzM2QS84RjVBOTM1NjVBRUExMUVGOTRFOTNENkVDNEY5QUUwMi9GRkVERkIwMjVB
RUIxMUVGOEI5MkM3NzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcqHejANBgkqhkiG9w0BAQsFAAOCAQEAtowQlqkkSt6fOXhi
sNj0rBkbzC+NdQUDN0aQ/iChN+J23wDNBkfH0u7eYHq/8miSsTSs/ljn8Ab1u2wA
qY7R0BdePCNJUwBJZPRGs6PuuvPNaP/YA44fM3xVXNlViOOOkllqiPPPt9vATXSA
B9iohJzxlMR9RMME5ztCfzMkGbxLqRDOgO+lctuOg8hSJlXWwDbnBNVDmQQVTWF9
SxhFFdcMZprFQLQ48dtX+ax7MPM2X7wCu10tPbai39vrFbjVFbWc5u0whxZkW920
o37u1JHnxK6SxLMGJWwGNbujQwXMuvXWZYl7C/MwL30cfdizTTGIkkO7lkajm8WO
L4Y2nA==
-----END CERTIFICATE-----
Generated at Thu Aug 15 17:31:36 2024 by rpki-client on console-ams.rpki-client.org