Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/6D1A7602B64F11EE83E15F13C4F9AE02.roa
File:                     6D1A7602B64F11EE83E15F13C4F9AE02.roa (raw, json)
Hash identifier:          VPF/+n9A7ZSRF4c2p7EbmNo3WRiDLKg9QmLbPcz4ISU=
Subject key identifier:   1A:88:81:A4:28:F8:F5:1A:FC:68:CE:E7:2E:41:10:F1:72:1F:DB:20
Certificate issuer:       /CN=A917530D/serialNumber=E780FA3777B81D4CF6A35406EA5CF4BE4F65E9FA
Certificate serial:       02
Authority key identifier: E7:80:FA:37:77:B8:1D:4C:F6:A3:54:06:EA:5C:F4:BE:4F:65:E9:FA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/54D6N3e4HUz2o1QG6lz0vk9l6fo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/6D1A7602B64F11EE83E15F13C4F9AE02.roa
Signing time:             Thu 18 Jan 2024 22:17:55 +0000
ROA not before:           Thu 18 Jan 2024 22:17:55 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     152333
IP address blocks:        2401:7860::/48 maxlen: 48

Validation:               Failed, certificate revoked on Fri 26 Jan 2024 09:11:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917530D/serialNumber=E780FA3777B81D4CF6A35406EA5CF4BE4F65E9FA
        Validity
            Not Before: Jan 18 22:17:55 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65a9a392-d703
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:40:33:8f:43:35:27:df:f5:73:cc:4c:01:d3:
                    52:32:c0:eb:20:39:22:37:83:f5:83:16:6f:91:4d:
                    31:4d:e3:87:a0:21:04:37:70:f2:19:1c:65:06:3e:
                    8a:97:1e:f5:5b:99:c5:4e:48:f1:fd:fa:cd:db:f3:
                    ec:79:ba:3d:b0:e9:3c:61:6c:14:1d:72:96:72:a5:
                    a0:a5:83:9e:38:ce:e1:29:42:ec:a9:2d:c7:04:4e:
                    d6:b1:55:2b:1f:9d:fa:d2:73:e6:c9:6d:f4:2b:f4:
                    5c:f8:6c:44:8c:8b:d6:93:56:04:74:a8:a3:f0:81:
                    81:6f:30:d8:69:be:d5:8d:74:fa:cf:1a:5f:2e:73:
                    0c:1b:44:c7:15:c8:ca:d9:d0:79:cf:77:a0:93:3e:
                    2d:79:50:cd:c2:9d:6c:7a:36:c8:4f:c7:4d:c1:a6:
                    b8:09:07:5a:c8:52:d9:8f:7e:21:0b:9c:75:c5:77:
                    42:7d:d4:2e:45:9d:0c:34:f9:99:80:30:ad:1f:2f:
                    8a:da:35:36:e3:ee:2b:49:75:13:c2:81:9c:9d:6b:
                    6c:67:57:df:9d:1a:82:43:ff:33:fa:56:9d:dc:97:
                    34:32:bc:fe:eb:5e:f3:9b:89:91:24:a5:83:30:3d:
                    33:9f:8a:07:33:69:3b:5a:b2:6d:0e:7d:d1:e0:f7:
                    eb:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:88:81:A4:28:F8:F5:1A:FC:68:CE:E7:2E:41:10:F1:72:1F:DB:20
            X509v3 Authority Key Identifier:
                keyid:E7:80:FA:37:77:B8:1D:4C:F6:A3:54:06:EA:5C:F4:BE:4F:65:E9:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/54D6N3e4HUz2o1QG6lz0vk9l6fo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/54D6N3e4HUz2o1QG6lz0vk9l6fo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/6D1A7602B64F11EE83E15F13C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:7860::/48

    Signature Algorithm: sha256WithRSAEncryption
         67:e5:97:3e:a0:4e:cf:77:a2:93:08:6a:f0:5e:45:85:57:18:
         1f:41:fd:c8:4f:9a:77:e0:4b:e5:93:cc:58:9e:59:18:b8:a5:
         57:ae:64:79:fd:08:e4:ec:d9:d2:d5:40:dd:86:dc:e2:0e:7b:
         8c:e7:c0:fc:1c:f4:a6:4a:da:32:57:da:33:c4:1d:40:52:4b:
         6c:ce:12:78:de:59:39:32:14:d0:34:0a:1c:51:39:c6:c7:7e:
         78:25:62:9a:9f:af:77:93:c7:19:36:2d:d9:80:e7:69:d0:11:
         cc:17:ed:50:3a:20:e9:d7:64:8d:46:97:55:e4:45:93:0d:65:
         52:e0:a0:08:f8:62:f0:d1:2d:36:ec:85:1c:35:8a:8b:4a:61:
         0e:9a:bf:f0:ad:5f:a7:d6:c8:ad:29:0f:ea:2d:68:d2:ab:bd:
         0a:23:fa:b4:72:34:75:34:26:c9:d2:20:6f:54:04:61:47:a3:
         17:99:eb:2b:76:e7:13:59:41:ac:68:56:3c:a3:e4:ce:d1:62:
         67:66:59:7d:74:ae:f5:f6:4e:a4:a2:ca:01:91:af:a8:d4:18:
         98:ac:ee:41:53:71:53:49:b3:01:54:02:dc:49:42:56:d2:64:
         50:e6:37:3a:07:e0:f2:e1:2d:27:0c:95:26:c2:4a:01:3e:19:
         9f:93:ec:1d
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NTMwRDExMC8GA1UEBRMoRTc4MEZBMzc3N0I4MUQ0Q0Y2QTM1NDA2RUE1Q0Y0QkU0
RjY1RTlGQTAeFw0yNDAxMTgyMjE3NTVaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YTlhMzkyLWQ3MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyQDOPQzUn3/VzzEwB01IywOsgOSI3g/WDFm+RTTFN44egIQQ3cPIZHGUGPoqX
HvVbmcVOSPH9+s3b8+x5uj2w6TxhbBQdcpZypaClg544zuEpQuypLccETtaxVSsf
nfrSc+bJbfQr9Fz4bESMi9aTVgR0qKPwgYFvMNhpvtWNdPrPGl8ucwwbRMcVyMrZ
0HnPd6CTPi15UM3CnWx6NshPx03BprgJB1rIUtmPfiELnHXFd0J91C5FnQw0+ZmA
MK0fL4raNTbj7itJdRPCgZyda2xnV9+dGoJD/zP6Vp3clzQyvP7rXvObiZEkpYMw
PTOfigczaTtasm0OfdHg9+s9AgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUGoiBpCj4
9Rr8aM7nLkEQ8XIf2yAwHwYDVR0jBBgwFoAU54D6N3e4HUz2o1QG6lz0vk9l6fow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1MzBEL0U2NDAwMUY0QjY0
QjExRUU5MTQ2Mzc2MEM0RjlBRTAyLzU0RDZOM2U0SFV6Mm8xUUc2bHowdms5bDZm
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNTRENk4zZTRIVXoybzFRRzZsejB2azlsNmZvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NTMwRC9FNjQwMDFGNEI2NEIxMUVFOTE0NjM3NjBDNEY5QUUwMi82RDFBNzYwMkI2
NEYxMUVFODNFMTVGMTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACQBeGAAADANBgkqhkiG9w0BAQsFAAOCAQEAZ+WXPqBOz3ei
kwhq8F5FhVcYH0H9yE+ad+BL5ZPMWJ5ZGLilV65kef0I5OzZ0tVA3Ybc4g57jOfA
/Bz0pkraMlfaM8QdQFJLbM4SeN5ZOTIU0DQKHFE5xsd+eCVimp+vd5PHGTYt2YDn
adARzBftUDog6ddkjUaXVeRFkw1lUuCgCPhi8NEtNuyFHDWKi0phDpq/8K1fp9bI
rSkP6i1o0qu9CiP6tHI0dTQmydIgb1QEYUejF5nrK3bnE1lBrGhWPKPkztFiZ2ZZ
fXSu9fZOpKLKAZGvqNQYmKzuQVNxU0mzAVQC3ElCVtJkUOY3Ogfg8uEtJwyVJsJK
AT4Zn5PsHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:12 2024 by rpki-client on console-fra.rpki-client.org