Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/618F268E332011ECB63E811FC4F9AE02.roa
File:                     618F268E332011ECB63E811FC4F9AE02.roa (raw, json)
Hash identifier:          wr2Anofa7TzVcVKwrRG48SL8LS7HzDVNAfgFmjEC2q8=
Subject key identifier:   63:68:8A:BE:51:0A:49:CF:18:89:A3:BB:1F:F4:64:EF:EA:60:CD:73
Certificate issuer:       /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Certificate serial:       064B
Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/618F268E332011ECB63E811FC4F9AE02.roa
Signing time:             Tue 01 Oct 2024 09:17:15 +0000
ROA not before:           Tue 01 Oct 2024 09:17:15 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     55740
IP address blocks:        14.97.20.0/24 maxlen: 24
                          2406:e00:800::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 01 Oct 2024 12:30:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1611 (0x64b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
        Validity
            Not Before: Oct  1 09:17:15 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=66fbbe1b-edb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:82:83:d1:4f:11:a6:13:b4:e6:6d:77:95:0f:
                    a2:5c:61:77:5d:7b:46:4b:6e:04:31:7a:2a:aa:21:
                    a5:54:14:8f:b2:60:09:69:ac:48:a7:15:4c:96:82:
                    91:54:bb:44:3a:a7:93:30:e0:e0:f4:2a:c9:c7:7f:
                    d8:be:55:58:c3:d6:d7:3c:66:79:69:34:a1:95:7e:
                    ea:58:de:3c:99:e9:35:e8:e7:10:b4:02:2f:df:f4:
                    04:7c:4e:75:f3:3b:a4:dc:2a:4a:bd:9c:0e:fa:d5:
                    c0:4c:ba:8d:9c:62:35:a3:73:1c:71:62:78:71:52:
                    57:cf:4f:48:a7:1d:1f:bf:33:33:22:a1:07:42:b9:
                    33:da:0e:37:fa:63:c9:8d:de:0b:28:4c:2d:b1:74:
                    3d:7c:e2:44:77:0f:0e:6b:6e:44:74:fd:5c:56:42:
                    b0:10:eb:0b:bd:8b:e7:8d:a6:2d:5a:b2:0e:c3:1e:
                    05:dd:b6:59:cb:0d:e9:a2:fa:6b:a7:89:69:ca:6d:
                    f8:2b:93:bf:08:ce:5e:65:92:e5:0e:b3:70:c2:f4:
                    98:a0:e8:98:d5:f5:3a:ca:08:27:f2:e5:2c:c6:7a:
                    60:e2:2d:8a:5e:c9:12:3c:c6:8f:72:05:91:76:05:
                    af:66:e6:33:39:2a:fc:53:9e:08:86:f8:09:35:a5:
                    a8:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:68:8A:BE:51:0A:49:CF:18:89:A3:BB:1F:F4:64:EF:EA:60:CD:73
            X509v3 Authority Key Identifier:
                keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/618F268E332011ECB63E811FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  14.97.20.0/24
                IPv6:
                  2406:e00:800::/48

    Signature Algorithm: sha256WithRSAEncryption
         c1:55:c2:01:ed:d3:bf:58:b6:6c:72:a6:29:5c:dc:be:c2:15:
         e8:e6:c5:f4:b2:1f:b6:36:f2:0a:97:1b:65:6f:bd:ad:b0:5c:
         d1:c4:52:c6:4f:78:f5:66:22:72:e4:e5:dd:4a:45:36:74:ff:
         d3:9e:02:34:ad:10:11:8c:bf:a0:da:7d:59:b1:36:7b:0e:c7:
         51:d8:4b:c8:2f:48:11:72:b0:65:15:5d:8e:a3:24:09:69:2d:
         7f:14:5f:3e:c6:a2:38:8a:2e:01:6e:a7:4f:95:19:d7:05:ad:
         74:ea:27:7d:88:06:78:8b:b0:e1:ca:8e:ea:ed:74:e8:62:1b:
         e5:ea:43:6d:30:5e:b3:71:76:c2:98:54:a7:8b:e2:0e:af:62:
         94:f3:2a:3f:06:41:6c:ee:04:58:e9:3d:c6:c1:81:82:94:2f:
         d2:09:e0:52:62:b2:24:dd:f4:05:19:6c:9d:7c:69:04:ee:0b:
         e6:f5:eb:98:ed:cf:d8:85:6b:5c:a0:cc:f2:16:a1:42:05:7f:
         46:22:87:3c:9a:dc:ec:8f:11:fd:b3:fd:af:69:35:b3:30:c0:
         82:7a:75:5c:3d:31:45:da:a3:bb:6f:e1:57:ee:70:7e:40:e7:
         5f:a2:c6:89:3f:4c:e7:90:5a:b3:71:ac:80:60:51:8a:50:20:
         4d:f1:22:75
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBkswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw
OTQ5NERCQzgwHhcNMjQxMDAxMDkxNzE1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZiYmUxYi1lZGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyoKD0U8RphO05m13lQ+iXGF3XXtGS24EMXoqqiGlVBSPsmAJaaxIpxVMloKR
VLtEOqeTMODg9CrJx3/YvlVYw9bXPGZ5aTShlX7qWN48mek16OcQtAIv3/QEfE51
8zuk3CpKvZwO+tXATLqNnGI1o3MccWJ4cVJXz09Ipx0fvzMzIqEHQrkz2g43+mPJ
jd4LKEwtsXQ9fOJEdw8Oa25EdP1cVkKwEOsLvYvnjaYtWrIOwx4F3bZZyw3povpr
p4lpym34K5O/CM5eZZLlDrNwwvSYoOiY1fU6yggn8uUsxnpg4i2KXskSPMaPcgWR
dgWvZuYzOSr8U54IhvgJNaWoXQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGNoir5R
CknPGImjux/0ZO/qYM1zMB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4
MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvNjE4RjI2OEUz
MzIwMTFFQ0I2M0U4MTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAAOYRQwDwQCAAIwCQMHACQGDgAIADANBgkqhkiG9w0BAQsF
AAOCAQEAwVXCAe3Tv1i2bHKmKVzcvsIV6ObF9LIftjbyCpcbZW+9rbBc0cRSxk94
9WYicuTl3UpFNnT/054CNK0QEYy/oNp9WbE2ew7HUdhLyC9IEXKwZRVdjqMkCWkt
fxRfPsaiOIouAW6nT5UZ1wWtdOonfYgGeIuw4cqO6u106GIb5epDbTBes3F2wphU
p4viDq9ilPMqPwZBbO4EWOk9xsGBgpQv0gngUmKyJN30BRlsnXxpBO4L5vXrmO3P
2IVrXKDM8hahQgV/RiKHPJrc7I8R/bP9r2k1szDAgnp1XD0xRdqju2/hV+5wfkDn
X6LGiT9M55Bas3GsgGBRilAgTfEidQ==
-----END CERTIFICATE-----
Generated at Tue Oct 1 13:52:15 2024 by rpki-client on console-fra.rpki-client.org