Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917E42D/66315CC0963311EEA3AAC418C4F9AE02/DD104F62963E11EE97A2DB14C4F9AE02.roa
File:                     DD104F62963E11EE97A2DB14C4F9AE02.roa (raw, json)
Hash identifier:          uTnbgv+rYmQWwq/+Ryi2OukuCTC5SSiVCqYuyLK/Qt0=
Subject key identifier:   35:55:74:E6:6D:DD:04:29:ED:5A:82:4C:66:65:0B:9D:AB:78:D4:89
Certificate issuer:       /CN=A917E42D/serialNumber=5A7C384B296CFC7F24260F05108D67D60C6EADCE
Certificate serial:       04
Authority key identifier: 5A:7C:38:4B:29:6C:FC:7F:24:26:0F:05:10:8D:67:D6:0C:6E:AD:CE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wnw4Syls_H8kJg8FEI1n1gxurc4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917E42D/66315CC0963311EEA3AAC418C4F9AE02/DD104F62963E11EE97A2DB14C4F9AE02.roa
Signing time:             Sat 09 Dec 2023 03:31:50 +0000
ROA not before:           Sat 09 Dec 2023 03:31:50 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     151374
IP address blocks:        121.50.48.0/21 maxlen: 24
                          2400:ac00::/34 maxlen: 40

Validation:               Failed, certificate revoked on Sat 09 Dec 2023 03:47:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917E42D/serialNumber=5A7C384B296CFC7F24260F05108D67D60C6EADCE
        Validity
            Not Before: Dec  9 03:31:50 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=6573dfa6-d9d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:c4:cc:63:6c:91:bf:74:44:f8:a1:77:e9:79:
                    64:e0:39:3a:01:4a:70:8c:26:a1:73:4d:c6:5a:6c:
                    dc:58:85:3b:8b:d9:b3:34:5e:1b:89:40:e9:c4:df:
                    c9:05:bf:24:2b:3d:48:6b:b9:9e:62:ef:be:7d:28:
                    11:bb:fe:fb:3f:4e:12:42:de:32:09:ca:dd:05:70:
                    f4:e0:95:c0:f7:85:c1:7c:2c:2c:92:f0:3c:79:e4:
                    b7:17:a6:48:6b:b8:5f:9c:9f:80:b5:15:f8:f4:dd:
                    76:f4:e1:55:47:80:e3:27:96:c6:ed:fb:30:67:a3:
                    f4:16:0e:ad:44:7f:c2:44:9b:0d:ee:7a:eb:5c:ee:
                    8b:0f:c3:ce:72:e5:f1:b6:e7:6c:34:01:62:d1:7e:
                    04:3b:b0:39:3c:3d:93:c1:e0:2a:44:92:94:52:2d:
                    6a:c1:a3:5a:c0:e3:e3:3f:d5:10:68:8d:53:b2:72:
                    31:73:99:34:51:14:1c:75:a0:d9:52:d8:4b:de:bc:
                    d6:21:3d:32:9f:f3:6e:22:13:5e:a3:2c:ad:ec:e4:
                    52:44:90:cd:21:87:97:fc:79:62:19:9f:bd:28:b5:
                    30:c1:5d:1f:1a:0d:eb:9e:60:d7:83:13:38:84:d8:
                    cc:9f:e4:49:e8:e7:e9:14:28:74:65:0d:76:2d:91:
                    89:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:55:74:E6:6D:DD:04:29:ED:5A:82:4C:66:65:0B:9D:AB:78:D4:89
            X509v3 Authority Key Identifier:
                keyid:5A:7C:38:4B:29:6C:FC:7F:24:26:0F:05:10:8D:67:D6:0C:6E:AD:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917E42D/66315CC0963311EEA3AAC418C4F9AE02/Wnw4Syls_H8kJg8FEI1n1gxurc4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Wnw4Syls_H8kJg8FEI1n1gxurc4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E42D/66315CC0963311EEA3AAC418C4F9AE02/DD104F62963E11EE97A2DB14C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  121.50.48.0/21
                IPv6:
                  2400:ac00::/34

    Signature Algorithm: sha256WithRSAEncryption
         25:c7:5f:5e:cc:14:4a:ac:dd:21:17:2a:1f:7d:b4:70:bd:4c:
         45:bf:8a:dd:af:b5:8e:9c:b1:78:96:7f:0e:83:24:f7:b1:80:
         02:a4:6b:4f:74:71:0c:1a:00:ae:49:f9:26:15:7c:24:4b:13:
         fc:a0:2a:04:ec:24:34:41:65:0c:cf:a1:b8:40:6a:0e:0f:c1:
         56:09:a0:69:47:8a:74:fb:9c:a1:7a:a1:73:37:f8:dd:63:fb:
         b8:b6:b6:64:76:58:51:67:21:71:6c:77:27:f4:25:cb:2e:57:
         6a:6c:2c:de:e7:95:48:33:5b:3f:1e:f1:5f:a5:2f:b6:4b:51:
         0d:be:e9:88:fb:5c:d2:77:65:0a:0f:07:ad:1c:da:50:b7:f5:
         44:bc:8b:71:50:c1:83:a4:41:7a:1a:54:13:8b:c1:5e:36:24:
         73:9c:69:71:ee:93:7c:4b:6a:96:ce:4c:57:89:f8:4d:54:98:
         3c:dd:bc:ea:54:63:1b:bd:ab:ee:e8:76:48:02:f9:c3:54:59:
         00:af:9f:e5:95:c0:1b:a7:aa:11:63:27:9e:17:b6:da:f5:3c:
         3e:bd:26:fc:d1:cd:72:cc:0b:c1:fe:05:3b:13:3d:a1:79:49:
         db:bb:09:c2:61:f3:89:bd:39:ca:6c:bf:eb:a1:d0:6f:cc:2d:
         33:aa:76:92
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RTQyRDExMC8GA1UEBRMoNUE3QzM4NEIyOTZDRkM3RjI0MjYwRjA1MTA4RDY3RDYw
QzZFQURDRTAeFw0yMzEyMDkwMzMxNTBaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NzNkZmE2LWQ5ZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDhxMxjbJG/dET4oXfpeWTgOToBSnCMJqFzTcZabNxYhTuL2bM0XhuJQOnE38kF
vyQrPUhruZ5i7759KBG7/vs/ThJC3jIJyt0FcPTglcD3hcF8LCyS8Dx55LcXpkhr
uF+cn4C1Ffj03Xb04VVHgOMnlsbt+zBno/QWDq1Ef8JEmw3ueutc7osPw85y5fG2
52w0AWLRfgQ7sDk8PZPB4CpEkpRSLWrBo1rA4+M/1RBojVOycjFzmTRRFBx1oNlS
2EvevNYhPTKf824iE16jLK3s5FJEkM0hh5f8eWIZn70otTDBXR8aDeueYNeDEziE
2Myf5Eno5+kUKHRlDXYtkYkJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUNVV05m3d
BCntWoJMZmULnat41IkwHwYDVR0jBBgwFoAUWnw4Syls/H8kJg8FEI1n1gxurc4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFNDJELzY2MzE1Q0MwOTYz
MzExRUVBM0FBQzQxOEM0RjlBRTAyL1dudzRTeWxzX0g4a0pnOEZFSTFuMWd4dXJj
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvV253NFN5bHNfSDhrSmc4RkVJMW4xZ3h1cmM0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RTQyRC82NjMxNUNDMDk2MzMxMUVFQTNBQUM0MThDNEY5QUUwMi9ERDEwNEY2Mjk2
M0UxMUVFOTdBMkRCMTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAvBggrBgEFBQcBBwEB/wQg
MB4wDAQCAAEwBgMEA3kyMDAOBAIAAjAIAwYGJACsAAAwDQYJKoZIhvcNAQELBQAD
ggEBACXHX17MFEqs3SEXKh99tHC9TEW/it2vtY6csXiWfw6DJPexgAKka090cQwa
AK5J+SYVfCRLE/ygKgTsJDRBZQzPobhAag4PwVYJoGlHinT7nKF6oXM3+N1j+7i2
tmR2WFFnIXFsdyf0JcsuV2psLN7nlUgzWz8e8V+lL7ZLUQ2+6Yj7XNJ3ZQoPB60c
2lC39US8i3FQwYOkQXoaVBOLwV42JHOcaXHuk3xLapbOTFeJ+E1UmDzdvOpUYxu9
q+7odkgC+cNUWQCvn+WVwBunqhFjJ54Xttr1PD69JvzRzXLMC8H+BTsTPaF5Sdu7
CcJh84m9Ocpsv+uh0G/MLTOqdpI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-ams.rpki-client.org