Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/345F4DB4683A11EE8D7F411DC4F9AE02.roa
File:                     345F4DB4683A11EE8D7F411DC4F9AE02.roa (raw, json)
Hash identifier:          3k4oTqxhf3x9/Hjq3KP8k2Yf1iOavB9t4BceasmIipw=
Subject key identifier:   CE:F1:40:B1:96:61:64:6D:80:D6:68:4D:CB:A5:8F:4C:FA:B1:16:34
Certificate issuer:       /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial:       0B45
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/345F4DB4683A11EE8D7F411DC4F9AE02.roa
Signing time:             Wed 11 Oct 2023 13:29:29 +0000
ROA not before:           Wed 11 Oct 2023 13:29:29 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     199436
IP address blocks:        2406:840:9998::/47 maxlen: 47

Validation:               Failed, certificate revoked on Sat 14 Oct 2023 20:58:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2885 (0xb45)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
        Validity
            Not Before: Oct 11 13:29:29 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=6526a339-98d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:3f:7f:c2:fc:79:1e:ef:0a:a7:52:df:db:dc:
                    f6:2f:92:31:79:81:88:66:ee:57:03:ae:79:ca:22:
                    d2:c2:2b:23:04:81:08:63:6a:20:de:37:40:1a:26:
                    0e:86:fd:26:8f:12:38:a6:2d:7d:a9:eb:f6:e5:f5:
                    c7:7a:2e:cd:28:23:93:7f:c1:7c:7b:ff:12:63:31:
                    08:6c:c0:3b:78:80:28:85:75:8d:d7:e1:00:17:e3:
                    06:25:20:52:e4:e3:d5:ed:e7:8d:ac:fc:f2:a9:ab:
                    06:6a:4c:a6:f4:27:c7:ad:e7:12:1b:9d:ef:f0:8f:
                    c1:3c:33:ee:e7:b2:9f:72:3e:51:30:9a:b0:04:73:
                    48:06:60:63:59:d4:88:a5:86:6f:c3:96:ab:ef:51:
                    4a:6e:ac:c6:54:81:bf:02:64:51:a9:a9:6f:b5:ff:
                    e9:31:26:3a:46:69:29:d0:8c:91:ed:53:96:e1:dc:
                    3a:1b:99:ed:f7:51:bd:85:f9:f7:8f:59:d6:3c:9a:
                    3a:39:62:88:58:59:36:7d:e7:6a:9d:cd:f6:07:cc:
                    ef:f4:9d:0d:1d:1e:75:91:a8:4b:9c:83:e0:fd:69:
                    c8:e0:b2:bb:72:83:c1:bf:0a:94:ba:bd:8c:f5:11:
                    ec:2e:cd:5d:1a:a4:cf:2b:b1:d3:34:15:b8:e8:1a:
                    0b:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:F1:40:B1:96:61:64:6D:80:D6:68:4D:CB:A5:8F:4C:FA:B1:16:34
            X509v3 Authority Key Identifier:
                keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/345F4DB4683A11EE8D7F411DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:840:9998::/47

    Signature Algorithm: sha256WithRSAEncryption
         70:f0:6e:f5:62:b8:35:dc:f7:33:5d:8c:b1:42:01:70:75:05:
         3f:fe:ec:44:3f:8c:d9:c2:02:b5:71:9f:51:b1:73:f1:4d:6b:
         85:a4:ed:d5:f9:59:27:ed:cb:eb:9c:9f:c3:29:40:cf:db:65:
         67:6c:3b:b4:64:d8:1f:f4:c6:60:59:5c:2f:ff:ab:db:a5:29:
         85:e5:9d:37:91:f4:e9:cd:af:fa:b4:94:2e:ba:18:22:1c:53:
         37:37:41:7b:c2:21:b0:fc:25:a2:a8:98:8e:62:eb:32:02:68:
         9d:5b:cb:82:05:04:81:fb:cb:29:31:45:1a:88:c7:0d:e9:22:
         ed:48:f8:56:89:5b:0e:6f:3c:9b:4e:5d:54:1b:bb:86:35:a9:
         db:83:02:8a:d9:ba:ae:2b:4b:92:93:b6:ee:bc:25:24:4e:7f:
         b9:1d:c3:cb:06:9e:01:9f:fa:23:dc:03:10:dd:50:55:95:88:
         d1:63:45:10:7d:b8:00:12:5e:f9:29:1d:f2:65:d3:3c:22:bc:
         cf:a1:3f:e7:40:78:3f:6c:ba:38:71:9d:1b:76:ac:d9:0f:83:
         fa:bd:fc:5c:b7:b9:6e:82:0d:4e:fd:88:a6:7d:a9:6e:92:e1:
         50:53:0e:ea:eb:93:79:79:57:63:9a:c7:5e:17:8c:4c:75:99:
         b6:57:d1:06
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICC0UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjMxMDExMTMyOTI5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTI2YTMzOS05OGQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0j9/wvx5Hu8Kp1Lf29z2L5IxeYGIZu5XA655yiLSwisjBIEIY2og3jdAGiYO
hv0mjxI4pi19qev25fXHei7NKCOTf8F8e/8SYzEIbMA7eIAohXWN1+EAF+MGJSBS
5OPV7eeNrPzyqasGakym9CfHrecSG53v8I/BPDPu57Kfcj5RMJqwBHNIBmBjWdSI
pYZvw5ar71FKbqzGVIG/AmRRqalvtf/pMSY6Rmkp0IyR7VOW4dw6G5nt91G9hfn3
j1nWPJo6OWKIWFk2fedqnc32B8zv9J0NHR51kahLnIPg/WnI4LK7coPBvwqUur2M
9RHsLs1dGqTPK7HTNBW46BoLHQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFM7xQLGW
YWRtgNZoTculj0z6sRY0MB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvMzQ1RjREQjQ2
ODNBMTFFRThEN0Y0MTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwEkBghAmZgwDQYJKoZIhvcNAQELBQADggEBAHDwbvViuDXc
9zNdjLFCAXB1BT/+7EQ/jNnCArVxn1Gxc/FNa4Wk7dX5WSfty+ucn8MpQM/bZWds
O7Rk2B/0xmBZXC//q9ulKYXlnTeR9OnNr/q0lC66GCIcUzc3QXvCIbD8JaKomI5i
6zICaJ1by4IFBIH7yykxRRqIxw3pIu1I+FaJWw5vPJtOXVQbu4Y1qduDAorZuq4r
S5KTtu68JSROf7kdw8sGngGf+iPcAxDdUFWViNFjRRB9uAASXvkpHfJl0zwivM+h
P+dAeD9sujhxnRt2rNkPg/q9/Fy3uW6CDU79iKZ9qW6S4VBTDurrk3l5V2Oax14X
jEx1mbZX0QY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-ams.rpki-client.org