Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/39DE1F1C2ECF11EE86E91E76C4F9AE02.roa
File:                     39DE1F1C2ECF11EE86E91E76C4F9AE02.roa (raw, json)
Hash identifier:          qC+/yhRaLCd3mbjroAK4S2R5AMkVmw7tLHKqXGzgoLM=
Subject key identifier:   1F:01:CD:94:F2:41:34:99:A9:74:4F:AF:89:B5:63:0F:6B:BC:8B:6B
Certificate issuer:       /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial:       0ACF
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/39DE1F1C2ECF11EE86E91E76C4F9AE02.roa
Signing time:             Sun 30 Jul 2023 11:50:06 +0000
ROA not before:           Sun 30 Jul 2023 11:50:06 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     7488
IP address blocks:        2406:840:fed0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 20 Aug 2023 10:52:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2767 (0xacf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
        Validity
            Not Before: Jul 30 11:50:06 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=64c64e6e-6377
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:f6:e7:26:16:e1:28:54:a4:c7:d0:9f:a6:49:
                    e7:f7:ee:1c:38:66:ea:88:c0:22:ec:76:b1:69:c0:
                    a6:27:e8:30:3a:51:62:2e:94:be:38:c9:42:ee:83:
                    c9:46:86:f3:a5:6f:90:b3:ad:6d:af:ab:f2:99:8b:
                    85:e0:66:c2:dc:41:e5:cf:12:f2:73:0b:b0:4f:c8:
                    87:92:7c:67:26:81:56:08:b0:6c:ab:8f:a9:76:23:
                    31:0d:8a:78:20:6a:48:84:7a:5b:b0:90:34:a5:19:
                    53:d3:40:a5:52:72:c7:e7:59:8f:5f:66:66:0a:66:
                    9d:89:3f:80:21:9d:a4:8e:f6:4b:61:e0:89:dc:27:
                    5d:6f:36:3d:76:e9:38:f1:3f:83:6f:bd:1d:0c:a4:
                    b3:49:3d:9c:5b:5e:f0:89:56:26:7f:91:77:2a:9c:
                    07:9b:8e:1d:47:3c:e8:ab:7a:17:54:86:ea:9e:7a:
                    22:48:b0:ea:78:9f:06:f7:17:c9:d7:18:98:3b:ca:
                    e9:f8:ea:62:3e:7c:04:67:69:1f:2f:5e:88:0e:43:
                    36:8c:38:6d:75:7d:3a:e7:0e:b9:97:c3:f0:1f:f1:
                    1a:94:43:50:41:4f:4e:59:17:1b:ad:68:39:5d:89:
                    c2:12:25:5a:c3:9e:07:2d:91:8f:5e:3e:cd:b9:bc:
                    e1:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:01:CD:94:F2:41:34:99:A9:74:4F:AF:89:B5:63:0F:6B:BC:8B:6B
            X509v3 Authority Key Identifier:
                keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/39DE1F1C2ECF11EE86E91E76C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:840:fed0::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:f4:11:fb:c5:33:f4:04:c2:d6:5b:be:32:96:01:87:24:78:
         89:bf:c8:12:c6:96:2b:da:c5:ec:9f:b9:e1:c7:fb:7e:09:4e:
         88:01:ee:ca:10:0c:a4:2a:03:7a:03:e4:3d:0f:16:bb:01:f3:
         ca:32:3d:ea:8d:3e:2b:f7:83:a7:19:48:b9:70:90:b9:22:f0:
         28:d0:c6:7a:08:34:18:d9:13:ff:d1:31:a8:a9:1b:d0:9d:66:
         3d:68:22:a8:cc:69:38:49:09:a4:9c:53:38:45:c2:a1:ca:f0:
         b2:54:41:09:a8:78:45:d3:5b:7d:9b:fa:8e:81:7d:30:ee:22:
         ea:6c:1e:d2:49:12:53:ec:99:43:f1:0c:50:87:be:1f:9d:1e:
         fc:68:63:2c:65:ef:32:86:51:6d:2c:3f:fc:44:8f:fd:6d:98:
         f5:0c:02:dc:d8:14:eb:f4:47:f6:f0:49:3f:dd:19:96:6a:88:
         14:1b:2a:5e:34:bd:8a:85:ce:4a:5d:64:a5:48:22:f6:59:8c:
         b4:e8:64:ca:33:8e:4e:c8:20:0c:9b:20:af:4b:ab:5a:fa:67:
         f9:91:2f:9d:22:0c:f6:20:f8:02:86:3c:44:ab:f3:0c:cd:c6:
         52:4d:61:fc:81:0a:d3:4e:2c:cf:0f:80:8a:5d:a9:ac:66:ae:
         17:38:6b:a4
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICCs8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjMwNzMwMTE1MDA2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM2NGU2ZS02Mzc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz/bnJhbhKFSkx9Cfpknn9+4cOGbqiMAi7HaxacCmJ+gwOlFiLpS+OMlC7oPJ
RobzpW+Qs61tr6vymYuF4GbC3EHlzxLycwuwT8iHknxnJoFWCLBsq4+pdiMxDYp4
IGpIhHpbsJA0pRlT00ClUnLH51mPX2ZmCmadiT+AIZ2kjvZLYeCJ3CddbzY9duk4
8T+Db70dDKSzST2cW17wiVYmf5F3KpwHm44dRzzoq3oXVIbqnnoiSLDqeJ8G9xfJ
1xiYO8rp+OpiPnwEZ2kfL16IDkM2jDhtdX065w65l8PwH/EalENQQU9OWRcbrWg5
XYnCEiVaw54HLZGPXj7NubzhnwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFB8BzZTy
QTSZqXRPr4m1Yw9rvItrMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvMzlERTFGMUMy
RUNGMTFFRTg2RTkxRTc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkBghA/tAwDQYJKoZIhvcNAQELBQADggEBAHL0EfvFM/QE
wtZbvjKWAYckeIm/yBLGlivaxeyfueHH+34JTogB7soQDKQqA3oD5D0PFrsB88oy
PeqNPiv3g6cZSLlwkLki8CjQxnoINBjZE//RMaipG9CdZj1oIqjMaThJCaScUzhF
wqHK8LJUQQmoeEXTW32b+o6BfTDuIupsHtJJElPsmUPxDFCHvh+dHvxoYyxl7zKG
UW0sP/xEj/1tmPUMAtzYFOv0R/bwST/dGZZqiBQbKl40vYqFzkpdZKVIIvZZjLTo
ZMozjk7IIAybIK9Lq1r6Z/mRL50iDPYg+AKGPESr8wzNxlJNYfyBCtNOLM8PgIpd
qaxmrhc4a6Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org