Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa
File:                     84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa (raw, json)
Hash identifier:          a26dUsTykYmyt6hHf9NyAgCUGvAYWcp0DL7pRl2lFPo=
Subject key identifier:   4F:E5:EA:DE:15:09:E2:1E:CA:04:B3:A5:94:DD:AB:06:0E:02:88:07
Certificate issuer:       /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial:       0B3D
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa
Signing time:             Thu 05 Oct 2023 14:01:23 +0000
ROA not before:           Thu 05 Oct 2023 14:01:23 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        2406:840:9888::/48 maxlen: 48
                          2406:840:e060::/44 maxlen: 48
                          2406:840:e070::/44 maxlen: 48
                          2406:840:eef0::/44 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2877 (0xb3d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
        Validity
            Not Before: Oct  5 14:01:23 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=651ec1b2-09f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:1f:93:e1:bb:d0:43:dc:72:6c:3c:68:8b:f1:
                    97:fe:53:95:6b:43:b9:d7:24:fb:eb:f2:f1:99:ac:
                    72:1e:70:59:d0:c1:0e:36:34:e7:b8:b7:a7:a8:19:
                    df:36:4b:5a:bd:13:ea:b6:44:b7:69:69:3a:11:a4:
                    31:c5:2a:0e:8a:b4:d1:9f:0b:bf:d6:6b:eb:0f:69:
                    ae:40:30:7f:74:cc:77:68:0f:5a:3b:b4:de:2f:d6:
                    6b:96:da:5e:18:aa:8b:5e:10:e8:b5:81:57:04:8b:
                    98:15:c3:46:3d:e9:11:95:07:5f:43:9c:ca:91:f0:
                    76:43:c4:f4:16:37:0b:8c:ed:9f:73:44:30:c4:00:
                    bf:69:a1:ca:72:e8:61:e4:2d:85:6f:f8:27:0f:3b:
                    19:f2:b8:93:a5:48:04:75:f3:82:8c:70:ca:2f:b6:
                    25:38:0d:e3:55:81:cf:5c:4f:18:35:40:0d:d8:18:
                    e6:96:82:37:c5:01:d3:33:e0:dc:95:7c:ef:7c:3e:
                    77:6e:d4:1a:f6:71:2a:bc:13:53:2f:6f:65:e1:5a:
                    08:04:04:d4:71:dc:74:dd:38:cf:00:70:61:a8:f5:
                    3b:db:26:f7:9a:d8:67:df:8e:9d:47:23:c7:b1:1a:
                    d0:66:4b:75:fc:3c:44:a6:31:b9:d1:7b:d6:80:f5:
                    ec:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:E5:EA:DE:15:09:E2:1E:CA:04:B3:A5:94:DD:AB:06:0E:02:88:07
            X509v3 Authority Key Identifier:
                keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:840:9888::/48
                  2406:840:e060::/43
                  2406:840:eef0::/44

    Signature Algorithm: sha256WithRSAEncryption
         40:ea:2c:cb:43:d8:b2:be:eb:fa:c0:c8:49:03:70:78:17:28:
         b5:08:5a:3b:73:df:db:eb:61:f0:25:cf:c0:47:e8:f2:39:af:
         9b:c2:a2:83:f2:4d:c5:de:b9:19:ad:6d:e5:27:c0:84:37:b1:
         6b:b1:37:4d:b5:2e:ab:3a:8a:92:7a:8b:1e:e5:0f:d0:7d:4a:
         25:dd:25:c3:07:77:04:a1:21:89:67:a2:fe:9b:90:86:4b:bd:
         ac:de:8a:9f:7b:7a:f4:cd:2b:0f:2d:01:8a:8e:5d:27:46:0a:
         75:53:6f:68:59:79:4f:81:7a:43:a3:4c:11:e5:ec:ea:5a:42:
         cd:2e:ce:a7:c2:c7:57:b6:12:2c:fe:98:0f:db:64:da:e5:16:
         ad:75:5a:38:82:ca:32:a6:84:fe:21:5a:f1:08:de:ff:4a:04:
         fd:67:a8:db:c5:fc:4c:ed:2f:08:96:17:27:5f:dc:49:6c:2f:
         dc:97:6b:b3:13:62:57:da:59:df:b6:7d:9f:db:f7:22:00:78:
         90:69:03:87:a2:4e:b8:04:64:b1:83:d5:9b:15:78:96:ed:db:
         2d:78:21:0e:60:e3:1a:70:a0:70:16:de:85:59:36:22:fa:fa:
         39:1e:fc:05:8a:2b:fc:df:7c:b0:a9:fb:44:14:24:57:cb:49:
         af:2c:23:66
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCz0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjMxMDA1MTQwMTIzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFlYzFiMi0wOWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4x+T4bvQQ9xybDxoi/GX/lOVa0O51yT76/LxmaxyHnBZ0MEONjTnuLenqBnf
NktavRPqtkS3aWk6EaQxxSoOirTRnwu/1mvrD2muQDB/dMx3aA9aO7TeL9Zrltpe
GKqLXhDotYFXBIuYFcNGPekRlQdfQ5zKkfB2Q8T0FjcLjO2fc0QwxAC/aaHKcuhh
5C2Fb/gnDzsZ8riTpUgEdfOCjHDKL7YlOA3jVYHPXE8YNUAN2BjmloI3xQHTM+Dc
lXzvfD53btQa9nEqvBNTL29l4VoIBATUcdx03TjPAHBhqPU72yb3mthn346dRyPH
sRrQZkt1/DxEpjG50XvWgPXsNQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFE/l6t4V
CeIeygSzpZTdqwYOAogHMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvODRFNUFFQUU5
REJCMTFFQ0FFRjcxRTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMCEEAgACMBsDBwAkBghAmIgDBwUkBghA4GADBwQkBghA7vAwDQYJKoZIhvcN
AQELBQADggEBAEDqLMtD2LK+6/rAyEkDcHgXKLUIWjtz39vrYfAlz8BH6PI5r5vC
ooPyTcXeuRmtbeUnwIQ3sWuxN021Lqs6ipJ6ix7lD9B9SiXdJcMHdwShIYlnov6b
kIZLvazeip97evTNKw8tAYqOXSdGCnVTb2hZeU+BekOjTBHl7OpaQs0uzqfCx1e2
Eiz+mA/bZNrlFq11WjiCyjKmhP4hWvEI3v9KBP1nqNvF/EztLwiWFydf3ElsL9yX
a7MTYlfaWd+2fZ/b9yIAeJBpA4eiTrgEZLGD1ZsVeJbt2y14IQ5g4xpwoHAW3oVZ
NiL6+jke/AWKK/zffLCp+0QUJFfLSa8sI2Y=
-----END CERTIFICATE-----
Generated at Wed Nov 1 15:22:21 2023 by rpki-client on console-fra.rpki-client.org