Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/E7A562846FB711EFA3A40A16C4F9AE02.roa
File:                     E7A562846FB711EFA3A40A16C4F9AE02.roa (raw, json)
Hash identifier:          YPCLoH0ZFEnb10xBRfYXiCERuV2IZbS9meZRrzTxVCM=
Subject key identifier:   CB:37:E8:67:09:75:71:63:4C:D8:83:EB:C1:FF:E5:0E:9A:AB:CA:64
Certificate issuer:       /CN=A918C287/serialNumber=4239117A25582D0067DE4D0CEDA5ABA5CC7E3569
Certificate serial:       62
Authority key identifier: 42:39:11:7A:25:58:2D:00:67:DE:4D:0C:ED:A5:AB:A5:CC:7E:35:69
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QjkReiVYLQBn3k0M7aWrpcx-NWk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/E7A562846FB711EFA3A40A16C4F9AE02.roa
Signing time:             Tue 10 Sep 2024 21:01:53 +0000
ROA not before:           Tue 10 Sep 2024 21:01:53 +0000
ROA not after:            Sat 01 May 2038 00:00:00 +0000
asID:                     1
IP address blocks:        2001:df0:90::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 20 Nov 2024 02:10:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 98 (0x62)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918C287/serialNumber=4239117A25582D0067DE4D0CEDA5ABA5CC7E3569
        Validity
            Not Before: Sep 10 21:01:53 2024 GMT
            Not After : May  1 00:00:00 2038 GMT
        Subject: CN=66e0b3c1-18c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:32:3e:64:05:30:1f:f3:11:96:70:01:d4:b5:
                    0f:cd:b5:1a:a4:d3:b4:b6:53:da:48:f8:ac:73:9b:
                    9a:2f:ef:63:8d:77:e0:28:bc:20:61:f6:2f:d8:8b:
                    2b:52:37:d1:29:53:0e:c2:77:a6:48:5a:4d:09:43:
                    22:bc:54:9f:c2:f7:17:c2:49:61:2e:71:b4:b5:34:
                    62:19:3c:4f:8d:42:9a:5d:34:b1:f9:92:2d:7c:41:
                    5b:b8:ee:ac:57:0c:53:b7:50:12:e6:a1:8b:09:e3:
                    7d:99:16:c5:54:ad:1e:1d:b7:c2:4a:28:fe:16:3f:
                    a1:21:ac:83:70:ba:a6:eb:c3:bb:0a:56:1f:20:4d:
                    39:6a:61:dc:ee:15:f4:c3:26:14:e5:6e:ec:fe:19:
                    dc:d5:66:b4:ac:c0:c9:b8:a8:3c:a8:7f:3e:2e:43:
                    c2:8c:20:2f:1b:a8:cd:46:b7:72:27:21:e4:64:7f:
                    8a:39:52:d5:f0:ea:d2:3d:79:63:8d:1e:5a:2b:ba:
                    51:41:fc:bb:4f:4e:2a:01:a3:72:dd:b3:e7:9b:8c:
                    69:40:7e:92:08:92:7d:d7:73:43:04:a1:3b:fb:d1:
                    31:74:cf:b9:f2:6a:20:31:60:57:7f:a8:0e:8e:1b:
                    81:38:fe:d2:0f:77:67:af:ba:3e:a0:90:01:2a:55:
                    5b:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:37:E8:67:09:75:71:63:4C:D8:83:EB:C1:FF:E5:0E:9A:AB:CA:64
            X509v3 Authority Key Identifier:
                keyid:42:39:11:7A:25:58:2D:00:67:DE:4D:0C:ED:A5:AB:A5:CC:7E:35:69

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/QjkReiVYLQBn3k0M7aWrpcx-NWk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QjkReiVYLQBn3k0M7aWrpcx-NWk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/E7A562846FB711EFA3A40A16C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df0:90::/48

    Signature Algorithm: sha256WithRSAEncryption
         32:90:0a:0c:31:cd:2f:b9:e8:e0:0a:5d:7b:08:c5:44:fe:ed:
         ba:f0:e6:9a:1b:5b:77:7e:6a:c3:6d:89:5b:ac:a8:03:41:64:
         ee:8a:b8:f4:bd:2e:1e:91:2f:9c:3b:e5:21:dd:a6:32:2d:3c:
         be:0a:06:70:21:41:ad:9e:fd:a8:54:8f:bd:6a:09:d7:31:b6:
         0e:80:79:1c:8c:01:db:df:4a:16:c4:17:ae:a3:47:7f:0b:fd:
         e5:e5:c4:d8:6c:75:51:9c:a7:fa:31:e3:9f:f6:61:8d:50:38:
         1d:5a:9b:43:25:9a:c9:9e:75:20:7d:28:0f:55:f2:b6:f2:82:
         ab:f4:6f:f3:f0:ce:6a:a3:b7:15:ac:16:4b:9a:eb:7c:25:64:
         1e:1c:24:33:c6:a6:72:da:66:ce:16:0d:81:b3:d7:57:46:0b:
         ce:22:63:90:13:e5:07:0d:ea:66:64:28:80:1e:7c:15:b1:3c:
         93:58:41:db:02:7d:0b:ce:e2:08:66:21:07:f1:d2:47:61:d4:
         42:fb:c2:bc:91:d6:ca:97:75:8e:8d:72:a1:c4:84:12:fb:b5:
         b4:8c:73:df:11:16:3a:09:e8:24:de:ad:57:e0:71:26:15:16:
         28:ec:31:7b:b6:44:24:0f:03:98:af:3e:be:6b:f7:7a:2e:1e:
         01:14:54:b4
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBYjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QzI4NzExMC8GA1UEBRMoNDIzOTExN0EyNTU4MkQwMDY3REU0RDBDRURBNUFCQTVD
QzdFMzU2OTAeFw0yNDA5MTAyMTAxNTNaFw0zODA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZTBiM2MxLTE4YzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4Mj5kBTAf8xGWcAHUtQ/NtRqk07S2U9pI+Kxzm5ov72ONd+AovCBh9i/YiytS
N9EpUw7Cd6ZIWk0JQyK8VJ/C9xfCSWEucbS1NGIZPE+NQppdNLH5ki18QVu47qxX
DFO3UBLmoYsJ432ZFsVUrR4dt8JKKP4WP6EhrINwuqbrw7sKVh8gTTlqYdzuFfTD
JhTlbuz+GdzVZrSswMm4qDyofz4uQ8KMIC8bqM1Gt3InIeRkf4o5UtXw6tI9eWON
HlorulFB/LtPTioBo3Lds+ebjGlAfpIIkn3Xc0MEoTv70TF0z7nyaiAxYFd/qA6O
G4E4/tIPd2evuj6gkAEqVVvZAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUyzfoZwl1
cWNM2IPrwf/lDpqrymQwHwYDVR0jBBgwFoAUQjkReiVYLQBn3k0M7aWrpcx+NWkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThDMjg3LzY4RDg4MTg0MjQ4
NTExRUY5NDIzNjU3MkM0RjlBRTAyL1Fqa1JlaVZZTFFCbjNrME03YVdycGN4LU5X
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUWprUmVpVllMUUJuM2swTTdhV3JwY3gtTldrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QzI4Ny82OEQ4ODE4NDI0ODUxMUVGOTQyMzY1NzJDNEY5QUUwMi9FN0E1NjI4NDZG
QjcxMUVGQTNBNDBBMTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfAAkDANBgkqhkiG9w0BAQsFAAOCAQEAMpAKDDHNL7no
4ApdewjFRP7tuvDmmhtbd35qw22JW6yoA0Fk7oq49L0uHpEvnDvlId2mMi08vgoG
cCFBrZ79qFSPvWoJ1zG2DoB5HIwB299KFsQXrqNHfwv95eXE2Gx1UZyn+jHjn/Zh
jVA4HVqbQyWayZ51IH0oD1XytvKCq/Rv8/DOaqO3FawWS5rrfCVkHhwkM8amctpm
zhYNgbPXV0YLziJjkBPlBw3qZmQogB58FbE8k1hB2wJ9C87iCGYhB/HSR2HUQvvC
vJHWypd1jo1yocSEEvu1tIxz3xEWOgnoJN6tV+BxJhUWKOwxe7ZEJA8DmK8+vmv3
ei4eARRUtA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 04:35:44 2024 by rpki-client on console-fra.rpki-client.org