Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/5EF1619846B111E98B793856C4F9AE02.roa
File:                     5EF1619846B111E98B793856C4F9AE02.roa (raw, json)
Hash identifier:          Gjm4lMhRnkOzCac8fB05hNQSs+1Mt6dUwm80jKF0y6I=
Subject key identifier:   1A:8E:E2:B4:14:F9:A2:49:4F:8D:02:5D:FE:E7:AC:15:C3:07:89:1B
Certificate issuer:       /CN=A918E6B7/serialNumber=BE725484B8CD0D1D8D77ED87CCCEFADF793F4708
Certificate serial:       0EAE
Authority key identifier: BE:72:54:84:B8:CD:0D:1D:8D:77:ED:87:CC:CE:FA:DF:79:3F:47:08
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vnJUhLjNDR2Nd-2HzM7633k_Rwg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/5EF1619846B111E98B793856C4F9AE02.roa
Signing time:             Sat 06 May 2023 18:55:52 +0000
ROA not before:           Sat 06 May 2023 18:55:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2764
IP address blocks:        147.76.28.0/24 maxlen: 24
                          147.76.52.0/24 maxlen: 24
                          147.76.53.0/24 maxlen: 24
                          147.76.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 13 Jul 2023 05:16:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3758 (0xeae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918E6B7/serialNumber=BE725484B8CD0D1D8D77ED87CCCEFADF793F4708
        Validity
            Not Before: May  6 18:55:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6456a2b7-f6d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:10:04:76:ec:99:d3:07:2a:ef:1c:f4:59:7b:
                    ab:a3:c5:02:9c:4f:9d:12:a6:b0:59:5e:e6:aa:5b:
                    39:05:67:74:0b:ab:30:4a:2a:71:bd:dd:2a:78:d7:
                    4b:ee:d1:c8:91:bd:84:84:e5:5b:92:46:01:d3:e7:
                    a8:3f:3b:41:2d:3e:a6:68:83:e6:9e:2b:68:f2:df:
                    83:75:46:30:16:2e:5d:61:ef:5f:a8:91:6c:c1:8d:
                    43:18:3a:2f:89:6f:d9:f3:47:2c:53:35:3c:68:f6:
                    63:89:63:d1:fc:47:f7:89:fa:64:98:26:3c:b7:c1:
                    a3:3a:c0:71:39:77:9d:8d:40:ce:b6:3a:3a:95:f7:
                    15:a5:ab:b5:cd:01:07:15:d5:52:89:cd:55:8a:96:
                    14:a7:44:36:69:a3:0b:50:31:df:64:00:01:82:9f:
                    e3:7e:9e:8c:37:8f:0a:cb:28:a2:74:61:c3:3e:2d:
                    1e:1f:d7:a3:8b:77:c6:ab:64:31:bf:e4:82:75:2b:
                    6a:97:c5:5e:be:3c:11:95:c2:d0:42:61:63:c9:c8:
                    f0:01:69:c7:e0:70:da:89:32:8d:68:70:8c:d1:5a:
                    87:b5:85:34:8d:4b:0b:42:27:39:a4:ab:28:bc:17:
                    d8:94:1b:d1:37:ab:aa:e0:e5:a9:e2:b7:6f:41:c7:
                    f0:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:8E:E2:B4:14:F9:A2:49:4F:8D:02:5D:FE:E7:AC:15:C3:07:89:1B
            X509v3 Authority Key Identifier:
                keyid:BE:72:54:84:B8:CD:0D:1D:8D:77:ED:87:CC:CE:FA:DF:79:3F:47:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/vnJUhLjNDR2Nd-2HzM7633k_Rwg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vnJUhLjNDR2Nd-2HzM7633k_Rwg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E6B7/AE7D4D4E46AC11E996088348C4F9AE02/5EF1619846B111E98B793856C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.76.28.0/24
                  147.76.52.0/23
                  147.76.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:8a:37:ef:bc:9d:3d:e5:00:69:ab:00:e8:eb:30:fd:45:31:
         e4:49:99:0f:8e:36:4d:c0:a3:34:74:2b:59:e9:62:12:e6:ee:
         ce:85:f6:8b:37:39:a5:64:ce:4a:10:ed:f0:3e:e8:ac:ef:80:
         44:4d:43:f0:59:94:8c:56:59:c9:11:3b:7e:c2:8c:e5:d9:87:
         f3:9c:8b:ba:f7:30:45:3f:c4:38:3c:fe:55:7f:f4:08:13:5e:
         5f:bf:19:97:10:dd:c9:b8:46:74:ed:5d:ed:c2:40:18:8b:01:
         dc:d9:65:5e:15:89:07:fb:ec:6d:85:96:18:81:40:ee:e7:13:
         fa:8d:25:ac:08:c2:77:eb:1e:e6:67:0d:40:79:07:38:09:0c:
         4e:6a:22:7a:80:04:19:fb:87:26:59:ff:50:e5:37:89:2f:f1:
         ef:9b:8e:a5:99:84:59:a6:92:65:45:49:77:f3:ee:28:52:e7:
         ca:24:e4:1a:55:27:eb:f7:3c:51:b9:53:30:58:74:83:d4:a8:
         6f:be:6c:ef:03:76:52:cc:90:1a:78:c9:0f:c7:de:57:c2:5b:
         86:fc:5e:5b:f0:b5:61:bb:b4:8a:36:33:49:a3:34:34:a6:2f:
         e3:b5:24:66:35:87:14:bb:f4:85:74:a0:85:a9:98:71:f4:cf:
         c4:fd:8c:b5
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICDq4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEU2QjcxMTAvBgNVBAUTKEJFNzI1NDg0QjhDRDBEMUQ4RDc3RUQ4N0NDQ0VGQURG
NzkzRjQ3MDgwHhcNMjMwNTA2MTg1NTUyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDU2YTJiNy1mNmQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuxAEduyZ0wcq7xz0WXuro8UCnE+dEqawWV7mqls5BWd0C6swSipxvd0qeNdL
7tHIkb2EhOVbkkYB0+eoPztBLT6maIPmnito8t+DdUYwFi5dYe9fqJFswY1DGDov
iW/Z80csUzU8aPZjiWPR/Ef3ifpkmCY8t8GjOsBxOXedjUDOtjo6lfcVpau1zQEH
FdVSic1VipYUp0Q2aaMLUDHfZAABgp/jfp6MN48KyyiidGHDPi0eH9eji3fGq2Qx
v+SCdStql8VevjwRlcLQQmFjycjwAWnH4HDaiTKNaHCM0VqHtYU0jUsLQic5pKso
vBfYlBvRN6uq4OWp4rdvQcfwgQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFBqO4rQU
+aJJT40CXf7nrBXDB4kbMB8GA1UdIwQYMBaAFL5yVIS4zQ0djXfth8zO+t95P0cI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTZCNy9BRTdENEQ0RTQ2
QUMxMUU5OTYwODgzNDhDNEY5QUUwMi92bkpVaExqTkRSMk5kLTJIek03NjMza19S
d2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3ZuSlVoTGpORFIyTmQtMkh6TTc2MzNrX1J3Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEU2QjcvQUU3RDRENEU0NkFDMTFFOTk2MDg4MzQ4QzRGOUFFMDIvNUVGMTYxOTg0
NkIxMTFFOThCNzkzODU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBACTTBwDBAGTTDQDBACTTPEwDQYJKoZIhvcNAQELBQADggEB
AC6KN++8nT3lAGmrAOjrMP1FMeRJmQ+ONk3AozR0K1npYhLm7s6F9os3OaVkzkoQ
7fA+6KzvgERNQ/BZlIxWWckRO37CjOXZh/Oci7r3MEU/xDg8/lV/9AgTXl+/GZcQ
3cm4RnTtXe3CQBiLAdzZZV4ViQf77G2FlhiBQO7nE/qNJawIwnfrHuZnDUB5BzgJ
DE5qInqABBn7hyZZ/1DlN4kv8e+bjqWZhFmmkmVFSXfz7ihS58ok5BpVJ+v3PFG5
UzBYdIPUqG++bO8DdlLMkBp4yQ/H3lfCW4b8XlvwtWG7tIo2M0mjNDSmL+O1JGY1
hxS79IV0oIWpmHH0z8T9jLU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:15 2024 by rpki-client on console-fra.rpki-client.org