Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/25F76180575511EE9DEEAF55C4F9AE02.roa
File:                     25F76180575511EE9DEEAF55C4F9AE02.roa (raw, json)
Hash identifier:          V2a7QMJzR9cuBgQ8/lMsPTmaXlVyPB5Ech5rTY5MuaY=
Subject key identifier:   23:F1:6C:EC:89:DB:7D:16:18:8D:E5:37:0A:B7:EA:18:E8:35:28:93
Certificate issuer:       /CN=A9194C0D/serialNumber=A2CD10A47ED723E1C48B5F50D680CF4F67FCB1D3
Certificate serial:       02
Authority key identifier: A2:CD:10:A4:7E:D7:23:E1:C4:8B:5F:50:D6:80:CF:4F:67:FC:B1:D3
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/os0QpH7XI-HEi19Q1oDPT2f8sdM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/25F76180575511EE9DEEAF55C4F9AE02.roa
Signing time:             Wed 20 Sep 2023 01:29:32 +0000
ROA not before:           Wed 20 Sep 2023 01:29:32 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     134090
IP address blocks:        148.222.0.0/22 maxlen: 23
                          148.222.4.0/22 maxlen: 23

Validation:               Failed, certificate revoked on Sun 01 Oct 2023 04:04:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9194C0D/serialNumber=A2CD10A47ED723E1C48B5F50D680CF4F67FCB1D3
        Validity
            Not Before: Sep 20 01:29:32 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=650a4afb-564f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:8e:8e:c8:eb:ec:a0:68:b0:09:9f:b4:6f:a5:
                    0b:a3:c5:b0:bd:c2:8d:64:c2:af:48:3f:8c:82:26:
                    b3:94:e1:5f:b2:da:e4:66:ce:1a:67:89:49:62:7d:
                    4e:21:8e:66:b9:f3:91:21:51:d2:08:75:ff:43:84:
                    36:5b:69:14:cd:10:18:41:aa:6e:62:8a:f0:ea:a1:
                    81:44:c9:37:7e:65:54:d4:2b:c8:47:11:86:46:6f:
                    0d:1d:8f:f5:94:a4:e3:3a:16:84:96:28:a8:e2:e1:
                    cb:0e:7e:b6:84:68:57:3f:b8:d2:43:5e:a9:02:49:
                    2d:24:06:41:c0:2f:90:68:4b:00:da:0d:43:3f:3d:
                    7e:a4:13:f3:eb:fc:ec:6e:4c:22:d1:95:a4:1c:c5:
                    22:94:d7:66:2d:de:3f:3d:0d:54:dd:35:5e:d1:e6:
                    74:c4:26:e9:5e:14:86:6f:8f:7a:57:19:99:ab:59:
                    37:87:b1:b9:60:e2:54:ca:48:73:a4:d8:c7:f8:50:
                    df:b3:17:4d:70:9b:b7:4f:7e:af:ae:f2:86:13:d7:
                    4f:d4:a5:bb:5f:e0:a8:3b:4c:f5:3f:f1:16:d1:f1:
                    48:a3:05:06:42:67:60:cf:18:aa:3b:63:18:83:06:
                    e0:b7:a5:04:85:28:f5:1e:ed:0a:08:7d:b0:b4:79:
                    b1:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:F1:6C:EC:89:DB:7D:16:18:8D:E5:37:0A:B7:EA:18:E8:35:28:93
            X509v3 Authority Key Identifier:
                keyid:A2:CD:10:A4:7E:D7:23:E1:C4:8B:5F:50:D6:80:CF:4F:67:FC:B1:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/os0QpH7XI-HEi19Q1oDPT2f8sdM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/os0QpH7XI-HEi19Q1oDPT2f8sdM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194C0D/A470785E575411EE940CD954C4F9AE02/25F76180575511EE9DEEAF55C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.222.0.0/21

    Signature Algorithm: sha256WithRSAEncryption
         58:ce:e9:34:7a:a3:05:2e:43:d6:a8:84:32:48:b5:53:df:86:
         a2:27:64:7d:66:c4:eb:51:41:e5:db:15:a6:5b:89:54:01:97:
         27:8c:fb:78:7e:3d:95:64:dc:8e:55:4e:43:61:9e:4c:36:69:
         12:e2:88:93:93:10:51:33:dc:30:b6:34:5c:7b:51:dd:a7:90:
         26:44:45:4c:25:68:e9:08:ac:67:af:42:2a:70:b7:2d:0f:9e:
         84:fa:1f:b7:32:50:4e:1d:a2:fb:e3:2c:dc:52:b4:1a:6a:33:
         c3:1f:27:b4:c7:5b:bb:b7:5c:87:fc:43:24:9b:dd:fb:96:29:
         bc:02:2e:a2:1e:75:e4:cf:93:31:51:09:48:95:35:39:92:b3:
         2c:3d:a8:8a:4c:f3:46:f5:2a:5c:e4:4d:e4:f0:8c:07:cf:cd:
         64:f1:29:30:05:c5:f8:63:a2:ad:c1:c9:6a:80:06:ae:0c:e4:
         37:82:b3:87:35:64:40:17:74:72:6c:af:1f:71:62:86:df:6a:
         f2:87:1a:f0:30:1e:39:24:eb:14:a8:dc:58:6a:a7:f6:76:02:
         02:0b:90:49:5d:f0:7b:74:51:67:ab:6e:56:7b:37:3b:99:2e:
         d4:9c:98:51:72:d2:fc:a4:c0:4e:f7:b7:ac:30:e3:ab:9a:b3:
         51:d6:da:9d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NEMwRDExMC8GA1UEBRMoQTJDRDEwQTQ3RUQ3MjNFMUM0OEI1RjUwRDY4MENGNEY2
N0ZDQjFEMzAeFw0yMzA5MjAwMTI5MzJaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MGE0YWZiLTU2NGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6jo7I6+ygaLAJn7RvpQujxbC9wo1kwq9IP4yCJrOU4V+y2uRmzhpniUlifU4h
jma585EhUdIIdf9DhDZbaRTNEBhBqm5iivDqoYFEyTd+ZVTUK8hHEYZGbw0dj/WU
pOM6FoSWKKji4csOfraEaFc/uNJDXqkCSS0kBkHAL5BoSwDaDUM/PX6kE/Pr/Oxu
TCLRlaQcxSKU12Yt3j89DVTdNV7R5nTEJuleFIZvj3pXGZmrWTeHsblg4lTKSHOk
2Mf4UN+zF01wm7dPfq+u8oYT10/Upbtf4Kg7TPU/8RbR8UijBQZCZ2DPGKo7YxiD
BuC3pQSFKPUe7QoIfbC0ebH5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUI/Fs7Inb
fRYYjeU3CrfqGOg1KJMwHwYDVR0jBBgwFoAUos0QpH7XI+HEi19Q1oDPT2f8sdMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk0QzBEL0E0NzA3ODVFNTc1
NDExRUU5NDBDRDk1NEM0RjlBRTAyL29zMFFwSDdYSS1IRWkxOVExb0RQVDJmOHNk
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvb3MwUXBIN1hJLUhFaTE5UTFvRFBUMmY4c2RNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NEMwRC9BNDcwNzg1RTU3NTQxMUVFOTQwQ0Q5NTRDNEY5QUUwMi8yNUY3NjE4MDU3
NTUxMUVFOURFRUFGNTVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA5TeADANBgkqhkiG9w0BAQsFAAOCAQEAWM7pNHqjBS5D1qiE
Mki1U9+GoidkfWbE61FB5dsVpluJVAGXJ4z7eH49lWTcjlVOQ2GeTDZpEuKIk5MQ
UTPcMLY0XHtR3aeQJkRFTCVo6QisZ69CKnC3LQ+ehPoftzJQTh2i++Ms3FK0Gmoz
wx8ntMdbu7dch/xDJJvd+5YpvAIuoh515M+TMVEJSJU1OZKzLD2oikzzRvUqXORN
5PCMB8/NZPEpMAXF+GOircHJaoAGrgzkN4KzhzVkQBd0cmyvH3Fiht9q8oca8DAe
OSTrFKjcWGqn9nYCAguQSV3we3RRZ6tuVns3O5ku1JyYUXLS/KTATve3rDDjq5qz
UdbanQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org