Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919A909/166E747C2A3311EFBE9AA859C4F9AE02/85A925942A3311EFBE6D775AC4F9AE02.roa
File:                     85A925942A3311EFBE6D775AC4F9AE02.roa (raw, json)
Hash identifier:          HOO5pEvjG5DbU6i9aYfRLAhpBUiiBAgi2dQVA1hocUo=
Subject key identifier:   60:55:07:61:AE:B2:EB:D0:0C:62:CA:1C:12:76:50:F4:7D:80:BB:0D
Certificate issuer:       /CN=A919A909/serialNumber=D7210B6E99424A9E82A4D45002736F6483AA279A
Certificate serial:       02
Authority key identifier: D7:21:0B:6E:99:42:4A:9E:82:A4:D4:50:02:73:6F:64:83:AA:27:9A
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1yELbplCSp6CpNRQAnNvZIOqJ5o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919A909/166E747C2A3311EFBE9AA859C4F9AE02/85A925942A3311EFBE6D775AC4F9AE02.roa
Signing time:             Fri 14 Jun 2024 09:50:24 +0000
ROA not before:           Fri 14 Jun 2024 09:50:24 +0000
ROA not after:            Tue 30 Sep 2025 00:00:00 +0000
asID:                     32595
IP address blocks:        160.22.156.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 19 Jun 2024 14:22:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919A909/serialNumber=D7210B6E99424A9E82A4D45002736F6483AA279A
        Validity
            Not Before: Jun 14 09:50:24 2024 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=666c1260-1d8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:f7:2b:96:16:af:a1:cc:0c:d9:2e:2c:92:85:
                    fa:3e:b4:38:bd:2f:b6:b0:ab:7a:b9:a2:d5:39:15:
                    7c:1d:c2:0d:25:d5:4e:b1:c3:c1:2e:21:17:71:7d:
                    7c:1b:38:43:2a:83:10:ce:c4:72:b4:f2:4f:88:c3:
                    be:a3:84:f1:17:7e:b2:e5:a8:7f:71:cc:21:a0:93:
                    e5:9e:59:26:f0:00:f1:87:c0:dc:ae:51:e1:4a:96:
                    e0:73:10:b6:06:e1:6f:56:7c:79:cd:32:66:d1:4b:
                    b3:46:17:0b:f3:38:07:08:ef:1b:1b:9d:66:f1:52:
                    22:ba:f5:28:18:5c:b4:60:bf:48:bc:ed:c8:70:63:
                    b1:4e:0e:7b:d3:2b:56:ce:28:85:b5:09:b4:d0:d0:
                    21:93:b6:7c:ba:9c:9a:ea:0c:dc:19:e6:10:ac:1e:
                    ea:ab:f4:49:2f:4c:02:65:55:db:b1:fa:27:ae:6c:
                    8b:9d:a4:ee:e3:67:85:79:b2:5b:b7:d1:62:b1:8b:
                    26:d1:20:22:43:63:82:fb:1a:86:48:0e:38:ea:71:
                    e9:38:c9:be:7b:04:9c:10:71:ba:37:69:37:87:b4:
                    a5:1b:51:d1:69:5a:bf:73:6b:1b:d9:ae:28:14:ce:
                    1a:bd:a3:7e:db:e0:70:6d:63:d6:71:42:1c:fb:31:
                    50:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:55:07:61:AE:B2:EB:D0:0C:62:CA:1C:12:76:50:F4:7D:80:BB:0D
            X509v3 Authority Key Identifier:
                keyid:D7:21:0B:6E:99:42:4A:9E:82:A4:D4:50:02:73:6F:64:83:AA:27:9A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919A909/166E747C2A3311EFBE9AA859C4F9AE02/1yELbplCSp6CpNRQAnNvZIOqJ5o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1yELbplCSp6CpNRQAnNvZIOqJ5o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A909/166E747C2A3311EFBE9AA859C4F9AE02/85A925942A3311EFBE6D775AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.22.156.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:e8:91:d8:79:b3:5e:39:de:7e:84:44:e7:c9:ae:39:f9:3b:
         64:5c:da:57:fe:12:ca:19:c3:df:a0:14:16:dd:48:56:ee:e1:
         e7:3b:7f:79:5d:d9:64:cc:35:bc:d2:7d:59:5d:bb:20:fc:de:
         79:13:33:27:eb:60:9f:12:bb:3c:bf:23:6b:00:f2:e1:04:29:
         4c:72:aa:04:f0:55:af:12:8e:bb:32:d8:7a:63:41:2e:67:fd:
         85:77:e0:dd:36:07:90:b3:10:63:9e:f6:8f:a3:b9:37:79:3f:
         b1:b1:44:fe:09:a7:97:fa:2f:35:5b:c9:98:c5:c5:10:46:c6:
         43:92:f5:b3:e4:da:90:2c:ac:a8:43:c3:b7:b7:cf:3f:68:d8:
         12:62:13:f0:6a:54:12:d4:4d:06:27:66:1c:2a:d5:00:b9:f8:
         89:8b:a4:5c:80:5c:22:61:67:d5:74:8c:88:e2:af:25:9a:55:
         f8:16:b9:d9:7d:49:be:eb:df:95:45:44:ce:ba:05:95:d3:29:
         f7:cc:7c:84:54:54:95:30:cf:0c:9e:ae:9a:cc:48:23:f3:f0:
         f2:26:66:a3:8f:27:eb:9b:69:0a:e3:55:d1:e8:9f:5d:68:0e:
         1a:21:65:47:41:3a:00:97:c7:0a:f1:31:b1:44:dd:c5:ab:e1:
         48:ec:69:91
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
QTkwOTExMC8GA1UEBRMoRDcyMTBCNkU5OTQyNEE5RTgyQTRENDUwMDI3MzZGNjQ4
M0FBMjc5QTAeFw0yNDA2MTQwOTUwMjRaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NmMxMjYwLTFkOGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC99yuWFq+hzAzZLiyShfo+tDi9L7awq3q5otU5FXwdwg0l1U6xw8EuIRdxfXwb
OEMqgxDOxHK08k+Iw76jhPEXfrLlqH9xzCGgk+WeWSbwAPGHwNyuUeFKluBzELYG
4W9WfHnNMmbRS7NGFwvzOAcI7xsbnWbxUiK69SgYXLRgv0i87chwY7FODnvTK1bO
KIW1CbTQ0CGTtny6nJrqDNwZ5hCsHuqr9EkvTAJlVdux+ieubIudpO7jZ4V5slu3
0WKxiybRICJDY4L7GoZIDjjqcek4yb57BJwQcbo3aTeHtKUbUdFpWr9zaxvZrigU
zhq9o37b4HBtY9ZxQhz7MVCVAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUYFUHYa6y
69AMYsocEnZQ9H2Auw0wHwYDVR0jBBgwFoAU1yELbplCSp6CpNRQAnNvZIOqJ5ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlBOTA5LzE2NkU3NDdDMkEz
MzExRUZCRTlBQTg1OUM0RjlBRTAyLzF5RUxicGxDU3A2Q3BOUlFBbk52WklPcUo1
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvMXlFTGJwbENTcDZDcE5SUUFuTnZaSU9xSjVvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
QTkwOS8xNjZFNzQ3QzJBMzMxMUVGQkU5QUE4NTlDNEY5QUUwMi84NUE5MjU5NDJB
MzMxMUVGQkU2RDc3NUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaAWnDANBgkqhkiG9w0BAQsFAAOCAQEATeiR2HmzXjnefoRE
58muOfk7ZFzaV/4SyhnD36AUFt1IVu7h5zt/eV3ZZMw1vNJ9WV27IPzeeRMzJ+tg
nxK7PL8jawDy4QQpTHKqBPBVrxKOuzLYemNBLmf9hXfg3TYHkLMQY572j6O5N3k/
sbFE/gmnl/ovNVvJmMXFEEbGQ5L1s+TakCysqEPDt7fPP2jYEmIT8GpUEtRNBidm
HCrVALn4iYukXIBcImFn1XSMiOKvJZpV+Ba52X1JvuvflUVEzroFldMp98x8hFRU
lTDPDJ6umsxII/Pw8iZmo48n65tpCuNV0eifXWgOGiFlR0E6AJfHCvExsUTdxavh
SOxpkQ==
-----END CERTIFICATE-----
Generated at Wed Jun 19 20:09:55 2024 by rpki-client on console-ams.rpki-client.org