Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919B20D/61ACBF4693A911EE9149E354C4F9AE02/D5C2E2A293A911EE9BF31772C4F9AE02.roa
File:                     D5C2E2A293A911EE9BF31772C4F9AE02.roa (raw, json)
Hash identifier:          78E65adIejyyczMNuQdysENDdCvMy53Hgj1i97sjQEs=
Subject key identifier:   EE:4C:09:70:A0:1D:A8:CD:BE:BA:22:87:7D:9C:BE:F6:DC:BA:39:2C
Certificate issuer:       /CN=A919B20D/serialNumber=E556DC86B94E91CF9B2E2944A85F71692DA094D2
Certificate serial:       02
Authority key identifier: E5:56:DC:86:B9:4E:91:CF:9B:2E:29:44:A8:5F:71:69:2D:A0:94:D2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5VbchrlOkc-bLilEqF9xaS2glNI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919B20D/61ACBF4693A911EE9149E354C4F9AE02/D5C2E2A293A911EE9BF31772C4F9AE02.roa
Signing time:             Tue 05 Dec 2023 20:06:54 +0000
ROA not before:           Tue 05 Dec 2023 20:06:54 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     55785
IP address blocks:        202.37.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Dec 2023 02:21:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919B20D/serialNumber=E556DC86B94E91CF9B2E2944A85F71692DA094D2
        Validity
            Not Before: Dec  5 20:06:54 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=656f82de-2d20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:40:5d:3b:a2:9a:07:cd:b6:18:99:c4:0d:a8:
                    1b:ad:a7:7d:1d:5b:eb:4d:59:2d:29:66:50:31:46:
                    ad:77:e0:7d:87:13:7a:8f:86:a2:9a:20:9c:b3:db:
                    e5:3f:22:dc:73:4e:f1:d2:52:98:c3:8e:ae:cb:30:
                    28:9a:c5:c4:b3:d8:65:56:2f:20:29:53:62:3d:00:
                    85:1f:5c:a4:1d:b4:fb:a1:30:38:ff:24:9f:62:ad:
                    ef:46:42:1a:6f:74:7f:40:b8:fe:8c:68:da:c4:3e:
                    fd:cc:59:f2:fd:ff:00:11:44:0b:1a:0d:19:d9:c9:
                    01:26:2e:28:1c:83:35:1d:c6:7d:b0:29:29:4a:10:
                    88:d4:41:95:8f:80:e6:88:fa:6c:73:e5:86:08:51:
                    c0:73:4c:06:75:a4:78:ac:ee:94:ba:9b:b9:8c:a7:
                    49:cf:30:fc:03:79:d2:2c:0e:64:20:49:75:e8:05:
                    78:f7:bb:97:07:b2:34:49:75:2e:a0:f2:47:47:61:
                    84:46:e3:2a:68:86:76:b9:44:6d:91:e2:dd:14:7e:
                    d3:51:21:ea:f5:54:36:e4:58:74:d2:a2:af:ea:6d:
                    11:d7:76:ea:ad:b9:28:b1:b5:5f:7a:9b:95:7f:4e:
                    70:9d:cd:13:34:e4:03:78:0a:dd:9e:f4:03:26:f4:
                    84:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:4C:09:70:A0:1D:A8:CD:BE:BA:22:87:7D:9C:BE:F6:DC:BA:39:2C
            X509v3 Authority Key Identifier:
                keyid:E5:56:DC:86:B9:4E:91:CF:9B:2E:29:44:A8:5F:71:69:2D:A0:94:D2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919B20D/61ACBF4693A911EE9149E354C4F9AE02/5VbchrlOkc-bLilEqF9xaS2glNI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5VbchrlOkc-bLilEqF9xaS2glNI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B20D/61ACBF4693A911EE9149E354C4F9AE02/D5C2E2A293A911EE9BF31772C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.37.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:e3:db:cb:09:c2:62:66:4b:2e:8c:43:bf:a7:a7:76:25:46:
         2c:41:30:e5:75:83:94:18:63:d0:76:a7:2f:6f:33:e1:c3:05:
         5f:18:1e:93:dd:87:83:9e:53:af:2b:bb:d5:02:64:48:cf:bf:
         ca:f2:a5:76:8b:1b:58:fb:9d:99:bf:42:98:14:62:a8:74:d7:
         ed:2f:3a:80:45:eb:9d:48:dc:28:54:98:95:fd:dd:e1:79:fe:
         76:03:62:dd:4b:b2:cd:3e:64:d4:1d:da:b1:46:c8:e6:a0:6b:
         4a:eb:bc:cc:6f:04:0e:32:98:f7:8f:87:a0:45:81:2b:52:7c:
         44:8d:3b:ca:42:3d:3b:dd:64:de:c0:2c:c3:b0:f3:20:67:6b:
         e7:ed:d5:94:8e:57:22:61:34:b2:09:5d:8b:56:5d:8e:8a:9b:
         66:d5:42:ea:1f:b7:d0:a8:cd:b7:10:8b:52:45:ec:63:07:79:
         ab:ad:46:f7:36:6a:39:67:ed:0d:08:5a:99:8b:d9:1a:5e:1d:
         84:fa:b1:64:aa:8d:c6:97:4a:7c:07:d7:37:98:5b:f8:bb:ca:
         26:9b:3a:46:0d:f4:b9:0b:c4:e9:5e:8b:93:23:75:4d:75:b9:
         49:2b:68:92:de:08:47:88:4f:7d:6f:fa:d7:92:0d:92:44:da:
         c4:2b:d0:c4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
QjIwRDExMC8GA1UEBRMoRTU1NkRDODZCOTRFOTFDRjlCMkUyOTQ0QTg1RjcxNjky
REEwOTREMjAeFw0yMzEyMDUyMDA2NTRaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1NmY4MmRlLTJkMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLQF07opoHzbYYmcQNqButp30dW+tNWS0pZlAxRq134H2HE3qPhqKaIJyz2+U/
ItxzTvHSUpjDjq7LMCiaxcSz2GVWLyApU2I9AIUfXKQdtPuhMDj/JJ9ire9GQhpv
dH9AuP6MaNrEPv3MWfL9/wARRAsaDRnZyQEmLigcgzUdxn2wKSlKEIjUQZWPgOaI
+mxz5YYIUcBzTAZ1pHis7pS6m7mMp0nPMPwDedIsDmQgSXXoBXj3u5cHsjRJdS6g
8kdHYYRG4ypohna5RG2R4t0UftNRIer1VDbkWHTSoq/qbRHXduqtuSixtV96m5V/
TnCdzRM05AN4Ct2e9AMm9ITvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU7kwJcKAd
qM2+uiKHfZy+9ty6OSwwHwYDVR0jBBgwFoAU5VbchrlOkc+bLilEqF9xaS2glNIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlCMjBELzYxQUNCRjQ2OTNB
OTExRUU5MTQ5RTM1NEM0RjlBRTAyLzVWYmNocmxPa2MtYkxpbEVxRjl4YVMyZ2xO
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNVZiY2hybE9rYy1iTGlsRXFGOXhhUzJnbE5JLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
QjIwRC82MUFDQkY0NjkzQTkxMUVFOTE0OUUzNTRDNEY5QUUwMi9ENUMyRTJBMjkz
QTkxMUVFOUJGMzE3NzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMolxjANBgkqhkiG9w0BAQsFAAOCAQEApePbywnCYmZLLoxD
v6endiVGLEEw5XWDlBhj0HanL28z4cMFXxgek92Hg55Tryu71QJkSM+/yvKldosb
WPudmb9CmBRiqHTX7S86gEXrnUjcKFSYlf3d4Xn+dgNi3UuyzT5k1B3asUbI5qBr
Suu8zG8EDjKY94+HoEWBK1J8RI07ykI9O91k3sAsw7DzIGdr5+3VlI5XImE0sgld
i1ZdjoqbZtVC6h+30KjNtxCLUkXsYwd5q61G9zZqOWftDQhamYvZGl4dhPqxZKqN
xpdKfAfXN5hb+LvKJps6Rg30uQvE6V6LkyN1TXW5SStokt4IR4hPfW/615INkkTa
xCvQxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org