Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/40525F82E24A11EE95367C17C4F9AE02.roa
File:                     40525F82E24A11EE95367C17C4F9AE02.roa (raw, json)
Hash identifier:          4VjqCsZjVzs/xvrnyWHQDyl6GpzYXXfDRpmWkVkj15E=
Subject key identifier:   1E:49:BC:5A:7A:A0:5C:DF:6B:10:8C:1E:AD:AE:FF:BA:06:AA:D8:7E
Certificate issuer:       /CN=A919E9A5/serialNumber=7AAC67DBC1EB928E2951362E0BC6AC7677E2DC7B
Certificate serial:       33E3
Authority key identifier: 7A:AC:67:DB:C1:EB:92:8E:29:51:36:2E:0B:C6:AC:76:77:E2:DC:7B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eqxn28Hrko4pUTYuC8asdnfi3Hs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/40525F82E24A11EE95367C17C4F9AE02.roa
Signing time:             Thu 14 Mar 2024 21:32:33 +0000
ROA not before:           Thu 14 Mar 2024 21:32:33 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     63939
IP address blocks:        119.148.21.0/24 maxlen: 24
                          119.148.22.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Aug 2024 07:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13283 (0x33e3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919E9A5/serialNumber=7AAC67DBC1EB928E2951362E0BC6AC7677E2DC7B
        Validity
            Not Before: Mar 14 21:32:33 2024 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=65f36cf0-7748
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a6:df:d3:d9:6c:2a:1f:1a:e3:77:07:92:3a:
                    fc:f8:93:4d:9e:f3:d3:5b:f3:5b:f7:4d:c6:24:65:
                    08:72:8f:0b:86:4a:cd:f5:04:28:fd:73:e2:a5:0d:
                    db:2f:40:ae:15:20:c3:53:a5:85:1c:e0:f7:75:62:
                    72:eb:cd:2d:4c:89:de:f4:aa:75:69:0d:fb:68:75:
                    3f:42:d6:5d:5d:d7:52:e6:9b:d9:f0:89:61:d7:46:
                    8b:55:2c:cf:26:20:2d:52:d5:35:d5:ee:30:51:48:
                    5f:c1:21:db:84:7c:cb:27:64:33:b8:eb:c8:cb:22:
                    c5:d0:cd:ad:e7:09:0b:49:38:4b:4a:e4:68:5a:cf:
                    90:38:d2:12:df:4b:5f:3f:c5:35:0d:7a:e7:9f:4d:
                    34:62:86:1e:c7:4e:ea:91:47:0e:4c:5b:50:91:ba:
                    3e:0c:5d:18:8e:ff:3a:7e:8c:33:7b:4c:e8:59:6a:
                    b0:dd:3d:6a:30:0a:e4:b9:05:1b:81:df:94:09:0c:
                    86:3f:31:fd:d6:29:9b:67:e0:07:01:7e:3d:08:26:
                    27:5b:4a:49:92:00:b5:5a:66:36:20:19:2e:a3:e0:
                    0b:41:b7:37:fb:22:b9:4e:ac:52:96:1c:01:57:d2:
                    26:08:42:b9:ea:4d:6a:bc:13:21:26:7e:67:46:fa:
                    d4:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:49:BC:5A:7A:A0:5C:DF:6B:10:8C:1E:AD:AE:FF:BA:06:AA:D8:7E
            X509v3 Authority Key Identifier:
                keyid:7A:AC:67:DB:C1:EB:92:8E:29:51:36:2E:0B:C6:AC:76:77:E2:DC:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/eqxn28Hrko4pUTYuC8asdnfi3Hs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eqxn28Hrko4pUTYuC8asdnfi3Hs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E9A5/A32EFEB81D8911E292E4FDE208B02CD2/40525F82E24A11EE95367C17C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.148.21.0-119.148.22.255

    Signature Algorithm: sha256WithRSAEncryption
         6f:f4:7b:ee:8c:5b:95:19:a2:aa:7c:2b:06:96:79:9c:39:69:
         71:87:66:3f:4a:5c:b3:e3:17:c4:b5:b4:aa:fd:06:16:67:19:
         24:10:7c:5d:c9:8a:74:ac:32:ce:92:8b:82:dc:76:fd:68:c6:
         44:b6:d3:10:d4:52:ed:a9:a0:02:95:3a:42:bf:54:7c:5a:b6:
         45:c6:f0:b7:75:e7:4f:38:ab:79:ea:ba:1b:4c:85:db:d5:b2:
         e9:3b:22:79:42:7d:fe:bd:32:c3:46:b5:58:5b:9f:d8:08:19:
         ad:da:c2:6c:87:48:5d:17:a9:0f:b8:50:22:a9:3f:e3:16:bb:
         52:29:43:99:fd:7f:09:ed:e7:3e:92:ec:f2:97:75:2b:79:be:
         f0:8b:28:db:bb:13:64:07:f4:fb:46:54:76:dd:fd:05:8b:b7:
         9e:a3:8e:14:34:de:fb:32:55:54:e5:bf:75:91:2a:d5:e6:7f:
         c0:10:49:d1:49:56:26:dd:67:cb:c0:09:50:55:84:3c:70:69:
         d5:ca:b4:0c:39:ec:1d:d4:a0:69:47:d0:78:80:70:e1:c0:40:
         36:d0:77:e9:40:a3:ad:1d:18:58:9e:ba:11:63:6c:53:f5:87:
         f8:d6:6f:90:bd:ea:13:db:1b:04:30:11:5e:64:be:f5:8b:d6:
         0d:03:ed:ee
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICM+MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUU5QTUxMTAvBgNVBAUTKDdBQUM2N0RCQzFFQjkyOEUyOTUxMzYyRTBCQzZBQzc2
NzdFMkRDN0IwHhcNMjQwMzE0MjEzMjMzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYzNmNmMC03NzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyabf09lsKh8a43cHkjr8+JNNnvPTW/Nb903GJGUIco8LhkrN9QQo/XPipQ3b
L0CuFSDDU6WFHOD3dWJy680tTIne9Kp1aQ37aHU/QtZdXddS5pvZ8Ilh10aLVSzP
JiAtUtU11e4wUUhfwSHbhHzLJ2QzuOvIyyLF0M2t5wkLSThLSuRoWs+QONIS30tf
P8U1DXrnn000YoYex07qkUcOTFtQkbo+DF0Yjv86fowze0zoWWqw3T1qMArkuQUb
gd+UCQyGPzH91imbZ+AHAX49CCYnW0pJkgC1WmY2IBkuo+ALQbc3+yK5TqxSlhwB
V9ImCEK56k1qvBMhJn5nRvrUOwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFB5JvFp6
oFzfaxCMHq2u/7oGqth+MB8GA1UdIwQYMBaAFHqsZ9vB65KOKVE2LgvGrHZ34tx7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTlBNS9BMzJFRkVCODFE
ODkxMUUyOTJFNEZERTIwOEIwMkNEMi9lcXhuMjhIcmtvNHBVVFl1Qzhhc2RuZmkz
SHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VxeG4yOEhya280cFVUWXVDOGFzZG5maTNIcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUU5QTUvQTMyRUZFQjgxRDg5MTFFMjkyRTRGREUyMDhCMDJDRDIvNDA1MjVGODJF
MjRBMTFFRTk1MzY3QzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAHeUFQMEAHeUFjANBgkqhkiG9w0BAQsFAAOCAQEAb/R7
7oxblRmiqnwrBpZ5nDlpcYdmP0pcs+MXxLW0qv0GFmcZJBB8XcmKdKwyzpKLgtx2
/WjGRLbTENRS7amgApU6Qr9UfFq2Rcbwt3XnTzireeq6G0yF29Wy6TsieUJ9/r0y
w0a1WFuf2AgZrdrCbIdIXRepD7hQIqk/4xa7UilDmf1/Ce3nPpLs8pd1K3m+8Iso
27sTZAf0+0ZUdt39BYu3nqOOFDTe+zJVVOW/dZEq1eZ/wBBJ0UlWJt1ny8AJUFWE
PHBp1cq0DDnsHdSgaUfQeIBw4cBANtB36UCjrR0YWJ66EWNsU/WH+NZvkL3qE9sb
BDARXmS+9YvWDQPt7g==
-----END CERTIFICATE-----
Generated at Tue Aug 20 10:01:35 2024 by rpki-client on console-ams.rpki-client.org