Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/0CCD0DF630BE11F08C0C7785C4F9AE02.roa
File:                     0CCD0DF630BE11F08C0C7785C4F9AE02.roa (raw, json)
Hash identifier:          kT5YTC/olfEmwIaqmQ52TqNxba5TzceNK19LVFqoecw=
Subject key identifier:   24:3E:28:CA:A9:D0:07:B9:59:C8:78:3E:6D:1A:79:94:EF:D3:B8:12
Certificate issuer:       /CN=A91A4B39/serialNumber=BEFFBEF8EFC5027C34DFF704C79FB2812A71331E
Certificate serial:       0111
Authority key identifier: BE:FF:BE:F8:EF:C5:02:7C:34:DF:F7:04:C7:9F:B2:81:2A:71:33:1E
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vv---O_FAnw03_cEx5-ygSpxMx4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/0CCD0DF630BE11F08C0C7785C4F9AE02.roa
Signing time:             Wed 14 May 2025 12:24:32 +0000
ROA not before:           Wed 14 May 2025 12:24:32 +0000
ROA not after:            Fri 01 May 2026 00:00:00 +0000
asID:                     147006
IP address blocks:        157.10.134.0/23 maxlen: 23
                          157.10.134.0/24 maxlen: 24
                          157.10.135.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 14 May 2025 15:50:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 273 (0x111)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A4B39, serialNumber=BEFFBEF8EFC5027C34DFF704C79FB2812A71331E
        Validity
            Not Before: May 14 12:24:32 2025 GMT
            Not After : May  1 00:00:00 2026 GMT
        Subject: CN=68248b80-e34e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7b:9e:b9:61:29:38:46:64:06:cb:48:28:f2:
                    3f:03:cd:31:e6:39:3a:43:e1:02:e5:40:52:2e:4b:
                    8b:ba:89:10:84:57:bc:c2:c6:71:05:f0:f1:71:fe:
                    7d:b9:70:bf:f6:a4:dc:b8:5f:82:c7:c8:24:a4:d6:
                    4d:ef:e9:97:d7:6f:2f:99:54:93:c4:24:db:16:58:
                    80:bb:f9:86:32:ba:3e:15:7a:b0:37:59:d0:37:1d:
                    7b:66:c9:ab:a3:99:50:12:f2:8b:3a:02:9b:34:78:
                    4d:f1:e4:7b:30:5c:17:8a:59:6b:39:8d:9e:4f:48:
                    f2:54:30:6e:70:a9:e3:8e:7c:88:34:5b:e5:81:94:
                    18:6b:3c:39:85:a2:17:1e:e1:8b:1d:8c:af:4c:4a:
                    71:d2:cb:14:a0:99:aa:17:d1:7f:b0:a2:f4:e3:a7:
                    99:83:d5:fb:17:2c:be:7e:9b:a8:4b:e8:81:2b:ba:
                    01:1b:a7:98:13:ca:8d:a9:5d:f2:da:8e:39:fa:fd:
                    ea:6f:8b:98:6e:4e:ba:4c:26:8a:3f:14:34:98:b2:
                    19:c0:e5:e5:f2:e4:af:5e:f5:6a:b7:66:67:08:9e:
                    79:61:8c:6f:71:99:4e:70:a6:c9:4e:03:fd:4f:4e:
                    30:f0:1f:3a:0f:4b:23:f9:60:b6:bd:d2:df:bc:e6:
                    48:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:3E:28:CA:A9:D0:07:B9:59:C8:78:3E:6D:1A:79:94:EF:D3:B8:12
            X509v3 Authority Key Identifier:
                keyid:BE:FF:BE:F8:EF:C5:02:7C:34:DF:F7:04:C7:9F:B2:81:2A:71:33:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/vv---O_FAnw03_cEx5-ygSpxMx4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vv---O_FAnw03_cEx5-ygSpxMx4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/0CCD0DF630BE11F08C0C7785C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.10.134.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2d:56:ef:ed:41:79:fe:8d:f0:85:63:01:e1:78:c4:29:54:74:
         f9:ca:ca:d7:41:f5:42:8d:d6:8f:97:96:c9:35:73:a8:37:17:
         e8:97:03:2a:4f:6f:08:b6:10:8a:f1:b5:d8:4d:fb:fd:22:bc:
         a9:67:45:1d:9d:7f:fc:82:9d:ae:53:9c:cd:64:33:8d:c7:06:
         1d:83:be:e8:92:8c:60:24:ab:44:75:66:8b:32:b6:f0:71:2e:
         32:e5:7a:62:6f:d9:28:f0:ec:0c:83:94:0a:a0:8b:dd:4b:73:
         97:40:17:8e:51:17:df:21:ef:57:c8:d0:44:92:6b:1c:a1:ee:
         cd:5e:fe:71:b2:24:a4:ff:c5:f6:16:4c:0b:fd:ad:f6:a9:4d:
         cd:2f:e1:cf:55:05:c5:b3:ef:0b:4b:dd:90:26:6c:0a:ad:13:
         3d:d9:0d:60:c9:81:f5:81:e9:97:03:b5:05:46:5c:a5:2e:f1:
         4b:2f:ae:34:71:ec:8f:57:5a:54:39:c9:0e:ef:ec:7f:9b:5e:
         8a:07:8a:99:02:28:21:81:d6:a1:2c:1e:83:02:47:45:a7:ab:
         e1:74:d4:54:bd:ac:3e:57:f2:5a:6d:89:e5:8f:26:b0:69:3b:
         71:1c:d1:6b:19:70:44:df:e5:3a:b8:34:59:3f:b0:a5:e0:20:
         0a:c4:a4:d3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAREwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCMzkxMTAvBgNVBAUTKEJFRkZCRUY4RUZDNTAyN0MzNERGRjcwNEM3OUZCMjgx
MkE3MTMzMUUwHhcNMjUwNTE0MTIyNDMyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI0OGI4MC1lMzRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzHueuWEpOEZkBstIKPI/A80x5jk6Q+EC5UBSLkuLuokQhFe8wsZxBfDxcf59
uXC/9qTcuF+Cx8gkpNZN7+mX128vmVSTxCTbFliAu/mGMro+FXqwN1nQNx17Zsmr
o5lQEvKLOgKbNHhN8eR7MFwXillrOY2eT0jyVDBucKnjjnyINFvlgZQYazw5haIX
HuGLHYyvTEpx0ssUoJmqF9F/sKL046eZg9X7Fyy+fpuoS+iBK7oBG6eYE8qNqV3y
2o45+v3qb4uYbk66TCaKPxQ0mLIZwOXl8uSvXvVqt2ZnCJ55YYxvcZlOcKbJTgP9
T04w8B86D0sj+WC2vdLfvOZIYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCQ+KMqp
0Ae5Wch4Pm0aeZTv07gSMB8GA1UdIwQYMBaAFL7/vvjvxQJ8NN/3BMefsoEqcTMe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIzOS85NTA3NEEwQUFG
NTYxMUVFQTY1NUI1ODFDNEY5QUUwMi92di0tLU9fRkFudzAzX2NFeDUteWdTcHhN
eDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3Z2LS0tT19GQW53MDNfY0V4NS15Z1NweE14NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCMzkvOTUwNzRBMEFBRjU2MTFFRUE2NTVCNTgxQzRGOUFFMDIvMENDRDBERjYz
MEJFMTFGMDhDMEM3Nzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdCoYwDQYJKoZIhvcNAQELBQADggEBAC1W7+1Bef6N8IVj
AeF4xClUdPnKytdB9UKN1o+Xlsk1c6g3F+iXAypPbwi2EIrxtdhN+/0ivKlnRR2d
f/yCna5TnM1kM43HBh2DvuiSjGAkq0R1ZosytvBxLjLlemJv2Sjw7AyDlAqgi91L
c5dAF45RF98h71fI0ESSaxyh7s1e/nGyJKT/xfYWTAv9rfapTc0v4c9VBcWz7wtL
3ZAmbAqtEz3ZDWDJgfWB6ZcDtQVGXKUu8UsvrjRx7I9XWlQ5yQ7v7H+bXooHipkC
KCGB1qEsHoMCR0Wnq+F01FS9rD5X8lptieWPJrBpO3Ec0WsZcETf5Tq4NFk/sKXg
IArEpNM=
-----END CERTIFICATE-----
Generated at Tue Jun 10 01:27:47 2025 by rpki-client