Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/8C69510A3BE511F0BC5C220FC4F9AE02.roa
File:                     8C69510A3BE511F0BC5C220FC4F9AE02.roa (raw, json)
Hash identifier:          QMNiu8jN4hhgw62iSfvEbmOR9BZw0ZiRLZ9lVFmtJmY=
Subject key identifier:   F4:70:5D:26:ED:19:04:28:E5:E7:2A:2F:4E:65:BD:DA:EE:19:B2:AF
Certificate issuer:       /CN=A91AE972/serialNumber=5D185B712D93056BF274B8B7A898C69254EBB983
Certificate serial:       0126
Authority key identifier: 5D:18:5B:71:2D:93:05:6B:F2:74:B8:B7:A8:98:C6:92:54:EB:B9:83
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XRhbcS2TBWvydLi3qJjGklTruYM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/8C69510A3BE511F0BC5C220FC4F9AE02.roa
Signing time:             Wed 28 May 2025 17:02:34 +0000
ROA not before:           Wed 28 May 2025 17:02:34 +0000
ROA not after:            Tue 31 Mar 2026 00:00:00 +0000
asID:                     149994
IP address blocks:        36.50.199.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Mon 02 Jun 2025 16:50:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 294 (0x126)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AE972, serialNumber=5D185B712D93056BF274B8B7A898C69254EBB983
        Validity
            Not Before: May 28 17:02:34 2025 GMT
            Not After : Mar 31 00:00:00 2026 GMT
        Subject: CN=683741aa-47e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9c:62:1a:da:99:a6:ed:7d:00:03:81:f3:63:
                    b1:bd:68:69:d7:7d:90:71:c9:88:d1:7b:ea:db:44:
                    89:2c:e7:e2:47:82:44:3a:ce:8c:76:44:0f:07:8b:
                    22:26:66:8e:33:43:50:01:9a:4f:44:5d:b8:eb:8b:
                    38:80:f1:cb:1b:e2:a9:ba:b2:ae:b5:0a:ac:d4:15:
                    f6:46:ce:a9:86:ea:f5:a9:f9:89:dd:b2:50:50:4c:
                    44:c1:c2:c8:55:c5:2e:ab:7b:4b:eb:30:da:33:e3:
                    fe:a0:3a:30:43:55:88:89:dd:55:83:b9:b6:9f:a8:
                    73:32:ac:70:3b:22:48:d9:38:d3:67:65:9b:9b:27:
                    47:6c:0b:50:b2:21:5d:5f:48:c7:ab:f6:6d:ca:c2:
                    d8:f7:76:5d:35:3f:00:5f:99:e3:8f:60:d1:ba:b5:
                    3b:bb:0b:a0:ff:fb:46:2d:76:70:79:74:40:28:3c:
                    05:e5:71:1d:e7:ab:dc:f6:07:f5:49:f3:27:16:c7:
                    9c:e9:c8:cb:e5:fe:02:99:c4:8e:26:46:f3:00:a1:
                    5c:6b:97:df:18:f7:c5:53:8b:60:42:1a:0e:ce:ff:
                    7d:e9:d1:69:da:f1:eb:48:04:9d:e0:8a:26:b0:84:
                    af:72:53:a4:d7:47:6f:cc:0e:f3:1b:08:d7:cb:bf:
                    82:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:70:5D:26:ED:19:04:28:E5:E7:2A:2F:4E:65:BD:DA:EE:19:B2:AF
            X509v3 Authority Key Identifier:
                keyid:5D:18:5B:71:2D:93:05:6B:F2:74:B8:B7:A8:98:C6:92:54:EB:B9:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/XRhbcS2TBWvydLi3qJjGklTruYM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XRhbcS2TBWvydLi3qJjGklTruYM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE972/245B3DDCA3E611EEADF94855C4F9AE02/8C69510A3BE511F0BC5C220FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.50.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:46:17:f2:45:7b:45:50:fd:1a:c8:a6:3b:a6:e2:b7:b9:a7:
         15:cf:9f:d0:ab:a5:bb:5d:2e:b3:2b:fc:6a:43:ee:a0:70:3f:
         5a:a2:61:2f:d4:55:3d:1e:2d:4c:02:63:61:c1:6d:94:c4:41:
         18:a1:6e:44:b9:94:26:f2:86:2e:c3:a5:57:82:eb:e0:10:05:
         9a:a4:d8:cb:9b:ad:6f:87:f8:d1:82:50:a3:c6:a7:bf:c9:b6:
         3d:47:cf:fe:3f:03:f5:bd:4b:b2:81:7a:9d:f4:c8:51:72:bb:
         71:9c:ab:db:b9:50:bb:6e:f4:76:aa:df:f0:59:3f:6a:fc:6e:
         da:76:30:3f:6c:28:01:76:a0:54:b2:cc:88:f8:01:fe:87:44:
         88:ae:2d:51:82:46:4a:08:2c:db:16:5f:46:06:58:7e:23:96:
         61:f1:29:59:ab:23:f1:91:1d:42:4e:93:44:70:61:ea:8f:53:
         74:fc:14:99:f8:a2:db:73:4b:a4:7a:55:67:d1:90:bb:ae:13:
         e0:91:51:6f:16:b1:03:58:a4:43:7f:9d:23:0d:e3:67:38:76:
         eb:61:34:fc:10:5d:5b:3d:60:d5:20:e4:4e:02:15:3c:45:4b:
         9a:72:57:d7:17:0c:1d:c9:f7:6f:ac:f6:e8:2c:ba:0d:1b:d7:
         5d:77:a2:8f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICASYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUU5NzIxMTAvBgNVBAUTKDVEMTg1QjcxMkQ5MzA1NkJGMjc0QjhCN0E4OThDNjky
NTRFQkI5ODMwHhcNMjUwNTI4MTcwMjM0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODM3NDFhYS00N2UyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAspxiGtqZpu19AAOB82OxvWhp132QccmI0Xvq20SJLOfiR4JEOs6MdkQPB4si
JmaOM0NQAZpPRF2464s4gPHLG+KpurKutQqs1BX2Rs6phur1qfmJ3bJQUExEwcLI
VcUuq3tL6zDaM+P+oDowQ1WIid1Vg7m2n6hzMqxwOyJI2TjTZ2WbmydHbAtQsiFd
X0jHq/ZtysLY93ZdNT8AX5njj2DRurU7uwug//tGLXZweXRAKDwF5XEd56vc9gf1
SfMnFsec6cjL5f4CmcSOJkbzAKFca5ffGPfFU4tgQhoOzv996dFp2vHrSASd4Iom
sISvclOk10dvzA7zGwjXy7+CSQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPRwXSbt
GQQo5ecqL05lvdruGbKvMB8GA1UdIwQYMBaAFF0YW3EtkwVr8nS4t6iYxpJU67mD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTk3Mi8yNDVCM0REQ0Ez
RTYxMUVFQURGOTQ4NTVDNEY5QUUwMi9YUmhiY1MyVEJXdnlkTGkzcUpqR2tsVHJ1
WU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hSaGJjUzJUQld2eWRMaTNxSmpHa2xUcnVZTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUU5NzIvMjQ1QjNERENBM0U2MTFFRUFERjk0ODU1QzRGOUFFMDIvOEM2OTUxMEEz
QkU1MTFGMEJDNUMyMjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAkMscwDQYJKoZIhvcNAQELBQADggEBAA5GF/JFe0VQ/RrI
pjum4re5pxXPn9CrpbtdLrMr/GpD7qBwP1qiYS/UVT0eLUwCY2HBbZTEQRihbkS5
lCbyhi7DpVeC6+AQBZqk2MubrW+H+NGCUKPGp7/Jtj1Hz/4/A/W9S7KBep30yFFy
u3Gcq9u5ULtu9Haq3/BZP2r8btp2MD9sKAF2oFSyzIj4Af6HRIiuLVGCRkoILNsW
X0YGWH4jlmHxKVmrI/GRHUJOk0RwYeqPU3T8FJn4ottzS6R6VWfRkLuuE+CRUW8W
sQNYpEN/nSMN42c4duthNPwQXVs9YNUg5E4CFTxFS5pyV9cXDB3J92+s9ugsug0b
1113oo8=
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:15:27 2025 by rpki-client