Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/80F60C0AB36A11EEAE9FF05FC4F9AE02.roa
File:                     80F60C0AB36A11EEAE9FF05FC4F9AE02.roa (raw, json)
Hash identifier:          mPmPvCdQywstYRyflEV6nN7rcE2aRGyDBbdAty6Jy8I=
Subject key identifier:   CF:FF:EB:D6:65:07:A1:0F:C9:DF:B1:22:EA:60:A0:EA:A8:A8:DA:20
Certificate issuer:       /CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB
Certificate serial:       3408
Authority key identifier: 1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/80F60C0AB36A11EEAE9FF05FC4F9AE02.roa
Signing time:             Mon 22 Apr 2024 14:50:49 +0000
ROA not before:           Mon 22 Apr 2024 14:50:49 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     38461
IP address blocks:        123.242.240.0/22 maxlen: 22
                          123.242.240.0/24 maxlen: 24
                          123.242.241.0/24 maxlen: 24
                          123.242.242.0/24 maxlen: 24
                          123.242.243.0/24 maxlen: 24
                          123.242.248.0/23 maxlen: 24
                          123.242.250.0/23 maxlen: 24
                          202.61.8.0/23 maxlen: 23
                          202.61.8.0/24 maxlen: 24
                          203.189.176.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 08 Nov 2024 11:52:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13320 (0x3408)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB
        Validity
            Not Before: Apr 22 14:50:49 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=66267949-8700
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:d7:fd:16:f9:6a:2c:f0:dd:b8:f1:c5:e4:bb:
                    83:78:5d:46:fd:b1:68:70:84:5a:42:a1:4d:5d:4b:
                    a8:1c:42:fe:ae:47:2f:6e:55:e5:31:18:ce:7a:4d:
                    c3:5a:f1:b3:91:6c:29:55:85:71:f9:cb:ca:f9:06:
                    6f:d4:a1:79:b8:cb:e6:a3:ac:e2:1f:e5:14:f7:71:
                    1a:6d:0e:a4:48:85:e5:9b:fe:c0:19:12:99:6c:2c:
                    94:d4:55:1a:ad:24:04:81:a4:3c:1a:3a:b0:54:ab:
                    e0:ba:83:cb:b3:64:10:cf:76:d8:0d:b6:67:a3:41:
                    b9:91:34:3a:eb:b9:f8:9b:82:e9:19:85:c1:2f:a4:
                    77:bc:a0:77:f2:16:85:eb:78:70:90:65:b8:34:54:
                    d8:5d:01:a3:98:1c:99:53:1a:56:81:36:43:0f:b4:
                    9f:4d:62:3c:75:4a:6e:7c:51:32:26:fa:1d:07:4e:
                    c8:77:3f:53:56:a3:05:eb:f9:b9:25:27:49:95:31:
                    23:7e:60:41:6e:dd:30:27:12:71:7b:4b:c7:bc:b1:
                    e0:87:be:5a:9e:40:18:24:f2:4a:1e:cf:58:e3:d7:
                    f9:e7:a7:0e:a4:08:2f:60:8c:de:ca:9e:c4:7c:ef:
                    fe:50:99:85:ea:e5:81:53:8e:4c:0f:ca:70:88:95:
                    91:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:FF:EB:D6:65:07:A1:0F:C9:DF:B1:22:EA:60:A0:EA:A8:A8:DA:20
            X509v3 Authority Key Identifier:
                keyid:1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/80F60C0AB36A11EEAE9FF05FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.242.240.0/22
                  123.242.248.0/22
                  202.61.8.0/23
                  203.189.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:15:9a:5d:c9:e2:f1:dc:53:50:db:6a:3a:cf:ea:40:88:3a:
         61:8c:0e:ea:2a:2e:a6:fc:fc:23:7b:5d:fa:b0:08:20:28:a5:
         dd:fe:aa:75:42:fa:e4:0c:09:ac:20:a0:69:8a:7b:bf:8b:67:
         94:46:b1:71:bb:a2:15:c3:51:1d:c9:83:7c:c2:e8:d2:1c:e2:
         d2:3d:39:4a:d4:fc:2a:4f:76:24:5b:72:5f:80:ea:13:a1:53:
         a1:b7:7a:e8:e8:09:cc:6f:08:33:78:51:73:62:f6:01:a6:3d:
         8f:37:16:c1:83:9d:2e:73:cc:32:2c:88:02:d0:b5:80:d2:cf:
         f6:61:9a:3b:fd:6c:fd:72:12:32:8e:83:bc:22:dd:04:55:a3:
         6a:57:2d:e5:de:a7:c8:91:0e:d1:9e:94:35:b0:6e:a5:f5:76:
         85:32:e2:34:95:bb:78:28:04:ee:7d:c0:1a:f5:92:dc:a6:01:
         ee:eb:06:cc:b4:27:17:a8:f3:e2:9b:e6:e1:27:57:a3:f5:41:
         d9:21:cd:d1:0e:68:a4:a4:52:15:6f:08:cd:35:29:43:c2:54:
         69:89:23:b8:f4:60:5c:45:b1:58:4b:b9:19:56:6d:ac:8d:d2:
         ea:b9:53:79:ba:34:4c:e7:0f:cf:8b:43:63:e9:18:7f:d8:14:
         17:c8:14:cb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICNAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjA3NzAxMTAvBgNVBAUTKDFENjIyNUFEOTQzRUNBMzg5RkE0QjY2QzE5NzQzNTFF
MzRDNDI4RkIwHhcNMjQwNDIyMTQ1MDQ5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI2Nzk0OS04NzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu9f9FvlqLPDduPHF5LuDeF1G/bFocIRaQqFNXUuoHEL+rkcvblXlMRjOek3D
WvGzkWwpVYVx+cvK+QZv1KF5uMvmo6ziH+UU93EabQ6kSIXlm/7AGRKZbCyU1FUa
rSQEgaQ8GjqwVKvguoPLs2QQz3bYDbZno0G5kTQ667n4m4LpGYXBL6R3vKB38haF
63hwkGW4NFTYXQGjmByZUxpWgTZDD7SfTWI8dUpufFEyJvodB07Idz9TVqMF6/m5
JSdJlTEjfmBBbt0wJxJxe0vHvLHgh75ankAYJPJKHs9Y49f556cOpAgvYIzeyp7E
fO/+UJmF6uWBU45MD8pwiJWRjQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFM//69Zl
B6EPyd+xIupgoOqoqNogMB8GA1UdIwQYMBaAFB1iJa2UPso4n6S2bBl0NR40xCj7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDc3MC9DMzM2ODNCNjFE
OEUxMUUyOEE5QjU3RUQwOEIwMkNEMi9IV0lsclpRLXlqaWZwTFpzR1hRMUhqVEVL
UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hXSWxyWlEteWppZnBMWnNHWFExSGpURUtQcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjA3NzAvQzMzNjgzQjYxRDhFMTFFMjhBOUI1N0VEMDhCMDJDRDIvODBGNjBDMEFC
MzZBMTFFRUFFOUZGMDVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAJ78vADBAJ78vgDBAHKPQgDBALLvbAwDQYJKoZIhvcNAQEL
BQADggEBAJ8Vml3J4vHcU1DbajrP6kCIOmGMDuoqLqb8/CN7XfqwCCAopd3+qnVC
+uQMCawgoGmKe7+LZ5RGsXG7ohXDUR3Jg3zC6NIc4tI9OUrU/CpPdiRbcl+A6hOh
U6G3eujoCcxvCDN4UXNi9gGmPY83FsGDnS5zzDIsiALQtYDSz/Zhmjv9bP1yEjKO
g7wi3QRVo2pXLeXep8iRDtGelDWwbqX1doUy4jSVu3goBO59wBr1ktymAe7rBsy0
Jxeo8+Kb5uEnV6P1QdkhzdEOaKSkUhVvCM01KUPCVGmJI7j0YFxFsVhLuRlWbayN
0uq5U3m6NEznD8+LQ2PpGH/YFBfIFMs=
-----END CERTIFICATE-----
Generated at Fri Nov 8 16:57:55 2024 by rpki-client on console-ams.rpki-client.org