Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/2E2B22D26ED011EE85A20719C4F9AE02.roa
File:                     2E2B22D26ED011EE85A20719C4F9AE02.roa (raw, json)
Hash identifier:          l4+eUxuSsDBsTjkdeNWlcRg+8lYpGPjQkkEjUKQ8TMU=
Subject key identifier:   C2:E1:E4:82:6A:52:9D:9C:8D:F5:06:28:A8:A2:54:BF:6D:AB:94:94
Certificate issuer:       /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial:       A1
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/2E2B22D26ED011EE85A20719C4F9AE02.roa
Signing time:             Thu 19 Oct 2023 22:38:10 +0000
ROA not before:           Thu 19 Oct 2023 22:38:10 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        125.62.77.0/24 maxlen: 24
                          125.62.78.0/24 maxlen: 24
                          202.134.233.0/24 maxlen: 24
                          202.134.235.0/24 maxlen: 24
                          202.134.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 26 Oct 2023 00:06:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 161 (0xa1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
        Validity
            Not Before: Oct 19 22:38:10 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=6531afd2-a946
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:4e:c9:25:8c:64:0c:24:7a:74:0d:49:eb:d7:
                    a0:66:29:fc:bb:64:06:52:e3:ce:18:5b:02:1c:c6:
                    3e:60:8c:9f:16:f7:eb:9c:8d:ec:93:d2:ae:a8:de:
                    83:15:e8:06:8f:da:44:a5:1f:2c:7a:9f:4b:7b:19:
                    a9:94:1a:aa:c8:82:9f:26:23:1a:a5:ab:51:90:4c:
                    ff:bd:29:f9:96:81:20:6a:4a:f3:1c:af:b7:70:00:
                    d5:a1:17:46:06:3a:17:ba:fe:6e:3f:4c:47:d9:93:
                    64:a4:2b:53:b4:4d:55:ed:76:82:8a:e3:c1:81:0f:
                    25:a4:0b:67:89:f4:d1:fe:f4:fe:7f:20:de:fa:89:
                    7e:b0:bd:e2:24:88:3e:0e:c7:ff:18:c5:d9:dd:46:
                    90:4f:41:6f:31:a0:60:c6:83:6a:d5:d6:da:50:9c:
                    68:85:c9:bb:1e:0d:6b:93:65:96:d3:21:73:9e:bf:
                    a2:8c:3c:e7:fb:83:ec:d5:19:df:4e:89:6e:09:2a:
                    c5:cf:ac:24:11:00:8d:7c:97:a1:86:57:fd:10:01:
                    0c:be:78:0c:88:9a:9a:34:65:67:0d:26:9c:43:7a:
                    81:67:4b:1e:0d:38:1b:7f:19:8a:c5:a5:96:a0:1d:
                    93:5d:3b:d0:2a:4b:0c:00:7d:c7:4d:0f:6a:04:eb:
                    37:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:E1:E4:82:6A:52:9D:9C:8D:F5:06:28:A8:A2:54:BF:6D:AB:94:94
            X509v3 Authority Key Identifier:
                keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/2E2B22D26ED011EE85A20719C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  125.62.77.0-125.62.78.255
                  202.134.233.0/24
                  202.134.235.0-202.134.236.255

    Signature Algorithm: sha256WithRSAEncryption
         57:34:78:97:86:d7:53:0d:2a:dd:14:1b:bf:43:d9:6a:ec:9c:
         c8:cd:41:45:48:9f:03:fa:dc:fc:c8:68:78:54:a6:cd:e1:4c:
         3e:38:58:5f:aa:fe:73:5c:b7:9f:3d:5b:4a:d9:01:27:32:bb:
         57:cb:9f:16:97:6e:18:03:a7:8e:0d:52:2c:6e:76:2a:45:5d:
         69:5e:5b:75:c4:6e:2f:62:19:5a:85:4f:4a:46:b0:0f:5f:dd:
         39:8d:f0:30:c8:45:c2:fa:80:71:41:30:21:7d:12:94:bf:eb:
         df:ac:8a:ab:88:0c:ed:63:39:8f:b6:b1:90:8d:ea:e8:07:c9:
         5e:a0:ca:20:e7:e2:41:ce:0f:e5:7b:ad:df:02:75:57:fe:3c:
         62:5d:8a:a2:33:3c:2e:9d:05:d2:26:ea:f0:c1:7a:b5:27:50:
         08:d2:0d:83:e4:cc:f9:70:c2:bf:0e:69:ba:26:54:e4:0f:9e:
         d5:76:e7:70:12:0b:ec:82:94:06:5d:fd:a5:82:d7:d8:8d:d5:
         36:4e:01:6d:1f:da:51:bb:fa:a8:47:86:9e:ad:30:ee:f0:df:
         5d:d3:55:e3:da:b3:6c:7e:4d:30:88:1e:b3:d4:56:d8:07:90:
         2b:71:3c:73:b8:b9:ec:92:78:f0:d1:9f:ff:1d:b8:35:08:bb:
         c5:b0:f4:48
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICAKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY1NTAxMTAvBgNVBAUTKDQ1NkVFQTA2OTJDNkE0RjI2RjUzRDJEMjM3RDFDQjRE
Q0Q3ODMzMDUwHhcNMjMxMDE5MjIzODEwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTMxYWZkMi1hOTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyU7JJYxkDCR6dA1J69egZin8u2QGUuPOGFsCHMY+YIyfFvfrnI3sk9KuqN6D
FegGj9pEpR8sep9LexmplBqqyIKfJiMapatRkEz/vSn5loEgakrzHK+3cADVoRdG
BjoXuv5uP0xH2ZNkpCtTtE1V7XaCiuPBgQ8lpAtnifTR/vT+fyDe+ol+sL3iJIg+
Dsf/GMXZ3UaQT0FvMaBgxoNq1dbaUJxohcm7Hg1rk2WW0yFznr+ijDzn+4Ps1Rnf
ToluCSrFz6wkEQCNfJehhlf9EAEMvngMiJqaNGVnDSacQ3qBZ0seDTgbfxmKxaWW
oB2TXTvQKksMAH3HTQ9qBOs32QIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFMLh5IJq
Up2cjfUGKKiiVL9tq5SUMB8GA1UdIwQYMBaAFEVu6gaSxqTyb1PS0jfRy03NeDMF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjU1MC84NDAwOTU0QUNF
QzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9SVzdxQnBMR3BQSnZVOUxTTjlITFRjMTRN
d1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY1NTAvODQwMDk1NEFDRUM0MTFFRDhBODNGQjExQzRGOUFFMDIvMkUyQjIyRDI2
RUQwMTFFRTg1QTIwNzE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEAH0+TQMEAH0+TgMEAMqG6TAMAwQAyobrAwQAyobsMA0G
CSqGSIb3DQEBCwUAA4IBAQBXNHiXhtdTDSrdFBu/Q9lq7JzIzUFFSJ8D+tz8yGh4
VKbN4Uw+OFhfqv5zXLefPVtK2QEnMrtXy58Wl24YA6eODVIsbnYqRV1pXlt1xG4v
YhlahU9KRrAPX905jfAwyEXC+oBxQTAhfRKUv+vfrIqriAztYzmPtrGQjeroB8le
oMog5+JBzg/le63fAnVX/jxiXYqiMzwunQXSJurwwXq1J1AI0g2D5Mz5cMK/Dmm6
JlTkD57VdudwEgvsgpQGXf2lgtfYjdU2TgFtH9pRu/qoR4aerTDu8N9d01Xj2rNs
fk0wiB6z1FbYB5ArcTxzuLnsknjw0Z//Hbg1CLvFsPRI
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org