Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/99C8C7207DBB11EEA8185758C4F9AE02.roa
File:                     99C8C7207DBB11EEA8185758C4F9AE02.roa (raw, json)
Hash identifier:          lnTOpX9290ECX1O82I/88bdTD/m+a9mDRs72AyKG51k=
Subject key identifier:   D6:6B:12:76:BE:27:6F:C9:0F:43:7F:7E:0E:23:E9:F1:17:80:32:A4
Certificate issuer:       /CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
Certificate serial:       BF
Authority key identifier: 45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/99C8C7207DBB11EEA8185758C4F9AE02.roa
Signing time:             Tue 07 Nov 2023 22:18:39 +0000
ROA not before:           Tue 07 Nov 2023 22:18:39 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        202.134.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Dec 2023 09:50:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 191 (0xbf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C6550/serialNumber=456EEA0692C6A4F26F53D2D237D1CB4DCD783305
        Validity
            Not Before: Nov  7 22:18:39 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=654ab7bf-7f31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7d:50:19:be:cf:d7:8f:ff:8e:dc:36:e9:aa:
                    4c:81:9c:ad:d5:31:25:8e:87:55:7c:65:30:98:cc:
                    83:56:54:27:21:e5:a8:ed:04:01:d6:08:a1:b9:0e:
                    26:5e:d3:cc:b9:a6:50:f3:ee:de:4c:0f:b3:c9:6e:
                    9b:6c:01:cc:14:76:0d:8e:5c:ee:ec:46:26:4d:e6:
                    1e:aa:93:a0:1e:75:7f:5e:f3:bc:67:a5:a1:f5:08:
                    67:5e:85:e8:cb:f2:23:8e:a9:b1:9c:48:30:55:5e:
                    84:ff:44:52:ef:82:5f:11:ff:9b:04:f9:8a:b6:b2:
                    9d:b4:30:e0:2d:ab:44:22:05:f5:df:04:72:fc:05:
                    fc:b2:49:b5:39:b7:8e:18:21:93:c9:cc:55:99:6e:
                    9c:ba:33:e8:b6:29:29:0b:1e:70:73:a4:b6:33:3e:
                    1b:ac:50:05:b5:70:11:68:c5:ef:c9:f8:22:42:33:
                    a4:c4:ac:9e:72:00:1e:cb:9f:62:57:ff:02:af:c3:
                    cb:97:47:7e:5e:ca:0b:96:56:00:c1:90:72:13:d5:
                    d7:d8:37:36:b5:13:75:7b:02:80:fe:90:42:cb:8d:
                    b1:c1:4e:01:2a:60:18:e7:3f:93:f2:04:5c:4c:9d:
                    56:8b:e0:76:c2:44:21:eb:9d:67:22:09:f2:fe:97:
                    1c:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:6B:12:76:BE:27:6F:C9:0F:43:7F:7E:0E:23:E9:F1:17:80:32:A4
            X509v3 Authority Key Identifier:
                keyid:45:6E:EA:06:92:C6:A4:F2:6F:53:D2:D2:37:D1:CB:4D:CD:78:33:05

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/RW7qBpLGpPJvU9LSN9HLTc14MwU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RW7qBpLGpPJvU9LSN9HLTc14MwU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6550/8400954ACEC411ED8A83FB11C4F9AE02/99C8C7207DBB11EEA8185758C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.134.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:92:3e:ac:b5:ce:fc:78:ad:e4:f3:99:a6:e8:20:2f:65:e8:
         75:fb:d5:b9:e4:14:aa:59:8e:15:b9:78:64:56:c3:93:6a:d8:
         75:cf:f6:20:93:9d:bf:d1:eb:cd:03:66:b0:97:04:cb:34:51:
         a5:0f:cf:0e:f9:b6:3d:3b:a8:14:f1:30:5d:26:0c:77:3e:2d:
         d4:06:1a:30:f6:36:6b:f9:4b:2d:31:a3:c9:65:12:23:cf:ee:
         27:d0:70:aa:2a:29:72:92:66:bd:18:69:ea:d5:d1:8a:0a:4c:
         a9:b8:70:32:0d:f7:e4:1d:19:58:6b:00:e6:76:f1:d1:c3:d0:
         66:a3:e7:35:e0:00:47:96:17:53:59:2c:ab:cc:d2:86:c6:29:
         93:f4:d1:ba:e2:fa:ef:3c:2d:99:6f:84:4e:24:aa:1d:d3:ab:
         8e:50:33:46:98:29:5b:ee:4d:4c:70:35:ac:f8:00:62:3e:0a:
         e5:53:03:5f:2a:3e:56:c9:85:dc:06:34:f2:74:e1:d2:72:db:
         02:33:2b:54:d2:70:5b:cd:4c:1f:44:36:9f:e2:3b:fb:80:ad:
         6b:a9:d2:e2:44:28:09:6d:7e:a0:8b:d6:b9:cd:c5:09:05:5b:
         bf:f3:a9:8f:a3:2e:37:b7:c4:3a:cd:67:30:a5:bd:f1:3b:21:
         13:9f:09:aa
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzY1NTAxMTAvBgNVBAUTKDQ1NkVFQTA2OTJDNkE0RjI2RjUzRDJEMjM3RDFDQjRE
Q0Q3ODMzMDUwHhcNMjMxMTA3MjIxODM5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRhYjdiZi03ZjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtH1QGb7P14//jtw26apMgZyt1TEljodVfGUwmMyDVlQnIeWo7QQB1gihuQ4m
XtPMuaZQ8+7eTA+zyW6bbAHMFHYNjlzu7EYmTeYeqpOgHnV/XvO8Z6Wh9QhnXoXo
y/IjjqmxnEgwVV6E/0RS74JfEf+bBPmKtrKdtDDgLatEIgX13wRy/AX8skm1ObeO
GCGTycxVmW6cujPotikpCx5wc6S2Mz4brFAFtXARaMXvyfgiQjOkxKyecgAey59i
V/8Cr8PLl0d+XsoLllYAwZByE9XX2Dc2tRN1ewKA/pBCy42xwU4BKmAY5z+T8gRc
TJ1Wi+B2wkQh651nIgny/pccJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNZrEna+
J2/JD0N/fg4j6fEXgDKkMB8GA1UdIwQYMBaAFEVu6gaSxqTyb1PS0jfRy03NeDMF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjU1MC84NDAwOTU0QUNF
QzQxMUVEOEE4M0ZCMTFDNEY5QUUwMi9SVzdxQnBMR3BQSnZVOUxTTjlITFRjMTRN
d1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JXN3FCcExHcFBKdlU5TFNOOUhMVGMxNE13VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzY1NTAvODQwMDk1NEFDRUM0MTFFRDhBODNGQjExQzRGOUFFMDIvOTlDOEM3MjA3
REJCMTFFRUE4MTg1NzU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKhuwwDQYJKoZIhvcNAQELBQADggEBABuSPqy1zvx4reTz
maboIC9l6HX71bnkFKpZjhW5eGRWw5Nq2HXP9iCTnb/R680DZrCXBMs0UaUPzw75
tj07qBTxMF0mDHc+LdQGGjD2Nmv5Sy0xo8llEiPP7ifQcKoqKXKSZr0YaerV0YoK
TKm4cDIN9+QdGVhrAOZ28dHD0Gaj5zXgAEeWF1NZLKvM0obGKZP00bri+u88LZlv
hE4kqh3Tq45QM0aYKVvuTUxwNaz4AGI+CuVTA18qPlbJhdwGNPJ04dJy2wIzK1TS
cFvNTB9ENp/iO/uArWup0uJEKAltfqCL1rnNxQkFW7/zqY+jLje3xDrNZzClvfE7
IROfCao=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:40 2024 by rpki-client on console-fra.rpki-client.org