Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/782DDB5C0E9111EFB468FB5AC4F9AE02.roa
File:                     782DDB5C0E9111EFB468FB5AC4F9AE02.roa (raw, json)
Hash identifier:          YXw0jsaRIW1ICDb3dMyKnsqdSmrPFezmL9suut8cBNU=
Subject key identifier:   00:99:55:4F:A3:BF:AD:38:B5:A6:BB:DD:F9:A5:78:D1:84:A9:FD:18
Certificate issuer:       /CN=A91C9D2A/serialNumber=C99EF20F9F0B0077C70D5D7300E0BBFD8721EFFF
Certificate serial:       0A83
Authority key identifier: C9:9E:F2:0F:9F:0B:00:77:C7:0D:5D:73:00:E0:BB:FD:87:21:EF:FF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ7yD58LAHfHDV1zAOC7_Ych7_8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/782DDB5C0E9111EFB468FB5AC4F9AE02.roa
Signing time:             Fri 10 May 2024 05:52:22 +0000
ROA not before:           Fri 10 May 2024 05:52:22 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     134526
IP address blocks:        2403:6dc0::/40 maxlen: 40
                          2403:6dc0:8000::/36 maxlen: 36
                          2403:6dc0:8000::/48 maxlen: 48
                          2403:6dc0:8001::/48 maxlen: 48
                          2403:6dc0:8400::/39 maxlen: 40
                          2403:6dc0:8600::/39 maxlen: 40
                          2403:6dc0:8800::/37 maxlen: 40
                          2403:6dc0:f000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Mon 17 Jun 2024 09:06:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2691 (0xa83)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91C9D2A/serialNumber=C99EF20F9F0B0077C70D5D7300E0BBFD8721EFFF
        Validity
            Not Before: May 10 05:52:22 2024 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=663db616-5dbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:a2:45:2a:24:72:c9:27:94:80:e6:d1:70:8b:
                    0f:97:8f:bc:97:43:13:1a:a1:ff:8e:1f:75:d2:63:
                    c1:9f:19:8d:91:ff:be:2f:fc:9d:a4:fe:f4:b5:d9:
                    8d:d9:70:a9:d8:33:70:8f:f9:26:bf:19:2f:5c:f6:
                    bb:c0:a7:19:d7:a3:53:e0:26:8e:dd:a4:f2:b3:53:
                    32:25:fa:76:a3:81:44:06:3b:d4:99:95:da:be:ca:
                    a6:95:92:6a:c9:56:35:df:49:da:fe:29:cb:25:0f:
                    28:73:41:d0:56:f1:18:20:95:f1:4d:51:ce:37:8f:
                    a7:8a:92:57:da:f0:ae:5b:9d:30:fb:cd:d6:2b:3e:
                    0d:16:41:58:4b:9b:aa:78:3a:10:a7:a5:7f:05:8a:
                    29:88:db:1a:b0:0c:8d:7b:03:3b:8e:99:04:c6:15:
                    54:67:63:a1:97:d2:9c:f2:c9:90:90:cf:eb:c4:f6:
                    46:52:74:aa:b1:cc:f9:f6:f9:39:18:d5:53:0b:2b:
                    0a:6e:8a:17:67:54:4a:1a:a5:2b:4d:6d:21:43:38:
                    50:82:45:ad:ca:c5:14:13:64:ea:19:11:89:3d:a5:
                    fe:b2:b7:98:be:37:c7:98:e7:e5:63:74:15:0a:d0:
                    c8:a5:68:c1:e7:23:36:21:dd:31:18:85:88:dd:25:
                    b0:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:99:55:4F:A3:BF:AD:38:B5:A6:BB:DD:F9:A5:78:D1:84:A9:FD:18
            X509v3 Authority Key Identifier:
                keyid:C9:9E:F2:0F:9F:0B:00:77:C7:0D:5D:73:00:E0:BB:FD:87:21:EF:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/yZ7yD58LAHfHDV1zAOC7_Ych7_8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZ7yD58LAHfHDV1zAOC7_Ych7_8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9D2A/5525F5E03DC111EAAF98CB35C4F9AE02/782DDB5C0E9111EFB468FB5AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:6dc0::/40
                  2403:6dc0:8000::/36
                  2403:6dc0:f000::/36

    Signature Algorithm: sha256WithRSAEncryption
         7e:17:ca:9f:06:98:83:f6:d4:df:3a:6d:5c:33:40:b5:2a:cb:
         54:58:23:ff:4d:bc:d6:1a:2e:3b:46:d3:e0:30:86:1a:a8:2f:
         85:4c:97:c7:80:f2:ca:dc:49:78:30:55:f6:f8:0c:e7:19:ba:
         6e:d5:21:7b:e9:ff:23:b7:12:47:7e:cb:28:26:93:9c:74:df:
         ad:93:d9:a4:ec:7c:76:1c:7e:cc:ca:1f:4d:4a:47:f3:9c:1f:
         2d:5b:d2:dd:3d:88:be:78:24:52:54:0e:4d:ca:5e:e2:e5:9b:
         67:ef:dd:7a:46:5d:e1:a1:da:52:5e:e0:0f:85:1a:eb:db:1f:
         f3:20:e1:ac:f5:eb:5b:b9:df:98:25:a7:33:02:6b:68:15:c6:
         eb:d9:fd:ab:98:ea:a1:a9:be:06:5d:37:af:af:17:1e:15:59:
         d2:27:43:1d:a5:04:87:2a:88:eb:db:7c:64:ac:eb:1e:97:04:
         90:a4:de:b0:44:17:ef:c0:3e:2d:6e:3e:ee:cb:1e:23:56:ae:
         24:0a:a2:df:a0:cf:4c:11:96:18:b1:37:d9:6b:b0:e5:49:e8:
         d2:db:0d:90:c6:3a:35:e7:57:06:8a:af:22:3e:28:66:30:7f:
         c6:f0:c7:9f:ef:29:ff:37:5b:9b:c2:6d:21:c8:c7:3d:d3:4b:
         db:2f:79:32
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlEMkExMTAvBgNVBAUTKEM5OUVGMjBGOUYwQjAwNzdDNzBENUQ3MzAwRTBCQkZE
ODcyMUVGRkYwHhcNMjQwNTEwMDU1MjIyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNkYjYxNi01ZGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA46JFKiRyySeUgObRcIsPl4+8l0MTGqH/jh910mPBnxmNkf++L/ydpP70tdmN
2XCp2DNwj/kmvxkvXPa7wKcZ16NT4CaO3aTys1MyJfp2o4FEBjvUmZXavsqmlZJq
yVY130na/inLJQ8oc0HQVvEYIJXxTVHON4+nipJX2vCuW50w+83WKz4NFkFYS5uq
eDoQp6V/BYopiNsasAyNewM7jpkExhVUZ2Ohl9Kc8smQkM/rxPZGUnSqscz59vk5
GNVTCysKbooXZ1RKGqUrTW0hQzhQgkWtysUUE2TqGRGJPaX+sreYvjfHmOflY3QV
CtDIpWjB5yM2Id0xGIWI3SWwUQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFACZVU+j
v604taa73fmleNGEqf0YMB8GA1UdIwQYMBaAFMme8g+fCwB3xw1dcwDgu/2HIe//
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUQyQS81NTI1RjVFMDNE
QzExMUVBQUY5OENCMzVDNEY5QUUwMi95Wjd5RDU4TEFIZkhEVjF6QU9DN19ZY2g3
XzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3laN3lENThMQUhmSERWMXpBT0M3X1ljaDdfOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlEMkEvNTUyNUY1RTAzREMxMTFFQUFGOThDQjM1QzRGOUFFMDIvNzgyRERCNUMw
RTkxMTFFRkI0NjhGQjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgACMBgDBgAkA23AAAMGBCQDbcCAAwYEJANtwPAwDQYJKoZIhvcNAQEL
BQADggEBAH4Xyp8GmIP21N86bVwzQLUqy1RYI/9NvNYaLjtG0+AwhhqoL4VMl8eA
8srcSXgwVfb4DOcZum7VIXvp/yO3Ekd+yygmk5x0362T2aTsfHYcfszKH01KR/Oc
Hy1b0t09iL54JFJUDk3KXuLlm2fv3XpGXeGh2lJe4A+FGuvbH/Mg4az161u535gl
pzMCa2gVxuvZ/auY6qGpvgZdN6+vFx4VWdInQx2lBIcqiOvbfGSs6x6XBJCk3rBE
F+/APi1uPu7LHiNWriQKot+gz0wRlhixN9lrsOVJ6NLbDZDGOjXnVwaKryI+KGYw
f8bwx5/vKf83W5vCbSHIxz3TS9sveTI=
-----END CERTIFICATE-----
Generated at Mon Jun 17 13:45:59 2024 by rpki-client on console-ams.rpki-client.org