Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/536A7392855C11EFA174DD83C4F9AE02.roa
File:                     536A7392855C11EFA174DD83C4F9AE02.roa (raw, json)
Hash identifier:          aaawYjFsVpGePKU+9AA/AdEBicKpnc11RGpS5I+CgSg=
Subject key identifier:   FE:47:2B:D1:6C:24:B3:D7:4E:63:FA:70:9D:E0:AD:3B:39:38:48:0C
Certificate issuer:       /CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961
Certificate serial:       02
Authority key identifier: 35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/536A7392855C11EFA174DD83C4F9AE02.roa
Signing time:             Tue 08 Oct 2024 10:01:45 +0000
ROA not before:           Tue 08 Oct 2024 10:01:45 +0000
ROA not after:            Tue 30 Dec 2025 00:00:00 +0000
asID:                     153358
IP address blocks:        160.187.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 09 Oct 2024 11:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961
        Validity
            Not Before: Oct  8 10:01:45 2024 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=67050309-88fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:9e:bb:20:5c:8d:88:38:0e:2c:4d:4c:fe:5e:
                    f6:36:89:99:ea:34:ed:53:99:52:9f:01:b7:d3:9f:
                    42:ab:69:13:91:88:20:a1:62:18:e1:26:4f:f6:20:
                    ab:f3:c9:fa:0f:e0:5f:cf:67:41:87:5d:d3:32:cb:
                    88:c2:58:29:cc:bd:c6:a4:a3:34:2a:6f:e0:32:02:
                    ea:17:69:96:24:1b:e1:c6:7c:ab:3c:8f:55:21:e8:
                    22:84:d2:dd:be:23:76:5d:7c:70:a6:c1:61:42:26:
                    ff:a7:44:68:9c:b0:ef:42:ce:32:22:d9:d2:f6:1a:
                    b8:0e:13:a3:0f:be:7f:f6:c4:de:0c:34:c3:73:c3:
                    4b:60:bb:dd:6f:e9:24:a0:f5:b8:d1:69:9f:27:bf:
                    d1:41:d1:97:53:69:15:9d:ce:20:ab:3d:b9:f4:bb:
                    13:fb:9c:5f:f4:75:ab:a8:dc:67:52:a7:4b:51:7c:
                    d6:43:c5:59:9d:47:62:8c:eb:26:e2:24:37:32:f2:
                    01:1b:8d:78:23:38:98:78:11:cd:20:6f:f7:8c:e0:
                    a0:42:be:8a:8d:7f:2a:d8:0e:5b:d8:2d:29:6d:f1:
                    23:58:85:29:66:ba:e0:9d:91:24:f3:68:44:84:4d:
                    cc:88:1d:c8:73:74:19:51:98:87:85:33:5c:82:e9:
                    eb:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:47:2B:D1:6C:24:B3:D7:4E:63:FA:70:9D:E0:AD:3B:39:38:48:0C
            X509v3 Authority Key Identifier:
                keyid:35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/536A7392855C11EFA174DD83C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.187.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:cf:2e:18:20:31:6c:e9:7b:03:ce:c8:d6:9d:26:44:81:cb:
         4a:76:53:58:2f:f6:3b:81:f4:9e:ad:fb:f3:b3:f1:d2:4d:61:
         e3:0f:1a:c7:59:29:23:05:65:fa:a0:6a:40:d2:b7:25:58:37:
         bb:55:52:74:fa:08:78:6b:cc:64:33:55:2f:20:e4:6e:4e:b4:
         68:97:b5:5f:c5:07:0a:ed:97:55:9b:26:7c:a7:b1:49:f0:02:
         32:aa:8a:a4:21:48:c4:47:eb:73:35:bf:b6:0c:78:4f:0c:fa:
         1c:54:a8:95:b3:c9:5b:72:73:c9:21:90:e4:92:cd:3e:10:40:
         bc:4d:fa:d6:20:10:f6:8c:41:2b:15:1a:ec:37:f3:07:5b:22:
         99:a3:b8:a2:57:e2:07:12:eb:d4:2c:8e:9c:8f:b6:41:0d:c9:
         52:9a:c2:33:df:b8:11:36:81:ac:27:e0:5e:dd:cf:b5:33:43:
         79:44:af:ff:b7:d7:db:95:71:b3:af:44:56:64:b2:fe:07:c6:
         04:da:23:bc:e3:83:5b:86:69:81:c7:aa:ae:d2:7a:d1:d9:92:
         88:06:cd:77:b0:aa:2e:31:f8:f9:b3:e6:8e:50:ef:e6:01:1d:
         e7:4f:b0:c1:2e:4c:ef:64:2a:ea:fd:d0:9e:55:40:ae:9f:b9:
         69:06:c5:24
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RDQwQjExMC8GA1UEBRMoMzU3NDc5MEQ4REY4MkIzQjU1MUUzQjcwMjU3MUJBRjU1
QTlFOTk2MTAeFw0yNDEwMDgxMDAxNDVaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MDUwMzA5LTg4ZmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEnrsgXI2IOA4sTUz+XvY2iZnqNO1TmVKfAbfTn0KraRORiCChYhjhJk/2IKvz
yfoP4F/PZ0GHXdMyy4jCWCnMvcakozQqb+AyAuoXaZYkG+HGfKs8j1Uh6CKE0t2+
I3ZdfHCmwWFCJv+nRGicsO9CzjIi2dL2GrgOE6MPvn/2xN4MNMNzw0tgu91v6SSg
9bjRaZ8nv9FB0ZdTaRWdziCrPbn0uxP7nF/0dauo3GdSp0tRfNZDxVmdR2KM6ybi
JDcy8gEbjXgjOJh4Ec0gb/eM4KBCvoqNfyrYDlvYLSlt8SNYhSlmuuCdkSTzaESE
TcyIHchzdBlRmIeFM1yC6evRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU/kcr0Wwk
s9dOY/pwneCtOzk4SAwwHwYDVR0jBBgwFoAUNXR5DY34KztVHjtwJXG69VqemWEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNENDBCLzZCNUQyQTdDODU1
QjExRUZCMDU3NkQ0MEM0RjlBRTAyL05YUjVEWTM0S3p0VkhqdHdKWEc2OVZxZW1X
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvTlhSNURZMzRLenRWSGp0d0pYRzY5VnFlbVdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RDQwQi82QjVEMkE3Qzg1NUIxMUVGQjA1NzZENDBDNEY5QUUwMi81MzZBNzM5Mjg1
NUMxMUVGQTE3NEREODNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKC7rzANBgkqhkiG9w0BAQsFAAOCAQEAT88uGCAxbOl7A87I
1p0mRIHLSnZTWC/2O4H0nq3787Px0k1h4w8ax1kpIwVl+qBqQNK3JVg3u1VSdPoI
eGvMZDNVLyDkbk60aJe1X8UHCu2XVZsmfKexSfACMqqKpCFIxEfrczW/tgx4Twz6
HFSolbPJW3JzySGQ5JLNPhBAvE361iAQ9oxBKxUa7DfzB1simaO4olfiBxLr1CyO
nI+2QQ3JUprCM9+4ETaBrCfgXt3PtTNDeUSv/7fX25Vxs69EVmSy/gfGBNojvOOD
W4ZpgceqrtJ60dmSiAbNd7CqLjH4+bPmjlDv5gEd50+wwS5M72Qq6v3QnlVArp+5
aQbFJA==
-----END CERTIFICATE-----
Generated at Wed Oct 9 17:08:26 2024 by rpki-client on console-fra.rpki-client.org