Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/DF9032C086FC11EFB8F21533C4F9AE02.roa
File:                     DF9032C086FC11EFB8F21533C4F9AE02.roa (raw, json)
Hash identifier:          ah12vxDCIjJ63SOO0SSaZz08aLDFFA1kIue2J5FKGUk=
Subject key identifier:   50:49:0E:09:18:38:E1:8B:C5:CA:19:23:29:48:4A:A5:07:92:71:3F
Certificate issuer:       /CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961
Certificate serial:       18
Authority key identifier: 35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/DF9032C086FC11EFB8F21533C4F9AE02.roa
Signing time:             Thu 10 Oct 2024 11:43:31 +0000
ROA not before:           Thu 10 Oct 2024 11:43:31 +0000
ROA not after:            Tue 30 Dec 2025 00:00:00 +0000
asID:                     153358
IP address blocks:        160.187.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Nov 2024 09:07:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24 (0x18)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD40B/serialNumber=3574790D8DF82B3B551E3B702571BAF55A9E9961
        Validity
            Not Before: Oct 10 11:43:31 2024 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=6707bde3-56a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:aa:ed:9f:bd:2c:1a:a2:06:fc:32:11:b4:91:
                    a9:05:5d:f8:b7:83:4a:b2:2a:8d:79:59:d4:28:8f:
                    fa:18:5d:4c:42:59:42:ac:2e:91:a8:b6:4e:76:d5:
                    c2:50:d1:aa:5a:6e:f1:2c:41:2f:8a:0d:92:15:64:
                    d5:31:7b:03:78:66:10:13:24:f1:2e:31:c5:f9:31:
                    29:1b:c9:13:bd:3a:2d:8a:f2:59:f0:3b:d1:6a:82:
                    13:ff:27:18:82:9b:79:70:ba:b9:a5:41:d6:95:18:
                    97:07:d1:2b:24:42:30:37:64:98:17:58:26:5f:2d:
                    92:f8:b7:dc:64:75:f8:67:14:e9:db:ab:ad:5b:ba:
                    7f:76:7c:3e:7b:4e:70:a4:42:10:b2:cd:dc:ea:a2:
                    b5:58:33:59:c6:d2:69:3b:8a:08:94:8c:78:88:9b:
                    4b:49:d2:ca:77:07:81:9d:66:e4:60:19:e0:de:60:
                    b0:ef:3c:80:64:07:05:1d:f2:47:39:4d:8b:eb:91:
                    c7:82:f2:81:26:6f:af:a0:ab:33:58:0a:40:ae:f4:
                    fc:9e:fb:d1:22:87:bc:f8:5e:a7:93:66:32:b2:75:
                    f6:fd:5c:2f:77:8b:5c:e8:5c:19:04:bf:8e:46:49:
                    83:62:32:f5:cb:9d:e3:36:f2:ac:79:f8:31:75:53:
                    21:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:49:0E:09:18:38:E1:8B:C5:CA:19:23:29:48:4A:A5:07:92:71:3F
            X509v3 Authority Key Identifier:
                keyid:35:74:79:0D:8D:F8:2B:3B:55:1E:3B:70:25:71:BA:F5:5A:9E:99:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/NXR5DY34KztVHjtwJXG69VqemWE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NXR5DY34KztVHjtwJXG69VqemWE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/6B5D2A7C855B11EFB0576D40C4F9AE02/DF9032C086FC11EFB8F21533C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.187.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cc:86:93:11:4f:d8:8e:c1:6b:db:bb:b9:90:4d:69:3f:1f:64:
         a5:94:71:a6:00:73:01:ea:f7:8b:53:59:fa:ab:c1:ff:8f:d8:
         9e:45:77:c6:c4:87:dd:3e:1d:a4:be:96:d8:7f:e9:0e:38:b5:
         07:c1:58:a9:c3:73:3f:bf:66:55:f1:3a:33:76:6e:d8:a8:a2:
         50:2f:b5:83:51:63:68:2d:04:9b:f2:d8:3c:8b:7c:63:77:ad:
         f4:e6:32:30:c9:9e:0d:d9:f5:f3:10:4b:87:d3:04:6f:3a:d8:
         f5:ce:83:db:0d:f1:b8:62:b3:15:52:cc:d8:3d:71:f5:00:8a:
         08:d1:30:63:66:06:c8:22:d6:79:dc:ed:ba:0c:e3:22:91:83:
         74:30:f6:7f:55:1d:77:71:ae:75:3c:af:f9:e5:e2:2e:ff:13:
         3e:12:d0:e6:ed:42:fa:98:5d:60:c9:a9:4b:54:d9:62:08:01:
         86:8d:6e:c1:f4:29:49:bc:a6:7f:51:2b:aa:f2:10:dc:0f:56:
         9f:d4:c7:9a:a6:89:eb:52:53:3a:36:de:c4:6c:95:ec:7f:99:
         42:78:3a:76:24:d3:44:f8:65:e4:9e:ed:f4:a9:98:d8:eb:48:
         22:a2:07:e2:74:19:1d:13:ce:f4:0f:1f:cf:2b:8b:45:cd:34:
         7f:15:fa:40
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RDQwQjExMC8GA1UEBRMoMzU3NDc5MEQ4REY4MkIzQjU1MUUzQjcwMjU3MUJBRjU1
QTlFOTk2MTAeFw0yNDEwMTAxMTQzMzFaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MDdiZGUzLTU2YTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkqu2fvSwaogb8MhG0kakFXfi3g0qyKo15WdQoj/oYXUxCWUKsLpGotk521cJQ
0apabvEsQS+KDZIVZNUxewN4ZhATJPEuMcX5MSkbyRO9Oi2K8lnwO9FqghP/JxiC
m3lwurmlQdaVGJcH0SskQjA3ZJgXWCZfLZL4t9xkdfhnFOnbq61bun92fD57TnCk
QhCyzdzqorVYM1nG0mk7igiUjHiIm0tJ0sp3B4GdZuRgGeDeYLDvPIBkBwUd8kc5
TYvrkceC8oEmb6+gqzNYCkCu9Pye+9Eih7z4XqeTZjKydfb9XC93i1zoXBkEv45G
SYNiMvXLneM28qx5+DF1UyGbAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUUEkOCRg4
4YvFyhkjKUhKpQeScT8wHwYDVR0jBBgwFoAUNXR5DY34KztVHjtwJXG69VqemWEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNENDBCLzZCNUQyQTdDODU1
QjExRUZCMDU3NkQ0MEM0RjlBRTAyL05YUjVEWTM0S3p0VkhqdHdKWEc2OVZxZW1X
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvTlhSNURZMzRLenRWSGp0d0pYRzY5VnFlbVdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RDQwQi82QjVEMkE3Qzg1NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9ERjkwMzJDMDg2
RkMxMUVGQjhGMjE1MzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKC7rzANBgkqhkiG9w0BAQsFAAOCAQEAzIaTEU/YjsFr27u5
kE1pPx9kpZRxpgBzAer3i1NZ+qvB/4/YnkV3xsSH3T4dpL6W2H/pDji1B8FYqcNz
P79mVfE6M3Zu2KiiUC+1g1FjaC0Em/LYPIt8Y3et9OYyMMmeDdn18xBLh9MEbzrY
9c6D2w3xuGKzFVLM2D1x9QCKCNEwY2YGyCLWedztugzjIpGDdDD2f1Udd3GudTyv
+eXiLv8TPhLQ5u1C+phdYMmpS1TZYggBho1uwfQpSbymf1ErqvIQ3A9Wn9THmqaJ
61JTOjbexGyV7H+ZQng6diTTRPhl5J7t9KmY2OtIIqIH4nQZHRPO9A8fzyuLRc00
fxX6QA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 12:17:25 2024 by rpki-client on console-ams.rpki-client.org