Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/65D2E7D42A3611EF84E3916DC4F9AE02.roa
File:                     65D2E7D42A3611EF84E3916DC4F9AE02.roa (raw, json)
Hash identifier:          1UtbgE04uHWrAtkIru5e3tcZMRZe8d76Z7kWv8Ne5mU=
Subject key identifier:   5F:D9:45:27:94:1A:36:F5:38:76:0C:81:1F:1D:A7:44:48:0A:D3:2C
Certificate issuer:       /CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Certificate serial:       1E
Authority key identifier: 9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/65D2E7D42A3611EF84E3916DC4F9AE02.roa
Signing time:             Fri 14 Jun 2024 10:11:00 +0000
ROA not before:           Fri 14 Jun 2024 10:10:59 +0000
ROA not after:            Sun 31 Aug 2025 00:00:00 +0000
asID:                     216178
IP address blocks:        160.22.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 26 Jun 2024 13:57:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 30 (0x1e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
        Validity
            Not Before: Jun 14 10:10:59 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=666c1733-077d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:42:c6:4e:0e:7a:a5:d6:92:36:8d:6f:59:96:
                    ee:16:c9:50:4d:61:b4:a2:d8:39:e7:9f:54:f0:ae:
                    d0:4f:27:be:88:84:c0:bf:2a:f2:27:ab:f8:b2:90:
                    bd:71:9d:ca:e7:e0:6a:df:aa:be:0d:c3:97:57:25:
                    f5:0f:9c:e7:5d:bd:56:b3:93:98:80:20:04:92:2d:
                    59:2e:1a:6d:95:4e:20:48:e0:6d:96:32:2f:5f:0b:
                    8d:2b:7e:ca:b2:09:fa:58:82:22:f0:d9:b5:91:19:
                    f0:f5:0a:08:be:cf:d6:39:2e:f0:c2:3f:9f:32:0d:
                    e0:62:a5:c4:cc:05:6f:46:d1:37:26:9b:93:93:db:
                    1d:77:32:be:31:eb:ec:9a:5c:10:58:e2:ed:e2:98:
                    34:24:13:5b:86:59:fd:b6:e2:90:71:9a:98:ee:50:
                    19:26:bf:0d:65:09:f2:4d:74:c4:d6:90:a3:6e:cf:
                    76:b6:cf:93:05:21:a9:05:07:2c:2d:5d:54:34:75:
                    90:bd:c1:a5:00:86:36:54:37:f4:07:7e:ad:ef:a4:
                    c3:da:af:2a:e7:cc:95:fb:b9:05:27:65:88:fb:7c:
                    61:93:39:7f:53:21:63:81:b2:fa:d0:d8:83:df:fc:
                    91:75:7f:27:c2:ef:46:a8:a0:88:e5:38:a5:b8:40:
                    70:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:D9:45:27:94:1A:36:F5:38:76:0C:81:1F:1D:A7:44:48:0A:D3:2C
            X509v3 Authority Key Identifier:
                keyid:9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/65D2E7D42A3611EF84E3916DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.22.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:c4:f6:d9:3a:82:3a:2e:61:5c:70:84:ae:73:4d:bd:f8:e5:
         84:36:a4:73:c8:54:c5:42:50:f7:1d:4f:95:03:28:cf:c8:bb:
         0e:56:0e:93:d7:36:32:62:e7:a6:df:86:26:61:8a:1d:29:31:
         48:28:5b:5e:03:e3:76:e9:c1:8a:ec:7a:ad:9f:0a:f5:be:19:
         a3:c2:ed:3b:bd:31:9e:08:ec:c5:e0:b3:dc:df:43:42:1f:3e:
         ff:2f:f1:d6:b1:7b:0f:5a:e5:38:eb:4d:2d:99:21:27:c1:d1:
         70:5b:1c:6e:ef:e5:89:b1:55:03:e3:b5:25:05:76:ad:70:24:
         b0:88:ba:70:b3:ba:c1:d6:47:a3:56:76:82:fd:dd:dc:c7:2f:
         b0:88:67:e2:b3:d4:d8:ba:86:f6:28:74:bb:0f:46:40:b0:9d:
         2f:07:fc:9b:37:46:10:f6:1c:68:e5:1c:dc:f5:51:08:fe:1b:
         b5:99:6e:8b:68:d5:80:2b:39:2b:cf:c7:c6:f9:91:f5:7b:58:
         39:d3:e7:a6:a8:f4:e2:04:ba:f8:41:ff:29:5d:f2:c3:d5:e7:
         09:ee:5e:48:de:d6:b5:9f:7d:e9:99:f2:a2:56:ff:b2:38:89:
         32:0e:97:6e:4a:fd:4d:67:41:51:97:20:53:57:20:d3:09:fc:
         3b:ea:61:de
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUFFMDExMC8GA1UEBRMoOURGNEZFREZGOTJBOUU3RjZFMDJCRkMwNTRBRDMzOTg1
M0Q5REQzMjAeFw0yNDA2MTQxMDEwNTlaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NmMxNzMzLTA3N2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClQsZODnql1pI2jW9Zlu4WyVBNYbSi2Dnnn1TwrtBPJ76IhMC/KvInq/iykL1x
ncrn4Grfqr4Nw5dXJfUPnOddvVazk5iAIASSLVkuGm2VTiBI4G2WMi9fC40rfsqy
CfpYgiLw2bWRGfD1Cgi+z9Y5LvDCP58yDeBipcTMBW9G0Tcmm5OT2x13Mr4x6+ya
XBBY4u3imDQkE1uGWf224pBxmpjuUBkmvw1lCfJNdMTWkKNuz3a2z5MFIakFBywt
XVQ0dZC9waUAhjZUN/QHfq3vpMParyrnzJX7uQUnZYj7fGGTOX9TIWOBsvrQ2IPf
/JF1fyfC70aooIjlOKW4QHB5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUX9lFJ5Qa
NvU4dgyBHx2nREgK0ywwHwYDVR0jBBgwFoAUnfT+3/kqnn9uAr/AVK0zmFPZ3TIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFQUUwL0FFRjYzNzYwMTk2
ODExRUY4RkY3QkU2RkM0RjlBRTAyL25mVC0zX2txbm45dUFyX0FWSzB6bUZQWjNU
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbmZULTNfa3Fubjl1QXJfQVZLMHptRlBaM1RJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUFFMC9BRUY2Mzc2MDE5NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi82NUQyRTdENDJB
MzYxMUVGODRFMzkxNkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAWmzANBgkqhkiG9w0BAQsFAAOCAQEAn8T22TqCOi5hXHCE
rnNNvfjlhDakc8hUxUJQ9x1PlQMoz8i7DlYOk9c2MmLnpt+GJmGKHSkxSChbXgPj
dunBiux6rZ8K9b4Zo8LtO70xngjsxeCz3N9DQh8+/y/x1rF7D1rlOOtNLZkhJ8HR
cFscbu/libFVA+O1JQV2rXAksIi6cLO6wdZHo1Z2gv3d3McvsIhn4rPU2LqG9ih0
uw9GQLCdLwf8mzdGEPYcaOUc3PVRCP4btZlui2jVgCs5K8/HxvmR9XtYOdPnpqj0
4gS6+EH/KV3yw9XnCe5eSN7WtZ996Znyolb/sjiJMg6Xbkr9TWdBUZcgU1cg0wn8
O+ph3g==
-----END CERTIFICATE-----
Generated at Wed Jun 26 18:22:48 2024 by rpki-client on console-ams.rpki-client.org