Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/C39E969E1AA311EF9818A936C4F9AE02.roa
File:                     C39E969E1AA311EF9818A936C4F9AE02.roa (raw, json)
Hash identifier:          hXOvoupAFnMRcN5LOXxTuChpCHS/2UocpkX3AOkcXMs=
Subject key identifier:   82:1D:F1:3B:58:D0:F7:9A:EC:A0:75:50:EF:07:0A:1C:0A:90:1F:78
Certificate issuer:       /CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
Certificate serial:       0B
Authority key identifier: 9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/C39E969E1AA311EF9818A936C4F9AE02.roa
Signing time:             Sat 25 May 2024 14:33:34 +0000
ROA not before:           Sat 25 May 2024 14:33:34 +0000
ROA not after:            Sun 31 Aug 2025 00:00:00 +0000
asID:                     20473
IP address blocks:        160.20.142.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Jul 2024 08:46:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11 (0xb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CEAE0/serialNumber=9DF4FEDFF92A9E7F6E02BFC054AD339853D9DD32
        Validity
            Not Before: May 25 14:33:34 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=6651f6bd-f6fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:50:d9:bb:2d:b2:f1:bd:19:90:c8:3f:3e:ac:
                    a3:16:9a:a7:ff:c8:2b:6b:ca:21:c8:db:25:1e:0b:
                    47:c9:46:3d:ef:b1:95:1b:35:87:0e:02:66:82:b0:
                    35:25:20:88:94:26:bb:cd:d5:05:80:20:a0:d5:fa:
                    3f:8a:41:9f:63:fe:81:c3:ff:3e:83:8f:a7:c4:e3:
                    19:c1:6c:98:c1:79:87:b2:5f:11:6f:f9:50:a5:41:
                    d1:94:70:35:2d:bb:f9:04:b3:c7:74:78:e2:6b:c3:
                    3b:65:89:de:31:86:bc:69:4b:75:38:16:d6:07:6f:
                    aa:b8:fa:8a:3e:9a:9e:e5:c0:d7:8b:e2:2c:d5:bc:
                    37:3b:40:ac:d1:92:5e:a4:14:bb:18:06:b2:ce:44:
                    f1:99:f9:82:03:7d:fa:8e:b6:93:6f:04:0c:63:b4:
                    6b:94:f7:c4:c6:90:e6:39:e3:d7:2a:eb:b5:1b:ac:
                    19:ef:14:59:9b:0b:88:1b:85:cf:a7:4b:86:2d:d9:
                    07:e8:f1:db:8c:c5:95:96:6c:57:48:4f:c9:7c:e1:
                    5d:df:42:2d:4f:71:ac:41:7a:18:81:8f:b1:f6:90:
                    52:24:a4:f1:a1:76:3d:15:42:74:43:5c:6e:c7:6a:
                    0f:63:ae:78:25:8e:7d:f6:2f:6a:c9:0a:86:64:ea:
                    3a:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:1D:F1:3B:58:D0:F7:9A:EC:A0:75:50:EF:07:0A:1C:0A:90:1F:78
            X509v3 Authority Key Identifier:
                keyid:9D:F4:FE:DF:F9:2A:9E:7F:6E:02:BF:C0:54:AD:33:98:53:D9:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nfT-3_kqnn9uAr_AVK0zmFPZ3TI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEAE0/AEF63760196811EF8FF7BE6FC4F9AE02/C39E969E1AA311EF9818A936C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.20.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:8d:bc:09:c5:0f:56:b9:f4:63:8e:42:fc:28:30:ee:36:30:
         2a:f9:e3:40:9d:39:42:8c:91:6c:c7:84:f2:a2:fc:30:b3:12:
         ed:3e:9a:c8:0e:10:23:5b:20:55:49:d0:2a:cd:e0:14:f9:ad:
         ec:eb:b8:74:b6:4e:14:4c:a5:40:37:db:48:9a:49:29:41:55:
         45:ca:c0:17:40:53:80:b0:57:ae:a1:40:a2:6f:ae:b2:1f:71:
         9b:80:19:21:10:cf:fa:7f:97:bc:62:bf:d9:d0:09:91:3a:25:
         7c:42:ef:a0:b5:bb:f8:94:a6:ec:18:54:a4:29:79:f9:02:a6:
         78:1f:cc:f1:8d:c4:95:1c:7b:65:9f:e2:2f:f1:9b:47:4d:65:
         03:54:06:d5:04:06:54:40:00:18:a2:6e:26:1b:1e:ca:17:3f:
         b7:1e:47:92:1f:a9:a5:79:53:5b:7f:ae:41:c3:b9:0a:88:b1:
         ad:b1:be:29:61:e4:dd:5c:d1:b4:0d:31:14:7a:ce:f0:1c:41:
         8d:2a:e2:b3:f8:63:71:02:1f:4a:09:c5:9d:20:46:ad:6a:0b:
         c6:1f:da:5b:92:18:e4:db:f7:63:d1:2a:b7:71:f8:22:c8:15:
         e4:15:79:e1:5e:e5:f9:db:27:51:37:3b:94:f6:28:91:c5:24:
         4e:19:17:99
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RUFFMDExMC8GA1UEBRMoOURGNEZFREZGOTJBOUU3RjZFMDJCRkMwNTRBRDMzOTg1
M0Q5REQzMjAeFw0yNDA1MjUxNDMzMzRaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NTFmNmJkLWY2ZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLUNm7LbLxvRmQyD8+rKMWmqf/yCtryiHI2yUeC0fJRj3vsZUbNYcOAmaCsDUl
IIiUJrvN1QWAIKDV+j+KQZ9j/oHD/z6Dj6fE4xnBbJjBeYeyXxFv+VClQdGUcDUt
u/kEs8d0eOJrwztlid4xhrxpS3U4FtYHb6q4+oo+mp7lwNeL4izVvDc7QKzRkl6k
FLsYBrLORPGZ+YIDffqOtpNvBAxjtGuU98TGkOY549cq67UbrBnvFFmbC4gbhc+n
S4Yt2Qfo8duMxZWWbFdIT8l84V3fQi1PcaxBehiBj7H2kFIkpPGhdj0VQnRDXG7H
ag9jrngljn32L2rJCoZk6joTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUgh3xO1jQ
95rsoHVQ7wcKHAqQH3gwHwYDVR0jBBgwFoAUnfT+3/kqnn9uAr/AVK0zmFPZ3TIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFQUUwL0FFRjYzNzYwMTk2
ODExRUY4RkY3QkU2RkM0RjlBRTAyL25mVC0zX2txbm45dUFyX0FWSzB6bUZQWjNU
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbmZULTNfa3Fubjl1QXJfQVZLMHptRlBaM1RJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RUFFMC9BRUY2Mzc2MDE5NjgxMUVGOEZGN0JFNkZDNEY5QUUwMi9DMzlFOTY5RTFB
QTMxMUVGOTgxOEE5MzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAUjjANBgkqhkiG9w0BAQsFAAOCAQEABY28CcUPVrn0Y45C
/Cgw7jYwKvnjQJ05QoyRbMeE8qL8MLMS7T6ayA4QI1sgVUnQKs3gFPmt7Ou4dLZO
FEylQDfbSJpJKUFVRcrAF0BTgLBXrqFAom+ush9xm4AZIRDP+n+XvGK/2dAJkTol
fELvoLW7+JSm7BhUpCl5+QKmeB/M8Y3ElRx7ZZ/iL/GbR01lA1QG1QQGVEAAGKJu
Jhseyhc/tx5Hkh+ppXlTW3+uQcO5CoixrbG+KWHk3VzRtA0xFHrO8BxBjSris/hj
cQIfSgnFnSBGrWoLxh/aW5IY5Nv3Y9Eqt3H4IsgV5BV54V7l+dsnUTc7lPYokcUk
ThkXmQ==
-----END CERTIFICATE-----
Generated at Mon Jul 8 10:02:27 2024 by rpki-client on console-fra.rpki-client.org