Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/5A8284285C9D11EE8CA45C2AC4F9AE02.roa
File:                     5A8284285C9D11EE8CA45C2AC4F9AE02.roa (raw, json)
Hash identifier:          8QjfDlxrtbdZdGp3cjauqqNdi0KL8gwf9j2mBuAUzU8=
Subject key identifier:   C5:FF:70:8C:A8:71:0C:01:8B:27:17:36:8A:D7:A7:9D:F9:9D:33:4D
Certificate issuer:       /CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
Certificate serial:       0106
Authority key identifier: B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/5A8284285C9D11EE8CA45C2AC4F9AE02.roa
Signing time:             Tue 26 Sep 2023 18:48:59 +0000
ROA not before:           Tue 26 Sep 2023 18:48:59 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     40676
IP address blocks:        203.21.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 03 Nov 2023 08:45:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 262 (0x106)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D366A/serialNumber=B067C6BB70DF0DC04CE77F7C8D76706A49F6CB85
        Validity
            Not Before: Sep 26 18:48:59 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=6513279b-cf45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:bf:58:bc:6f:31:5b:47:f1:07:bf:13:86:0a:
                    df:c5:77:b5:e8:57:8c:dc:d9:7c:27:33:cc:3d:5a:
                    03:77:78:9f:65:1c:ae:f1:81:d7:0d:cd:a6:b9:c1:
                    4d:ee:e7:64:0c:10:b5:9f:49:ab:f2:2b:ff:1a:2e:
                    ef:99:82:8a:52:cc:a9:4e:23:19:ae:06:91:9c:53:
                    c1:e9:40:03:b2:0c:52:e5:5a:e4:63:17:39:0d:9b:
                    de:c8:25:8e:b2:7d:c0:1f:13:dd:25:a3:55:42:cf:
                    64:51:ae:76:37:46:ae:70:bd:70:05:0b:58:12:a5:
                    e4:5d:83:a2:5c:ac:cf:68:00:74:98:36:ae:37:27:
                    18:8b:25:b1:f6:3f:bd:b7:c7:e0:26:e8:01:aa:56:
                    f7:f7:38:b4:1b:43:67:05:23:99:89:9f:41:78:0f:
                    4d:de:74:73:1b:9a:7d:15:35:4f:39:87:eb:a7:91:
                    ff:c4:02:55:bc:53:1d:52:dd:20:4f:78:6b:08:55:
                    6f:64:b5:f6:36:65:8b:05:25:c7:23:df:2b:32:1d:
                    34:11:ba:d3:ef:0c:6d:0b:1d:ad:24:08:08:c9:8f:
                    39:6f:eb:ab:ac:55:60:1c:11:d1:c7:49:3a:48:d0:
                    5b:bf:75:af:3c:b3:2a:69:a5:cb:c8:2a:86:44:7b:
                    ba:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:FF:70:8C:A8:71:0C:01:8B:27:17:36:8A:D7:A7:9D:F9:9D:33:4D
            X509v3 Authority Key Identifier:
                keyid:B0:67:C6:BB:70:DF:0D:C0:4C:E7:7F:7C:8D:76:70:6A:49:F6:CB:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/sGfGu3DfDcBM5398jXZwakn2y4U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sGfGu3DfDcBM5398jXZwakn2y4U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D366A/EC09AA4A307D11EDA6C3A212C4F9AE02/5A8284285C9D11EE8CA45C2AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.21.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:57:8d:a4:23:6b:57:91:13:15:88:2b:48:c7:28:63:b0:25:
         5e:04:d1:d7:0d:23:cb:a5:9d:4a:e7:dd:36:1b:aa:36:74:a2:
         5a:e2:f0:1b:e0:80:df:ad:0b:15:3c:de:9e:93:6d:31:96:7f:
         7a:e3:3c:74:a4:9d:68:2d:77:35:8c:90:36:fc:e4:5e:d2:2b:
         3b:39:70:f7:82:06:9e:b4:79:bd:f5:dd:62:be:ce:7d:46:59:
         0c:27:95:ca:af:d5:20:15:21:d3:3e:05:8a:6e:64:2e:ba:ae:
         56:b3:06:6c:6c:87:f9:b2:27:d1:3d:72:cf:21:63:4f:b4:c2:
         af:08:50:ca:db:7d:91:3b:25:60:3f:37:e2:61:9b:0f:a0:2e:
         1a:9b:b1:4e:5b:92:d7:eb:ae:5c:4a:85:23:84:eb:ee:13:32:
         60:cb:32:80:84:ac:0f:30:d9:bb:3f:70:a5:59:2a:5f:58:57:
         f6:ad:1e:41:04:5f:92:1c:20:23:b9:fc:b4:70:7b:20:50:f0:
         81:21:0e:0d:a0:96:e6:76:5b:8f:f1:cf:a1:6e:71:db:46:71:
         bc:41:c9:31:35:af:c1:a1:58:e5:8e:3f:8f:59:3e:32:5d:3d:
         5c:66:b0:fb:a6:7b:6c:0b:30:ad:4a:1d:17:a4:53:ec:48:75:
         d7:bd:cc:f4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAQYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM2NkExMTAvBgNVBAUTKEIwNjdDNkJCNzBERjBEQzA0Q0U3N0Y3QzhENzY3MDZB
NDlGNkNCODUwHhcNMjMwOTI2MTg0ODU5WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEzMjc5Yi1jZjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6L9YvG8xW0fxB78ThgrfxXe16FeM3Nl8JzPMPVoDd3ifZRyu8YHXDc2mucFN
7udkDBC1n0mr8iv/Gi7vmYKKUsypTiMZrgaRnFPB6UADsgxS5VrkYxc5DZveyCWO
sn3AHxPdJaNVQs9kUa52N0aucL1wBQtYEqXkXYOiXKzPaAB0mDauNycYiyWx9j+9
t8fgJugBqlb39zi0G0NnBSOZiZ9BeA9N3nRzG5p9FTVPOYfrp5H/xAJVvFMdUt0g
T3hrCFVvZLX2NmWLBSXHI98rMh00EbrT7wxtCx2tJAgIyY85b+urrFVgHBHRx0k6
SNBbv3WvPLMqaaXLyCqGRHu6nQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMX/cIyo
cQwBiycXNorXp535nTNNMB8GA1UdIwQYMBaAFLBnxrtw3w3ATOd/fI12cGpJ9suF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzY2QS9FQzA5QUE0QTMw
N0QxMUVEQTZDM0EyMTJDNEY5QUUwMi9zR2ZHdTNEZkRjQk01Mzk4alhad2FrbjJ5
NFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NHZkd1M0RmRGNCTTUzOThqWFp3YWtuMnk0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM2NkEvRUMwOUFBNEEzMDdEMTFFREE2QzNBMjEyQzRGOUFFMDIvNUE4Mjg0Mjg1
QzlEMTFFRThDQTQ1QzJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLFUgwDQYJKoZIhvcNAQELBQADggEBAAhXjaQja1eRExWI
K0jHKGOwJV4E0dcNI8ulnUrn3TYbqjZ0olri8BvggN+tCxU83p6TbTGWf3rjPHSk
nWgtdzWMkDb85F7SKzs5cPeCBp60eb313WK+zn1GWQwnlcqv1SAVIdM+BYpuZC66
rlazBmxsh/myJ9E9cs8hY0+0wq8IUMrbfZE7JWA/N+Jhmw+gLhqbsU5bktfrrlxK
hSOE6+4TMmDLMoCErA8w2bs/cKVZKl9YV/atHkEEX5IcICO5/LRweyBQ8IEhDg2g
luZ2W4/xz6FucdtGcbxByTE1r8GhWOWOP49ZPjJdPVxmsPume2wLMK1KHRekU+xI
dde9zPQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:29 2024 by rpki-client on console-ams.rpki-client.org