Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/89508F0E749B11EF8D09793AC4F9AE02.roa
File:                     89508F0E749B11EF8D09793AC4F9AE02.roa (raw, json)
Hash identifier:          /v1A9mYsfoeEoO16ywom4OJf1anuvIIks1Iuoy1CEds=
Subject key identifier:   1E:2F:A0:15:0C:C5:69:0A:6E:08:E4:22:A4:AC:0F:C0:EB:C1:0E:30
Certificate issuer:       /CN=A91D44BE/serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD
Certificate serial:       0A
Authority key identifier: 95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/89508F0E749B11EF8D09793AC4F9AE02.roa
Signing time:             Tue 17 Sep 2024 02:21:25 +0000
ROA not before:           Tue 17 Sep 2024 02:21:25 +0000
ROA not after:            Mon 01 Dec 2025 00:00:00 +0000
asID:                     138166
IP address blocks:        160.30.212.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 18 Sep 2024 02:27:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10 (0xa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D44BE/serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD
        Validity
            Not Before: Sep 17 02:21:25 2024 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=66e8e7a4-1d1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:87:10:49:1e:c5:58:0d:dd:5f:62:81:b7:a9:
                    71:67:e4:47:56:a7:9f:6d:20:ed:4b:e5:56:4e:8c:
                    d3:25:0f:bc:81:ca:b1:20:6a:93:78:98:8a:40:71:
                    9c:18:2e:f0:0f:f9:a8:fd:99:e0:cd:b5:c0:8d:86:
                    08:08:6d:73:49:66:60:fc:be:16:28:fd:a7:63:c0:
                    92:98:3e:ec:ec:f2:99:a2:69:9e:a8:ca:d2:68:bf:
                    b4:90:40:cb:57:60:57:19:28:64:8a:4e:cd:e1:c0:
                    dd:64:ac:16:4c:8b:d7:ef:76:51:6e:eb:d1:c7:80:
                    d5:c8:9c:c0:13:76:4b:b6:b3:20:11:50:50:2d:85:
                    72:f5:1a:e9:a9:87:ca:aa:a0:e9:13:e5:a5:7b:bd:
                    f1:2b:f4:75:c3:f3:12:ed:9b:58:a9:70:8e:44:ee:
                    a1:2d:52:b3:26:c0:3d:48:a0:06:a6:39:39:86:ab:
                    d9:07:d7:a6:73:b2:ef:a6:f0:83:3a:83:1b:d8:7b:
                    72:b9:50:7d:90:02:e6:2c:e0:af:8f:83:94:26:0f:
                    5d:40:74:77:e4:25:10:8b:5c:06:e2:ea:9a:ad:b7:
                    5f:23:48:90:57:9b:bb:01:53:88:a5:cd:09:82:6b:
                    40:0f:57:9b:f2:da:a9:77:14:47:b8:47:ef:ab:72:
                    3f:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:2F:A0:15:0C:C5:69:0A:6E:08:E4:22:A4:AC:0F:C0:EB:C1:0E:30
            X509v3 Authority Key Identifier:
                keyid:95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/89508F0E749B11EF8D09793AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.30.212.0/23

    Signature Algorithm: sha256WithRSAEncryption
         71:a1:3c:df:70:f4:56:5a:87:b1:e2:c2:2c:49:ca:c4:90:68:
         41:aa:a1:e0:78:cb:eb:16:36:bf:cc:ba:13:db:91:7b:74:b3:
         a0:6c:2c:be:f2:2c:f8:24:6e:0b:0f:bf:45:22:6d:a8:19:40:
         d9:2e:37:70:fe:6d:64:56:7f:e3:08:59:05:1b:62:73:52:7b:
         0b:8b:3f:de:94:d7:dd:0a:d6:37:f6:6a:c1:b4:46:f9:b8:0f:
         b6:1a:e2:23:16:a1:40:40:1f:5c:56:12:d7:6f:af:83:24:5f:
         a9:c7:57:36:79:6b:23:9c:05:5b:d8:9e:75:92:bc:20:cb:09:
         a8:65:99:c6:a9:ba:1e:4d:e5:f9:f6:b5:50:2e:1c:da:d7:b5:
         5c:92:27:db:9b:a7:52:44:f3:92:22:9a:00:38:4c:61:66:b8:
         51:c9:4d:f7:c5:6b:e5:80:12:4b:74:b2:11:1b:d4:91:74:f7:
         8c:d8:56:c9:5c:c9:d1:1d:d1:cc:e1:5a:7d:a4:42:74:8b:0c:
         8a:6e:6f:41:2d:e8:e2:24:38:a5:8c:4c:04:12:0a:c6:20:e1:
         b1:1b:10:c7:36:e3:3b:f0:5e:3a:ab:7d:fb:e6:83:11:6d:3d:
         55:93:39:60:9a:18:9d:a2:15:91:8c:60:78:3f:2f:3f:ae:1e:
         4e:39:74:12
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
NDRCRTExMC8GA1UEBRMoOTVGMDlENUU1QjhCQ0Q2RjRCNEQ2OUI1QzkzNkM5MTJG
NzdEMkNGRDAeFw0yNDA5MTcwMjIxMjVaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZThlN2E0LTFkMWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCdhxBJHsVYDd1fYoG3qXFn5EdWp59tIO1L5VZOjNMlD7yByrEgapN4mIpAcZwY
LvAP+aj9meDNtcCNhggIbXNJZmD8vhYo/adjwJKYPuzs8pmiaZ6oytJov7SQQMtX
YFcZKGSKTs3hwN1krBZMi9fvdlFu69HHgNXInMATdku2syARUFAthXL1Gumph8qq
oOkT5aV7vfEr9HXD8xLtm1ipcI5E7qEtUrMmwD1IoAamOTmGq9kH16Zzsu+m8IM6
gxvYe3K5UH2QAuYs4K+Pg5QmD11AdHfkJRCLXAbi6pqtt18jSJBXm7sBU4ilzQmC
a0APV5vy2ql3FEe4R++rcj/fAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUHi+gFQzF
aQpuCOQipKwPwOvBDjAwHwYDVR0jBBgwFoAUlfCdXluLzW9LTWm1yTbJEvd9LP0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ0NEJFLzAyOEFCRTQyNjky
MjExRUZCRjg3QkIwRUM0RjlBRTAyL2xmQ2RYbHVMelc5TFRXbTF5VGJKRXZkOUxQ
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbGZDZFhsdUx6VzlMVFdtMXlUYkpFdmQ5TFAwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NDRCRS8wMjhBQkU0MjY5MjIxMUVGQkY4N0JCMEVDNEY5QUUwMi84OTUwOEYwRTc0
OUIxMUVGOEQwOTc5M0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaAe1DANBgkqhkiG9w0BAQsFAAOCAQEAcaE833D0VlqHseLC
LEnKxJBoQaqh4HjL6xY2v8y6E9uRe3SzoGwsvvIs+CRuCw+/RSJtqBlA2S43cP5t
ZFZ/4whZBRtic1J7C4s/3pTX3QrWN/ZqwbRG+bgPthriIxahQEAfXFYS12+vgyRf
qcdXNnlrI5wFW9iedZK8IMsJqGWZxqm6Hk3l+fa1UC4c2te1XJIn25unUkTzkiKa
ADhMYWa4UclN98Vr5YASS3SyERvUkXT3jNhWyVzJ0R3RzOFafaRCdIsMim5vQS3o
4iQ4pYxMBBIKxiDhsRsQxzbjO/BeOqt9++aDEW09VZM5YJoYnaIVkYxgeD8vP64e
Tjl0Eg==
-----END CERTIFICATE-----
Generated at Wed Sep 18 06:35:49 2024 by rpki-client on console-ams.rpki-client.org