Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/5A83C666350211EEB33A9B71C4F9AE02.roa
File:                     5A83C666350211EEB33A9B71C4F9AE02.roa (raw, json)
Hash identifier:          5hXuLPUl1oznYiZYUW2nmt4xTeI47MtrNRFOzwu+lXg=
Subject key identifier:   0E:77:90:7D:35:9F:96:58:AB:82:AA:C7:EC:66:DB:33:D5:60:33:EE
Certificate issuer:       /CN=A91D51A0/serialNumber=C6EABEB93E1D06E2C32E1C4CBE147CFB39992539
Certificate serial:       0333
Authority key identifier: C6:EA:BE:B9:3E:1D:06:E2:C3:2E:1C:4C:BE:14:7C:FB:39:99:25:39
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xuq-uT4dBuLDLhxMvhR8-zmZJTk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/5A83C666350211EEB33A9B71C4F9AE02.roa
Signing time:             Fri 01 Mar 2024 03:05:09 +0000
ROA not before:           Fri 01 Mar 2024 03:05:09 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     151420
IP address blocks:        2400:54a0:20a0::/44 maxlen: 48

Validation:               Failed, certificate revoked on Sat 24 Aug 2024 11:30:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 819 (0x333)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D51A0/serialNumber=C6EABEB93E1D06E2C32E1C4CBE147CFB39992539
        Validity
            Not Before: Mar  1 03:05:09 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65e145e5-deaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:59:b0:09:1f:6f:55:c7:db:67:14:8b:09:92:
                    1a:18:e2:d6:89:81:63:9c:92:e2:a2:8b:f7:f3:72:
                    04:0b:35:f8:3a:eb:9b:cb:e1:88:f6:0d:1b:7b:68:
                    c0:ad:0e:1c:dd:85:82:7e:08:5b:04:09:52:5b:4d:
                    d9:4f:88:52:61:e8:a4:d5:18:2c:13:9a:42:da:5e:
                    8d:cc:c4:ed:50:46:2c:6a:13:f5:b4:7d:65:23:e7:
                    61:08:3f:f4:7d:43:ae:39:95:45:9e:40:72:0f:c8:
                    db:2c:87:bc:de:89:08:f2:cf:e7:33:ff:36:8c:a7:
                    b8:9d:9b:33:22:a9:d8:18:b5:22:91:64:ef:02:ee:
                    53:d4:19:aa:cf:48:51:86:2d:7c:56:4c:f4:98:21:
                    1f:ab:2f:99:17:f4:70:d3:d9:2e:7d:90:6a:f4:64:
                    41:ea:7d:ee:19:23:9f:d1:0e:91:8e:03:1b:70:29:
                    4c:62:4a:77:3b:df:92:99:83:14:50:77:fe:3b:b2:
                    43:a1:f0:ec:38:1b:24:b2:e6:07:2f:62:45:55:1f:
                    6e:aa:2b:b6:56:cb:61:52:dd:d6:df:40:70:e9:bc:
                    d4:b6:02:8a:67:23:e3:dd:5f:13:a6:79:68:90:54:
                    4b:1b:44:3d:04:ea:20:5a:f2:d0:08:a9:68:f7:f4:
                    2c:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:77:90:7D:35:9F:96:58:AB:82:AA:C7:EC:66:DB:33:D5:60:33:EE
            X509v3 Authority Key Identifier:
                keyid:C6:EA:BE:B9:3E:1D:06:E2:C3:2E:1C:4C:BE:14:7C:FB:39:99:25:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/xuq-uT4dBuLDLhxMvhR8-zmZJTk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xuq-uT4dBuLDLhxMvhR8-zmZJTk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D51A0/7C53910C7F8411EC80518E51C4F9AE02/5A83C666350211EEB33A9B71C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:54a0:20a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         8b:44:5f:a9:a6:3c:3b:63:3b:08:d9:00:4f:95:8d:9e:5f:79:
         00:74:a1:7a:81:0f:27:35:0a:2e:51:7d:1a:57:9d:95:bd:7c:
         ea:48:71:ad:09:f8:94:58:e8:7f:e8:32:1e:f9:78:49:50:cd:
         e3:de:3c:3a:11:fe:33:91:05:d8:01:7c:4d:d6:49:80:a3:f2:
         49:2f:00:d7:81:50:ef:89:7e:df:a4:f0:89:a3:9c:7a:56:d3:
         ea:b7:8b:99:17:79:6f:f8:99:61:d8:c6:76:de:ba:87:9b:4b:
         fe:aa:2d:92:ca:3d:c7:20:89:6a:4a:a5:28:b3:57:40:21:b5:
         7c:24:8c:8e:08:95:68:58:f5:38:03:e2:35:7f:ae:dc:8b:30:
         c8:a4:ef:4e:d2:78:05:02:4d:36:92:57:0e:f1:6d:fa:37:05:
         92:23:28:83:80:47:86:29:8a:a4:36:a2:e1:38:60:23:c6:88:
         be:3c:99:9e:be:e2:53:e6:38:2c:3a:d4:30:ab:41:ee:52:7c:
         d9:c5:f3:06:b6:23:53:e5:b4:83:14:2e:24:b6:88:c7:fd:a3:
         4a:ff:23:e9:c9:fb:13:14:fb:84:ad:ba:b4:d6:63:0a:1c:0f:
         f6:2f:81:6e:40:a4:d5:c8:6e:3e:51:c2:fb:da:47:40:25:fe:
         60:69:c7:9a
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAzMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDUxQTAxMTAvBgNVBAUTKEM2RUFCRUI5M0UxRDA2RTJDMzJFMUM0Q0JFMTQ3Q0ZC
Mzk5OTI1MzkwHhcNMjQwMzAxMDMwNTA5WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUxNDVlNS1kZWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1VmwCR9vVcfbZxSLCZIaGOLWiYFjnJLioov383IECzX4Ouuby+GI9g0be2jA
rQ4c3YWCfghbBAlSW03ZT4hSYeik1RgsE5pC2l6NzMTtUEYsahP1tH1lI+dhCD/0
fUOuOZVFnkByD8jbLIe83okI8s/nM/82jKe4nZszIqnYGLUikWTvAu5T1Bmqz0hR
hi18Vkz0mCEfqy+ZF/Rw09kufZBq9GRB6n3uGSOf0Q6RjgMbcClMYkp3O9+SmYMU
UHf+O7JDofDsOBsksuYHL2JFVR9uqiu2VsthUt3W30Bw6bzUtgKKZyPj3V8Tpnlo
kFRLG0Q9BOogWvLQCKlo9/Qs7QIDAQABo4ICmDCCApQwHQYDVR0OBBYEFA53kH01
n5ZYq4Kqx+xm2zPVYDPuMB8GA1UdIwQYMBaAFMbqvrk+HQbiwy4cTL4UfPs5mSU5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTFBMC83QzUzOTEwQzdG
ODQxMUVDODA1MThFNTFDNEY5QUUwMi94dXEtdVQ0ZEJ1TERMaHhNdmhSOC16bVpK
VGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h1cS11VDRkQnVMRExoeE12aFI4LXptWkpUay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDUxQTAvN0M1MzkxMEM3Rjg0MTFFQzgwNTE4RTUxQzRGOUFFMDIvNUE4M0M2NjYz
NTAyMTFFRUIzM0E5QjcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkAFSgIKAwDQYJKoZIhvcNAQELBQADggEBAItEX6mmPDtj
OwjZAE+VjZ5feQB0oXqBDyc1Ci5RfRpXnZW9fOpIca0J+JRY6H/oMh75eElQzePe
PDoR/jORBdgBfE3WSYCj8kkvANeBUO+Jft+k8ImjnHpW0+q3i5kXeW/4mWHYxnbe
uoebS/6qLZLKPccgiWpKpSizV0AhtXwkjI4IlWhY9TgD4jV/rtyLMMik707SeAUC
TTaSVw7xbfo3BZIjKIOAR4YpiqQ2ouE4YCPGiL48mZ6+4lPmOCw61DCrQe5SfNnF
8wa2I1PltIMULiS2iMf9o0r/I+nJ+xMU+4SturTWYwocD/YvgW5ApNXIbj5Rwvva
R0Al/mBpx5o=
-----END CERTIFICATE-----
Generated at Sat Aug 24 16:11:45 2024 by rpki-client on console-ams.rpki-client.org