Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/6467C146EAA911EBB2E81734C4F9AE02.roa
File:                     6467C146EAA911EBB2E81734C4F9AE02.roa (raw, json)
Hash identifier:          6gEqog1PtSwhdPTWJ7C5G32/yTXRYo2uWPaVrvmu6ZY=
Subject key identifier:   D4:5C:54:81:DF:9B:91:99:DF:21:C1:FC:82:32:2F:10:B7:F7:93:18
Certificate issuer:       /CN=A91E563F/serialNumber=482016E56A0241FD2D35BFD77BC972E673CE9F2F
Certificate serial:       075E
Authority key identifier: 48:20:16:E5:6A:02:41:FD:2D:35:BF:D7:7B:C9:72:E6:73:CE:9F:2F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SCAW5WoCQf0tNb_Xe8ly5nPOny8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/6467C146EAA911EBB2E81734C4F9AE02.roa
Signing time:             Mon 10 Jul 2023 21:17:44 +0000
ROA not before:           Mon 10 Jul 2023 21:17:44 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     17894
IP address blocks:        202.52.160.0/23 maxlen: 23
                          202.52.162.0/23 maxlen: 23
                          202.52.164.0/22 maxlen: 23
                          202.52.168.0/21 maxlen: 23
                          202.95.224.0/24 maxlen: 24
                          202.95.225.0/24 maxlen: 24
                          202.95.226.0/24 maxlen: 24
                          202.95.227.0/24 maxlen: 24
                          202.95.228.0/24 maxlen: 24
                          202.95.229.0/24 maxlen: 24
                          202.95.230.0/24 maxlen: 24
                          202.95.231.0/24 maxlen: 24
                          202.95.232.0/24 maxlen: 24
                          202.95.235.0/24 maxlen: 24
                          202.95.236.0/24 maxlen: 24
                          202.95.237.0/24 maxlen: 24
                          202.95.238.0/24 maxlen: 24
                          202.95.239.0/24 maxlen: 24
                          202.126.32.0/20 maxlen: 24
                          2401:b900::/32 maxlen: 32

Validation:               Failed, certificate revoked on Thu 23 Nov 2023 11:32:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1886 (0x75e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E563F/serialNumber=482016E56A0241FD2D35BFD77BC972E673CE9F2F
        Validity
            Not Before: Jul 10 21:17:44 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=64ac7578-7cd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:6e:e1:73:f7:cc:53:47:54:ea:ce:fd:a6:f4:
                    e2:5f:b9:a6:32:45:a4:f7:c5:25:60:01:1a:e9:c3:
                    b6:76:45:96:67:89:7e:76:23:e3:d6:63:12:40:00:
                    75:e1:8b:39:0c:83:fb:e1:1b:43:68:7e:58:4e:0d:
                    fb:47:fd:4f:d9:f6:12:47:c3:3c:ae:c2:e5:ef:cb:
                    08:d3:21:24:a1:a2:47:9c:6d:a5:40:58:b1:ff:c1:
                    1a:4d:d3:7d:f4:6b:b0:3e:e8:fd:b5:64:b0:8e:0e:
                    ce:87:c9:7a:4b:96:aa:87:ee:e2:ef:13:2b:73:fd:
                    72:85:58:8b:b8:46:2d:d5:90:da:53:ec:e0:48:74:
                    f3:d5:78:8e:bf:55:33:71:ec:46:7d:d0:d5:25:44:
                    c5:6c:a4:cf:00:6c:90:1b:4e:3d:b2:ca:3c:b2:3c:
                    40:85:c9:84:b7:74:58:c4:8d:cc:86:99:1e:e9:3a:
                    8e:d4:35:21:97:10:e9:80:31:e9:af:19:7a:8b:6d:
                    01:40:cc:9a:e7:d8:9a:a4:5e:68:9c:ed:a3:ac:ff:
                    a8:fb:03:6f:8b:3c:d2:04:dc:d3:14:22:aa:14:22:
                    4f:19:40:d1:b6:6e:14:db:0f:cb:93:0a:92:6c:92:
                    22:4e:b3:99:49:74:df:a2:29:ff:79:e3:5f:55:53:
                    bc:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:5C:54:81:DF:9B:91:99:DF:21:C1:FC:82:32:2F:10:B7:F7:93:18
            X509v3 Authority Key Identifier:
                keyid:48:20:16:E5:6A:02:41:FD:2D:35:BF:D7:7B:C9:72:E6:73:CE:9F:2F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/SCAW5WoCQf0tNb_Xe8ly5nPOny8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SCAW5WoCQf0tNb_Xe8ly5nPOny8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/6467C146EAA911EBB2E81734C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.52.160.0/20
                  202.95.224.0-202.95.232.255
                  202.95.235.0-202.95.239.255
                  202.126.32.0/20
                IPv6:
                  2401:b900::/32

    Signature Algorithm: sha256WithRSAEncryption
         77:0b:e2:b4:8e:fb:9a:a6:b7:c4:ae:fc:87:ea:59:bf:b5:9b:
         e7:85:33:4b:2c:f2:85:6c:cd:9b:be:b6:93:f2:26:71:e4:06:
         7b:1c:1f:68:c9:3f:44:41:30:13:50:6c:3a:ee:5f:e0:7f:16:
         5d:5a:ec:43:fc:99:f3:c4:9d:6a:87:7d:78:e3:f8:c6:16:01:
         b3:8b:f7:05:ac:89:3d:3e:72:d9:96:59:be:68:95:ec:89:64:
         6d:3e:c0:54:6c:98:9f:a3:44:28:d7:52:76:aa:4f:b2:cf:fb:
         84:08:d4:0e:bc:1d:6f:8d:5d:52:3e:bf:3d:60:f3:94:6b:fc:
         36:02:eb:e9:7e:c4:4c:3c:0a:14:2b:78:00:90:3b:35:01:55:
         bf:0a:a6:73:c3:1c:16:8b:14:f1:95:9b:37:0f:92:96:b8:e3:
         44:18:d4:aa:67:e5:69:93:8e:2e:f6:22:b9:b2:9b:28:8e:87:
         75:80:ae:62:b3:c1:92:d2:90:66:d9:38:dd:25:4d:9a:68:8f:
         9f:70:1e:37:59:d0:b1:8c:7b:7b:a2:43:3a:0e:19:a2:45:57:
         3e:11:10:3d:9a:26:d9:11:16:a3:fe:2d:ab:5a:82:50:65:8f:
         c7:b7:7b:c2:51:a4:96:b6:46:4a:a5:07:e2:4c:ca:75:1d:66:
         ec:2e:7b:ad
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICB14wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTU2M0YxMTAvBgNVBAUTKDQ4MjAxNkU1NkEwMjQxRkQyRDM1QkZENzdCQzk3MkU2
NzNDRTlGMkYwHhcNMjMwNzEwMjExNzQ0WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFjNzU3OC03Y2QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1G7hc/fMU0dU6s79pvTiX7mmMkWk98UlYAEa6cO2dkWWZ4l+diPj1mMSQAB1
4Ys5DIP74RtDaH5YTg37R/1P2fYSR8M8rsLl78sI0yEkoaJHnG2lQFix/8EaTdN9
9GuwPuj9tWSwjg7Oh8l6S5aqh+7i7xMrc/1yhViLuEYt1ZDaU+zgSHTz1XiOv1Uz
cexGfdDVJUTFbKTPAGyQG049sso8sjxAhcmEt3RYxI3Mhpke6TqO1DUhlxDpgDHp
rxl6i20BQMya59iapF5onO2jrP+o+wNvizzSBNzTFCKqFCJPGUDRtm4U2w/LkwqS
bJIiTrOZSXTfoin/eeNfVVO8qQIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFNRcVIHf
m5GZ3yHB/IIyLxC395MYMB8GA1UdIwQYMBaAFEggFuVqAkH9LTW/13vJcuZzzp8v
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTYzRi8wQUI3NzdEQUI2
QTgxMUVBQUVFMTRGN0JDNEY5QUUwMi9TQ0FXNVdvQ1FmMHROYl9YZThseTVuUE9u
eTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDQVc1V29DUWYwdE5iX1hlOGx5NW5QT255OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTU2M0YvMEFCNzc3REFCNkE4MTFFQUFFRTE0RjdCQzRGOUFFMDIvNjQ2N0MxNDZF
QUE5MTFFQkIyRTgxNzM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E
QTA/MC4EAgABMCgDBATKNKAwDAMEBcpf4AMEAMpf6DAMAwQAyl/rAwQEyl/gAwQE
yn4gMA0EAgACMAcDBQAkAbkAMA0GCSqGSIb3DQEBCwUAA4IBAQB3C+K0jvuaprfE
rvyH6lm/tZvnhTNLLPKFbM2bvraT8iZx5AZ7HB9oyT9EQTATUGw67l/gfxZdWuxD
/JnzxJ1qh3144/jGFgGzi/cFrIk9PnLZllm+aJXsiWRtPsBUbJifo0Qo11J2qk+y
z/uECNQOvB1vjV1SPr89YPOUa/w2AuvpfsRMPAoUK3gAkDs1AVW/CqZzwxwWixTx
lZs3D5KWuONEGNSqZ+Vpk44u9iK5spsojod1gK5is8GS0pBm2TjdJU2aaI+fcB43
WdCxjHt7okM6DhmiRVc+ERA9mibZERaj/i2rWoJQZY/Ht3vCUaSWtkZKpQfiTMp1
HWbsLnut
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:44 2024 by rpki-client on console-fra.rpki-client.org