Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC8F7/7786E57EB2A511EE90DEA220C4F9AE02/FE37A5A8B2A611EEA1D7B33FC4F9AE02.roa
File:                     FE37A5A8B2A611EEA1D7B33FC4F9AE02.roa (raw, json)
Hash identifier:          bN48bLdem0DcJzwkGx0IpxtCS4bM95qzYDC4co7CZIQ=
Subject key identifier:   21:B0:7F:58:2F:AC:45:36:B4:1D:2C:E8:F5:E9:4E:77:71:57:98:2F
Certificate issuer:       /CN=A91EC8F7/serialNumber=DED7612DCD160A56C61784025C4B290442CF35BE
Certificate serial:       05
Authority key identifier: DE:D7:61:2D:CD:16:0A:56:C6:17:84:02:5C:4B:29:04:42:CF:35:BE
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3tdhLc0WClbGF4QCXEspBELPNb4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EC8F7/7786E57EB2A511EE90DEA220C4F9AE02/FE37A5A8B2A611EEA1D7B33FC4F9AE02.roa
Signing time:             Sun 14 Jan 2024 06:34:39 +0000
ROA not before:           Sun 14 Jan 2024 06:34:39 +0000
ROA not after:            Mon 31 Mar 2025 00:00:00 +0000
asID:                     152324
IP address blocks:        157.10.176.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Sat 03 Feb 2024 15:12:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EC8F7/serialNumber=DED7612DCD160A56C61784025C4B290442CF35BE
        Validity
            Not Before: Jan 14 06:34:39 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=65a3807f-e0f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:38:a7:e2:d6:89:60:60:4b:9b:df:f4:fc:4c:
                    a0:b5:84:db:0d:4f:fd:23:83:21:03:c3:66:ba:43:
                    19:be:5e:a6:5a:05:c8:6f:3a:d2:6f:f2:79:d3:f9:
                    45:77:7f:b0:11:31:96:82:87:a9:35:c4:f9:60:9f:
                    fb:5a:14:5f:90:da:ba:3b:b7:29:9b:f0:61:ae:c8:
                    70:72:de:3d:85:7b:c8:21:c5:16:4b:30:5f:7c:89:
                    a5:25:c4:8f:8b:9b:99:a8:55:ee:3f:7d:17:9d:b1:
                    29:07:b5:4a:4e:14:82:34:38:46:e9:6f:d0:e0:2b:
                    8e:98:4a:98:ec:7b:70:75:ba:58:07:4b:20:ca:a5:
                    8c:82:f9:7f:87:a7:d0:9f:56:d7:28:fd:23:df:20:
                    e0:c9:6b:a2:bb:81:5e:c3:7a:34:e8:ff:b3:62:83:
                    25:0f:af:70:8f:be:a3:23:b5:f1:da:9a:94:a8:03:
                    97:bd:76:52:fa:37:93:3c:98:38:67:e8:eb:29:af:
                    22:6a:84:a1:01:11:fc:f8:61:6c:27:d6:ee:b4:aa:
                    d0:a0:9c:cd:78:3b:10:04:52:47:b5:be:43:af:a7:
                    42:3e:83:a6:bf:ad:2f:0e:12:20:4a:2d:0f:ca:68:
                    c4:df:47:a8:c0:a4:2a:28:2f:e5:d5:03:68:46:40:
                    b2:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:B0:7F:58:2F:AC:45:36:B4:1D:2C:E8:F5:E9:4E:77:71:57:98:2F
            X509v3 Authority Key Identifier:
                keyid:DE:D7:61:2D:CD:16:0A:56:C6:17:84:02:5C:4B:29:04:42:CF:35:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EC8F7/7786E57EB2A511EE90DEA220C4F9AE02/3tdhLc0WClbGF4QCXEspBELPNb4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3tdhLc0WClbGF4QCXEspBELPNb4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC8F7/7786E57EB2A511EE90DEA220C4F9AE02/FE37A5A8B2A611EEA1D7B33FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.10.176.0/23

    Signature Algorithm: sha256WithRSAEncryption
         62:07:5c:5d:72:9e:13:58:4b:5a:c3:0d:7a:f2:85:bf:3a:6d:
         19:82:a9:35:7e:da:91:82:18:79:ed:76:1d:a4:95:87:5d:aa:
         43:33:d4:cf:3a:9c:59:7a:14:00:ea:8c:a8:cf:74:79:b6:d9:
         99:4e:8f:3d:25:a9:ef:3f:6c:f4:9b:e9:a0:94:b1:fd:8b:0f:
         30:34:f2:15:fe:d0:5e:74:12:3d:2c:05:69:26:c2:3f:a4:47:
         e7:cb:db:4f:92:a1:2c:bf:a1:f3:20:b8:40:00:0d:96:8d:7f:
         60:e7:b7:c6:76:0b:54:d1:db:cc:90:75:6d:29:9d:71:50:d2:
         64:25:bf:b9:58:55:ab:18:80:5a:34:d2:2f:2d:e5:76:9d:f3:
         f6:c3:d6:e1:1b:1c:9f:7f:af:a0:5c:97:87:e0:4e:b0:a4:f3:
         74:24:97:56:d8:c8:04:93:ef:6c:37:f0:2c:03:6a:f3:6c:69:
         73:f1:2a:af:1b:0a:11:10:6f:7b:10:6a:2c:31:a5:56:f8:be:
         e6:6f:58:c5:e1:c8:a1:97:df:1a:a2:ae:76:d6:dd:70:ee:ec:
         65:bc:43:7b:cf:0c:7a:99:bb:8e:0e:c9:17:2b:81:d5:1c:91:
         42:bf:02:88:0a:25:bb:90:ec:26:ba:61:7a:6d:e8:ed:b3:a7:
         ef:e2:70:b6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
QzhGNzExMC8GA1UEBRMoREVENzYxMkRDRDE2MEE1NkM2MTc4NDAyNUM0QjI5MDQ0
MkNGMzVCRTAeFw0yNDAxMTQwNjM0MzlaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YTM4MDdmLWUwZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDfOKfi1olgYEub3/T8TKC1hNsNT/0jgyEDw2a6Qxm+XqZaBchvOtJv8nnT+UV3
f7ARMZaCh6k1xPlgn/taFF+Q2ro7tymb8GGuyHBy3j2Fe8ghxRZLMF98iaUlxI+L
m5moVe4/fRedsSkHtUpOFII0OEbpb9DgK46YSpjse3B1ulgHSyDKpYyC+X+Hp9Cf
Vtco/SPfIODJa6K7gV7DejTo/7NigyUPr3CPvqMjtfHampSoA5e9dlL6N5M8mDhn
6OspryJqhKEBEfz4YWwn1u60qtCgnM14OxAEUke1vkOvp0I+g6a/rS8OEiBKLQ/K
aMTfR6jApCooL+XVA2hGQLIdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUIbB/WC+s
RTa0HSzo9elOd3FXmC8wHwYDVR0jBBgwFoAU3tdhLc0WClbGF4QCXEspBELPNb4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVDOEY3Lzc3ODZFNTdFQjJB
NTExRUU5MERFQTIyMEM0RjlBRTAyLzN0ZGhMYzBXQ2xiR0Y0UUNYRXNwQkVMUE5i
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvM3RkaExjMFdDbGJHRjRRQ1hFc3BCRUxQTmI0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QzhGNy83Nzg2RTU3RUIyQTUxMUVFOTBERUEyMjBDNEY5QUUwMi9GRTM3QTVBOEIy
QTYxMUVFQTFEN0IzM0ZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0KsDANBgkqhkiG9w0BAQsFAAOCAQEAYgdcXXKeE1hLWsMN
evKFvzptGYKpNX7akYIYee12HaSVh12qQzPUzzqcWXoUAOqMqM90ebbZmU6PPSWp
7z9s9JvpoJSx/YsPMDTyFf7QXnQSPSwFaSbCP6RH58vbT5KhLL+h8yC4QAANlo1/
YOe3xnYLVNHbzJB1bSmdcVDSZCW/uVhVqxiAWjTSLy3ldp3z9sPW4Rscn3+voFyX
h+BOsKTzdCSXVtjIBJPvbDfwLANq82xpc/EqrxsKERBvexBqLDGlVvi+5m9YxeHI
oZffGqKudtbdcO7sZbxDe88Mepm7jg7JFyuB1RyRQr8CiAolu5DsJrphem3o7bOn
7+Jwtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org