Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/E109C24633B211EDB94BF636C4F9AE02.roa
File:                     E109C24633B211EDB94BF636C4F9AE02.roa (raw, json)
Hash identifier:          W6K6Oa9NvBDnHae1VRCMaBqqnojGJrkzn7+c8qWdcjg=
Subject key identifier:   24:AE:1E:79:50:33:0E:8E:BF:21:8A:4F:A4:35:3D:08:10:C5:F9:C8
Certificate issuer:       /CN=A91F2B47/serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352
Certificate serial:       0155
Authority key identifier: 17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/E109C24633B211EDB94BF636C4F9AE02.roa
Signing time:             Thu 29 Feb 2024 04:47:11 +0000
ROA not before:           Thu 29 Feb 2024 04:47:11 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     9547
IP address blocks:        166.120.192.0/22 maxlen: 24
                          166.120.196.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 17 Mar 2024 23:52:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 341 (0x155)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F2B47/serialNumber=17D5FE323EBFD9A8D344E77B73799A8E75624352
        Validity
            Not Before: Feb 29 04:47:11 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=65e00c4f-505b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:37:3f:a6:b6:0b:99:12:c1:46:82:f5:0e:f4:
                    ce:ac:d3:d2:91:d9:bd:93:ea:13:07:55:8c:a4:56:
                    7f:8d:f0:9d:c3:68:58:1a:72:f4:37:db:b8:58:b8:
                    40:bd:19:3b:aa:55:b4:45:87:f0:00:9f:f7:9a:a5:
                    7e:39:82:10:66:0e:ea:7b:51:68:0c:b0:4a:52:47:
                    30:c4:24:9d:d2:59:34:52:c8:c0:02:5d:f6:19:f2:
                    81:61:b6:e5:a4:85:70:1a:46:0b:f9:0b:65:dd:f2:
                    e6:41:3e:f5:b9:40:ce:55:37:f0:1d:64:95:d0:62:
                    2a:d6:bf:2a:64:7d:7d:90:81:96:d0:51:93:c5:df:
                    c9:08:3c:d4:9c:41:57:79:4e:8f:3b:37:df:12:97:
                    c9:99:0c:bc:1f:14:6a:c7:da:2f:60:c8:6c:05:d7:
                    d2:15:dd:b9:81:a8:a9:64:12:24:93:83:78:93:9b:
                    6c:05:4c:23:87:58:66:cf:46:0e:c7:2c:f8:c9:17:
                    69:34:8e:a1:f6:7b:af:0b:c6:9a:b9:3f:b5:db:34:
                    bd:e1:9e:f4:27:7f:05:e0:ff:1d:85:3f:86:3f:aa:
                    7b:28:61:1d:17:4d:75:04:0b:de:60:15:cc:7d:b0:
                    bd:0f:2d:16:2d:e4:f4:f0:32:9e:88:29:0c:1a:b0:
                    1b:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:AE:1E:79:50:33:0E:8E:BF:21:8A:4F:A4:35:3D:08:10:C5:F9:C8
            X509v3 Authority Key Identifier:
                keyid:17:D5:FE:32:3E:BF:D9:A8:D3:44:E7:7B:73:79:9A:8E:75:62:43:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/F9X-Mj6_2ajTROd7c3majnViQ1I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/F9X-Mj6_2ajTROd7c3majnViQ1I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2B47/E88E9C7E33AF11EDB6107434C4F9AE02/E109C24633B211EDB94BF636C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.120.192.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a1:68:fb:53:2f:39:62:3c:2e:c4:b1:77:32:2f:35:68:f9:d7:
         a3:1c:70:d2:0b:4e:ce:36:8b:35:99:b0:d7:1c:c3:e7:12:fd:
         50:15:88:d3:c4:56:47:27:81:5e:06:00:d4:07:10:86:30:0a:
         3e:24:f9:5a:85:e0:fa:ce:85:05:b5:13:65:0b:8b:9c:f7:56:
         97:95:0c:f1:96:ae:1b:d9:8b:5d:e1:e2:78:b6:88:df:75:78:
         2c:a7:da:2e:05:5a:fe:5d:26:e0:34:1b:07:3e:86:b0:13:07:
         b4:be:12:98:bd:e6:cd:16:5c:b0:6e:c5:9a:b4:7d:0b:50:14:
         a6:9d:4a:0d:00:f3:19:4a:47:8b:9d:67:73:24:8e:49:a0:a0:
         ae:5b:20:59:1a:dd:d6:4d:8d:8c:64:aa:66:c0:d4:1e:60:42:
         01:1c:a3:52:8b:75:4b:f3:64:2f:95:c2:dd:81:8b:59:e8:cb:
         9d:ea:8f:c4:cf:23:ea:3f:6f:6c:ce:85:2e:98:ee:17:89:a1:
         d8:17:cd:bc:4e:8a:24:8a:4c:c6:97:15:5d:f2:d5:90:be:dc:
         e9:0d:1e:2a:07:44:a9:ef:db:d5:f8:81:ad:30:55:e8:80:eb:
         19:87:0f:4f:b9:98:49:d9:01:32:78:36:cf:8d:5d:2a:13:22:
         30:dd:b3:f9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAVUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjJCNDcxMTAvBgNVBAUTKDE3RDVGRTMyM0VCRkQ5QThEMzQ0RTc3QjczNzk5QThF
NzU2MjQzNTIwHhcNMjQwMjI5MDQ0NzExWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUwMGM0Zi01MDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsDc/prYLmRLBRoL1DvTOrNPSkdm9k+oTB1WMpFZ/jfCdw2hYGnL0N9u4WLhA
vRk7qlW0RYfwAJ/3mqV+OYIQZg7qe1FoDLBKUkcwxCSd0lk0UsjAAl32GfKBYbbl
pIVwGkYL+Qtl3fLmQT71uUDOVTfwHWSV0GIq1r8qZH19kIGW0FGTxd/JCDzUnEFX
eU6POzffEpfJmQy8HxRqx9ovYMhsBdfSFd25gaipZBIkk4N4k5tsBUwjh1hmz0YO
xyz4yRdpNI6h9nuvC8aauT+12zS94Z70J38F4P8dhT+GP6p7KGEdF011BAveYBXM
fbC9Dy0WLeT08DKeiCkMGrAbVQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCSuHnlQ
Mw6OvyGKT6Q1PQgQxfnIMB8GA1UdIwQYMBaAFBfV/jI+v9mo00Tne3N5mo51YkNS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkI0Ny9FODhFOUM3RTMz
QUYxMUVEQjYxMDc0MzRDNEY5QUUwMi9GOVgtTWo2XzJhalRST2Q3YzNtYWpuVmlR
MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0Y5WC1NajZfMmFqVFJPZDdjM21ham5WaVExSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjJCNDcvRTg4RTlDN0UzM0FGMTFFREI2MTA3NDM0QzRGOUFFMDIvRTEwOUMyNDYz
M0IyMTFFREI5NEJGNjM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAOmeMAwDQYJKoZIhvcNAQELBQADggEBAKFo+1MvOWI8LsSx
dzIvNWj516MccNILTs42izWZsNccw+cS/VAViNPEVkcngV4GANQHEIYwCj4k+VqF
4PrOhQW1E2ULi5z3VpeVDPGWrhvZi13h4ni2iN91eCyn2i4FWv5dJuA0Gwc+hrAT
B7S+Epi95s0WXLBuxZq0fQtQFKadSg0A8xlKR4udZ3MkjkmgoK5bIFka3dZNjYxk
qmbA1B5gQgEco1KLdUvzZC+Vwt2Bi1noy53qj8TPI+o/b2zOhS6Y7heJodgXzbxO
iiSKTMaXFV3y1ZC+3OkNHioHRKnv29X4ga0wVeiA6xmHD0+5mEnZATJ4Ns+NXSoT
IjDds/k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:38 2024 by rpki-client on console-ams.rpki-client.org