Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8579/017603FCCEB211ECAE001823C4F9AE02/35CCE694D4D811EC91F7B71EC4F9AE02.roa
File:                     35CCE694D4D811EC91F7B71EC4F9AE02.roa (raw, json)
Hash identifier:          Du6SSJjkhBl8C49tyh4dwd8WG8G3314yBOhxBAtvdNk=
Subject key identifier:   A5:D2:C6:DB:73:A8:9B:88:5E:59:91:B2:D5:BD:14:9C:85:CF:B4:F9
Certificate issuer:       /CN=A91F8579/serialNumber=C7EDFB757F594BDF23ADD7121F5DBE3D25AE00FC
Certificate serial:       01C8
Authority key identifier: C7:ED:FB:75:7F:59:4B:DF:23:AD:D7:12:1F:5D:BE:3D:25:AE:00:FC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x-37dX9ZS98jrdcSH12-PSWuAPw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F8579/017603FCCEB211ECAE001823C4F9AE02/35CCE694D4D811EC91F7B71EC4F9AE02.roa
Signing time:             Thu 03 Aug 2023 03:02:59 +0000
ROA not before:           Thu 03 Aug 2023 03:02:59 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     58879
IP address blocks:        2401:89c0::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 456 (0x1c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F8579/serialNumber=C7EDFB757F594BDF23ADD7121F5DBE3D25AE00FC
        Validity
            Not Before: Aug  3 03:02:59 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=64cb18e2-b124
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:d8:f2:c4:01:ee:af:63:19:6a:5b:03:5c:2d:
                    f2:bd:61:7b:c5:69:0a:d8:d0:d9:32:ae:d4:af:49:
                    c6:15:03:95:5c:8e:2c:80:67:88:1b:3d:2f:3b:60:
                    55:c6:b3:0c:20:16:a3:ad:41:f6:b8:42:f1:b4:0f:
                    a5:ac:b4:ba:41:91:e5:ad:d6:2d:66:ce:79:c6:b8:
                    f9:60:9d:9f:a0:7a:2f:cb:44:17:5c:bb:41:f2:bd:
                    5a:c0:75:60:e7:da:cf:42:cd:89:de:9f:d0:26:e4:
                    06:58:a7:80:e3:95:4b:c6:b3:d7:a7:ca:7c:36:a5:
                    7c:ea:49:bf:dc:8e:69:ce:3b:38:4f:37:11:b4:23:
                    43:f7:0c:1c:16:a7:97:68:bc:80:e7:49:a4:4f:76:
                    67:af:a8:f3:52:96:39:39:ec:f8:90:95:3d:85:63:
                    5e:38:30:5c:36:0b:9a:9e:f2:b9:dc:b9:42:5e:9e:
                    db:a9:eb:ab:cd:b0:54:ce:22:6f:4d:6c:71:f9:6d:
                    88:97:bc:61:19:15:e2:79:26:47:1d:5a:8a:9c:df:
                    b2:23:36:ae:c3:0c:12:d4:fe:29:2d:5c:35:11:3f:
                    f1:f0:c1:48:8f:6c:cd:26:bf:68:85:42:63:66:6e:
                    ea:71:f5:c3:42:37:fc:63:4a:54:69:69:a9:ed:03:
                    d6:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:D2:C6:DB:73:A8:9B:88:5E:59:91:B2:D5:BD:14:9C:85:CF:B4:F9
            X509v3 Authority Key Identifier:
                keyid:C7:ED:FB:75:7F:59:4B:DF:23:AD:D7:12:1F:5D:BE:3D:25:AE:00:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F8579/017603FCCEB211ECAE001823C4F9AE02/x-37dX9ZS98jrdcSH12-PSWuAPw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x-37dX9ZS98jrdcSH12-PSWuAPw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8579/017603FCCEB211ECAE001823C4F9AE02/35CCE694D4D811EC91F7B71EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:89c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         20:ff:ea:09:81:2d:94:6a:43:4f:1f:e2:53:00:22:ad:06:ea:
         46:21:97:16:67:06:8d:1e:53:0e:4f:f2:80:4f:68:18:5b:e5:
         1f:ac:2b:d4:02:15:da:4c:26:70:bb:a2:7d:ab:d2:08:a5:c1:
         1d:54:7a:22:a7:79:c5:eb:df:31:62:9a:6b:bb:48:2b:b5:df:
         1d:f4:6a:2b:de:d5:c6:7c:e7:c5:25:ea:2c:2f:52:93:b6:a0:
         ce:9e:50:36:5b:39:a8:07:97:83:74:01:66:ad:43:c8:eb:d6:
         10:2a:f3:56:b3:76:1b:81:b1:14:fd:bf:28:8e:09:20:ef:01:
         b3:c2:2f:c9:d6:11:76:93:e0:37:c5:26:34:9c:7d:80:0a:de:
         67:44:1c:aa:2f:f1:f4:ce:0e:e3:9b:22:44:0f:2e:43:bc:12:
         04:2a:6a:38:4f:41:5e:e3:8c:dd:2e:7d:94:82:37:e2:0f:40:
         13:75:39:48:92:12:b2:1a:c8:55:3f:08:7a:5d:e3:9c:24:79:
         ea:63:7d:c4:cf:51:49:c0:9d:fd:aa:08:a0:0e:f9:8f:8f:0d:
         6b:e4:5c:97:8c:dd:bf:f3:a2:61:15:02:13:53:91:f9:88:ec:
         f6:8c:a0:4d:88:97:9b:fe:98:65:ba:e5:95:84:b4:d0:dc:de:
         dd:d1:10:17
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAcgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg1NzkxMTAvBgNVBAUTKEM3RURGQjc1N0Y1OTRCREYyM0FERDcxMjFGNURCRTNE
MjVBRTAwRkMwHhcNMjMwODAzMDMwMjU5WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNiMThlMi1iMTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmNjyxAHur2MZalsDXC3yvWF7xWkK2NDZMq7Ur0nGFQOVXI4sgGeIGz0vO2BV
xrMMIBajrUH2uELxtA+lrLS6QZHlrdYtZs55xrj5YJ2foHovy0QXXLtB8r1awHVg
59rPQs2J3p/QJuQGWKeA45VLxrPXp8p8NqV86km/3I5pzjs4TzcRtCND9wwcFqeX
aLyA50mkT3Znr6jzUpY5Oez4kJU9hWNeODBcNguanvK53LlCXp7bqeurzbBUziJv
TWxx+W2Il7xhGRXieSZHHVqKnN+yIzauwwwS1P4pLVw1ET/x8MFIj2zNJr9ohUJj
Zm7qcfXDQjf8Y0pUaWmp7QPW9QIDAQABo4ICmDCCApQwHQYDVR0OBBYEFKXSxttz
qJuIXlmRstW9FJyFz7T5MB8GA1UdIwQYMBaAFMft+3V/WUvfI63XEh9dvj0lrgD8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODU3OS8wMTc2MDNGQ0NF
QjIxMUVDQUUwMDE4MjNDNEY5QUUwMi94LTM3ZFg5WlM5OGpyZGNTSDEyLVBTV3VB
UHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3gtMzdkWDlaUzk4anJkY1NIMTItUFNXdUFQdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjg1NzkvMDE3NjAzRkNDRUIyMTFFQ0FFMDAxODIzQzRGOUFFMDIvMzVDQ0U2OTRE
NEQ4MTFFQzkxRjdCNzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAYnAAAAwDQYJKoZIhvcNAQELBQADggEBACD/6gmBLZRq
Q08f4lMAIq0G6kYhlxZnBo0eUw5P8oBPaBhb5R+sK9QCFdpMJnC7on2r0gilwR1U
eiKnecXr3zFimmu7SCu13x30aive1cZ858Ul6iwvUpO2oM6eUDZbOagHl4N0AWat
Q8jr1hAq81azdhuBsRT9vyiOCSDvAbPCL8nWEXaT4DfFJjScfYAK3mdEHKov8fTO
DuObIkQPLkO8EgQqajhPQV7jjN0ufZSCN+IPQBN1OUiSErIayFU/CHpd45wkeepj
fcTPUUnAnf2qCKAO+Y+PDWvkXJeM3b/zomEVAhNTkfmI7PaMoE2Il5v+mGW65ZWE
tNDc3t3REBc=
-----END CERTIFICATE-----
Generated at Sat Oct 7 12:08:03 2023 by rpki-client on console-fra.rpki-client.org