Route Origin Authorization

$ rpki-client -vvf rpki.sub.apnic.net/repository/A917447B0000/1/323030313a6466343a353134643a3a2f34382d3438203d3e20313533333436.roa
File:                     323030313a6466343a353134643a3a2f34382d3438203d3e20313533333436.roa (raw, json)
Hash identifier:          jyXrkPBz5fGYB/J2XrdnQ2pHXTSOM5q35/ywqUmR/bY=
Subject key identifier:   EC:B6:19:27:15:9F:67:4B:4A:1C:89:22:7F:83:42:F0:C9:3F:81:F6
Certificate issuer:       /CN=A917447B0000/serialNumber=7A443962573EC01D5131651F90F46DA19AFC21D2
Certificate serial:       742DCB53B0ED2D098AA5DD1E34E5E7E867E7C8C5
Authority key identifier: 7A:44:39:62:57:3E:C0:1D:51:31:65:1F:90:F4:6D:A1:9A:FC:21:D2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ekQ5Ylc-wB1RMWUfkPRtoZr8IdI.cer
Subject info access:      rsync://rpki.sub.apnic.net/repository/A917447B0000/1/323030313a6466343a353134643a3a2f34382d3438203d3e20313533333436.roa
Signing time:             Sat 28 Sep 2024 16:30:19 +0000
ROA not before:           Sat 28 Sep 2024 16:25:19 +0000
ROA not after:            Sat 27 Sep 2025 16:30:19 +0000
asID:                     153346
IP address blocks:        2001:df4:514d::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 04 Nov 2024 11:27:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:2d:cb:53:b0:ed:2d:09:8a:a5:dd:1e:34:e5:e7:e8:67:e7:c8:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917447B0000/serialNumber=7A443962573EC01D5131651F90F46DA19AFC21D2
        Validity
            Not Before: Sep 28 16:25:19 2024 GMT
            Not After : Sep 27 16:30:19 2025 GMT
        Subject: CN=ECB61927159F674B4A1C89227F8342F0C93F81F6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:1e:67:4c:1a:ca:80:a6:d2:1b:4f:8d:62:57:
                    62:fb:cb:40:22:35:5c:d5:88:c7:5b:37:cb:cf:59:
                    95:5f:91:77:a1:d9:ed:f4:12:76:26:03:be:92:06:
                    e9:2f:33:57:eb:11:e8:dd:1c:96:cf:08:7e:07:56:
                    7a:f9:63:5d:64:88:6c:6d:de:3e:e8:94:11:eb:6f:
                    43:e7:c7:64:e1:4b:ec:b4:31:39:9b:fb:40:ce:87:
                    8d:a6:a4:d4:a6:67:ab:69:fb:97:b6:13:08:1f:87:
                    75:0d:6b:6e:1b:f5:4b:7c:20:fc:6a:47:b6:26:07:
                    82:16:98:4b:78:cc:75:29:b7:cb:16:f8:5f:ad:9f:
                    fb:19:7e:0c:fa:e3:01:00:9a:4a:68:90:d3:c7:d7:
                    ba:ca:de:7b:96:77:27:74:16:7e:e7:87:aa:eb:06:
                    61:75:c6:ee:27:44:d7:ae:cd:15:5d:1c:f7:6b:69:
                    00:4f:db:d0:1b:c0:3a:3f:54:59:28:80:0a:fe:dd:
                    1b:7f:47:8f:78:70:84:df:e7:9d:7e:f1:c2:4d:b1:
                    18:57:27:b0:46:3c:08:b1:d6:3b:75:23:73:58:c6:
                    b3:6a:66:23:e4:09:3a:75:34:4c:e2:37:59:ca:09:
                    30:6d:03:15:6c:bf:7e:5c:8d:0d:ed:f6:d5:e9:a1:
                    eb:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:B6:19:27:15:9F:67:4B:4A:1C:89:22:7F:83:42:F0:C9:3F:81:F6
            X509v3 Authority Key Identifier:
                keyid:7A:44:39:62:57:3E:C0:1D:51:31:65:1F:90:F4:6D:A1:9A:FC:21:D2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.sub.apnic.net/repository/A917447B0000/1/7A443962573EC01D5131651F90F46DA19AFC21D2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ekQ5Ylc-wB1RMWUfkPRtoZr8IdI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A917447B0000/1/323030313a6466343a353134643a3a2f34382d3438203d3e20313533333436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df4:514d::/48

    Signature Algorithm: sha256WithRSAEncryption
         be:ac:a3:6d:45:34:58:95:6d:f5:fa:11:73:9f:51:ed:d8:0a:
         5c:16:6f:4f:b4:04:e9:e9:94:c6:29:dd:ab:4d:e7:97:87:8c:
         8c:be:65:8c:d4:05:6b:8c:bc:01:4d:7d:c9:15:20:2b:44:34:
         0e:4f:ad:ef:5c:7b:b1:b3:45:53:84:47:8c:b3:d7:04:4d:dd:
         b1:72:5d:6d:0b:c2:e9:60:3c:ce:e4:7a:b7:54:ae:6f:71:37:
         6d:92:ad:ac:a0:a1:4d:7a:0b:6a:80:de:89:1b:48:e0:55:4f:
         b3:6f:a0:5e:0e:5b:a0:eb:03:f3:52:52:5d:65:da:1c:4c:0d:
         76:c6:e6:8a:97:15:cf:2b:d5:6a:ef:3f:7a:0f:8d:90:cf:d7:
         b1:92:f1:ee:2e:6d:2b:aa:f4:0e:4d:3b:89:c4:75:e3:c9:15:
         a2:23:3a:4c:5d:4b:8f:cc:3f:54:87:98:a5:6f:84:5b:33:a5:
         0a:b6:a1:11:d3:97:89:c0:3a:47:aa:9b:14:0e:00:6a:9a:6f:
         0c:83:ca:71:12:44:28:24:c9:40:a5:cd:28:4e:07:3d:1c:12:
         4e:f6:e7:3d:c5:fb:60:b6:5b:50:d5:1d:ab:3d:11:ab:7d:96:
         d3:93:23:19:53:c8:d2:06:74:84:e9:38:01:00:ea:32:b1:5d:
         73:47:4b:1d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUdC3LU7DtLQmKpd0eNOXn6GfnyMUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNzQ0N0IwMDAwMTEwLwYDVQQFEyg3QTQ0Mzk2MjU3
M0VDMDFENTEzMTY1MUY5MEY0NkRBMTlBRkMyMUQyMB4XDTI0MDkyODE2MjUxOVoX
DTI1MDkyNzE2MzAxOVowMzExMC8GA1UEAxMoRUNCNjE5MjcxNTlGNjc0QjRBMUM4
OTIyN0Y4MzQyRjBDOTNGODFGNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQeZ0wayoCm0htPjWJXYvvLQCI1XNWIx1s3y89ZlV+Rd6HZ7fQSdiYDvpIG
6S8zV+sR6N0cls8IfgdWevljXWSIbG3ePuiUEetvQ+fHZOFL7LQxOZv7QM6Hjaak
1KZnq2n7l7YTCB+HdQ1rbhv1S3wg/GpHtiYHghaYS3jMdSm3yxb4X62f+xl+DPrj
AQCaSmiQ08fXusree5Z3J3QWfueHqusGYXXG7idE167NFV0c92tpAE/b0BvAOj9U
WSiACv7dG39Hj3hwhN/nnX7xwk2xGFcnsEY8CLHWO3Ujc1jGs2pmI+QJOnU0TOI3
WcoJMG0DFWy/flyNDe321emh618CAwEAAaOCAh8wggIbMB0GA1UdDgQWBBTsthkn
FZ9nS0ociSJ/g0LwyT+B9jAfBgNVHSMEGDAWgBR6RDliVz7AHVExZR+Q9G2hmvwh
0jAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE3NDQ3QjAwMDAvMS83QTQ0Mzk2
MjU3M0VDMDFENTEzMTY1MUY5MEY0NkRBMTlBRkMyMUQyLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9la1E1WWxjLXdC
MVJNV1Vma1BSdG9acjhJZEkuY2VyMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYB
BQUHMAuGd3JzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkx
NzQ0N0IwMDAwLzEvMzIzMDMwMzEzYTY0NjYzNDNhMzUzMTM0NjQzYTNhMmYzNDM4
MmQzNDM4MjAzZDNlMjAzMTM1MzMzMzM0MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQ30UU0wDQYJ
KoZIhvcNAQELBQADggEBAL6so21FNFiVbfX6EXOfUe3YClwWb0+0BOnplMYp3atN
55eHjIy+ZYzUBWuMvAFNfckVICtENA5Pre9ce7GzRVOER4yz1wRN3bFyXW0Lwulg
PM7kerdUrm9xN22SraygoU16C2qA3okbSOBVT7NvoF4OW6DrA/NSUl1l2hxMDXbG
5oqXFc8r1WrvP3oPjZDP17GS8e4ubSuq9A5NO4nEdePJFaIjOkxdS4/MP1SHmKVv
hFszpQq2oRHTl4nAOkeqmxQOAGqabwyDynESRCgkyUClzShOBz0cEk725z3F+2C2
W1DVHas9Eat9ltOTIxlTyNIGdITpOAEA6jKxXXNHSx0=
-----END CERTIFICATE-----
Generated at Mon Nov 4 14:58:13 2024 by rpki-client on console-fra.rpki-client.org