Route Origin Authorization

$ rpki-client -vvf rpki.sub.apnic.net/repository/A917447B0000/1/323030313a6466343a353134663a3a2f34382d3438203d3e20313533333436.roa
File:                     323030313a6466343a353134663a3a2f34382d3438203d3e20313533333436.roa (raw, json)
Hash identifier:          ZftJKNkcxqt8viV6ch9Nq0ZeTxEgq19lQySWqr859Vk=
Subject key identifier:   B9:A4:78:1D:C3:98:D4:C2:86:D1:D0:E7:C0:AC:86:68:95:E4:A0:24
Certificate issuer:       /CN=A917447B0000/serialNumber=7A443962573EC01D5131651F90F46DA19AFC21D2
Certificate serial:       642295688D6821A4C75A9C22C78505DA9C85866B
Authority key identifier: 7A:44:39:62:57:3E:C0:1D:51:31:65:1F:90:F4:6D:A1:9A:FC:21:D2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ekQ5Ylc-wB1RMWUfkPRtoZr8IdI.cer
Subject info access:      rsync://rpki.sub.apnic.net/repository/A917447B0000/1/323030313a6466343a353134663a3a2f34382d3438203d3e20313533333436.roa
Signing time:             Sat 28 Sep 2024 16:29:41 +0000
ROA not before:           Sat 28 Sep 2024 16:24:41 +0000
ROA not after:            Sat 27 Sep 2025 16:29:41 +0000
asID:                     153346
IP address blocks:        2001:df4:514f::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 04 Nov 2024 11:27:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:22:95:68:8d:68:21:a4:c7:5a:9c:22:c7:85:05:da:9c:85:86:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917447B0000/serialNumber=7A443962573EC01D5131651F90F46DA19AFC21D2
        Validity
            Not Before: Sep 28 16:24:41 2024 GMT
            Not After : Sep 27 16:29:41 2025 GMT
        Subject: CN=B9A4781DC398D4C286D1D0E7C0AC866895E4A024
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b8:58:15:02:05:b8:6e:5f:fa:7c:03:7c:2e:
                    78:87:2d:17:5b:a1:49:a0:56:f9:fd:dc:10:4f:15:
                    db:db:e9:32:8b:38:cf:72:6e:10:6f:81:29:e2:4c:
                    4a:c8:13:a3:43:7b:8e:1a:7b:37:12:6b:8f:b9:53:
                    d5:df:b2:e7:81:b4:3d:d9:b1:20:68:fc:b1:0a:2b:
                    9c:f7:8f:5b:8d:46:45:b4:cd:aa:4a:e4:6c:2a:12:
                    67:20:c9:29:3c:51:5a:da:e3:9b:a3:2a:f2:e2:98:
                    cf:82:67:f2:da:6e:db:1e:dc:c7:1c:c6:cb:77:d3:
                    98:b7:37:1d:a4:e1:58:eb:2c:be:42:40:1a:36:1a:
                    85:60:70:bd:43:9c:38:c3:a1:3c:ab:74:87:f7:cb:
                    d5:e2:18:ad:dc:d9:87:be:08:7a:3d:05:d3:9e:fa:
                    3c:2c:71:30:10:61:a3:6f:da:45:20:bf:2d:94:90:
                    82:d7:3a:c0:31:8e:74:dc:3d:02:c9:20:49:dd:b2:
                    c3:db:5a:f2:34:82:b8:91:53:41:c0:f7:19:7d:00:
                    6b:24:b4:44:1b:8c:b2:c7:5b:d1:c4:5a:6c:0f:b9:
                    d8:32:7e:11:66:19:27:8a:27:47:4b:a1:b2:b2:bd:
                    d0:a2:f1:2a:a0:3e:16:55:aa:d3:a5:db:11:84:ec:
                    64:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:A4:78:1D:C3:98:D4:C2:86:D1:D0:E7:C0:AC:86:68:95:E4:A0:24
            X509v3 Authority Key Identifier:
                keyid:7A:44:39:62:57:3E:C0:1D:51:31:65:1F:90:F4:6D:A1:9A:FC:21:D2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.sub.apnic.net/repository/A917447B0000/1/7A443962573EC01D5131651F90F46DA19AFC21D2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ekQ5Ylc-wB1RMWUfkPRtoZr8IdI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A917447B0000/1/323030313a6466343a353134663a3a2f34382d3438203d3e20313533333436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df4:514f::/48

    Signature Algorithm: sha256WithRSAEncryption
         b6:d1:8a:b8:06:f8:fa:1e:1b:4f:c6:c0:6a:c8:36:28:b7:8e:
         c5:68:57:6d:11:a2:b7:bd:bc:90:5b:e8:14:a9:09:ff:f7:81:
         18:55:13:68:1e:ff:8d:6a:29:17:5c:d6:c4:6c:8a:d1:9e:0b:
         f2:4c:27:e2:5d:18:5e:f2:84:d9:d5:7e:ea:07:7b:df:2b:ca:
         c4:56:bd:09:5b:e3:2b:85:67:9b:2f:d4:21:63:a2:1f:05:55:
         99:e2:36:0e:5b:fc:93:5f:0b:85:ce:78:e3:24:e1:25:a4:bc:
         c7:5b:0a:0d:ef:f7:1a:44:ed:b2:6c:c6:fb:bf:43:45:30:9f:
         9a:91:78:65:7a:6c:82:c9:72:81:ed:74:ab:3f:5a:b6:c5:b7:
         ed:61:77:9a:c8:5f:f4:ef:1d:13:8c:e9:d9:e7:10:d0:b2:0a:
         68:01:d1:7d:23:6c:f5:ac:64:f9:75:d9:43:35:78:c3:1a:02:
         31:b5:e3:1c:18:95:0b:55:2e:38:df:d5:f1:74:86:fb:48:85:
         c5:0c:de:48:63:fb:e1:e9:8d:02:ee:40:24:75:4a:4f:8f:91:
         9a:e0:28:e9:b4:e0:e0:ef:1d:72:27:e6:bd:f1:96:2c:5c:b1:
         80:8e:e1:5b:41:6e:50:98:e6:4f:4a:30:43:44:90:27:ef:43:
         3c:a8:69:1f
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUZCKVaI1oIaTHWpwix4UF2pyFhmswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNzQ0N0IwMDAwMTEwLwYDVQQFEyg3QTQ0Mzk2MjU3
M0VDMDFENTEzMTY1MUY5MEY0NkRBMTlBRkMyMUQyMB4XDTI0MDkyODE2MjQ0MVoX
DTI1MDkyNzE2Mjk0MVowMzExMC8GA1UEAxMoQjlBNDc4MURDMzk4RDRDMjg2RDFE
MEU3QzBBQzg2Njg5NUU0QTAyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKm4WBUCBbhuX/p8A3wueIctF1uhSaBW+f3cEE8V29vpMos4z3JuEG+BKeJM
SsgTo0N7jhp7NxJrj7lT1d+y54G0PdmxIGj8sQornPePW41GRbTNqkrkbCoSZyDJ
KTxRWtrjm6Mq8uKYz4Jn8tpu2x7cxxzGy3fTmLc3HaThWOssvkJAGjYahWBwvUOc
OMOhPKt0h/fL1eIYrdzZh74Iej0F0576PCxxMBBho2/aRSC/LZSQgtc6wDGOdNw9
AskgSd2yw9ta8jSCuJFTQcD3GX0AayS0RBuMssdb0cRabA+52DJ+EWYZJ4onR0uh
srK90KLxKqA+FlWq06XbEYTsZEMCAwEAAaOCAh8wggIbMB0GA1UdDgQWBBS5pHgd
w5jUwobR0OfArIZoleSgJDAfBgNVHSMEGDAWgBR6RDliVz7AHVExZR+Q9G2hmvwh
0jAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE3NDQ3QjAwMDAvMS83QTQ0Mzk2
MjU3M0VDMDFENTEzMTY1MUY5MEY0NkRBMTlBRkMyMUQyLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9la1E1WWxjLXdC
MVJNV1Vma1BSdG9acjhJZEkuY2VyMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYB
BQUHMAuGd3JzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkx
NzQ0N0IwMDAwLzEvMzIzMDMwMzEzYTY0NjYzNDNhMzUzMTM0NjYzYTNhMmYzNDM4
MmQzNDM4MjAzZDNlMjAzMTM1MzMzMzM0MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQ30UU8wDQYJ
KoZIhvcNAQELBQADggEBALbRirgG+PoeG0/GwGrINii3jsVoV20Rore9vJBb6BSp
Cf/3gRhVE2ge/41qKRdc1sRsitGeC/JMJ+JdGF7yhNnVfuoHe98rysRWvQlb4yuF
Z5sv1CFjoh8FVZniNg5b/JNfC4XOeOMk4SWkvMdbCg3v9xpE7bJsxvu/Q0Uwn5qR
eGV6bILJcoHtdKs/WrbFt+1hd5rIX/TvHROM6dnnENCyCmgB0X0jbPWsZPl12UM1
eMMaAjG14xwYlQtVLjjf1fF0hvtIhcUM3khj++HpjQLuQCR1Sk+PkZrgKOm04ODv
HXIn5r3xlixcsYCO4VtBblCY5k9KMENEkCfvQzyoaR8=
Generated at Mon Nov 4 14:58:13 2024 by rpki-client on console-fra.rpki-client.org