Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/AA9007A4A1AE11EF9D9F990EC4F9AE02.roa
File:                     AA9007A4A1AE11EF9D9F990EC4F9AE02.roa (raw, json)
Hash identifier:          xtuSJPnDQcSggX+5gU3I2Grf5aND8UMWPPRRj0wJdJg=
Subject key identifier:   F2:7A:B2:43:F1:31:01:A9:94:FC:60:E8:DC:33:79:81:DC:A8:70:FB
Certificate issuer:       /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial:       0BC5
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/AA9007A4A1AE11EF9D9F990EC4F9AE02.roa
Signing time:             Wed 13 Nov 2024 11:01:43 +0000
ROA not before:           Wed 13 Nov 2024 11:01:43 +0000
ROA not after:            Wed 30 Jul 2025 00:00:00 +0000
asID:                     2914
IP address blocks:        139.190.0.0/19 maxlen: 19
Validation:               Failed, certificate revoked on Tue 19 Nov 2024 09:56:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3013 (0xbc5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134, serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
        Validity
            Not Before: Nov 13 11:01:43 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=67348717-5f6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b0:82:3c:68:19:24:bc:43:a9:f9:f5:e9:d7:
                    84:49:54:c3:bd:0a:6e:cf:0f:6d:8b:ff:ae:4a:a3:
                    9b:2a:42:8e:3c:9b:7b:4a:f8:d3:47:59:81:fa:51:
                    d7:7d:b0:82:d5:e0:5b:84:07:7b:94:74:9f:83:23:
                    45:d7:15:69:c5:b8:fa:f4:51:6b:57:7b:9b:3e:b3:
                    91:03:e4:bf:56:b8:50:2d:c5:47:3e:46:01:15:60:
                    7e:49:40:f9:bf:70:8a:d5:69:8b:f3:ea:c4:e8:b9:
                    ba:98:8d:e0:55:6f:71:99:9e:6e:98:e5:c4:65:17:
                    e1:31:f7:70:98:c0:f0:5a:d7:af:28:e5:a9:a3:e7:
                    c4:18:0b:1e:6b:af:84:c6:f4:f1:1d:34:8b:81:f0:
                    fd:55:a8:54:e8:f7:51:54:e7:f4:74:23:35:bc:9c:
                    c3:15:9b:59:19:98:fc:ec:f1:3e:71:ab:68:1b:51:
                    ea:26:58:01:7b:e7:f6:98:ca:10:6f:92:f3:4c:3e:
                    ef:88:49:07:93:36:31:39:ca:41:94:6f:63:4a:80:
                    10:cb:08:4f:28:0b:00:4d:0b:dc:ac:e7:e0:a3:f0:
                    37:df:3b:47:83:b8:13:33:f8:b8:ff:ff:cc:7d:0a:
                    86:0c:84:64:cf:d6:79:4c:cd:04:a4:45:02:64:78:
                    7f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:7A:B2:43:F1:31:01:A9:94:FC:60:E8:DC:33:79:81:DC:A8:70:FB
            X509v3 Authority Key Identifier:
                keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/AA9007A4A1AE11EF9D9F990EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.190.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         34:6a:2e:b2:c2:36:89:c6:9c:9f:ea:72:53:b8:7f:32:fd:9c:
         3f:1d:9b:8f:a2:c5:6a:21:cc:5d:06:96:1f:cc:8c:c6:32:d6:
         7a:a0:fd:37:e7:fd:74:f7:1c:ba:7d:7e:8d:3a:2b:b4:1a:da:
         86:fe:a7:76:12:64:85:05:a9:93:b8:ba:c8:2a:39:8f:72:5c:
         8c:17:1a:04:ac:e8:12:48:a0:9e:b3:b5:4a:9b:13:2b:e3:8e:
         40:76:de:2a:8d:ee:15:30:ed:2b:80:37:af:83:0b:8b:f4:14:
         2b:fb:1e:0a:5c:ba:43:0b:26:76:9c:9f:f2:f7:4b:4b:21:48:
         44:fc:d0:14:7f:53:bd:b6:e5:b8:cd:9e:8a:4f:f6:1a:52:c5:
         67:b7:f0:79:10:f8:f5:bc:69:b6:18:d1:67:67:b4:74:ae:8d:
         ed:45:6d:53:d5:cd:ef:01:af:67:c2:73:c5:46:60:52:b5:43:
         88:d2:37:c0:3f:93:57:d2:c1:cd:e7:4f:cf:55:3e:30:d7:a1:
         82:37:fe:ca:e4:a4:37:47:05:55:98:ef:f3:b6:a0:7e:fb:9a:
         a4:29:60:14:7f:0d:4c:a2:06:21:5c:07:2d:75:38:4c:8d:b1:
         28:26:de:39:53:5b:67:bc:89:ac:76:7e:3e:2b:2c:ea:98:04:
         4e:97:2d:c4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC8UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMTEzMTEwMTQzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM0ODcxNy01ZjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqrCCPGgZJLxDqfn16deESVTDvQpuzw9ti/+uSqObKkKOPJt7SvjTR1mB+lHX
fbCC1eBbhAd7lHSfgyNF1xVpxbj69FFrV3ubPrORA+S/VrhQLcVHPkYBFWB+SUD5
v3CK1WmL8+rE6Lm6mI3gVW9xmZ5umOXEZRfhMfdwmMDwWtevKOWpo+fEGAsea6+E
xvTxHTSLgfD9VahU6PdRVOf0dCM1vJzDFZtZGZj87PE+catoG1HqJlgBe+f2mMoQ
b5LzTD7viEkHkzYxOcpBlG9jSoAQywhPKAsATQvcrOfgo/A33ztHg7gTM/i4///M
fQqGDIRkz9Z5TM0EpEUCZHh/FwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPJ6skPx
MQGplPxg6NwzeYHcqHD7MB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQUE5MDA3QTRB
MUFFMTFFRjlEOUY5OTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAWLvgAwDQYJKoZIhvcNAQELBQADggEBADRqLrLCNonGnJ/q
clO4fzL9nD8dm4+ixWohzF0Glh/MjMYy1nqg/Tfn/XT3HLp9fo06K7Qa2ob+p3YS
ZIUFqZO4usgqOY9yXIwXGgSs6BJIoJ6ztUqbEyvjjkB23iqN7hUw7SuAN6+DC4v0
FCv7HgpcukMLJnacn/L3S0shSET80BR/U7225bjNnopP9hpSxWe38HkQ+PW8abYY
0WdntHSuje1FbVPVze8Br2fCc8VGYFK1Q4jSN8A/k1fSwc3nT89VPjDXoYI3/srk
pDdHBVWY7/O2oH77mqQpYBR/DUyiBiFcBy11OEyNsSgm3jlTW2e8iax2fj4rLOqY
BE6XLcQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:58:15 2025 by rpki-client