Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/7F410C7C79D511EDBBDFC527C4F9AE02.roa
File: 7F410C7C79D511EDBBDFC527C4F9AE02.roa (raw, json)
Hash identifier: HAY3fXsRhi9dRfb4DO0Ez8mS1wuBTbWg7IrtWu5S5D0=
Subject key identifier: E9:D5:5B:5A:1C:DF:FF:B8:A8:87:01:7C:DE:B8:9B:AF:D4:38:40:96
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 088E
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/7F410C7C79D511EDBBDFC527C4F9AE02.roa
Signing time: Wed 24 May 2023 23:25:05 +0000
ROA not before: Wed 24 May 2023 23:25:05 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 54600
IP address blocks: 139.190.52.0/22 maxlen: 24
139.190.112.0/22 maxlen: 24
139.190.116.0/22 maxlen: 24
139.190.120.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2190 (0x88e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Validity
Not Before: May 24 23:25:05 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=646e9cd0-1b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:06:87:3b:cb:88:26:67:20:2c:0a:bd:7b:cb:
6b:73:31:88:8f:19:6a:7f:15:c1:ad:f8:51:a5:69:
e4:84:46:b1:bc:bd:c9:13:ac:d7:04:4f:68:b5:6f:
d8:3c:93:71:95:ea:30:78:a9:16:82:01:de:76:07:
3c:ab:d7:e2:04:76:14:bc:ad:53:40:eb:a9:6a:2d:
1b:a5:6e:65:c2:58:17:6f:2d:85:4e:09:1e:9d:83:
e5:3c:4e:ad:37:47:d4:4f:50:46:32:71:3c:c6:56:
be:38:e9:6c:7e:6b:ae:bd:1e:44:e6:9a:d8:be:45:
f5:dc:b6:08:2b:03:5f:c9:22:4b:19:bb:ea:a4:a2:
21:64:e8:a6:a7:f7:00:2a:fe:3a:76:97:5c:fb:99:
bf:d5:6b:bb:9b:56:5f:93:18:b2:b2:57:7d:12:cd:
d8:10:12:e1:c7:19:91:46:f3:57:3f:13:9a:d5:ef:
2f:ae:fb:69:2b:08:fb:c8:a8:cf:f6:42:c4:dc:4d:
33:cd:13:8a:b1:69:70:a1:27:7c:b0:bd:12:6b:fa:
ce:b0:b2:66:1f:b6:1a:fa:64:71:4e:ed:f3:9c:2c:
77:23:9e:91:e6:ad:b1:d3:c2:27:66:23:69:1a:92:
94:8a:30:42:c0:d6:8c:5f:88:aa:5c:f8:0f:4b:df:
cb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D5:5B:5A:1C:DF:FF:B8:A8:87:01:7C:DE:B8:9B:AF:D4:38:40:96
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/7F410C7C79D511EDBBDFC527C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.52.0/22
139.190.112.0-139.190.123.255
Signature Algorithm: sha256WithRSAEncryption
33:e4:c1:9b:a3:a6:79:b8:2d:1d:64:46:7c:de:62:ed:77:04:
e3:90:00:06:ec:90:30:47:d5:3b:8e:9a:e7:0f:d2:78:17:55:
76:88:ec:c8:18:aa:83:41:6a:bc:1e:54:21:ed:93:14:cd:da:
cd:e3:9d:19:9b:99:65:78:dc:60:66:e2:ee:e0:14:ba:d3:68:
e3:60:d9:bc:8a:dc:37:5c:48:5b:14:95:4c:fe:f8:50:63:4c:
5a:ed:d6:4a:e4:3d:b4:ec:d8:d0:ea:3d:92:96:86:f7:3d:8c:
e2:65:01:c4:94:f0:8f:c4:b0:59:3f:a9:e7:e4:31:1d:df:10:
2d:5f:ff:e3:46:5e:eb:99:22:4d:f3:83:17:ac:b9:95:52:dd:
18:a0:01:65:e0:f7:93:58:c3:72:6e:23:b3:91:a0:66:fd:3e:
16:5d:de:db:52:f9:51:01:4a:bf:07:d1:26:25:27:2f:b7:05:
a6:02:78:6f:58:3b:b5:af:bc:e2:d5:e1:64:97:d2:3a:ee:da:
0d:e4:c1:33:5e:be:59:6f:4b:07:d2:be:fa:8a:da:d1:20:b0:
27:77:ad:aa:09:03:cd:c4:33:38:49:66:12:1a:bf:45:60:60:
93:61:5a:08:2e:e7:a3:b9:9f:30:27:f3:af:c2:c1:b6:00:d7:
81:29:f0:ef
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICCI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjMwNTI0MjMyNTA1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZlOWNkMC0xYjcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqQaHO8uIJmcgLAq9e8trczGIjxlqfxXBrfhRpWnkhEaxvL3JE6zXBE9otW/Y
PJNxleoweKkWggHedgc8q9fiBHYUvK1TQOupai0bpW5lwlgXby2FTgkenYPlPE6t
N0fUT1BGMnE8xla+OOlsfmuuvR5E5prYvkX13LYIKwNfySJLGbvqpKIhZOimp/cA
Kv46dpdc+5m/1Wu7m1Zfkxiysld9Es3YEBLhxxmRRvNXPxOa1e8vrvtpKwj7yKjP
9kLE3E0zzROKsWlwoSd8sL0Sa/rOsLJmH7Ya+mRxTu3znCx3I56R5q2x08InZiNp
GpKUijBCwNaMX4iqXPgPS9/LmQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFOnVW1oc
3/+4qIcBfN64m6/UOECWMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvN0Y0MTBDN0M3
OUQ1MTFFREJCREZDNTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAKLvjQwDAMEBIu+cAMEAou+eDANBgkqhkiG9w0BAQsFAAOC
AQEAM+TBm6OmebgtHWRGfN5i7XcE45AABuyQMEfVO46a5w/SeBdVdojsyBiqg0Fq
vB5UIe2TFM3azeOdGZuZZXjcYGbi7uAUutNo42DZvIrcN1xIWxSVTP74UGNMWu3W
SuQ9tOzY0Oo9kpaG9z2M4mUBxJTwj8SwWT+p5+QxHd8QLV//40Ze65kiTfODF6y5
lVLdGKABZeD3k1jDcm4js5GgZv0+Fl3e21L5UQFKvwfRJiUnL7cFpgJ4b1g7ta+8
4tXhZJfSOu7aDeTBM16+WW9LB9K++ora0SCwJ3etqgkDzcQzOElmEhq/RWBgk2Fa
CC7no7mfMCfzr8LBtgDXgSnw7w==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:35:38 2023 by rpki-client on console.sobornost.net