Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9120F0D/08EC2B0CA36E11E8B896662BC4F9AE02/66148B0A0C5711EFAE3BF059C4F9AE02.roa
File:                     66148B0A0C5711EFAE3BF059C4F9AE02.roa (raw, json)
Hash identifier:          b22l5WuLWNK+No0sOZjgpr8RtaYRcUp4rr95dELAiWc=
Subject key identifier:   01:98:9B:3C:E2:E2:48:63:F6:74:38:1E:6D:F0:98:2B:5F:1B:12:A9
Certificate issuer:       /CN=A9120F0D/serialNumber=67F54C39C111E7DF7E7076C5C715B28B35E859F9
Certificate serial:       12BF
Authority key identifier: 67:F5:4C:39:C1:11:E7:DF:7E:70:76:C5:C7:15:B2:8B:35:E8:59:F9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z_VMOcER599-cHbFxxWyizXoWfk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9120F0D/08EC2B0CA36E11E8B896662BC4F9AE02/66148B0A0C5711EFAE3BF059C4F9AE02.roa
Signing time:             Tue 07 May 2024 09:51:39 +0000
ROA not before:           Tue 07 May 2024 09:51:39 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     135391
IP address blocks:        103.116.44.0/24 maxlen: 24
                          103.116.46.0/24 maxlen: 24
                          103.116.47.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 May 2024 09:12:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4799 (0x12bf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9120F0D/serialNumber=67F54C39C111E7DF7E7076C5C715B28B35E859F9
        Validity
            Not Before: May  7 09:51:39 2024 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=6639f9aa-5cde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:85:3c:96:ee:68:b3:48:a1:c4:89:b6:49:71:
                    df:d8:8a:ee:57:f0:73:74:da:a3:f9:ab:e6:83:36:
                    a6:3c:b7:5b:d1:dc:d5:5c:4d:4d:30:5c:e3:0b:aa:
                    5d:cc:9b:1a:79:97:4f:cb:76:79:da:58:e1:4e:22:
                    33:37:4a:91:fa:f3:16:3d:a2:ac:ce:55:a6:fe:a0:
                    53:6a:a2:65:fb:b0:e3:47:f2:f6:01:c6:17:42:5c:
                    ac:c9:1a:ae:e2:02:0e:10:e7:06:38:10:a7:53:9c:
                    8f:44:9b:c9:2a:6a:30:f1:d2:a0:0c:7d:f5:7c:95:
                    f4:37:c4:31:88:4e:7e:20:a2:79:11:9d:e0:c6:33:
                    82:a9:0c:ca:61:5d:1e:02:47:1f:d8:63:9f:01:c1:
                    cc:f1:5c:25:82:6b:61:24:a8:cd:14:8c:60:83:e4:
                    76:f6:2c:b2:22:07:3b:93:12:88:e4:94:ec:6f:70:
                    a4:94:04:2f:9d:19:9b:be:07:dd:25:3a:5b:ce:9d:
                    ff:93:f4:fa:6a:de:11:5d:c3:41:71:3b:0a:1f:0b:
                    f4:b1:70:a7:c8:ed:ac:67:76:04:1c:68:5c:8e:f9:
                    ae:9c:5d:a9:94:ce:3f:04:b4:2b:b8:99:83:7d:c3:
                    57:fa:43:d1:79:ec:a5:60:72:4f:5b:55:af:06:54:
                    70:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:98:9B:3C:E2:E2:48:63:F6:74:38:1E:6D:F0:98:2B:5F:1B:12:A9
            X509v3 Authority Key Identifier:
                keyid:67:F5:4C:39:C1:11:E7:DF:7E:70:76:C5:C7:15:B2:8B:35:E8:59:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9120F0D/08EC2B0CA36E11E8B896662BC4F9AE02/Z_VMOcER599-cHbFxxWyizXoWfk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z_VMOcER599-cHbFxxWyizXoWfk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120F0D/08EC2B0CA36E11E8B896662BC4F9AE02/66148B0A0C5711EFAE3BF059C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.116.44.0/24
                  103.116.46.0/23

    Signature Algorithm: sha256WithRSAEncryption
         e4:b9:80:63:5a:b0:6d:8e:8e:14:19:ee:ac:2b:a4:cf:c3:25:
         25:9d:a4:7b:a8:3b:51:5a:69:82:93:ed:3f:93:e3:8f:39:9b:
         12:26:c5:f2:99:3b:1d:c4:46:73:89:5b:12:73:42:04:f9:62:
         6c:e0:06:d9:34:bb:a1:e2:49:d2:01:f5:1f:2a:94:db:b6:12:
         91:0f:05:cf:e9:7f:e8:c1:84:47:a3:e9:93:5d:72:b3:4f:f7:
         7b:32:90:fd:d6:5a:ee:a3:99:1d:0a:f1:80:6e:78:fe:98:a9:
         b9:46:a6:a9:3b:ae:e7:14:d1:6b:6f:33:34:89:77:19:c1:31:
         64:ea:89:0e:b7:ee:78:12:c3:b4:03:13:4e:72:5c:5d:bd:63:
         5b:3d:88:05:90:86:36:a3:dd:80:12:14:22:c7:98:89:a3:4c:
         2d:2e:d4:5c:09:6c:ae:c1:2b:d1:93:37:b7:07:a9:58:41:1c:
         07:18:0d:59:7d:f8:22:55:47:69:01:2f:e3:d7:22:bc:77:bb:
         d7:99:e1:67:6e:1b:dc:28:1c:19:d5:94:17:44:a0:ba:a1:12:
         fd:98:f3:aa:65:1e:29:54:a8:bd:fe:63:64:50:89:16:6b:8c:
         05:17:9a:53:dd:0b:4d:a0:4a:db:c9:b9:fb:d0:97:53:d0:2a:
         30:f0:e2:b2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEr8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjBGMEQxMTAvBgNVBAUTKDY3RjU0QzM5QzExMUU3REY3RTcwNzZDNUM3MTVCMjhC
MzVFODU5RjkwHhcNMjQwNTA3MDk1MTM5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM5ZjlhYS01Y2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxoU8lu5os0ihxIm2SXHf2IruV/BzdNqj+avmgzamPLdb0dzVXE1NMFzjC6pd
zJsaeZdPy3Z52ljhTiIzN0qR+vMWPaKszlWm/qBTaqJl+7DjR/L2AcYXQlysyRqu
4gIOEOcGOBCnU5yPRJvJKmow8dKgDH31fJX0N8QxiE5+IKJ5EZ3gxjOCqQzKYV0e
Akcf2GOfAcHM8VwlgmthJKjNFIxgg+R29iyyIgc7kxKI5JTsb3CklAQvnRmbvgfd
JTpbzp3/k/T6at4RXcNBcTsKHwv0sXCnyO2sZ3YEHGhcjvmunF2plM4/BLQruJmD
fcNX+kPReeylYHJPW1WvBlRwfwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAGYmzzi
4khj9nQ4Hm3wmCtfGxKpMB8GA1UdIwQYMBaAFGf1TDnBEefffnB2xccVsos16Fn5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMEYwRC8wOEVDMkIwQ0Ez
NkUxMUU4Qjg5NjY2MkJDNEY5QUUwMi9aX1ZNT2NFUjU5OS1jSGJGeHhXeWl6WG9X
ZmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pfVk1PY0VSNTk5LWNIYkZ4eFd5aXpYb1dmay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjBGMEQvMDhFQzJCMENBMzZFMTFFOEI4OTY2NjJCQzRGOUFFMDIvNjYxNDhCMEEw
QzU3MTFFRkFFM0JGMDU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABndCwDBAFndC4wDQYJKoZIhvcNAQELBQADggEBAOS5gGNa
sG2OjhQZ7qwrpM/DJSWdpHuoO1FaaYKT7T+T4485mxImxfKZOx3ERnOJWxJzQgT5
YmzgBtk0u6HiSdIB9R8qlNu2EpEPBc/pf+jBhEej6ZNdcrNP93sykP3WWu6jmR0K
8YBueP6YqblGpqk7rucU0WtvMzSJdxnBMWTqiQ637ngSw7QDE05yXF29Y1s9iAWQ
hjaj3YASFCLHmImjTC0u1FwJbK7BK9GTN7cHqVhBHAcYDVl9+CJVR2kBL+PXIrx3
u9eZ4WduG9woHBnVlBdEoLqhEv2Y86plHilUqL3+Y2RQiRZrjAUXmlPdC02gStvJ
ufvQl1PQKjDw4rI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:56 2024 by rpki-client on console-fra.rpki-client.org