Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/DEBA0696C12C11EEB6FEFB23C4F9AE02.roa
File:                     DEBA0696C12C11EEB6FEFB23C4F9AE02.roa (raw, json)
Hash identifier:          GVpypGXyQ7kBr/6SfKOTfh1lIt3ZzFWGaH0+LRJhSk0=
Subject key identifier:   6E:28:A6:58:AB:13:F3:98:5C:B0:64:15:1A:C5:D8:D7:21:7B:61:D3
Certificate issuer:       /CN=A912438F/serialNumber=C888D1EEE04BEF3E815F09DDFA19193D699B4F47
Certificate serial:       066D
Authority key identifier: C8:88:D1:EE:E0:4B:EF:3E:81:5F:09:DD:FA:19:19:3D:69:9B:4F:47
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yIjR7uBL7z6BXwnd-hkZPWmbT0c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/DEBA0696C12C11EEB6FEFB23C4F9AE02.roa
Signing time:             Thu 01 Feb 2024 18:08:16 +0000
ROA not before:           Thu 01 Feb 2024 18:08:16 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     138640
IP address blocks:        103.158.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Aug 2024 14:51:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1645 (0x66d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912438F/serialNumber=C888D1EEE04BEF3E815F09DDFA19193D699B4F47
        Validity
            Not Before: Feb  1 18:08:16 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=65bbde0f-f32a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5e:b4:23:e6:e1:f6:66:d4:fc:79:bb:d6:f6:
                    6f:21:a2:a7:10:d9:cb:10:6a:98:4c:2e:0b:62:67:
                    42:6c:65:f4:40:36:55:78:90:7c:fe:58:26:30:e7:
                    f1:4f:42:eb:f6:70:24:e1:be:04:e0:d8:da:fc:d9:
                    b0:fd:cb:50:0e:36:49:ae:80:ca:cc:a0:cf:6d:92:
                    cf:46:64:4d:0d:87:ab:42:3e:07:4b:26:f2:f9:90:
                    cb:ed:88:37:d2:ce:34:b4:bb:81:9a:fa:4b:e2:d4:
                    40:8f:06:bd:18:6c:37:12:a8:4a:f7:f2:78:65:7e:
                    37:86:b9:5c:4b:fa:7d:5c:98:0b:d4:3a:11:2b:a4:
                    65:07:cc:d6:03:8b:54:05:7c:60:bc:ae:bf:a3:8d:
                    d6:2c:5f:ae:bf:8b:ec:90:f1:8a:8d:e7:93:bd:4f:
                    05:05:80:3c:5b:f3:8e:88:0d:26:b5:68:9f:4a:6d:
                    38:4c:f9:1d:e1:c6:c6:9c:c9:2a:cb:c6:25:72:ec:
                    ad:bf:04:49:7c:c6:54:9b:8a:8f:ca:fe:f8:b2:e0:
                    05:08:bf:0b:9c:8b:db:90:fd:77:ba:4b:eb:c0:ba:
                    a8:ee:ac:44:1d:e2:66:c2:7b:0f:d2:9b:0f:3c:6d:
                    63:16:0a:28:b8:6c:df:8c:15:45:d1:55:62:07:a6:
                    50:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:28:A6:58:AB:13:F3:98:5C:B0:64:15:1A:C5:D8:D7:21:7B:61:D3
            X509v3 Authority Key Identifier:
                keyid:C8:88:D1:EE:E0:4B:EF:3E:81:5F:09:DD:FA:19:19:3D:69:9B:4F:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/yIjR7uBL7z6BXwnd-hkZPWmbT0c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yIjR7uBL7z6BXwnd-hkZPWmbT0c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912438F/C7590BD625AE11EB8EEC220AC4F9AE02/DEBA0696C12C11EEB6FEFB23C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.158.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:eb:03:98:fb:96:3b:c9:bb:bb:98:39:e2:a4:16:f5:5f:8b:
         b9:1d:d0:54:ca:f2:e7:2d:bd:4f:2e:cc:e3:d7:db:89:a5:b9:
         3e:e5:16:fc:2c:05:68:09:ff:e3:05:53:63:3c:77:4c:b7:89:
         d0:9b:c9:22:7f:8e:21:51:a8:d7:6a:39:e7:96:0a:92:d1:c1:
         5f:8f:d6:37:18:41:40:c3:0e:99:43:d8:f2:e1:c3:35:77:fa:
         3f:9e:75:93:75:e1:25:09:3a:ff:d9:0b:e4:a6:6c:c2:cf:5a:
         ec:75:1e:09:7f:9c:54:ff:3d:35:75:8b:60:ba:c2:e0:25:7d:
         ba:bf:2e:e9:05:1c:3c:b4:76:eb:5b:19:e8:cf:02:d0:87:32:
         3c:9c:85:89:a9:cb:96:07:49:af:ab:ad:09:2b:24:5c:38:fd:
         07:0e:c5:43:3d:cd:f1:e3:b5:d2:9f:54:56:34:b8:e8:9e:60:
         58:27:1e:2f:65:c9:81:ad:bc:cb:9e:61:bc:68:99:79:c9:ef:
         41:40:9c:59:78:3a:d3:24:e9:64:ce:0b:31:ef:c4:55:8a:84:
         93:63:21:7d:2e:9e:60:d0:64:c7:5b:e4:77:17:cd:3f:b4:60:
         66:9f:7a:c7:1e:eb:3f:40:bc:b1:a3:f7:8d:94:5a:7d:09:98:
         5a:f8:7f:df
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBm0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQzOEYxMTAvBgNVBAUTKEM4ODhEMUVFRTA0QkVGM0U4MTVGMDlEREZBMTkxOTNE
Njk5QjRGNDcwHhcNMjQwMjAxMTgwODE2WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJiZGUwZi1mMzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtV60I+bh9mbU/Hm71vZvIaKnENnLEGqYTC4LYmdCbGX0QDZVeJB8/lgmMOfx
T0Lr9nAk4b4E4Nja/Nmw/ctQDjZJroDKzKDPbZLPRmRNDYerQj4HSyby+ZDL7Yg3
0s40tLuBmvpL4tRAjwa9GGw3EqhK9/J4ZX43hrlcS/p9XJgL1DoRK6RlB8zWA4tU
BXxgvK6/o43WLF+uv4vskPGKjeeTvU8FBYA8W/OOiA0mtWifSm04TPkd4cbGnMkq
y8YlcuytvwRJfMZUm4qPyv74suAFCL8LnIvbkP13ukvrwLqo7qxEHeJmwnsP0psP
PG1jFgoouGzfjBVF0VViB6ZQnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFG4oplir
E/OYXLBkFRrF2Nche2HTMB8GA1UdIwQYMBaAFMiI0e7gS+8+gV8J3foZGT1pm09H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDM4Ri9DNzU5MEJENjI1
QUUxMUVCOEVFQzIyMEFDNEY5QUUwMi95SWpSN3VCTDd6NkJYd25kLWhrWlBXbWJU
MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lJalI3dUJMN3o2Qlh3bmQtaGtaUFdtYlQwYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQzOEYvQzc1OTBCRDYyNUFFMTFFQjhFRUMyMjBBQzRGOUFFMDIvREVCQTA2OTZD
MTJDMTFFRUI2RkVGQjIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnnp8wDQYJKoZIhvcNAQELBQADggEBAGbrA5j7ljvJu7uY
OeKkFvVfi7kd0FTK8uctvU8uzOPX24mluT7lFvwsBWgJ/+MFU2M8d0y3idCbySJ/
jiFRqNdqOeeWCpLRwV+P1jcYQUDDDplD2PLhwzV3+j+edZN14SUJOv/ZC+SmbMLP
Wux1Hgl/nFT/PTV1i2C6wuAlfbq/LukFHDy0dutbGejPAtCHMjychYmpy5YHSa+r
rQkrJFw4/QcOxUM9zfHjtdKfVFY0uOieYFgnHi9lyYGtvMueYbxomXnJ70FAnFl4
OtMk6WTOCzHvxFWKhJNjIX0unmDQZMdb5HcXzT+0YGafesce6z9AvLGj942UWn0J
mFr4f98=
-----END CERTIFICATE-----
Generated at Tue Aug 20 19:03:38 2024 by rpki-client on console-ams.rpki-client.org