Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912C6FA/A17B33C2D5AF11E88FF05228C4F9AE02/9B052948D5B011E8883E382AC4F9AE02.roa
File:                     9B052948D5B011E8883E382AC4F9AE02.roa (raw, json)
Hash identifier:          7+5x35aC9qOiXasD6g/tZDIY0Psx2CO1vV38s3ui4qs=
Subject key identifier:   F6:76:B4:24:AD:13:F2:0A:9F:36:79:CF:C8:51:5F:E2:5C:47:28:72
Certificate issuer:       /CN=A912C6FA/serialNumber=10C6A96ABFE5689BC7BDE5ABE8A66D952453FB18
Certificate serial:       11B8
Authority key identifier: 10:C6:A9:6A:BF:E5:68:9B:C7:BD:E5:AB:E8:A6:6D:95:24:53:FB:18
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EMapar_laJvHveWr6KZtlSRT-xg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912C6FA/A17B33C2D5AF11E88FF05228C4F9AE02/9B052948D5B011E8883E382AC4F9AE02.roa
Signing time:             Wed 10 Jul 2024 11:42:25 +0000
ROA not before:           Wed 10 Jul 2024 11:42:25 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     10075
IP address blocks:        103.131.156.0/22 maxlen: 22
                          103.131.156.0/24 maxlen: 24
                          103.131.157.0/24 maxlen: 24
                          103.131.158.0/24 maxlen: 24
                          103.131.159.0/24 maxlen: 24
                          2403:cd40::/32 maxlen: 32
                          2403:cd40::/48 maxlen: 48
                          2403:cd40:4::/48 maxlen: 48
                          2403:cd40:5::/48 maxlen: 48
                          2403:cd40:6::/48 maxlen: 48
                          2403:cd40:7::/48 maxlen: 48
                          2403:cd40:8::/48 maxlen: 48
                          2403:cd40:a::/48 maxlen: 48
                          2403:cd40:8000::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 28 Oct 2024 09:48:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4536 (0x11b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912C6FA/serialNumber=10C6A96ABFE5689BC7BDE5ABE8A66D952453FB18
        Validity
            Not Before: Jul 10 11:42:25 2024 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=668e73a1-ed3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b5:fa:c5:5f:fd:62:0a:38:cc:02:74:f4:25:
                    e4:10:eb:32:f9:0c:d0:85:04:12:48:b5:79:a2:15:
                    fd:64:c0:fe:94:e8:18:12:9b:0b:2a:a8:53:58:87:
                    18:36:b6:99:c8:2c:42:29:7c:76:b5:96:4d:6b:32:
                    66:78:13:f6:06:72:cc:2d:e7:d3:f5:61:7e:62:35:
                    d9:ec:1e:db:9f:be:b4:86:6f:fc:fa:6e:58:66:3a:
                    75:45:86:0f:25:8d:c8:be:1d:f2:ae:bf:f9:5d:8f:
                    99:9f:ee:e4:7b:f2:61:3a:50:19:a3:28:b9:85:d0:
                    34:29:27:02:95:18:c5:a3:a6:f8:48:1b:f2:3e:75:
                    e1:de:d9:8e:a1:dc:26:b5:64:2c:ec:19:f5:24:d4:
                    00:5a:5b:a8:79:87:ed:fc:ad:8c:f4:34:53:9a:70:
                    e5:9a:b2:20:fa:d9:6f:bb:f5:66:68:b7:0a:4a:18:
                    7c:79:db:a2:e4:c0:66:00:f8:16:f9:de:5a:d2:0a:
                    c7:22:07:0c:95:46:38:99:9b:0a:4d:7c:16:ac:80:
                    51:7f:21:b2:02:24:40:5c:53:fa:da:fd:68:53:85:
                    39:fe:73:cb:24:62:5b:1e:94:f0:42:98:bd:c4:71:
                    70:ef:cf:6e:c8:46:ab:40:9a:86:f6:ce:7d:ca:20:
                    06:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:76:B4:24:AD:13:F2:0A:9F:36:79:CF:C8:51:5F:E2:5C:47:28:72
            X509v3 Authority Key Identifier:
                keyid:10:C6:A9:6A:BF:E5:68:9B:C7:BD:E5:AB:E8:A6:6D:95:24:53:FB:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912C6FA/A17B33C2D5AF11E88FF05228C4F9AE02/EMapar_laJvHveWr6KZtlSRT-xg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EMapar_laJvHveWr6KZtlSRT-xg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C6FA/A17B33C2D5AF11E88FF05228C4F9AE02/9B052948D5B011E8883E382AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.131.156.0/22
                IPv6:
                  2403:cd40::/32

    Signature Algorithm: sha256WithRSAEncryption
         59:03:a5:aa:57:cb:c6:04:17:cc:20:31:19:fa:a9:26:9a:7d:
         dd:7d:a7:2a:4d:14:fb:17:f5:60:d3:3f:79:69:05:08:03:15:
         7d:66:bf:71:6e:cb:fa:3a:18:fe:84:10:e9:78:2a:ba:87:96:
         df:d4:e4:26:43:a6:ee:81:48:1a:da:ea:04:ed:63:06:c4:55:
         63:dc:79:c8:1d:17:2d:27:a5:ca:8e:22:81:6e:d4:53:90:9f:
         2f:1f:fc:db:f9:26:00:ab:94:fd:12:93:af:9c:ef:a3:80:67:
         ea:9d:4f:66:8d:92:0c:ae:a4:e6:e9:62:91:10:d8:b1:98:9e:
         51:75:2f:70:e0:a2:67:de:42:1e:e6:15:14:4c:65:b4:7a:f2:
         74:a0:57:af:8d:08:b0:26:b5:d1:71:5f:9c:d9:7e:80:53:56:
         90:b2:24:78:ae:34:78:92:2c:23:10:93:77:87:dd:11:6a:5e:
         8e:1c:4b:43:d8:e1:f1:41:76:59:8e:d1:19:49:c1:29:b7:68:
         29:9b:c9:b9:fb:e6:f9:c4:69:96:2d:46:49:4b:39:1b:aa:08:
         9b:4d:b1:fd:a6:92:85:2c:5c:2f:ba:3d:64:c2:f8:3d:ff:de:
         10:27:2e:9f:5e:e3:f5:d4:9f:62:c2:da:fc:e0:b4:9a:1d:de:
         d9:8c:c2:46
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEbgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkM2RkExMTAvBgNVBAUTKDEwQzZBOTZBQkZFNTY4OUJDN0JERTVBQkU4QTY2RDk1
MjQ1M0ZCMTgwHhcNMjQwNzEwMTE0MjI1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhlNzNhMS1lZDNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArbX6xV/9Ygo4zAJ09CXkEOsy+QzQhQQSSLV5ohX9ZMD+lOgYEpsLKqhTWIcY
NraZyCxCKXx2tZZNazJmeBP2BnLMLefT9WF+YjXZ7B7bn760hm/8+m5YZjp1RYYP
JY3Ivh3yrr/5XY+Zn+7ke/JhOlAZoyi5hdA0KScClRjFo6b4SBvyPnXh3tmOodwm
tWQs7Bn1JNQAWluoeYft/K2M9DRTmnDlmrIg+tlvu/VmaLcKShh8edui5MBmAPgW
+d5a0grHIgcMlUY4mZsKTXwWrIBRfyGyAiRAXFP62v1oU4U5/nPLJGJbHpTwQpi9
xHFw789uyEarQJqG9s59yiAGbwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPZ2tCSt
E/IKnzZ5z8hRX+JcRyhyMB8GA1UdIwQYMBaAFBDGqWq/5Wibx73lq+imbZUkU/sY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzZGQS9BMTdCMzNDMkQ1
QUYxMUU4OEZGMDUyMjhDNEY5QUUwMi9FTWFwYXJfbGFKdkh2ZVdyNktadGxTUlQt
eGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VNYXBhcl9sYUp2SHZlV3I2S1p0bFNSVC14Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkM2RkEvQTE3QjMzQzJENUFGMTFFODhGRjA1MjI4QzRGOUFFMDIvOUIwNTI5NDhE
NUIwMTFFODg4M0UzODJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJng5wwDQQCAAIwBwMFACQDzUAwDQYJKoZIhvcNAQELBQAD
ggEBAFkDpapXy8YEF8wgMRn6qSaafd19pypNFPsX9WDTP3lpBQgDFX1mv3Fuy/o6
GP6EEOl4KrqHlt/U5CZDpu6BSBra6gTtYwbEVWPcecgdFy0npcqOIoFu1FOQny8f
/Nv5JgCrlP0Sk6+c76OAZ+qdT2aNkgyupObpYpEQ2LGYnlF1L3DgomfeQh7mFRRM
ZbR68nSgV6+NCLAmtdFxX5zZfoBTVpCyJHiuNHiSLCMQk3eH3RFqXo4cS0PY4fFB
dlmO0RlJwSm3aCmbybn75vnEaZYtRklLORuqCJtNsf2mkoUsXC+6PWTC+D3/3hAn
Lp9e4/XUn2LC2vzgtJod3tmMwkY=
-----END CERTIFICATE-----