Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912D1D5/343361EECC8C11EDA4C1A143C4F9AE02/74797734E52311EDBE69751CC4F9AE02.roa
File:                     74797734E52311EDBE69751CC4F9AE02.roa (raw, json)
Hash identifier:          ZpFT1N/VVIdzdovKUr6mbMEQP9lOlVpPjjGlY2oToT4=
Subject key identifier:   6B:D1:7E:87:7A:F6:C7:DF:06:8C:F6:90:1C:61:90:32:C9:90:79:EC
Certificate issuer:       /CN=A912D1D5/serialNumber=C54525E9705BD69D61424DBEE7B0493F5FD6F0A4
Certificate serial:       17
Authority key identifier: C5:45:25:E9:70:5B:D6:9D:61:42:4D:BE:E7:B0:49:3F:5F:D6:F0:A4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xUUl6XBb1p1hQk2-57BJP1_W8KQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912D1D5/343361EECC8C11EDA4C1A143C4F9AE02/74797734E52311EDBE69751CC4F9AE02.roa
Signing time:             Thu 27 Apr 2023 17:46:36 +0000
ROA not before:           Thu 27 Apr 2023 17:46:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     141778
IP address blocks:        103.121.178.0/24 maxlen: 24
                          103.121.179.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 28 Apr 2023 14:08:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23 (0x17)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912D1D5/serialNumber=C54525E9705BD69D61424DBEE7B0493F5FD6F0A4
        Validity
            Not Before: Apr 27 17:46:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=644ab4fc-76f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:72:3d:04:82:21:a5:92:c7:8e:08:3d:5a:9c:
                    dc:69:6f:8d:20:dd:59:fd:49:98:bc:82:34:a9:72:
                    2a:e0:5c:8a:fb:f5:0d:18:eb:35:01:50:fd:44:e0:
                    6f:10:9a:df:e2:a1:37:38:0b:60:46:9c:be:b6:0a:
                    57:b3:0b:16:1b:33:81:91:19:f5:64:66:99:68:17:
                    6e:d4:ba:ba:f7:35:d7:02:6f:9a:5c:7f:59:72:c4:
                    6f:52:46:dc:2c:4d:83:d7:ff:52:c0:53:a8:87:97:
                    d2:70:61:e3:a2:3e:52:6c:ca:ab:d5:c6:09:25:3f:
                    a3:c8:e9:95:a7:69:c8:37:e5:4d:62:10:77:4b:e8:
                    c7:19:a6:bb:2e:90:46:9b:54:bd:27:ae:29:aa:26:
                    c8:13:71:ff:98:21:30:49:7f:d9:dd:a7:de:17:e4:
                    03:73:14:40:a3:05:0c:e1:38:04:51:c4:45:47:b4:
                    fa:cc:58:98:e8:d4:bd:8f:91:7d:12:71:bb:d0:8c:
                    4b:d6:27:82:54:8a:13:95:28:2f:f5:c7:19:3e:26:
                    7b:76:58:eb:08:40:ea:b3:cd:0d:e9:a9:3d:69:7b:
                    48:1e:c3:9f:57:50:80:57:d7:e5:35:81:a8:67:a8:
                    e4:be:65:67:f6:df:82:82:e2:01:e9:3a:93:bc:59:
                    3a:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:D1:7E:87:7A:F6:C7:DF:06:8C:F6:90:1C:61:90:32:C9:90:79:EC
            X509v3 Authority Key Identifier:
                keyid:C5:45:25:E9:70:5B:D6:9D:61:42:4D:BE:E7:B0:49:3F:5F:D6:F0:A4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912D1D5/343361EECC8C11EDA4C1A143C4F9AE02/xUUl6XBb1p1hQk2-57BJP1_W8KQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xUUl6XBb1p1hQk2-57BJP1_W8KQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D1D5/343361EECC8C11EDA4C1A143C4F9AE02/74797734E52311EDBE69751CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.121.178.0/23

    Signature Algorithm: sha256WithRSAEncryption
         71:a6:bc:b2:d3:69:68:52:99:e4:18:cc:e2:e5:49:c9:bb:b6:
         b6:8d:08:af:8b:79:eb:ad:b8:9d:8d:df:c9:a9:ec:f4:dd:9e:
         bf:38:88:d3:b0:92:38:f8:91:30:f5:a7:30:ed:59:b1:a9:b7:
         85:15:91:61:58:87:52:d4:b7:99:b4:d6:fb:7a:6b:b7:10:01:
         8c:9d:53:bc:01:cd:ec:c4:db:a1:02:6a:6e:f5:cb:52:a6:06:
         bd:67:ce:49:eb:a1:6c:a5:87:88:9d:45:28:8d:2a:2f:e5:62:
         80:10:04:83:de:f5:83:d4:b0:fb:d0:de:e4:77:3f:ce:c5:ca:
         f4:d1:ad:82:60:4f:a1:fb:4b:30:68:27:73:93:ac:98:15:9d:
         35:8b:ae:01:02:6e:ad:ea:b9:ae:af:69:d3:02:d7:05:0e:bd:
         58:f5:8b:c1:13:db:08:e8:b6:f0:cd:c6:5c:62:df:cf:51:88:
         a1:94:e1:fa:80:0f:34:88:a5:56:95:6a:fb:a2:92:49:b0:23:
         b2:a4:65:65:7f:0e:85:21:c1:1b:61:53:35:58:53:3a:08:ef:
         b7:f6:ea:01:1a:e5:be:b5:0e:c8:3d:96:dc:e4:71:5b:b8:1d:
         d9:82:61:06:03:b8:e9:1e:52:0e:94:23:e1:4e:2b:87:27:4e:
         f5:6b:73:73
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
RDFENTExMC8GA1UEBRMoQzU0NTI1RTk3MDVCRDY5RDYxNDI0REJFRTdCMDQ5M0Y1
RkQ2RjBBNDAeFw0yMzA0MjcxNzQ2MzZaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0NGFiNGZjLTc2ZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCncj0EgiGlkseOCD1anNxpb40g3Vn9SZi8gjSpcirgXIr79Q0Y6zUBUP1E4G8Q
mt/ioTc4C2BGnL62ClezCxYbM4GRGfVkZploF27Uurr3NdcCb5pcf1lyxG9SRtws
TYPX/1LAU6iHl9JwYeOiPlJsyqvVxgklP6PI6ZWnacg35U1iEHdL6McZprsukEab
VL0nrimqJsgTcf+YITBJf9ndp94X5ANzFECjBQzhOARRxEVHtPrMWJjo1L2PkX0S
cbvQjEvWJ4JUihOVKC/1xxk+Jnt2WOsIQOqzzQ3pqT1pe0gew59XUIBX1+U1gahn
qOS+ZWf234KC4gHpOpO8WTohAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUa9F+h3r2
x98GjPaQHGGQMsmQeewwHwYDVR0jBBgwFoAUxUUl6XBb1p1hQk2+57BJP1/W8KQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJEMUQ1LzM0MzM2MUVFQ0M4
QzExRURBNEMxQTE0M0M0RjlBRTAyL3hVVWw2WEJiMXAxaFFrMi01N0JKUDFfVzhL
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveFVVbDZYQmIxcDFoUWsyLTU3QkpQMV9XOEtRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RDFENS8zNDMzNjFFRUNDOEMxMUVEQTRDMUExNDNDNEY5QUUwMi83NDc5NzczNEU1
MjMxMUVEQkU2OTc1MUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWd5sjANBgkqhkiG9w0BAQsFAAOCAQEAcaa8stNpaFKZ5BjM
4uVJybu2to0Ir4t56624nY3fyans9N2evziI07CSOPiRMPWnMO1Zsam3hRWRYViH
UtS3mbTW+3prtxABjJ1TvAHN7MTboQJqbvXLUqYGvWfOSeuhbKWHiJ1FKI0qL+Vi
gBAEg971g9Sw+9De5Hc/zsXK9NGtgmBPoftLMGgnc5OsmBWdNYuuAQJureq5rq9p
0wLXBQ69WPWLwRPbCOi28M3GXGLfz1GIoZTh+oAPNIilVpVq+6KSSbAjsqRlZX8O
hSHBG2FTNVhTOgjvt/bqARrlvrUOyD2W3ORxW7gd2YJhBgO46R5SDpQj4U4rhydO
9Wtzcw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:49 2024 by rpki-client on console-ams.rpki-client.org