Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9132457/8AE7392ED81811EDBD650F3DC4F9AE02/0A492854D91711EDB43B7C4DC4F9AE02.roa
File:                     0A492854D91711EDB43B7C4DC4F9AE02.roa (raw, json)
Hash identifier:          9yljxwPun+EIAkA8OI0/Hoa8gcnD17kIgo7t1/SGXtc=
Subject key identifier:   E3:87:9E:8A:25:E3:56:1B:B0:FD:BE:77:D0:40:F4:8C:5B:DA:DF:63
Certificate issuer:       /CN=A9132457/serialNumber=9528160E4C304E1307DBF66F1901632ADF9F1A64
Certificate serial:       04
Authority key identifier: 95:28:16:0E:4C:30:4E:13:07:DB:F6:6F:19:01:63:2A:DF:9F:1A:64
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSgWDkwwThMH2_ZvGQFjKt-fGmQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9132457/8AE7392ED81811EDBD650F3DC4F9AE02/0A492854D91711EDB43B7C4DC4F9AE02.roa
Signing time:             Wed 12 Apr 2023 09:47:30 +0000
ROA not before:           Wed 12 Apr 2023 09:47:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     148968
IP address blocks:        103.243.176.0/24 maxlen: 24
                          2001:df2:40c0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Wed 12 Apr 2023 10:07:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9132457/serialNumber=9528160E4C304E1307DBF66F1901632ADF9F1A64
        Validity
            Not Before: Apr 12 09:47:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=64367e32-38b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:9e:d0:f4:72:06:1f:a7:d1:67:98:a2:7b:ec:
                    0e:95:a5:d3:b8:53:3b:ad:dc:f5:21:b5:45:fb:2d:
                    4e:75:7f:49:90:45:de:57:3b:ff:ca:74:4b:3a:f7:
                    66:fc:3d:11:0d:c6:55:1a:79:b9:21:ee:e2:d5:ad:
                    50:97:75:98:9d:a8:13:93:3f:7d:48:e4:db:70:ce:
                    62:2e:0d:e3:cf:78:7c:a9:f9:33:73:8d:47:6f:6b:
                    14:1d:d2:45:7b:6f:c3:83:da:f6:83:b8:c3:dc:3c:
                    12:44:24:ee:ec:56:81:04:d5:6f:7e:16:b0:cb:c3:
                    fa:38:79:45:90:a6:1b:2e:36:c3:4f:37:69:91:b2:
                    1d:f6:48:2f:d8:dd:6a:ac:25:1f:c9:a5:f0:25:5d:
                    e0:f2:3b:e0:c2:9b:f0:47:88:da:79:3b:33:29:5b:
                    46:7d:e2:5e:8b:93:62:f8:aa:a1:81:0c:0d:a7:7a:
                    2e:7c:6d:87:1d:18:34:1a:bc:b8:6c:e7:21:16:70:
                    97:9c:c2:c2:73:75:22:3b:eb:de:dd:33:80:cf:5a:
                    5b:24:17:94:0c:52:08:fd:1d:96:01:39:57:e7:1f:
                    91:5c:08:8e:ea:14:63:be:51:48:55:c4:8b:bb:f5:
                    7b:fd:10:92:fc:a0:08:19:f2:7e:3f:3f:05:5e:a7:
                    38:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:87:9E:8A:25:E3:56:1B:B0:FD:BE:77:D0:40:F4:8C:5B:DA:DF:63
            X509v3 Authority Key Identifier:
                keyid:95:28:16:0E:4C:30:4E:13:07:DB:F6:6F:19:01:63:2A:DF:9F:1A:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9132457/8AE7392ED81811EDBD650F3DC4F9AE02/lSgWDkwwThMH2_ZvGQFjKt-fGmQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lSgWDkwwThMH2_ZvGQFjKt-fGmQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132457/8AE7392ED81811EDBD650F3DC4F9AE02/0A492854D91711EDB43B7C4DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.243.176.0/24
                IPv6:
                  2001:df2:40c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         18:59:35:66:d3:22:69:54:44:3a:90:39:4f:e0:4b:c6:4a:35:
         a6:b0:44:09:a2:c1:43:e2:34:b3:ee:f1:aa:6e:ab:47:75:80:
         5e:48:94:f1:df:24:49:84:35:0c:8f:71:8c:76:71:fc:cc:91:
         53:be:52:6a:2c:c3:43:33:19:2f:ad:08:66:4d:fc:37:a2:8f:
         37:7f:5b:f6:92:01:c9:e2:dc:34:21:2e:98:c4:45:5f:56:e8:
         af:1a:98:75:d0:2d:9c:bd:cb:8f:98:e7:87:cd:21:57:8d:b0:
         b7:d7:40:9f:d8:af:60:29:59:b9:d4:f1:14:52:22:87:be:ac:
         12:b5:0e:e0:65:06:5c:af:7b:fb:09:4c:55:95:b7:fd:f1:0f:
         30:e6:a2:7f:df:7e:42:6f:ad:42:cc:66:cb:42:7a:f9:e6:1f:
         a3:07:6a:5e:98:cc:94:b3:9c:5e:b5:b9:7a:31:83:d3:4a:6e:
         de:09:1f:4f:a6:91:03:c7:8a:94:53:84:95:ab:87:98:87:fb:
         e4:cc:7f:1e:57:e7:11:16:df:d4:ae:ca:1b:09:d2:4f:6e:7b:
         f8:aa:de:14:46:d8:bb:1f:ea:94:2b:e3:fb:69:63:98:e0:0a:
         e8:e3:70:8c:40:ef:49:40:d1:d7:84:bc:2a:1c:cc:ea:3e:00:
         4f:68:98:d3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
MjQ1NzExMC8GA1UEBRMoOTUyODE2MEU0QzMwNEUxMzA3REJGNjZGMTkwMTYzMkFE
RjlGMUE2NDAeFw0yMzA0MTIwOTQ3MzBaFw0yNDA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MzY3ZTMyLTM4YjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDantD0cgYfp9FnmKJ77A6VpdO4Uzut3PUhtUX7LU51f0mQRd5XO//KdEs692b8
PRENxlUaebkh7uLVrVCXdZidqBOTP31I5NtwzmIuDePPeHyp+TNzjUdvaxQd0kV7
b8OD2vaDuMPcPBJEJO7sVoEE1W9+FrDLw/o4eUWQphsuNsNPN2mRsh32SC/Y3Wqs
JR/JpfAlXeDyO+DCm/BHiNp5OzMpW0Z94l6Lk2L4qqGBDA2nei58bYcdGDQavLhs
5yEWcJecwsJzdSI7697dM4DPWlskF5QMUgj9HZYBOVfnH5FcCI7qFGO+UUhVxIu7
9Xv9EJL8oAgZ8n4/PwVepzirAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU44eeiiXj
Vhuw/b530ED0jFva32MwHwYDVR0jBBgwFoAUlSgWDkwwThMH2/ZvGQFjKt+fGmQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMyNDU3LzhBRTczOTJFRDgx
ODExRURCRDY1MEYzREM0RjlBRTAyL2xTZ1dEa3d3VGhNSDJfWnZHUUZqS3QtZkdt
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbFNnV0Rrd3dUaE1IMl9adkdRRmpLdC1mR21RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
MjQ1Ny84QUU3MzkyRUQ4MTgxMUVEQkQ2NTBGM0RDNEY5QUUwMi8wQTQ5Mjg1NEQ5
MTcxMUVEQjQzQjdDNERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGfzsDAPBAIAAjAJAwcAIAEN8kDAMA0GCSqGSIb3DQEBCwUA
A4IBAQAYWTVm0yJpVEQ6kDlP4EvGSjWmsEQJosFD4jSz7vGqbqtHdYBeSJTx3yRJ
hDUMj3GMdnH8zJFTvlJqLMNDMxkvrQhmTfw3oo83f1v2kgHJ4tw0IS6YxEVfVuiv
Gph10C2cvcuPmOeHzSFXjbC310Cf2K9gKVm51PEUUiKHvqwStQ7gZQZcr3v7CUxV
lbf98Q8w5qJ/335Cb61CzGbLQnr55h+jB2pemMyUs5xetbl6MYPTSm7eCR9PppED
x4qUU4SVq4eYh/vkzH8eV+cRFt/UrsobCdJPbnv4qt4URti7H+qUK+P7aWOY4Aro
43CMQO9JQNHXhLwqHMzqPgBPaJjT
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:58 2024 by rpki-client on console-fra.rpki-client.org