Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9140D20/D943A45ADBDA11EAA2CC2B41C4F9AE02/E603AD9CDBDB11EA9D395E41C4F9AE02.roa
File:                     E603AD9CDBDB11EA9D395E41C4F9AE02.roa (raw, json)
Hash identifier:          XUQTd9H+Pby7FE/VkC/3wGMK5m6d3FS9gviZEqRv2k4=
Subject key identifier:   B2:17:43:C0:63:A5:EE:5B:64:69:C7:45:07:8E:E2:A2:58:E4:1B:43
Certificate issuer:       /CN=A9140D20/serialNumber=EFCF131AD6480D1DD04F1D4476E3595452FF441C
Certificate serial:       069F
Authority key identifier: EF:CF:13:1A:D6:48:0D:1D:D0:4F:1D:44:76:E3:59:54:52:FF:44:1C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788TGtZIDR3QTx1EduNZVFL_RBw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9140D20/D943A45ADBDA11EAA2CC2B41C4F9AE02/E603AD9CDBDB11EA9D395E41C4F9AE02.roa
Signing time:             Thu 01 Jun 2023 00:15:31 +0000
ROA not before:           Thu 01 Jun 2023 00:15:31 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     137386
IP address blocks:        103.95.28.0/24 maxlen: 24
                          157.119.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 30 Nov 2023 07:06:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1695 (0x69f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9140D20/serialNumber=EFCF131AD6480D1DD04F1D4476E3595452FF441C
        Validity
            Not Before: Jun  1 00:15:31 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=6477e323-94a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:87:83:5e:ba:f2:49:93:ef:c6:01:66:f3:85:
                    ff:db:9a:48:9c:8f:60:8a:81:8a:8d:b4:9d:18:77:
                    82:65:a9:0d:cc:7f:0d:b6:48:19:02:e6:cb:4d:89:
                    e8:29:67:d2:81:f4:17:1b:79:8f:88:c0:b3:45:ef:
                    ab:6d:52:8c:34:fd:cd:f0:b1:80:b4:27:53:cc:67:
                    2e:b3:52:ab:24:c9:73:9a:fd:3b:82:7f:bd:7e:b6:
                    09:65:f3:33:e4:46:c8:cc:6f:13:db:99:64:65:28:
                    6c:4f:bf:46:9a:bd:8e:ba:f5:bb:89:f5:13:cb:27:
                    5b:86:2c:c9:b4:f7:72:61:d9:93:06:66:7c:74:0c:
                    2a:5d:7b:1c:c5:8d:c8:67:55:dd:e1:fa:a9:90:ac:
                    2a:c4:3c:29:b2:c0:72:78:3c:ac:1c:53:9c:40:60:
                    8b:bf:f8:89:6e:97:ff:f1:4d:6a:bd:08:d7:4b:8f:
                    9b:4d:fa:bd:fd:50:ed:35:c3:8d:22:60:ce:93:5d:
                    c5:fe:ed:4a:55:18:0d:2c:11:bc:30:e6:f1:2c:9f:
                    71:ce:cb:85:de:6a:1d:97:90:10:6b:77:6c:e5:a5:
                    e3:78:dc:d6:4c:ac:e4:6e:53:ed:49:c2:23:a7:dc:
                    ec:62:9f:06:53:a6:4d:ce:ce:d8:a2:eb:ff:23:9f:
                    eb:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:17:43:C0:63:A5:EE:5B:64:69:C7:45:07:8E:E2:A2:58:E4:1B:43
            X509v3 Authority Key Identifier:
                keyid:EF:CF:13:1A:D6:48:0D:1D:D0:4F:1D:44:76:E3:59:54:52:FF:44:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9140D20/D943A45ADBDA11EAA2CC2B41C4F9AE02/788TGtZIDR3QTx1EduNZVFL_RBw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788TGtZIDR3QTx1EduNZVFL_RBw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140D20/D943A45ADBDA11EAA2CC2B41C4F9AE02/E603AD9CDBDB11EA9D395E41C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.95.28.0/24
                  157.119.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:36:65:7b:1f:9f:68:3f:c6:b0:7a:e8:9e:b0:bb:b6:80:fe:
         e2:df:aa:f8:c9:69:8a:30:79:d3:fa:7c:bf:eb:1d:dc:78:50:
         23:cb:06:22:f3:1d:ca:4b:4f:87:b4:8c:61:55:62:74:9a:64:
         93:bb:46:49:cb:0c:b9:ac:8d:ec:6c:9c:79:d4:80:2a:ce:2f:
         19:63:af:af:55:41:22:6a:b1:88:3b:f2:d5:e9:a2:96:b7:1a:
         97:2f:fa:d7:a8:00:e8:51:82:69:cb:be:87:54:3b:af:e7:9e:
         52:eb:8e:fc:c5:6a:45:37:b2:a3:98:30:b1:a6:cd:ee:aa:aa:
         ca:82:ab:71:6c:5c:46:25:6c:fb:82:59:c7:48:23:b4:16:6d:
         88:a8:54:1d:42:de:8e:ad:88:d4:7f:71:76:47:a5:14:b1:ac:
         36:9e:da:14:f8:f2:d5:dd:c7:79:9e:06:12:d4:a5:17:57:c1:
         98:fc:3e:bf:94:5c:be:82:5a:b8:00:34:be:0b:c4:46:40:ba:
         d0:26:dd:5e:c4:f7:a1:a3:df:3b:0f:0e:64:11:a7:fb:a3:2c:
         92:ff:ee:60:02:19:26:61:77:0b:97:1a:8e:f9:a7:9d:6c:3f:
         a7:b4:c1:e0:f3:49:47:9c:32:43:ce:7f:f1:94:33:82:84:fd:
         b2:ca:ec:5e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBp8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDBEMjAxMTAvBgNVBAUTKEVGQ0YxMzFBRDY0ODBEMUREMDRGMUQ0NDc2RTM1OTU0
NTJGRjQ0MUMwHhcNMjMwNjAxMDAxNTMxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDc3ZTMyMy05NGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6YeDXrrySZPvxgFm84X/25pInI9gioGKjbSdGHeCZakNzH8NtkgZAubLTYno
KWfSgfQXG3mPiMCzRe+rbVKMNP3N8LGAtCdTzGcus1KrJMlzmv07gn+9frYJZfMz
5EbIzG8T25lkZShsT79Gmr2OuvW7ifUTyydbhizJtPdyYdmTBmZ8dAwqXXscxY3I
Z1Xd4fqpkKwqxDwpssByeDysHFOcQGCLv/iJbpf/8U1qvQjXS4+bTfq9/VDtNcON
ImDOk13F/u1KVRgNLBG8MObxLJ9xzsuF3modl5AQa3ds5aXjeNzWTKzkblPtScIj
p9zsYp8GU6ZNzs7Youv/I5/riwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLIXQ8Bj
pe5bZGnHRQeO4qJY5BtDMB8GA1UdIwQYMBaAFO/PExrWSA0d0E8dRHbjWVRS/0Qc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEQyMC9EOTQzQTQ1QURC
REExMUVBQTJDQzJCNDFDNEY5QUUwMi83ODhUR3RaSURSM1FUeDFFZHVOWlZGTF9S
QncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzc4OFRHdFpJRFIzUVR4MUVkdU5aVkZMX1JCdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDBEMjAvRDk0M0E0NUFEQkRBMTFFQUEyQ0MyQjQxQzRGOUFFMDIvRTYwM0FEOUNE
QkRCMTFFQTlEMzk1RTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnXxwDBACddzcwDQYJKoZIhvcNAQELBQADggEBAC42ZXsf
n2g/xrB66J6wu7aA/uLfqvjJaYowedP6fL/rHdx4UCPLBiLzHcpLT4e0jGFVYnSa
ZJO7RknLDLmsjexsnHnUgCrOLxljr69VQSJqsYg78tXpopa3Gpcv+teoAOhRgmnL
vodUO6/nnlLrjvzFakU3sqOYMLGmze6qqsqCq3FsXEYlbPuCWcdII7QWbYioVB1C
3o6tiNR/cXZHpRSxrDae2hT48tXdx3meBhLUpRdXwZj8Pr+UXL6CWrgANL4LxEZA
utAm3V7E96Gj3zsPDmQRp/ujLJL/7mACGSZhdwuXGo75p51sP6e0weDzSUecMkPO
f/GUM4KE/bLK7F4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org