Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9142DA4/8AD49F7EBAE811ECA82F141CC4F9AE02/93262AF0C53B11EC879E6E2FC4F9AE02.roa
File:                     93262AF0C53B11EC879E6E2FC4F9AE02.roa (raw, json)
Hash identifier:          px3PfLMJX7rWun9qjnkIXX1Hd/hiz6g01wt2SZmJvec=
Subject key identifier:   68:3F:C1:9A:50:D0:01:CB:90:01:4F:90:1F:EF:96:52:06:6D:D6:2A
Certificate issuer:       /CN=A9142DA4/serialNumber=BB4C9665E75F9E19DAD46F8B609D3444FB68ED47
Certificate serial:       020C
Authority key identifier: BB:4C:96:65:E7:5F:9E:19:DA:D4:6F:8B:60:9D:34:44:FB:68:ED:47
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u0yWZedfnhna1G-LYJ00RPto7Uc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9142DA4/8AD49F7EBAE811ECA82F141CC4F9AE02/93262AF0C53B11EC879E6E2FC4F9AE02.roa
Signing time:             Fri 01 Sep 2023 02:53:07 +0000
ROA not before:           Fri 01 Sep 2023 02:53:07 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     55872
IP address blocks:        115.187.96.0/19 maxlen: 19
                          115.187.96.0/23 maxlen: 23
                          115.187.100.0/22 maxlen: 22
                          115.187.104.0/21 maxlen: 21
                          115.187.112.0/20 maxlen: 20
                          118.82.128.0/17 maxlen: 17
                          118.82.128.0/18 maxlen: 18
                          118.82.136.0/21 maxlen: 21
                          118.82.144.0/20 maxlen: 20
                          118.82.160.0/20 maxlen: 20
                          118.82.176.0/21 maxlen: 21
                          118.82.184.0/22 maxlen: 22
                          118.82.188.0/23 maxlen: 23
                          118.82.192.0/18 maxlen: 18
                          118.82.192.0/21 maxlen: 21
                          118.82.200.0/21 maxlen: 21
                          118.82.208.0/21 maxlen: 21
                          118.82.216.0/21 maxlen: 21
                          118.82.232.0/21 maxlen: 21
                          118.82.240.0/21 maxlen: 21
                          119.235.32.0/21 maxlen: 21
                          202.65.162.0/23 maxlen: 23
                          202.65.164.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 16 May 2024 06:04:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 524 (0x20c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9142DA4/serialNumber=BB4C9665E75F9E19DAD46F8B609D3444FB68ED47
        Validity
            Not Before: Sep  1 02:53:07 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=64f15213-c56d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:98:03:5e:71:f6:39:82:00:31:c1:22:f8:87:
                    d5:b8:69:a5:ea:23:fa:4f:66:88:5b:4d:4c:89:32:
                    8e:b1:b1:d7:e9:40:b4:1f:df:78:69:86:87:ce:40:
                    40:87:a6:6c:ea:73:d9:98:06:b8:02:05:4c:a0:47:
                    41:68:cb:18:3f:40:d3:da:55:64:8c:96:56:1b:56:
                    08:ab:aa:40:51:cb:e9:8f:b8:87:59:66:1a:0c:d7:
                    8d:e8:cf:0e:b5:fe:71:78:1b:53:c7:51:ca:4d:96:
                    f5:3f:f4:ce:a3:1b:22:d6:a5:09:5f:d2:7f:df:36:
                    80:40:14:ed:40:0f:0e:3d:3c:49:6d:e5:f7:15:9a:
                    52:1b:ed:50:0b:d7:61:6f:f9:0c:4c:a1:42:21:ff:
                    30:61:e4:73:ef:24:c2:ea:2a:61:d0:79:ae:c0:ab:
                    63:25:af:2d:31:c7:94:42:df:33:38:65:83:61:dd:
                    17:25:fe:59:df:03:50:40:e5:b0:cb:e6:50:67:6c:
                    02:14:57:d7:67:f7:dc:81:fc:b8:dd:bd:2e:01:30:
                    b7:f3:2b:29:01:ce:18:bb:cc:1c:8a:cb:00:de:21:
                    70:8c:da:71:b6:f9:53:af:c4:4b:96:76:3b:0f:67:
                    11:5c:f0:0e:6e:48:fc:cf:e1:8d:74:76:6c:2d:0a:
                    ed:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:3F:C1:9A:50:D0:01:CB:90:01:4F:90:1F:EF:96:52:06:6D:D6:2A
            X509v3 Authority Key Identifier:
                keyid:BB:4C:96:65:E7:5F:9E:19:DA:D4:6F:8B:60:9D:34:44:FB:68:ED:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9142DA4/8AD49F7EBAE811ECA82F141CC4F9AE02/u0yWZedfnhna1G-LYJ00RPto7Uc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u0yWZedfnhna1G-LYJ00RPto7Uc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142DA4/8AD49F7EBAE811ECA82F141CC4F9AE02/93262AF0C53B11EC879E6E2FC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.187.96.0/19
                  118.82.128.0/17
                  119.235.32.0/21
                  202.65.162.0-202.65.167.255

    Signature Algorithm: sha256WithRSAEncryption
         47:49:59:eb:ad:da:55:6a:b0:77:6a:fa:e8:60:ca:a3:3b:46:
         cb:4f:c2:55:38:1f:dc:67:bd:cc:c3:2b:b9:9d:fb:43:73:32:
         d4:76:38:2b:b0:d7:1c:ae:5a:c1:c7:d6:d1:a2:ef:b7:cc:ac:
         c4:dc:5d:8b:2e:15:75:63:ea:58:d4:f6:61:3b:cb:37:1f:e7:
         16:49:2f:8b:95:9a:b7:fb:29:ba:dc:e9:2f:93:e8:c6:97:11:
         5c:62:61:b1:32:de:49:89:19:61:5c:4d:d4:15:d1:31:ae:59:
         ba:e9:f0:b7:f4:04:b9:1f:c0:56:e7:e1:92:0f:27:ad:43:91:
         a8:52:c5:eb:86:ac:9a:06:28:5f:4f:26:49:1f:30:bc:00:ec:
         9f:f0:b5:a1:ee:75:bb:30:23:30:8f:f6:93:12:01:07:1f:bd:
         df:2f:c1:38:16:77:72:db:8b:6f:20:17:63:6e:41:15:d2:bd:
         21:92:82:4e:40:59:4a:5b:73:52:6b:3a:03:19:f4:dc:91:bc:
         4e:8c:3d:26:79:6e:cb:dd:c1:12:cc:b9:f8:b4:63:84:2f:b3:
         be:a2:ac:0f:a1:d6:6f:3a:15:1c:9b:d3:75:d0:09:0f:62:0f:
         b5:bb:01:12:66:41:28:57:8e:bf:4f:13:4d:ea:2f:32:ee:44:
         ab:ef:80:22
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICAgwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDJEQTQxMTAvBgNVBAUTKEJCNEM5NjY1RTc1RjlFMTlEQUQ0NkY4QjYwOUQzNDQ0
RkI2OEVENDcwHhcNMjMwOTAxMDI1MzA3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYxNTIxMy1jNTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu5gDXnH2OYIAMcEi+IfVuGml6iP6T2aIW01MiTKOsbHX6UC0H994aYaHzkBA
h6Zs6nPZmAa4AgVMoEdBaMsYP0DT2lVkjJZWG1YIq6pAUcvpj7iHWWYaDNeN6M8O
tf5xeBtTx1HKTZb1P/TOoxsi1qUJX9J/3zaAQBTtQA8OPTxJbeX3FZpSG+1QC9dh
b/kMTKFCIf8wYeRz7yTC6iph0HmuwKtjJa8tMceUQt8zOGWDYd0XJf5Z3wNQQOWw
y+ZQZ2wCFFfXZ/fcgfy43b0uATC38yspAc4Yu8wcissA3iFwjNpxtvlTr8RLlnY7
D2cRXPAObkj8z+GNdHZsLQrtOwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFGg/wZpQ
0AHLkAFPkB/vllIGbdYqMB8GA1UdIwQYMBaAFLtMlmXnX54Z2tRvi2CdNET7aO1H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MkRBNC84QUQ0OUY3RUJB
RTgxMUVDQTgyRjE0MUNDNEY5QUUwMi91MHlXWmVkZm5obmExRy1MWUowMFJQdG83
VWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3UweVdaZWRmbmhuYTFHLUxZSjAwUlB0bzdVYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDJEQTQvOEFENDlGN0VCQUU4MTFFQ0E4MkYxNDFDQzRGOUFFMDIvOTMyNjJBRjBD
NTNCMTFFQzg3OUU2RTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAVzu2ADBAd2UoADBAN36yAwDAMEAcpBogMEA8pBoDANBgkq
hkiG9w0BAQsFAAOCAQEAR0lZ663aVWqwd2r66GDKoztGy0/CVTgf3Ge9zMMruZ37
Q3My1HY4K7DXHK5awcfW0aLvt8ysxNxdiy4VdWPqWNT2YTvLNx/nFkkvi5Wat/sp
utzpL5PoxpcRXGJhsTLeSYkZYVxN1BXRMa5Zuunwt/QEuR/AVufhkg8nrUORqFLF
64asmgYoX08mSR8wvADsn/C1oe51uzAjMI/2kxIBBx+93y/BOBZ3ctuLbyAXY25B
FdK9IZKCTkBZSltzUms6Axn03JG8Tow9Jnluy93BEsy5+LRjhC+zvqKsD6HWbzoV
HJvTddAJD2IPtbsBEmZBKFeOv08TTeovMu5Eq++AIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:56 2024 by rpki-client on console-ams.rpki-client.org