Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91479A7/8BA963D443F511EE9A8E4E16C4F9AE02/5D2D335E43F611EE87C0A617C4F9AE02.roa
File:                     5D2D335E43F611EE87C0A617C4F9AE02.roa (raw, json)
Hash identifier:          JpKfKaWaiuaBe8jDl9nCDPmO0MsGsyhlR0w6XCR/yGE=
Subject key identifier:   10:92:C7:5B:02:63:93:FD:EB:FD:D1:4F:20:12:6C:30:C1:F1:DA:A4
Certificate issuer:       /CN=A91479A7/serialNumber=2F2477EBBE56B0D7A0AD44C2717DB5FE080DCAE8
Certificate serial:       1E
Authority key identifier: 2F:24:77:EB:BE:56:B0:D7:A0:AD:44:C2:71:7D:B5:FE:08:0D:CA:E8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LyR3675WsNegrUTCcX21_ggNyug.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91479A7/8BA963D443F511EE9A8E4E16C4F9AE02/5D2D335E43F611EE87C0A617C4F9AE02.roa
Signing time:             Wed 06 Sep 2023 17:24:02 +0000
ROA not before:           Wed 06 Sep 2023 17:24:02 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     142036
IP address blocks:        103.114.160.0/24 maxlen: 24
                          103.114.161.0/24 maxlen: 24
                          103.114.162.0/24 maxlen: 24
                          103.114.163.0/24 maxlen: 24
                          2402:d0c0:10::/48 maxlen: 48
                          2402:d0c0:11::/48 maxlen: 48
                          2402:d0c0:12::/48 maxlen: 48
                          2402:d0c0:13::/48 maxlen: 48
                          2402:d0c0:14::/48 maxlen: 48
                          2402:d0c0:15::/48 maxlen: 48
                          2402:d0c0:16::/48 maxlen: 48
                          2402:d0c0:17::/48 maxlen: 48
                          2402:d0c0:18::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 07 Sep 2023 16:26:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 30 (0x1e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91479A7/serialNumber=2F2477EBBE56B0D7A0AD44C2717DB5FE080DCAE8
        Validity
            Not Before: Sep  6 17:24:02 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=64f8b5b2-9674
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:29:c9:53:91:59:58:42:13:35:99:e8:83:c5:
                    b5:2d:17:c2:04:43:6d:1f:f3:3d:ed:f1:4c:e5:6e:
                    e4:a7:6c:e0:98:c3:b9:ea:ec:c3:9c:61:1e:43:87:
                    e8:94:a5:b9:49:9d:0f:cc:80:d5:3c:72:a1:d2:52:
                    ff:2d:6f:b6:28:73:a5:db:e0:88:41:7f:2a:d4:b0:
                    2e:73:2b:e6:a4:ea:06:be:4e:0b:fd:95:92:20:b4:
                    40:05:16:b5:0a:d7:45:46:a5:45:0f:d8:9e:ad:97:
                    08:78:62:9f:b5:42:f5:dc:22:09:03:6c:f3:e9:9d:
                    92:3e:ab:c9:45:74:15:bd:80:05:b3:d2:f5:91:19:
                    9e:9d:80:d1:08:05:77:8c:18:4e:0a:0a:4c:9f:ed:
                    aa:b5:a1:3d:35:e9:fc:fd:15:b9:4c:52:61:19:d4:
                    4e:59:ee:b6:03:7d:49:8a:f0:08:a8:25:50:5d:82:
                    8f:17:93:44:94:ed:af:be:12:dd:84:76:14:3d:a5:
                    c6:77:45:5d:e0:b1:08:6c:f9:81:e9:74:a1:78:d1:
                    c1:f4:17:c6:df:a1:cc:ff:b4:24:6c:a5:6d:67:50:
                    c7:a6:13:18:8a:52:7d:2b:4f:9c:d8:c7:e5:36:ce:
                    11:be:d5:a6:e9:ae:39:19:6a:6c:1f:89:54:1c:ef:
                    8f:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:92:C7:5B:02:63:93:FD:EB:FD:D1:4F:20:12:6C:30:C1:F1:DA:A4
            X509v3 Authority Key Identifier:
                keyid:2F:24:77:EB:BE:56:B0:D7:A0:AD:44:C2:71:7D:B5:FE:08:0D:CA:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91479A7/8BA963D443F511EE9A8E4E16C4F9AE02/LyR3675WsNegrUTCcX21_ggNyug.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LyR3675WsNegrUTCcX21_ggNyug.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91479A7/8BA963D443F511EE9A8E4E16C4F9AE02/5D2D335E43F611EE87C0A617C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.114.160.0/22
                IPv6:
                  2402:d0c0:10::-2402:d0c0:18:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         c8:50:87:eb:83:f2:21:4f:fa:dc:7f:6a:4f:fd:f8:e6:f5:5c:
         ef:7f:82:47:d3:47:6b:c8:e2:fc:ea:aa:dc:3d:78:19:2b:29:
         93:19:75:15:8d:68:39:d3:68:d7:7d:2e:31:b7:62:6d:e7:1c:
         9e:96:b8:be:ea:a1:0a:3e:da:72:89:56:f0:1a:56:78:18:92:
         24:88:e5:ee:a9:05:6e:6a:f8:93:f3:fd:fa:f2:1e:ed:96:2c:
         b9:67:e1:a1:67:a5:56:95:f5:81:b6:87:77:5f:f0:ac:e2:8a:
         17:d4:d2:bf:ef:d9:1a:a4:8a:0f:e9:d8:77:3d:c9:f4:fe:74:
         52:b4:6b:f7:f2:7b:85:1c:64:a2:c5:3e:d6:80:12:c6:ed:b3:
         0f:36:13:ed:f7:b6:05:f6:03:3f:51:b7:c4:fa:10:1e:72:29:
         ce:5e:b9:b1:c7:48:8e:7e:58:d1:2f:ef:9a:82:f1:71:a9:e2:
         33:23:04:76:fc:d5:bc:d9:59:4f:49:d1:fd:4f:65:84:56:83:
         85:f6:a4:13:68:02:f0:ee:72:37:09:29:77:fc:8b:bf:91:69:
         9d:69:aa:a2:71:d8:78:93:73:cd:8e:bd:d3:fd:83:9f:a7:b7:
         db:57:07:34:b1:11:c4:c4:26:2a:52:97:18:20:23:af:ef:fe:
         b5:80:4d:8d
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
NzlBNzExMC8GA1UEBRMoMkYyNDc3RUJCRTU2QjBEN0EwQUQ0NEMyNzE3REI1RkUw
ODBEQ0FFODAeFw0yMzA5MDYxNzI0MDJaFw0yNDA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZjhiNWIyLTk2NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEKclTkVlYQhM1meiDxbUtF8IEQ20f8z3t8UzlbuSnbOCYw7nq7MOcYR5Dh+iU
pblJnQ/MgNU8cqHSUv8tb7Yoc6Xb4IhBfyrUsC5zK+ak6ga+Tgv9lZIgtEAFFrUK
10VGpUUP2J6tlwh4Yp+1QvXcIgkDbPPpnZI+q8lFdBW9gAWz0vWRGZ6dgNEIBXeM
GE4KCkyf7aq1oT016fz9FblMUmEZ1E5Z7rYDfUmK8AioJVBdgo8Xk0SU7a++Et2E
dhQ9pcZ3RV3gsQhs+YHpdKF40cH0F8bfocz/tCRspW1nUMemExiKUn0rT5zYx+U2
zhG+1abprjkZamwfiVQc74+BAgMBAAGjggKxMIICrTAdBgNVHQ4EFgQUEJLHWwJj
k/3r/dFPIBJsMMHx2qQwHwYDVR0jBBgwFoAULyR3675WsNegrUTCcX21/ggNyugw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3OUE3LzhCQTk2M0Q0NDNG
NTExRUU5QThFNEUxNkM0RjlBRTAyL0x5UjM2NzVXc05lZ3JVVENjWDIxX2dnTnl1
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTHlSMzY3NVdzTmVnclVUQ2NYMjFfZ2dOeXVnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NzlBNy84QkE5NjNENDQzRjUxMUVFOUE4RTRFMTZDNEY5QUUwMi81RDJEMzM1RTQz
RjYxMUVFODdDMEE2MTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA7BggrBgEFBQcBBwEB/wQs
MCowDAQCAAEwBgMEAmdyoDAaBAIAAjAUMBIDBwQkAtDAABADBwAkAtDAABgwDQYJ
KoZIhvcNAQELBQADggEBAMhQh+uD8iFP+tx/ak/9+Ob1XO9/gkfTR2vI4vzqqtw9
eBkrKZMZdRWNaDnTaNd9LjG3Ym3nHJ6WuL7qoQo+2nKJVvAaVngYkiSI5e6pBW5q
+JPz/fryHu2WLLln4aFnpVaV9YG2h3df8KziihfU0r/v2Rqkig/p2Hc9yfT+dFK0
a/fye4UcZKLFPtaAEsbtsw82E+33tgX2Az9Rt8T6EB5yKc5eubHHSI5+WNEv75qC
8XGp4jMjBHb81bzZWU9J0f1PZYRWg4X2pBNoAvDucjcJKXf8i7+RaZ1pqqJx2HiT
c82OvdP9g5+nt9tXBzSxEcTEJipSlxggI6/v/rWATY0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org