Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A914D0AF/1E339B3688DE11EC8A8B1628C4F9AE02/028BA32688E111ECB2B6512AC4F9AE02.roa
File:                     028BA32688E111ECB2B6512AC4F9AE02.roa (raw, json)
Hash identifier:          +d5fQvdAFlz2jPvs2oF1znkKXDz+fBmo1itmdPLhJ3g=
Subject key identifier:   65:FD:BE:12:B0:7C:87:C7:81:AC:B6:95:31:39:A6:93:67:A7:E1:A3
Certificate issuer:       /CN=A914D0AF/serialNumber=4A85CF138872D3E44F90D7B6F3028F0B506734CC
Certificate serial:       0308
Authority key identifier: 4A:85:CF:13:88:72:D3:E4:4F:90:D7:B6:F3:02:8F:0B:50:67:34:CC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SoXPE4hy0-RPkNe28wKPC1BnNMw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914D0AF/1E339B3688DE11EC8A8B1628C4F9AE02/028BA32688E111ECB2B6512AC4F9AE02.roa
Signing time:             Wed 17 Apr 2024 03:35:41 +0000
ROA not before:           Wed 17 Apr 2024 03:35:41 +0000
ROA not after:            Thu 01 May 2025 00:00:00 +0000
asID:                     149492
IP address blocks:        103.181.46.0/23 maxlen: 23
                          103.181.46.0/24 maxlen: 24
                          103.181.47.0/24 maxlen: 24
                          2001:df0:67c0::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sat 04 May 2024 10:13:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 776 (0x308)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914D0AF/serialNumber=4A85CF138872D3E44F90D7B6F3028F0B506734CC
        Validity
            Not Before: Apr 17 03:35:41 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=661f438c-a2f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:cc:0e:5c:21:af:e7:21:4f:05:64:f5:e6:de:
                    09:ca:61:3b:61:5d:4e:1d:e2:39:48:1c:c6:46:f5:
                    34:f4:84:00:33:85:ed:6c:d9:3f:a5:05:59:89:92:
                    b3:a1:37:50:32:cb:57:d9:58:6d:7b:4a:e8:a0:24:
                    38:dc:28:05:ac:48:42:15:04:01:cd:77:1e:53:e0:
                    44:c6:04:d9:4b:47:5e:1e:cd:c5:08:b7:79:a1:bc:
                    1b:72:48:35:cf:4f:ee:0d:da:e4:86:43:e3:e5:1d:
                    1d:45:51:f5:8c:4b:df:d6:81:f0:37:2b:28:81:7a:
                    13:c9:b1:b0:a4:b5:5f:70:50:2e:cb:db:f5:f8:99:
                    29:f6:ff:29:0d:2c:a3:ba:6a:d4:02:29:9a:d1:14:
                    4c:b7:c6:96:28:86:c7:f8:ca:9b:6f:b9:5d:06:17:
                    98:f5:11:31:64:71:bb:05:83:6d:12:b4:96:50:1b:
                    2b:02:53:5a:12:d9:2b:94:f8:d5:86:39:9b:8d:53:
                    2d:6c:61:44:7a:36:9f:4b:5f:24:4b:f9:65:5c:df:
                    05:96:5f:09:db:10:5c:7b:4f:f0:f0:18:97:29:a5:
                    b7:86:2f:c5:86:e6:e5:49:85:0d:b1:90:43:d0:b2:
                    82:36:46:6e:88:05:9b:fa:b7:b2:a4:b0:6a:28:6a:
                    bf:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:FD:BE:12:B0:7C:87:C7:81:AC:B6:95:31:39:A6:93:67:A7:E1:A3
            X509v3 Authority Key Identifier:
                keyid:4A:85:CF:13:88:72:D3:E4:4F:90:D7:B6:F3:02:8F:0B:50:67:34:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914D0AF/1E339B3688DE11EC8A8B1628C4F9AE02/SoXPE4hy0-RPkNe28wKPC1BnNMw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SoXPE4hy0-RPkNe28wKPC1BnNMw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914D0AF/1E339B3688DE11EC8A8B1628C4F9AE02/028BA32688E111ECB2B6512AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.181.46.0/23
                IPv6:
                  2001:df0:67c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         b1:da:ba:4b:c2:de:aa:de:97:29:2d:01:dd:5e:53:18:b1:30:
         95:39:0b:20:a4:29:be:c5:6c:8a:f3:e4:cf:0c:0e:58:0c:c2:
         25:30:a2:3d:41:d9:07:7a:5a:12:a1:b3:92:7e:49:2a:1a:3a:
         52:b4:1c:be:5d:3b:d9:c3:3b:f6:11:5c:8b:58:a9:47:3c:fe:
         c9:65:3f:7c:29:79:ce:bf:73:d8:46:c8:28:39:96:10:27:50:
         f3:c4:44:b2:11:7d:19:74:83:6e:67:55:fc:d2:d3:aa:8d:9c:
         76:e7:c4:56:fe:e9:e9:73:71:14:fc:55:9d:bb:da:80:72:7e:
         ab:e9:22:2c:4b:42:70:5d:61:07:0b:a4:22:80:80:83:86:3f:
         47:f4:6a:2f:14:9d:13:ce:b3:89:7a:c8:58:4b:ad:2d:16:e3:
         37:bc:e6:b3:f0:5f:ee:9d:17:60:78:30:96:f9:48:37:dd:29:
         0c:52:df:f5:48:c1:81:05:9e:9e:57:cd:f0:ac:ed:23:61:b1:
         7a:25:b6:4b:ff:9e:8a:f2:60:20:7a:fd:44:f5:dd:5e:bf:f3:
         ea:12:05:bd:b7:40:98:0e:da:f8:f8:3e:39:20:9f:b7:91:0b:
         16:fe:58:f0:a4:c8:d6:c7:1a:83:57:d1:00:25:3f:22:71:ce:
         21:1a:cc:28
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAwgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEQwQUYxMTAvBgNVBAUTKDRBODVDRjEzODg3MkQzRTQ0RjkwRDdCNkYzMDI4RjBC
NTA2NzM0Q0MwHhcNMjQwNDE3MDMzNTQxWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjFmNDM4Yy1hMmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArMwOXCGv5yFPBWT15t4JymE7YV1OHeI5SBzGRvU09IQAM4XtbNk/pQVZiZKz
oTdQMstX2Vhte0rooCQ43CgFrEhCFQQBzXceU+BExgTZS0deHs3FCLd5obwbckg1
z0/uDdrkhkPj5R0dRVH1jEvf1oHwNysogXoTybGwpLVfcFAuy9v1+Jkp9v8pDSyj
umrUAima0RRMt8aWKIbH+Mqbb7ldBheY9RExZHG7BYNtErSWUBsrAlNaEtkrlPjV
hjmbjVMtbGFEejafS18kS/llXN8Fll8J2xBce0/w8BiXKaW3hi/FhublSYUNsZBD
0LKCNkZuiAWb+reypLBqKGq/TQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFGX9vhKw
fIfHgay2lTE5ppNnp+GjMB8GA1UdIwQYMBaAFEqFzxOIctPkT5DXtvMCjwtQZzTM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RDBBRi8xRTMzOUIzNjg4
REUxMUVDOEE4QjE2MjhDNEY5QUUwMi9Tb1hQRTRoeTAtUlBrTmUyOHdLUEMxQm5O
TXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NvWFBFNGh5MC1SUGtOZTI4d0tQQzFCbk5Ndy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEQwQUYvMUUzMzlCMzY4OERFMTFFQzhBOEIxNjI4QzRGOUFFMDIvMDI4QkEzMjY4
OEUxMTFFQ0IyQjY1MTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFntS4wDwQCAAIwCQMHACABDfBnwDANBgkqhkiG9w0BAQsF
AAOCAQEAsdq6S8Leqt6XKS0B3V5TGLEwlTkLIKQpvsVsivPkzwwOWAzCJTCiPUHZ
B3paEqGzkn5JKho6UrQcvl072cM79hFci1ipRzz+yWU/fCl5zr9z2EbIKDmWECdQ
88REshF9GXSDbmdV/NLTqo2cdufEVv7p6XNxFPxVnbvagHJ+q+kiLEtCcF1hBwuk
IoCAg4Y/R/RqLxSdE86ziXrIWEutLRbjN7zms/Bf7p0XYHgwlvlIN90pDFLf9UjB
gQWenlfN8KztI2GxeiW2S/+eivJgIHr9RPXdXr/z6hIFvbdAmA7a+Pg+OSCft5EL
Fv5Y8KTI1scag1fRACU/InHOIRrMKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:05 2024 by rpki-client on console-fra.rpki-client.org