Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/1DB628E806AB11EF9129C825C4F9AE02.roa
File:                     1DB628E806AB11EF9129C825C4F9AE02.roa (raw, json)
Hash identifier:          HJBAgvQwrFbf9zxErlNsGpwdPWqnAP7vDPaKp95zEvo=
Subject key identifier:   02:9B:87:A4:12:DB:43:39:E1:F2:EA:6C:83:27:F2:E4:DB:83:47:3D
Certificate issuer:       /CN=A9155647/serialNumber=AD3445DB42010B1215A49E427F1AE7400D788BFB
Certificate serial:       14
Authority key identifier: AD:34:45:DB:42:01:0B:12:15:A4:9E:42:7F:1A:E7:40:0D:78:8B:FB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rTRF20IBCxIVpJ5CfxrnQA14i_s.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/1DB628E806AB11EF9129C825C4F9AE02.roa
Signing time:             Tue 30 Apr 2024 04:35:48 +0000
ROA not before:           Tue 30 Apr 2024 04:35:48 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     5650
IP address blocks:        43.231.205.0/24 maxlen: 24
                          43.231.206.0/24 maxlen: 24
                          43.231.207.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 May 2024 07:41:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20 (0x14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9155647/serialNumber=AD3445DB42010B1215A49E427F1AE7400D788BFB
        Validity
            Not Before: Apr 30 04:35:48 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=66307524-f870
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b2:dc:36:66:0b:ae:17:ca:29:f4:40:74:8b:
                    11:d6:55:a5:ea:cc:b2:af:ca:99:03:ed:38:e0:c2:
                    12:be:b9:ce:ad:f9:80:36:98:6c:79:5d:3d:88:88:
                    79:f3:c6:93:0a:18:6f:26:61:5f:9a:02:a8:fb:db:
                    5b:dc:23:72:f7:5f:42:d4:61:cd:2f:2a:92:a3:ee:
                    3f:55:64:28:cb:4a:b9:d0:04:b8:86:4c:9e:ae:de:
                    9a:81:1a:04:d5:77:e0:c2:be:de:6f:57:4e:39:25:
                    81:f4:e4:76:89:ef:e4:23:be:aa:d7:7c:72:50:b4:
                    78:bd:4f:ca:e5:e2:67:b7:ba:35:af:cb:52:12:51:
                    80:83:c6:c9:4d:fa:a2:0f:cd:bf:9d:cb:3b:77:75:
                    96:8f:65:6b:ec:50:1d:cb:dd:92:dd:92:7e:36:8f:
                    41:02:2d:1d:0d:78:7b:32:e6:13:f5:b2:09:f0:57:
                    7c:1f:7a:3e:2d:1a:ff:f9:42:b9:e0:6a:4a:1d:2a:
                    da:10:15:c8:8e:ed:b2:e0:b4:7a:b3:1e:a0:3a:d2:
                    56:b6:5c:62:23:50:d0:da:4c:99:35:f1:29:30:57:
                    8c:8c:bb:ca:c2:0a:3f:c7:98:fa:29:a1:fe:af:79:
                    ff:6b:1c:fc:3e:a5:e8:c2:c6:ac:8c:d2:0f:20:ad:
                    53:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:9B:87:A4:12:DB:43:39:E1:F2:EA:6C:83:27:F2:E4:DB:83:47:3D
            X509v3 Authority Key Identifier:
                keyid:AD:34:45:DB:42:01:0B:12:15:A4:9E:42:7F:1A:E7:40:0D:78:8B:FB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/rTRF20IBCxIVpJ5CfxrnQA14i_s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rTRF20IBCxIVpJ5CfxrnQA14i_s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155647/905C1046F36F11EE9972EB79C4F9AE02/1DB628E806AB11EF9129C825C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.231.205.0-43.231.207.255

    Signature Algorithm: sha256WithRSAEncryption
         3d:d4:ed:46:4c:66:6a:62:9f:9f:83:c3:1f:6e:96:71:44:d7:
         50:7c:9b:49:88:b5:41:be:55:dc:cc:5b:c7:af:ee:be:26:7a:
         f9:44:42:80:df:f0:d9:61:16:c0:2e:68:89:4f:9b:4e:e3:38:
         fb:e2:2a:3b:db:eb:60:7b:1b:f3:91:f4:4b:74:02:de:33:95:
         63:d0:0a:6a:5b:c0:6e:e5:42:b2:38:40:a7:5a:f3:73:2b:30:
         ba:f4:15:4b:6d:f0:e5:7b:5d:82:d5:ca:65:c3:16:a2:60:65:
         59:b5:7d:84:d8:a4:11:78:b0:85:3b:b5:f6:d9:8e:1f:61:48:
         2b:ff:51:b7:29:71:7f:60:bb:ab:bd:5e:39:1c:b2:9a:ac:59:
         ae:d8:9c:13:3a:b7:43:af:c1:f9:56:a7:22:ca:c1:86:75:16:
         03:dc:7e:6f:95:e7:5a:bb:b8:83:73:68:59:14:90:bb:d7:7d:
         fe:6e:57:11:c2:73:e7:dc:0d:c4:e8:e9:91:82:9a:1d:a0:cd:
         de:52:22:a3:60:fc:c6:9d:93:9f:bc:45:2e:da:b3:f8:1a:b4:
         34:75:61:a2:9a:e1:45:1d:b8:90:0b:21:ee:61:a5:22:41:9f:
         9c:24:78:2e:d9:18:e8:b7:e5:c0:41:4b:fd:ce:5c:ec:6e:75:
         26:34:99:5f
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NTY0NzExMC8GA1UEBRMoQUQzNDQ1REI0MjAxMEIxMjE1QTQ5RTQyN0YxQUU3NDAw
RDc4OEJGQjAeFw0yNDA0MzAwNDM1NDhaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MzA3NTI0LWY4NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDSstw2ZguuF8op9EB0ixHWVaXqzLKvypkD7TjgwhK+uc6t+YA2mGx5XT2IiHnz
xpMKGG8mYV+aAqj721vcI3L3X0LUYc0vKpKj7j9VZCjLSrnQBLiGTJ6u3pqBGgTV
d+DCvt5vV045JYH05HaJ7+QjvqrXfHJQtHi9T8rl4me3ujWvy1ISUYCDxslN+qIP
zb+dyzt3dZaPZWvsUB3L3ZLdkn42j0ECLR0NeHsy5hP1sgnwV3wfej4tGv/5Qrng
akodKtoQFciO7bLgtHqzHqA60la2XGIjUNDaTJk18SkwV4yMu8rCCj/HmPopof6v
ef9rHPw+pejCxqyM0g8grVM5AgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUApuHpBLb
Qznh8upsgyfy5NuDRz0wHwYDVR0jBBgwFoAUrTRF20IBCxIVpJ5CfxrnQA14i/sw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1NjQ3LzkwNUMxMDQ2RjM2
RjExRUU5OTcyRUI3OUM0RjlBRTAyL3JUUkYyMElCQ3hJVnBKNUNmeHJuUUExNGlf
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvclRSRjIwSUJDeElWcEo1Q2Z4cm5RQTE0aV9zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTY0Ny85MDVDMTA0NkYzNkYxMUVFOTk3MkVCNzlDNEY5QUUwMi8xREI2MjhFODA2
QUIxMUVGOTEyOUM4MjVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAK+fNAwQEK+fAMA0GCSqGSIb3DQEBCwUAA4IBAQA91O1G
TGZqYp+fg8MfbpZxRNdQfJtJiLVBvlXczFvHr+6+Jnr5REKA3/DZYRbALmiJT5tO
4zj74io72+tgexvzkfRLdALeM5Vj0ApqW8Bu5UKyOECnWvNzKzC69BVLbfDle12C
1cplwxaiYGVZtX2E2KQReLCFO7X22Y4fYUgr/1G3KXF/YLurvV45HLKarFmu2JwT
OrdDr8H5VqciysGGdRYD3H5vledau7iDc2hZFJC7133+blcRwnPn3A3E6OmRgpod
oM3eUiKjYPzGnZOfvEUu2rP4GrQ0dWGimuFFHbiQCyHuYaUiQZ+cJHgu2Rjot+XA
QUv9zlzsbnUmNJlf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org