Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/63C3A7B812FE11ED8A1DA356C4F9AE02.roa
File:                     63C3A7B812FE11ED8A1DA356C4F9AE02.roa (raw, json)
Hash identifier:          5dx8aiKyKgCl5+JX1b2tKzqZpeiuM9PyToOfwS54sBA=
Subject key identifier:   54:4B:97:78:57:68:E6:2E:33:4F:5E:13:60:B3:AD:A4:6A:A1:99:E1
Certificate issuer:       /CN=A915B2EC/serialNumber=46922C565440040BD99AFD4E329ED9DEB6F92573
Certificate serial:       03E8
Authority key identifier: 46:92:2C:56:54:40:04:0B:D9:9A:FD:4E:32:9E:D9:DE:B6:F9:25:73
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RpIsVlRABAvZmv1OMp7Z3rb5JXM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/63C3A7B812FE11ED8A1DA356C4F9AE02.roa
Signing time:             Sat 25 Nov 2023 01:52:41 +0000
ROA not before:           Sat 25 Nov 2023 01:52:41 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     51847
IP address blocks:        103.172.182.0/23 maxlen: 23
                          103.172.182.0/24 maxlen: 24
                          103.172.183.0/24 maxlen: 24
                          2407:d840:1::/48 maxlen: 48
                          2407:d840:2::/48 maxlen: 48
                          2407:d840:3:1::/64 maxlen: 64
                          2407:d840:50::/44 maxlen: 44
                          2407:d840:50::/48 maxlen: 48
                          2407:d840:51::/48 maxlen: 48
                          2407:d840:52::/48 maxlen: 48
                          2407:d840:53::/48 maxlen: 48
                          2407:d840:60::/44 maxlen: 44
                          2407:d840:60::/48 maxlen: 48
                          2407:d840:61::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 22 Feb 2024 07:09:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1000 (0x3e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915B2EC/serialNumber=46922C565440040BD99AFD4E329ED9DEB6F92573
        Validity
            Not Before: Nov 25 01:52:41 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=65615369-1f19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:f8:24:29:58:0b:98:ca:fc:8b:cf:d0:92:b7:
                    db:ea:cc:61:6c:08:b0:34:cf:4c:00:ea:ee:87:ab:
                    93:2e:af:54:64:a4:09:3c:71:30:89:d4:7b:d6:08:
                    a6:39:75:8a:b0:1c:08:03:9d:da:cc:91:54:71:ed:
                    3d:41:79:0e:6a:ed:1c:1a:aa:0d:38:61:1c:df:d8:
                    6b:34:fb:41:36:c6:f5:7e:76:02:c8:0f:44:bd:c2:
                    1c:26:f3:d6:72:78:37:5a:75:45:9c:f2:5f:8c:0c:
                    94:fd:a8:96:a5:6e:8d:b7:a1:34:1b:d7:90:db:0c:
                    84:3c:cf:72:79:1e:d4:0b:f2:86:b4:ef:9c:95:30:
                    82:41:e8:fc:19:ba:11:80:84:17:6f:25:f5:12:17:
                    a2:9e:28:77:8e:bb:ad:c4:5d:6e:84:ee:69:01:a9:
                    79:d3:be:c4:3b:8e:97:29:9d:ab:86:2a:1e:a8:70:
                    17:48:50:0d:8d:4d:0e:91:be:58:1a:19:95:7d:78:
                    8d:48:ac:f2:c8:11:68:03:63:6d:fb:a5:41:c5:0e:
                    2b:8d:a2:17:08:c8:76:c6:28:8f:80:dd:4c:0b:87:
                    f5:6f:bb:bb:51:e8:22:99:07:b5:c9:d6:fa:4a:b4:
                    c6:17:a9:a5:9c:ee:71:c2:90:24:c7:93:30:21:ea:
                    13:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:4B:97:78:57:68:E6:2E:33:4F:5E:13:60:B3:AD:A4:6A:A1:99:E1
            X509v3 Authority Key Identifier:
                keyid:46:92:2C:56:54:40:04:0B:D9:9A:FD:4E:32:9E:D9:DE:B6:F9:25:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/RpIsVlRABAvZmv1OMp7Z3rb5JXM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RpIsVlRABAvZmv1OMp7Z3rb5JXM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B2EC/842759562B0911EC851B980EC4F9AE02/63C3A7B812FE11ED8A1DA356C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.182.0/23
                IPv6:
                  2407:d840:1::-2407:d840:2:ffff:ffff:ffff:ffff:ffff
                  2407:d840:3:1::/64
                  2407:d840:50::-2407:d840:6f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         55:e4:15:10:1e:34:00:96:25:85:42:45:8e:75:69:d9:74:89:
         18:af:eb:f0:bd:f4:66:1e:c1:70:d4:80:68:77:7c:53:42:13:
         de:14:32:de:2c:e8:97:e6:c8:e7:3e:9d:98:d3:87:ee:c0:45:
         52:22:cd:7d:05:c4:95:f2:27:dc:a9:9e:6c:cb:e7:21:97:b7:
         cc:30:21:c4:c6:36:1d:b8:95:01:0d:7b:b5:cd:0c:de:2b:7c:
         a0:7b:33:64:24:58:bf:31:13:7d:c3:1f:ed:3a:56:e9:99:95:
         69:3f:65:53:21:ee:40:2d:d6:16:23:29:46:17:81:ce:22:ae:
         ca:18:a0:82:9c:a1:8d:89:5b:ff:db:68:99:7d:9e:6a:bb:ce:
         03:03:6b:f8:13:e9:67:37:97:de:e0:5c:4e:e6:b4:8a:f7:62:
         b3:40:4f:a9:96:ae:0a:8c:53:43:d8:13:25:7d:a4:7a:86:bd:
         15:43:54:ae:80:38:c0:40:01:26:a4:c3:0c:06:53:63:07:dc:
         18:7d:be:00:5e:66:9c:d4:6d:c8:d5:78:e5:87:e8:dc:b1:05:
         9f:51:1f:80:f4:9b:47:e3:bf:26:ba:d5:05:69:73:55:a5:9f:
         af:8d:98:4f:9d:0c:e9:f8:7d:95:6a:38:b5:2e:43:77:21:23:
         98:ce:e4:13
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgICA+gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUIyRUMxMTAvBgNVBAUTKDQ2OTIyQzU2NTQ0MDA0MEJEOTlBRkQ0RTMyOUVEOURF
QjZGOTI1NzMwHhcNMjMxMTI1MDE1MjQxWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTYxNTM2OS0xZjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm/gkKVgLmMr8i8/Qkrfb6sxhbAiwNM9MAOruh6uTLq9UZKQJPHEwidR71gim
OXWKsBwIA53azJFUce09QXkOau0cGqoNOGEc39hrNPtBNsb1fnYCyA9EvcIcJvPW
cng3WnVFnPJfjAyU/aiWpW6Nt6E0G9eQ2wyEPM9yeR7UC/KGtO+clTCCQej8GboR
gIQXbyX1Eheinih3jrutxF1uhO5pAal5077EO46XKZ2rhioeqHAXSFANjU0Okb5Y
GhmVfXiNSKzyyBFoA2Nt+6VBxQ4rjaIXCMh2xiiPgN1MC4f1b7u7UegimQe1ydb6
SrTGF6mlnO5xwpAkx5MwIeoTyQIDAQABo4IC0DCCAswwHQYDVR0OBBYEFFRLl3hX
aOYuM09eE2CzraRqoZnhMB8GA1UdIwQYMBaAFEaSLFZUQAQL2Zr9TjKe2d62+SVz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjJFQy84NDI3NTk1NjJC
MDkxMUVDODUxQjk4MEVDNEY5QUUwMi9ScElzVmxSQUJBdlptdjFPTXA3WjNyYjVK
WE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JwSXNWbFJBQkF2Wm12MU9NcDdaM3JiNUpYTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUIyRUMvODQyNzU5NTYyQjA5MTFFQzg1MUI5ODBFQzRGOUFFMDIvNjNDM0E3Qjgx
MkZFMTFFRDhBMURBMzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWgYIKwYBBQUHAQcBAf8E
SzBJMAwEAgABMAYDBAFnrLYwOQQCAAIwMzASAwcAJAfYQAABAwcAJAfYQAACAwkA
JAfYQAADAAEwEgMHBCQH2EAAUAMHBCQH2EAAYDANBgkqhkiG9w0BAQsFAAOCAQEA
VeQVEB40AJYlhUJFjnVp2XSJGK/r8L30Zh7BcNSAaHd8U0IT3hQy3izol+bI5z6d
mNOH7sBFUiLNfQXElfIn3KmebMvnIZe3zDAhxMY2HbiVAQ17tc0M3it8oHszZCRY
vzETfcMf7TpW6ZmVaT9lUyHuQC3WFiMpRheBziKuyhiggpyhjYlb/9tomX2earvO
AwNr+BPpZzeX3uBcTua0ivdis0BPqZauCoxTQ9gTJX2keoa9FUNUroA4wEABJqTD
DAZTYwfcGH2+AF5mnNRtyNV45Yfo3LEFn1EfgPSbR+O/JrrVBWlzVaWfr42YT50M
6fh9lWo4tS5DdyEjmM7kEw==
-----END CERTIFICATE-----