Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915C449/58EA48EA9DD611EB92CF3714C4F9AE02/B40ABE3659BE11EC973EC644C4F9AE02.roa
File:                     B40ABE3659BE11EC973EC644C4F9AE02.roa (raw, json)
Hash identifier:          e8hkQ3rPWeTFBTf5Lk6nHQYiYuIqOPgdhC9gOFxHK7A=
Subject key identifier:   43:57:4C:08:EC:97:DC:89:54:20:4A:5C:5D:C7:C3:BC:29:E7:50:DD
Certificate issuer:       /CN=A915C449/serialNumber=484EBF33750B21CAF028D0CE219B9461D1FBAA66
Certificate serial:       04BF
Authority key identifier: 48:4E:BF:33:75:0B:21:CA:F0:28:D0:CE:21:9B:94:61:D1:FB:AA:66
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SE6_M3ULIcrwKNDOIZuUYdH7qmY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915C449/58EA48EA9DD611EB92CF3714C4F9AE02/B40ABE3659BE11EC973EC644C4F9AE02.roa
Signing time:             Sun 11 Jun 2023 01:38:56 +0000
ROA not before:           Sun 11 Jun 2023 01:38:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     141677
IP address blocks:        103.165.84.0/24 maxlen: 24
                          103.165.85.0/24 maxlen: 24
                          2407:47c0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 03 Jul 2023 13:10:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1215 (0x4bf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915C449/serialNumber=484EBF33750B21CAF028D0CE219B9461D1FBAA66
        Validity
            Not Before: Jun 11 01:38:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=648525b0-f0d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:cb:85:f1:c5:81:ca:d0:d8:df:15:4d:1c:0d:
                    ce:8c:53:1f:e1:ce:e4:92:bf:ee:22:c0:3c:96:74:
                    fb:ba:96:64:4e:9a:a6:5b:9f:45:72:bb:ca:62:00:
                    78:56:8c:a4:05:4b:ae:19:2a:38:ac:1a:54:8a:c1:
                    a0:72:09:ed:ad:c6:18:75:ee:d6:1d:a9:72:44:4e:
                    ff:9f:6a:6f:60:66:bb:fd:cf:84:36:19:fd:2b:7b:
                    b6:80:19:f3:19:e2:bd:d7:7a:cb:f4:19:6f:af:2d:
                    71:b0:ec:9e:f3:bc:cb:62:34:74:21:75:c9:fb:e7:
                    06:9b:86:ec:7d:27:36:e8:ee:54:00:cc:50:1c:b7:
                    f6:4c:91:a8:9c:3a:c4:a9:28:71:65:34:f6:24:3b:
                    3f:e7:81:d8:f3:2e:98:2c:d0:5a:ca:49:a4:09:5a:
                    7e:32:35:44:84:cd:78:ce:03:1f:22:27:9f:ee:8d:
                    c8:15:1c:a3:66:b7:bf:31:56:3f:b3:a4:2c:ed:27:
                    a9:50:10:2e:a3:42:ff:f6:e9:43:bc:c1:99:e7:f1:
                    f3:ff:63:ce:f7:3f:27:0d:4d:1e:01:4f:4c:c6:6d:
                    f4:03:36:d8:53:17:63:2a:c8:b9:d5:e7:fd:fc:ee:
                    16:38:6c:48:21:c5:26:fc:32:dd:cb:5e:23:fe:3e:
                    eb:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:57:4C:08:EC:97:DC:89:54:20:4A:5C:5D:C7:C3:BC:29:E7:50:DD
            X509v3 Authority Key Identifier:
                keyid:48:4E:BF:33:75:0B:21:CA:F0:28:D0:CE:21:9B:94:61:D1:FB:AA:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915C449/58EA48EA9DD611EB92CF3714C4F9AE02/SE6_M3ULIcrwKNDOIZuUYdH7qmY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SE6_M3ULIcrwKNDOIZuUYdH7qmY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C449/58EA48EA9DD611EB92CF3714C4F9AE02/B40ABE3659BE11EC973EC644C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.165.84.0/23
                IPv6:
                  2407:47c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         15:00:91:40:d7:96:f1:9b:ad:3b:70:24:49:39:85:60:34:40:
         09:47:ad:9a:99:7d:ae:43:a6:56:4a:0b:60:4e:f9:84:14:0c:
         c8:cf:69:e8:ed:1b:ec:77:ba:f8:d3:f9:65:10:c7:5b:f3:1b:
         86:f4:0f:68:45:22:3e:49:fc:f5:3a:99:2e:1a:57:3a:db:25:
         eb:3a:03:20:17:98:87:b5:35:81:87:e7:ee:f8:2d:e5:e6:ef:
         df:b7:28:65:ee:ea:83:82:e1:a0:13:be:a5:76:48:a9:06:bb:
         41:6f:18:3a:ea:c0:74:9b:2a:0a:54:eb:da:0b:52:d3:16:fc:
         68:a7:74:b1:da:48:37:e6:c7:33:c2:32:36:0d:ab:63:0a:7c:
         cd:eb:f6:b2:ff:68:9f:bf:3c:f6:69:8c:56:40:aa:32:e0:1f:
         7d:fa:34:99:e7:b2:a7:c9:f6:fb:62:82:8c:cc:ce:88:d3:ef:
         86:5c:7d:2e:a8:88:2d:b6:1c:f3:df:59:2b:12:a7:53:7a:3b:
         68:b9:bc:14:2d:9f:b7:32:c4:95:b8:f2:0e:d9:20:6b:b4:6b:
         50:9e:24:ed:79:19:a5:11:31:d6:a4:de:75:61:2a:bc:44:07:
         de:69:7c:3d:1f:7e:2b:dd:ca:12:a3:62:7f:63:cb:b2:c1:2b:
         50:e5:3d:0e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUM0NDkxMTAvBgNVBAUTKDQ4NEVCRjMzNzUwQjIxQ0FGMDI4RDBDRTIxOUI5NDYx
RDFGQkFBNjYwHhcNMjMwNjExMDEzODU2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg1MjViMC1mMGQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz8uF8cWBytDY3xVNHA3OjFMf4c7kkr/uIsA8lnT7upZkTpqmW59FcrvKYgB4
VoykBUuuGSo4rBpUisGgcgntrcYYde7WHalyRE7/n2pvYGa7/c+ENhn9K3u2gBnz
GeK913rL9Blvry1xsOye87zLYjR0IXXJ++cGm4bsfSc26O5UAMxQHLf2TJGonDrE
qShxZTT2JDs/54HY8y6YLNBaykmkCVp+MjVEhM14zgMfIief7o3IFRyjZre/MVY/
s6Qs7SepUBAuo0L/9ulDvMGZ5/Hz/2PO9z8nDU0eAU9Mxm30AzbYUxdjKsi51ef9
/O4WOGxIIcUm/DLdy14j/j7rdwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFENXTAjs
l9yJVCBKXF3Hw7wp51DdMB8GA1UdIwQYMBaAFEhOvzN1CyHK8CjQziGblGHR+6pm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzQ0OS81OEVBNDhFQTlE
RDYxMUVCOTJDRjM3MTRDNEY5QUUwMi9TRTZfTTNVTEljcndLTkRPSVp1VVlkSDdx
bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NFNl9NM1VMSWNyd0tORE9JWnVVWWRIN3FtWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUM0NDkvNThFQTQ4RUE5REQ2MTFFQjkyQ0YzNzE0QzRGOUFFMDIvQjQwQUJFMzY1
OUJFMTFFQzk3M0VDNjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnpVQwDQQCAAIwBwMFACQHR8AwDQYJKoZIhvcNAQELBQAD
ggEBABUAkUDXlvGbrTtwJEk5hWA0QAlHrZqZfa5DplZKC2BO+YQUDMjPaejtG+x3
uvjT+WUQx1vzG4b0D2hFIj5J/PU6mS4aVzrbJes6AyAXmIe1NYGH5+74LeXm79+3
KGXu6oOC4aATvqV2SKkGu0FvGDrqwHSbKgpU69oLUtMW/GindLHaSDfmxzPCMjYN
q2MKfM3r9rL/aJ+/PPZpjFZAqjLgH336NJnnsqfJ9vtigozMzojT74ZcfS6oiC22
HPPfWSsSp1N6O2i5vBQtn7cyxJW48g7ZIGu0a1CeJO15GaURMdak3nVhKrxEB95p
fD0ffivdyhKjYn9jy7LBK1DlPQ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:08 2024 by rpki-client on console-fra.rpki-client.org