Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/C3C38464631911EE9AC5F37DC4F9AE02.roa
File:                     C3C38464631911EE9AC5F37DC4F9AE02.roa (raw, json)
Hash identifier:          uUGAEJLJS1cXa6hkPgSFMoa9ESh8FQmwYVKT3Li4Wdk=
Subject key identifier:   96:6F:A2:D9:DA:40:8E:92:C1:AA:A1:B1:B5:7E:F3:31:42:18:B6:B4
Certificate issuer:       /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial:       08B8
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/C3C38464631911EE9AC5F37DC4F9AE02.roa
Signing time:             Thu 02 Nov 2023 22:10:20 +0000
ROA not before:           Thu 02 Nov 2023 22:10:20 +0000
ROA not after:            Mon 30 Dec 2024 00:00:00 +0000
asID:                     7631
IP address blocks:        123.176.113.0/24 maxlen: 24
                          123.176.114.0/23 maxlen: 23
                          123.176.115.0/24 maxlen: 24
                          123.176.116.0/22 maxlen: 22
                          123.176.116.0/23 maxlen: 23
                          123.176.116.0/24 maxlen: 24
                          125.253.36.0/23 maxlen: 23
                          203.189.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 May 2024 00:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2232 (0x8b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
        Validity
            Not Before: Nov  2 22:10:20 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=65441e4c-4bd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:01:af:3b:ce:b4:83:dc:d5:5e:b8:83:67:a8:
                    e5:3a:7e:f9:cf:07:e1:fd:9d:2d:72:ed:2d:cb:03:
                    c9:7f:77:84:62:ff:90:f1:71:1f:8a:92:dd:b8:47:
                    cc:d8:cc:75:a5:e4:ce:d4:c8:25:e6:74:58:45:68:
                    08:f6:9e:35:8b:d5:b9:2d:e7:56:b1:db:6d:5d:08:
                    b2:72:e7:48:df:02:1b:57:42:6b:58:c5:53:3f:b1:
                    9f:f2:00:03:7d:48:1f:63:89:e8:38:75:7a:96:be:
                    44:3c:30:dd:b6:fd:0e:21:dc:3e:31:62:16:0d:30:
                    64:d0:92:b0:e5:4b:f5:39:1a:0d:8e:3f:b4:d4:95:
                    48:05:d4:5c:6e:71:f2:53:80:4f:32:67:fc:1c:f9:
                    16:83:c5:d4:a0:c0:84:c2:ff:c7:11:87:bc:84:8c:
                    c0:bb:f5:21:a8:a3:ab:69:06:bf:c7:4c:ce:82:fe:
                    85:0c:38:c3:8d:a0:5b:07:82:99:25:6e:7f:4c:cf:
                    59:df:dd:98:b4:9f:39:e3:bb:a7:3e:11:da:c3:30:
                    d5:02:ce:37:63:a9:13:78:56:a9:96:ba:b4:ae:01:
                    34:60:4a:ad:04:26:85:3d:22:2f:9a:f3:55:6e:20:
                    0a:c4:fd:dc:d2:0b:62:21:9f:dc:80:9e:f5:fd:69:
                    ce:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:6F:A2:D9:DA:40:8E:92:C1:AA:A1:B1:B5:7E:F3:31:42:18:B6:B4
            X509v3 Authority Key Identifier:
                keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/C3C38464631911EE9AC5F37DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.176.113.0-123.176.119.255
                  125.253.36.0/23
                  203.189.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:5f:22:83:b7:29:b1:39:08:3c:f6:81:55:af:5f:34:61:01:
         15:07:73:e7:46:37:0f:76:31:93:7d:2f:93:d1:11:5d:f1:59:
         1e:b7:61:21:52:39:b7:ef:40:2b:c1:ff:7b:70:7b:7e:76:fc:
         94:34:bb:cc:a7:73:ab:83:9f:6a:fd:dd:9a:f8:2a:4f:d0:d7:
         5e:be:a4:5f:b4:e5:a2:e9:8a:d9:9b:75:17:ee:d6:ef:f7:35:
         d6:70:77:1c:8a:df:e7:e0:8a:8e:80:1c:cf:37:3e:30:76:e9:
         00:4e:43:9b:f4:f7:1f:ba:9b:f6:99:d1:40:29:d3:84:8f:71:
         d0:e3:a9:29:1f:7e:76:c9:9e:84:a0:7c:37:a6:5e:1d:d5:41:
         8f:c9:a7:33:3d:39:7b:5f:2b:d7:33:cf:f6:be:2c:ab:3c:f4:
         06:43:6d:22:c0:12:23:96:4d:73:2d:2c:ae:b0:2c:a3:59:18:
         a0:f6:95:51:35:1f:f2:6f:54:46:29:e6:35:c4:82:5f:b2:5b:
         87:ab:38:d7:c9:31:cf:d9:ac:ff:d4:4b:8c:e2:b3:bb:41:de:
         22:c4:a0:28:8d:fd:e9:e0:4f:04:a7:56:a8:ed:e0:7d:91:ef:
         1b:5e:45:46:37:e9:08:c4:eb:5c:83:04:d4:a2:29:a8:1b:42:
         0d:ea:44:9b
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICCLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjMxMTAyMjIxMDIwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ0MWU0Yy00YmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4QGvO860g9zVXriDZ6jlOn75zwfh/Z0tcu0tywPJf3eEYv+Q8XEfipLduEfM
2Mx1peTO1Mgl5nRYRWgI9p41i9W5LedWsdttXQiycudI3wIbV0JrWMVTP7Gf8gAD
fUgfY4noOHV6lr5EPDDdtv0OIdw+MWIWDTBk0JKw5Uv1ORoNjj+01JVIBdRcbnHy
U4BPMmf8HPkWg8XUoMCEwv/HEYe8hIzAu/UhqKOraQa/x0zOgv6FDDjDjaBbB4KZ
JW5/TM9Z392YtJ8547unPhHawzDVAs43Y6kTeFaplrq0rgE0YEqtBCaFPSIvmvNV
biAKxP3c0gtiIZ/cgJ71/WnOVQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFJZvotna
QI6SwaqhsbV+8zFCGLa0MB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvQzNDMzg0NjQ2
MzE5MTFFRTlBQzVGMzdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAHuwcQMEA3uwcAMEAX39JAMEAMu9BDANBgkqhkiG9w0B
AQsFAAOCAQEAO18ig7cpsTkIPPaBVa9fNGEBFQdz50Y3D3Yxk30vk9ERXfFZHrdh
IVI5t+9AK8H/e3B7fnb8lDS7zKdzq4Ofav3dmvgqT9DXXr6kX7TloumK2Zt1F+7W
7/c11nB3HIrf5+CKjoAczzc+MHbpAE5Dm/T3H7qb9pnRQCnThI9x0OOpKR9+dsme
hKB8N6ZeHdVBj8mnMz05e18r1zPP9r4sqzz0BkNtIsASI5ZNcy0srrAso1kYoPaV
UTUf8m9URinmNcSCX7Jbh6s418kxz9ms/9RLjOKzu0HeIsSgKI396eBPBKdWqO3g
fZHvG15FRjfpCMTrXIME1KIpqBtCDepEmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-ams.rpki-client.org