Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/A985E18E4A1011F08CBA9060C4F9AE02.roa
File:                     A985E18E4A1011F08CBA9060C4F9AE02.roa (raw, json)
Hash identifier:          FQKzCZySydhYKOGdDzsusm+bAROUA+ZEIJBnyTIRjUQ=
Subject key identifier:   A8:B5:6B:16:82:C0:3D:5C:13:B6:23:8F:1E:3C:30:7A:5C:BE:E9:20
Certificate issuer:       /CN=A9161FF7/serialNumber=EEE94E3AF40EAC8CA36DC32E49E4446ECFB33505
Certificate serial:       122A
Authority key identifier: EE:E9:4E:3A:F4:0E:AC:8C:A3:6D:C3:2E:49:E4:44:6E:CF:B3:35:05
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ulOOvQOrIyjbcMuSeREbs-zNQU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/A985E18E4A1011F08CBA9060C4F9AE02.roa
Signing time:             Sun 15 Jun 2025 17:46:27 +0000
ROA not before:           Sun 15 Jun 2025 17:46:27 +0000
ROA not after:            Tue 30 Dec 2025 00:00:00 +0000
asID:                     138403
IP address blocks:        103.124.180.0/24 maxlen: 24
                          103.124.181.0/24 maxlen: 24
                          103.124.183.0/24 maxlen: 24
                          2403:e3c0::/32 maxlen: 32
Validation:               Failed, certificate revoked on Tue 24 Jun 2025 13:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4650 (0x122a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9161FF7, serialNumber=EEE94E3AF40EAC8CA36DC32E49E4446ECFB33505
        Validity
            Not Before: Jun 15 17:46:27 2025 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=684f06f3-298e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:70:54:3c:30:99:99:71:b1:be:c1:e4:af:1c:
                    b9:5c:c8:59:f3:99:fd:37:35:7d:55:b4:62:32:bb:
                    9c:91:26:da:d1:74:8c:d3:b6:f6:e2:88:99:04:7c:
                    cb:0d:34:eb:f3:db:17:a3:06:39:08:d3:70:40:3f:
                    4e:b3:e0:16:2d:46:9e:eb:ca:95:f0:56:52:81:78:
                    61:7c:88:91:ac:db:d7:57:24:21:36:95:3c:f4:2e:
                    9e:3d:65:c5:ae:a1:97:8f:da:8a:45:0d:8c:00:d7:
                    a2:fc:ba:34:85:e2:c7:ba:f9:bf:1c:e1:f5:54:11:
                    86:a1:38:a4:5b:e5:0b:4f:be:d2:34:2a:2f:3b:76:
                    36:12:3e:45:1f:1b:86:62:eb:7c:96:11:20:94:c1:
                    94:be:ad:3a:e4:1e:9b:22:0c:57:48:ff:a5:c0:3e:
                    0e:55:9b:45:01:63:7d:58:3b:6e:6d:7a:9e:76:0c:
                    0f:f2:82:0f:7e:3a:60:5c:ec:f3:d1:81:02:63:72:
                    d9:5f:34:61:c7:dd:dc:e9:dc:a2:22:2f:7f:fa:9b:
                    16:40:c9:28:e7:db:b7:80:5f:bf:a6:54:cb:e7:f5:
                    0d:6e:5c:bc:8d:ef:f4:cb:b1:b6:ae:b5:30:3e:7c:
                    91:5f:42:ac:b0:5f:4f:a0:f8:a9:9f:de:58:1e:53:
                    3b:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:B5:6B:16:82:C0:3D:5C:13:B6:23:8F:1E:3C:30:7A:5C:BE:E9:20
            X509v3 Authority Key Identifier:
                keyid:EE:E9:4E:3A:F4:0E:AC:8C:A3:6D:C3:2E:49:E4:44:6E:CF:B3:35:05

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/7ulOOvQOrIyjbcMuSeREbs-zNQU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ulOOvQOrIyjbcMuSeREbs-zNQU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161FF7/21862C64E0C011E89E9BFE15C4F9AE02/A985E18E4A1011F08CBA9060C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.124.180.0/23
                  103.124.183.0/24
                IPv6:
                  2403:e3c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         08:6c:b4:de:4b:6d:f5:f9:5e:21:41:91:a7:02:e6:a9:de:44:
         f8:44:74:b8:60:66:9f:76:57:16:08:4a:f2:98:cf:be:42:9d:
         5d:89:45:cd:de:2c:24:91:01:60:c3:9d:fe:3c:87:a3:57:27:
         07:95:93:36:85:20:6f:aa:bf:8f:48:b0:15:90:3d:fe:ae:c0:
         f4:e7:ec:0d:80:e9:52:0c:54:99:f8:7e:10:86:95:9f:82:32:
         23:63:23:43:56:c5:c5:f3:ab:ff:08:4c:eb:50:ce:0e:f0:86:
         38:25:67:17:b8:74:a1:b7:eb:91:e7:64:f2:26:00:45:11:af:
         03:cd:d5:eb:57:e0:e2:d2:5e:18:01:32:38:d8:c9:89:64:bf:
         4c:5b:aa:8d:08:ea:76:8d:8d:d5:77:8e:86:d1:6d:65:b3:c3:
         a5:15:c2:56:9e:dd:4d:6b:0f:b4:fd:12:5d:90:9d:0f:0e:d5:
         b9:29:76:39:89:6f:40:c0:2b:02:aa:1f:13:bd:82:a8:7d:3e:
         c5:13:d3:a5:c4:87:cb:fd:7c:3f:31:15:56:ea:b6:00:8b:90:
         75:b2:2e:e5:e9:7e:a5:e3:fb:59:69:4d:3b:ef:eb:ad:db:89:
         d1:77:1a:62:40:02:24:e2:41:71:3f:d8:a8:fe:d6:bb:bb:15:
         ca:f7:b5:23
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICEiowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFGRjcxMTAvBgNVBAUTKEVFRTk0RTNBRjQwRUFDOENBMzZEQzMyRTQ5RTQ0NDZF
Q0ZCMzM1MDUwHhcNMjUwNjE1MTc0NjI3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODRmMDZmMy0yOThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1XBUPDCZmXGxvsHkrxy5XMhZ85n9NzV9VbRiMruckSba0XSM07b24oiZBHzL
DTTr89sXowY5CNNwQD9Os+AWLUae68qV8FZSgXhhfIiRrNvXVyQhNpU89C6ePWXF
rqGXj9qKRQ2MANei/Lo0heLHuvm/HOH1VBGGoTikW+ULT77SNCovO3Y2Ej5FHxuG
Yut8lhEglMGUvq065B6bIgxXSP+lwD4OVZtFAWN9WDtubXqedgwP8oIPfjpgXOzz
0YECY3LZXzRhx93c6dyiIi9/+psWQMko59u3gF+/plTL5/UNbly8je/0y7G2rrUw
PnyRX0KssF9PoPipn95YHlM7qwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKi1axaC
wD1cE7Yjjx48MHpcvukgMB8GA1UdIwQYMBaAFO7pTjr0DqyMo23DLknkRG7PszUF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUZGNy8yMTg2MkM2NEUw
QzAxMUU4OUU5QkZFMTVDNEY5QUUwMi83dWxPT3ZRT3JJeWpiY011U2VSRWJzLXpO
UVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzd1bE9PdlFPckl5amJjTXVTZVJFYnMtek5RVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFGRjcvMjE4NjJDNjRFMEMwMTFFODlFOUJGRTE1QzRGOUFFMDIvQTk4NUUxOEU0
QTEwMTFGMDhDQkE5MDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAFnfLQDBABnfLcwDQQCAAIwBwMFACQD48AwDQYJKoZIhvcN
AQELBQADggEBAAhstN5LbfX5XiFBkacC5qneRPhEdLhgZp92VxYISvKYz75CnV2J
Rc3eLCSRAWDDnf48h6NXJweVkzaFIG+qv49IsBWQPf6uwPTn7A2A6VIMVJn4fhCG
lZ+CMiNjI0NWxcXzq/8ITOtQzg7whjglZxe4dKG365HnZPImAEURrwPN1etX4OLS
XhgBMjjYyYlkv0xbqo0I6naNjdV3jobRbWWzw6UVwlae3U1rD7T9El2QnQ8O1bkp
djmJb0DAKwKqHxO9gqh9PsUT06XEh8v9fD8xFVbqtgCLkHWyLuXpfqXj+1lpTTvv
663bidF3GmJAAiTiQXE/2Kj+1ru7Fcr3tSM=
-----END CERTIFICATE-----
Generated at Tue Jul 22 12:32:05 2025 by rpki-client