Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/7031F11E8DBC11E9922F850DC4F9AE02.roa
File:                     7031F11E8DBC11E9922F850DC4F9AE02.roa (raw, json)
Hash identifier:          yRZLme7fiTYig7o+NkjsGljNgfIX53L8/DkQz9uiYyU=
Subject key identifier:   2D:51:86:54:57:56:66:D0:B1:61:2C:79:B8:8E:B3:0C:3F:6F:2F:23
Certificate issuer:       /CN=A91697FA/serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Certificate serial:       346E
Authority key identifier: 9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/7031F11E8DBC11E9922F850DC4F9AE02.roa
Signing time:             Tue 06 Feb 2024 09:40:34 +0000
ROA not before:           Tue 06 Feb 2024 09:40:34 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     7693
IP address blocks:        58.181.128.0/17 maxlen: 17
                          58.181.128.0/20 maxlen: 20
                          58.181.144.0/20 maxlen: 20
                          58.181.146.0/23 maxlen: 23
                          58.181.160.0/20 maxlen: 20
                          58.181.176.0/20 maxlen: 20
                          58.181.192.0/20 maxlen: 20
                          58.181.200.0/24 maxlen: 24
                          58.181.208.0/20 maxlen: 20
                          58.181.212.0/24 maxlen: 24
                          58.181.224.0/20 maxlen: 20
                          58.181.240.0/20 maxlen: 20
                          58.181.248.0/23 maxlen: 23
                          58.181.252.0/22 maxlen: 22
                          103.19.104.0/22 maxlen: 22
                          202.44.144.0/24 maxlen: 24
                          202.149.96.0/19 maxlen: 19
                          202.149.96.0/20 maxlen: 20
                          202.149.112.0/20 maxlen: 20
                          203.107.128.0/17 maxlen: 17
                          203.107.128.0/20 maxlen: 20
                          203.107.129.0/24 maxlen: 24
                          203.107.130.0/24 maxlen: 24
                          203.107.144.0/20 maxlen: 20
                          203.107.160.0/20 maxlen: 20
                          203.107.176.0/20 maxlen: 20
                          203.107.192.0/20 maxlen: 20
                          203.107.192.0/24 maxlen: 24
                          203.107.208.0/20 maxlen: 20
                          203.107.224.0/20 maxlen: 20
                          203.107.231.0/24 maxlen: 24
                          203.107.240.0/20 maxlen: 20
                          203.107.255.0/24 maxlen: 24
                          203.155.0.0/16 maxlen: 16
                          203.155.0.0/20 maxlen: 20
                          203.155.0.0/23 maxlen: 23
                          203.155.16.0/20 maxlen: 20
                          203.155.32.0/20 maxlen: 20
                          203.155.42.0/24 maxlen: 24
                          203.155.48.0/20 maxlen: 20
                          203.155.54.0/23 maxlen: 23
                          203.155.64.0/20 maxlen: 20
                          203.155.66.0/24 maxlen: 24
                          203.155.80.0/20 maxlen: 20
                          203.155.96.0/20 maxlen: 20
                          203.155.112.0/20 maxlen: 20
                          203.155.128.0/20 maxlen: 20
                          203.155.144.0/20 maxlen: 20
                          203.155.160.0/20 maxlen: 20
                          203.155.176.0/20 maxlen: 20
                          203.155.192.0/20 maxlen: 20
                          203.155.208.0/20 maxlen: 20
                          203.155.219.0/24 maxlen: 24
                          203.155.224.0/20 maxlen: 20
                          203.155.240.0/20 maxlen: 20
                          203.155.253.0/24 maxlen: 24
                          203.155.255.0/24 maxlen: 24
                          203.188.0.0/18 maxlen: 18
                          203.188.0.0/20 maxlen: 24
                          203.188.32.0/20 maxlen: 24
                          203.195.96.0/20 maxlen: 20
                          203.195.105.0/24 maxlen: 24
                          203.209.0.0/18 maxlen: 18
                          203.209.0.0/20 maxlen: 20
                          203.209.16.0/20 maxlen: 20
                          203.209.32.0/20 maxlen: 20
                          203.209.48.0/20 maxlen: 20
                          203.209.64.0/18 maxlen: 18
                          203.209.64.0/20 maxlen: 20
                          203.209.80.0/20 maxlen: 20
                          203.209.93.0/24 maxlen: 24
                          203.209.96.0/20 maxlen: 20
                          203.209.112.0/20 maxlen: 20
                          203.209.122.0/24 maxlen: 24
                          203.209.123.0/24 maxlen: 24
                          203.209.125.0/24 maxlen: 24
                          2405:a000::/32 maxlen: 32
                          2405:a000::/33 maxlen: 33

Validation:               Failed, certificate revoked on Fri 10 May 2024 10:10:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13422 (0x346e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91697FA/serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
        Validity
            Not Before: Feb  6 09:40:34 2024 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=65c1fe92-2cf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:78:48:3c:cc:0c:82:cd:c1:ff:9d:6f:33:d9:
                    62:88:55:1a:e1:e3:13:5e:23:6b:92:79:a1:f6:c4:
                    61:1c:d0:f1:17:5d:b0:34:82:a4:81:0e:5b:94:fd:
                    38:6a:d5:9b:be:30:d0:0c:43:fb:16:4f:c9:2c:2d:
                    0d:d6:25:01:b4:f0:6b:50:18:f2:13:49:d0:f8:cf:
                    48:6f:82:ac:2b:35:d3:34:31:20:51:ba:68:08:ee:
                    0f:68:b8:71:aa:69:ec:ad:d9:5d:49:be:b5:3f:8e:
                    a1:f3:64:22:bc:78:7d:bb:e0:76:2c:b5:8f:a7:21:
                    db:bd:bb:f2:85:61:cd:b9:69:27:b5:26:3e:5a:5d:
                    17:f2:82:07:25:d5:0d:e6:65:de:d4:71:91:dc:c7:
                    f7:5f:71:95:4c:75:d1:b8:d1:29:43:24:44:d3:d3:
                    a0:f5:40:85:23:dd:4f:ac:8b:33:4c:0c:59:2e:50:
                    2b:b2:c9:ac:a1:59:41:3a:b1:a5:b4:ee:4a:3d:10:
                    40:9a:e1:7c:4a:97:d1:b7:6d:27:b2:cb:b6:dd:41:
                    c8:e6:88:4c:66:71:35:5e:22:a7:43:7b:51:5a:1b:
                    11:82:0d:9a:1c:34:50:67:c8:a6:88:05:ab:2e:3c:
                    49:0d:94:19:63:12:cf:e8:77:05:8a:5a:e4:f5:e0:
                    d9:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:51:86:54:57:56:66:D0:B1:61:2C:79:B8:8E:B3:0C:3F:6F:2F:23
            X509v3 Authority Key Identifier:
                keyid:9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/7031F11E8DBC11E9922F850DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  58.181.128.0/17
                  103.19.104.0/22
                  202.44.144.0/24
                  202.149.96.0/19
                  203.107.128.0/17
                  203.155.0.0/16
                  203.188.0.0/18
                  203.195.96.0/20
                  203.209.0.0/17
                IPv6:
                  2405:a000::/32

    Signature Algorithm: sha256WithRSAEncryption
         97:95:3e:3c:65:1f:8e:42:78:a4:92:bc:82:77:99:a3:4f:f1:
         04:6e:8c:eb:2b:d9:50:1d:d9:4f:ce:17:9b:7d:6b:ad:dc:56:
         91:f6:2f:a8:d1:8a:eb:67:b5:2a:39:f7:ad:ab:36:30:36:e4:
         8b:55:24:96:10:8b:98:c6:aa:ad:0c:df:13:8b:ac:37:46:d0:
         69:8b:6a:da:55:b6:f3:00:25:d9:55:87:22:a4:20:78:e6:a5:
         c8:ff:8f:64:77:b6:43:8d:6a:e6:bd:16:6d:5b:41:31:ab:40:
         a7:e4:c5:3a:9c:88:ac:19:59:ed:2c:4d:d9:eb:43:9b:59:f4:
         33:43:21:e5:2f:3f:7d:a8:27:88:49:43:08:8a:3d:a9:d7:ab:
         3b:e8:27:b9:ab:5f:8f:72:25:e3:60:32:87:6c:fc:09:c8:a4:
         ea:00:75:0d:a7:47:53:8f:a2:9f:d1:c2:b8:11:e2:0f:83:37:
         bb:2f:54:13:f3:9e:b4:0e:d0:41:c4:4c:28:5e:6e:c3:04:c1:
         b8:6e:93:ff:c1:a6:81:e7:f3:0b:58:18:3d:6f:5d:bf:8f:bf:
         9a:d1:76:a9:b0:83:4e:66:46:25:93:f8:58:7a:97:2f:97:83:
         6c:a9:1a:9f:c5:8f:b2:86:95:c3:42:ae:4a:93:0c:5e:c1:14:
         4c:cd:6d:20
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICNG4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk3RkExMTAvBgNVBAUTKDlGODJEQkM5NDY2MzEyQzVCQTJFOTIxMjc5MzAyNDAw
OTU2QTk4MkEwHhcNMjQwMjA2MDk0MDM0WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWMxZmU5Mi0yY2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsnhIPMwMgs3B/51vM9liiFUa4eMTXiNrknmh9sRhHNDxF12wNIKkgQ5blP04
atWbvjDQDEP7Fk/JLC0N1iUBtPBrUBjyE0nQ+M9Ib4KsKzXTNDEgUbpoCO4PaLhx
qmnsrdldSb61P46h82QivHh9u+B2LLWPpyHbvbvyhWHNuWkntSY+Wl0X8oIHJdUN
5mXe1HGR3Mf3X3GVTHXRuNEpQyRE09Og9UCFI91PrIszTAxZLlArssmsoVlBOrGl
tO5KPRBAmuF8SpfRt20nssu23UHI5ohMZnE1XiKnQ3tRWhsRgg2aHDRQZ8imiAWr
LjxJDZQZYxLP6HcFilrk9eDZGwIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFC1RhlRX
VmbQsWEsebiOsww/by8jMB8GA1UdIwQYMBaAFJ+C28lGYxLFui6SEnkwJACVapgq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTdGQS8yN0Y4M0I3MDFE
ODMxMUUyOTMyOTIxRDgwOEIwMkNEMi9uNExieVVaakVzVzZMcElTZVRBa0FKVnFt
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL240TGJ5VVpqRXNXNkxwSVNlVEFrQUpWcW1Dby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk3RkEvMjdGODNCNzAxRDgzMTFFMjkzMjkyMUQ4MDhCMDJDRDIvNzAzMUYxMUU4
REJDMTFFOTkyMkY4NTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMDsEAgABMDUDBAc6tYADBAJnE2gDBADKLJADBAXKlWADBAfLa4ADAwDLmwME
Bsu8AAMEBMvDYAMEB8vRADANBAIAAjAHAwUAJAWgADANBgkqhkiG9w0BAQsFAAOC
AQEAl5U+PGUfjkJ4pJK8gneZo0/xBG6M6yvZUB3ZT84Xm31rrdxWkfYvqNGK62e1
Kjn3ras2MDbki1UklhCLmMaqrQzfE4usN0bQaYtq2lW28wAl2VWHIqQgeOalyP+P
ZHe2Q41q5r0WbVtBMatAp+TFOpyIrBlZ7SxN2etDm1n0M0Mh5S8/fagniElDCIo9
qderO+gnuatfj3Il42Ayh2z8Ccik6gB1DadHU4+in9HCuBHiD4M3uy9UE/OetA7Q
QcRMKF5uwwTBuG6T/8GmgefzC1gYPW9dv4+/mtF2qbCDTmZGJZP4WHqXL5eDbKka
n8WPsoaVw0KuSpMMXsEUTM1tIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org