Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/4B6D2AE8A56211EE80E6DF1DC4F9AE02.roa
File:                     4B6D2AE8A56211EE80E6DF1DC4F9AE02.roa (raw, json)
Hash identifier:          Yga3PiKTpfqaT7GQgX1gJY5DY6BAome0ZOVtnWVQcLo=
Subject key identifier:   7D:9C:D9:E8:B8:35:18:BC:E4:68:8C:AE:DC:F4:83:3C:02:9D:DC:92
Certificate issuer:       /CN=A9173DB5/serialNumber=47EC53BFDD351320E89B2C541BACDD4D8D52A0B3
Certificate serial:       0553
Authority key identifier: 47:EC:53:BF:DD:35:13:20:E8:9B:2C:54:1B:AC:DD:4D:8D:52:A0:B3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R-xTv901EyDomyxUG6zdTY1SoLM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/4B6D2AE8A56211EE80E6DF1DC4F9AE02.roa
Signing time:             Fri 12 Jan 2024 15:40:38 +0000
ROA not before:           Fri 12 Jan 2024 15:40:38 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     139325
IP address blocks:        103.164.255.0/24 maxlen: 24
                          2001:df6:5480::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 01 Feb 2024 08:55:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1363 (0x553)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9173DB5/serialNumber=47EC53BFDD351320E89B2C541BACDD4D8D52A0B3
        Validity
            Not Before: Jan 12 15:40:38 2024 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=65a15d76-196b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:8a:1d:cd:ac:b9:2b:1e:08:0e:b8:35:6b:1f:
                    2a:bf:42:07:4b:13:49:ac:f2:3a:2c:5f:85:9e:6c:
                    61:45:1e:81:fd:fa:45:b7:49:9a:8c:25:92:94:22:
                    b0:2f:de:e5:23:32:92:1e:4e:6b:26:2d:49:28:54:
                    af:d5:b7:8a:f3:0e:e5:34:31:f5:03:7d:01:2d:02:
                    21:ac:ca:23:ef:69:9c:4a:aa:b5:3e:43:50:f7:9f:
                    69:cf:c2:97:27:c1:cc:f4:3c:a5:50:14:29:46:b7:
                    ba:9e:cb:45:af:fa:2e:e3:6c:6b:5a:9c:6d:39:bc:
                    d6:28:6e:c9:a8:d8:3d:71:80:e3:ca:d4:02:fd:29:
                    d1:41:b6:6d:24:6a:d6:26:c8:0f:b4:d1:28:74:1c:
                    a1:cb:09:a3:4f:56:61:57:b6:67:2b:49:9f:30:2f:
                    6c:55:af:f0:c7:84:83:9a:99:16:0c:9b:2f:39:26:
                    f9:93:98:2f:32:f5:f1:24:88:e0:16:ad:d5:59:ac:
                    57:2e:68:d8:1d:94:83:0a:84:93:f7:5e:4b:98:05:
                    9c:c4:15:f6:d3:84:0d:f0:03:b5:f7:5b:ff:f6:66:
                    5f:e0:72:3e:d4:f5:2f:2e:21:2c:50:cd:21:f9:5a:
                    70:28:03:a1:87:9e:4a:19:cf:ef:8c:a1:5b:b4:7f:
                    76:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:9C:D9:E8:B8:35:18:BC:E4:68:8C:AE:DC:F4:83:3C:02:9D:DC:92
            X509v3 Authority Key Identifier:
                keyid:47:EC:53:BF:DD:35:13:20:E8:9B:2C:54:1B:AC:DD:4D:8D:52:A0:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/R-xTv901EyDomyxUG6zdTY1SoLM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R-xTv901EyDomyxUG6zdTY1SoLM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/4B6D2AE8A56211EE80E6DF1DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.164.255.0/24
                IPv6:
                  2001:df6:5480::/48

    Signature Algorithm: sha256WithRSAEncryption
         08:3f:87:29:91:b4:70:d7:2c:03:33:1f:b6:78:52:ad:29:45:
         18:9d:6d:62:1d:0d:13:2f:06:62:18:69:aa:18:a7:58:32:de:
         20:31:e9:b8:33:63:91:81:e8:05:02:a7:0f:49:04:c7:fa:8e:
         38:9e:7e:7d:8d:ea:52:e2:98:29:21:f7:23:6a:50:2c:68:c8:
         78:ad:9d:09:1c:24:40:06:a9:d3:6f:b5:ab:04:0b:ab:5d:95:
         52:9c:b0:96:42:20:ea:53:42:e9:db:ba:0a:0b:2d:04:1f:ff:
         00:21:69:f3:70:e0:dd:85:d0:ac:d0:79:c9:f3:ab:04:65:ba:
         8a:64:2a:30:98:f6:05:41:af:4f:06:84:2e:1a:78:4b:85:a3:
         80:b9:e1:34:d3:bf:e4:d4:e5:eb:ba:10:45:6d:6a:7d:49:5e:
         a7:cf:35:bb:4e:a7:eb:46:16:d3:1d:41:45:c1:b1:9b:49:40:
         40:f5:51:7f:d5:70:05:2c:85:ef:e7:d0:13:35:cc:f6:d3:a4:
         c7:e2:35:13:b9:62:b8:29:3f:1c:dd:19:c8:fd:3a:51:18:5a:
         8a:68:09:14:24:2b:8b:c6:b0:17:69:9b:81:61:54:5c:30:6a:
         b8:44:6f:17:92:7d:b3:7e:3e:72:b6:88:27:f2:c0:88:07:c5:
         28:94:6a:38
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNEQjUxMTAvBgNVBAUTKDQ3RUM1M0JGREQzNTEzMjBFODlCMkM1NDFCQUNERDRE
OEQ1MkEwQjMwHhcNMjQwMTEyMTU0MDM4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWExNWQ3Ni0xOTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm4odzay5Kx4IDrg1ax8qv0IHSxNJrPI6LF+FnmxhRR6B/fpFt0majCWSlCKw
L97lIzKSHk5rJi1JKFSv1beK8w7lNDH1A30BLQIhrMoj72mcSqq1PkNQ959pz8KX
J8HM9DylUBQpRre6nstFr/ou42xrWpxtObzWKG7JqNg9cYDjytQC/SnRQbZtJGrW
JsgPtNEodByhywmjT1ZhV7ZnK0mfMC9sVa/wx4SDmpkWDJsvOSb5k5gvMvXxJIjg
Fq3VWaxXLmjYHZSDCoST915LmAWcxBX204QN8AO191v/9mZf4HI+1PUvLiEsUM0h
+VpwKAOhh55KGc/vjKFbtH928wIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFH2c2ei4
NRi85GiMrtz0gzwCndySMB8GA1UdIwQYMBaAFEfsU7/dNRMg6JssVBus3U2NUqCz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0RCNS8wQzk5OUVDMDhG
QTExMUVCQTIyMDY2MUVDNEY5QUUwMi9SLXhUdjkwMUV5RG9teXhVRzZ6ZFRZMVNv
TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1IteFR2OTAxRXlEb215eFVHNnpkVFkxU29MTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzNEQjUvMEM5OTlFQzA4RkExMTFFQkEyMjA2NjFFQzRGOUFFMDIvNEI2RDJBRThB
NTYyMTFFRTgwRTZERjFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnpP8wDwQCAAIwCQMHACABDfZUgDANBgkqhkiG9w0BAQsF
AAOCAQEACD+HKZG0cNcsAzMftnhSrSlFGJ1tYh0NEy8GYhhpqhinWDLeIDHpuDNj
kYHoBQKnD0kEx/qOOJ5+fY3qUuKYKSH3I2pQLGjIeK2dCRwkQAap02+1qwQLq12V
UpywlkIg6lNC6du6CgstBB//ACFp83Dg3YXQrNB5yfOrBGW6imQqMJj2BUGvTwaE
Lhp4S4WjgLnhNNO/5NTl67oQRW1qfUlep881u06n60YW0x1BRcGxm0lAQPVRf9Vw
BSyF7+fQEzXM9tOkx+I1E7liuCk/HN0ZyP06URhaimgJFCQri8awF2mbgWFUXDBq
uERvF5J9s34+craIJ/LAiAfFKJRqOA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:11 2024 by rpki-client on console-fra.rpki-client.org