Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/9FD8258E718111EEA53AEC60C4F9AE02.roa
File:                     9FD8258E718111EEA53AEC60C4F9AE02.roa (raw, json)
Hash identifier:          NrnBfRF/WrMZHoFyCIumop+ilxyVGpT2qpXnhO1mMAk=
Subject key identifier:   73:77:E6:3A:4D:1A:39:22:1B:3B:56:B6:56:F8:CC:07:6C:6A:18:28
Certificate issuer:       /CN=A91810E3/serialNumber=9DB7AB93AE33F64616822DF03FFD817768F1E98F
Certificate serial:       04
Authority key identifier: 9D:B7:AB:93:AE:33:F6:46:16:82:2D:F0:3F:FD:81:77:68:F1:E9:8F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nberk64z9kYWgi3wP_2Bd2jx6Y8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/9FD8258E718111EEA53AEC60C4F9AE02.roa
Signing time:             Mon 23 Oct 2023 08:53:24 +0000
ROA not before:           Mon 23 Oct 2023 08:53:24 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     135168
IP address blocks:        103.67.70.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 23 Oct 2023 09:17:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91810E3/serialNumber=9DB7AB93AE33F64616822DF03FFD817768F1E98F
        Validity
            Not Before: Oct 23 08:53:24 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=65363484-bd50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:8d:5d:d3:a2:15:58:24:b4:7c:11:9a:c9:da:
                    7d:75:57:12:e2:9d:6a:5c:7f:a1:cf:79:72:29:79:
                    00:59:c7:3d:21:82:f2:7b:46:1e:1a:60:ed:04:1a:
                    56:a5:af:d7:18:b2:2e:39:2a:de:65:fb:72:28:33:
                    81:32:d0:0a:3b:9e:aa:10:64:24:a6:04:e3:5e:15:
                    6f:1e:b0:6b:19:da:3e:a4:aa:de:1d:66:e6:59:84:
                    07:ba:e3:44:39:be:be:6f:12:bd:12:71:16:ca:0d:
                    0f:df:3d:2e:18:64:8c:7a:be:e7:9e:c2:8f:11:3a:
                    18:be:a5:9b:f0:2a:91:5f:fd:d6:e6:1b:6c:80:78:
                    c8:bc:79:2e:f7:fd:94:19:7c:e4:8e:7f:44:93:9a:
                    fe:3f:1d:4e:c0:87:40:38:b7:3c:e0:61:4e:e3:b3:
                    d0:6b:bb:35:f2:c0:6a:6b:d4:c5:04:05:ea:88:75:
                    a6:7f:65:0a:29:15:0a:8e:30:18:58:7c:c0:c3:7e:
                    49:aa:53:ac:7b:f7:4a:b4:8b:3b:b9:32:74:98:31:
                    75:ee:c6:4d:da:f7:a1:e3:05:78:4b:6e:46:a3:79:
                    a4:55:72:91:f1:da:62:90:cd:dd:e6:2c:95:69:f0:
                    7c:56:5a:03:e5:76:c2:8c:28:d2:db:43:ea:68:a6:
                    2e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:77:E6:3A:4D:1A:39:22:1B:3B:56:B6:56:F8:CC:07:6C:6A:18:28
            X509v3 Authority Key Identifier:
                keyid:9D:B7:AB:93:AE:33:F6:46:16:82:2D:F0:3F:FD:81:77:68:F1:E9:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/nberk64z9kYWgi3wP_2Bd2jx6Y8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nberk64z9kYWgi3wP_2Bd2jx6Y8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91810E3/339314C8717D11EE89EF6236C4F9AE02/9FD8258E718111EEA53AEC60C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.67.70.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9c:32:23:a1:ce:3d:2e:15:73:35:a4:ac:97:dc:b0:3a:9e:32:
         3f:f6:6f:bf:6a:65:67:ff:83:fe:6f:ce:6b:fb:1b:c7:a9:61:
         20:60:d6:58:fa:fc:b9:ed:85:89:cd:d9:cf:7e:2f:28:96:67:
         41:42:2e:39:03:69:8e:ae:e3:e8:6d:ad:d2:1e:a0:92:9f:83:
         54:a2:4f:e1:2c:18:7c:89:5d:92:df:b0:61:99:e6:de:2d:00:
         cc:1f:7b:f4:20:70:44:c0:99:90:83:be:6b:b5:e5:18:e7:1f:
         f1:1f:12:6d:4b:8c:7a:af:7f:97:ec:75:f0:27:fc:35:1a:1b:
         c0:ef:bb:0e:8a:07:d3:57:64:8e:c8:09:29:fa:53:d4:8c:8b:
         13:e3:e3:9d:9b:d8:4c:c4:d6:e8:b5:be:80:de:ee:0f:04:c2:
         71:ec:bf:78:41:64:6f:cd:19:bc:4d:51:b5:0f:7b:c7:92:fb:
         7e:b8:36:c4:e9:24:7c:11:c1:39:97:62:25:19:88:ca:23:1c:
         cc:73:b8:99:95:fc:f2:06:5b:53:b9:30:0b:e4:b5:5f:14:f8:
         92:85:a5:4a:ed:85:f1:45:1c:ae:d3:fb:dd:a4:33:d0:42:e3:
         b5:9f:de:95:31:04:d1:6b:c4:cc:89:83:0c:7b:e4:79:0f:66:
         f7:95:1f:52
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
MTBFMzExMC8GA1UEBRMoOURCN0FCOTNBRTMzRjY0NjE2ODIyREYwM0ZGRDgxNzc2
OEYxRTk4RjAeFw0yMzEwMjMwODUzMjRaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MzYzNDg0LWJkNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDjV3TohVYJLR8EZrJ2n11VxLinWpcf6HPeXIpeQBZxz0hgvJ7Rh4aYO0EGlal
r9cYsi45Kt5l+3IoM4Ey0Ao7nqoQZCSmBONeFW8esGsZ2j6kqt4dZuZZhAe640Q5
vr5vEr0ScRbKDQ/fPS4YZIx6vueewo8ROhi+pZvwKpFf/dbmG2yAeMi8eS73/ZQZ
fOSOf0STmv4/HU7Ah0A4tzzgYU7js9BruzXywGpr1MUEBeqIdaZ/ZQopFQqOMBhY
fMDDfkmqU6x790q0izu5MnSYMXXuxk3a96HjBXhLbkajeaRVcpHx2mKQzd3mLJVp
8HxWWgPldsKMKNLbQ+popi45AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUc3fmOk0a
OSIbO1a2VvjMB2xqGCgwHwYDVR0jBBgwFoAUnberk64z9kYWgi3wP/2Bd2jx6Y8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgxMEUzLzMzOTMxNEM4NzE3
RDExRUU4OUVGNjIzNkM0RjlBRTAyL25iZXJrNjR6OWtZV2dpM3dQXzJCZDJqeDZZ
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbmJlcms2NHo5a1lXZ2kzd1BfMkJkMmp4Nlk4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
MTBFMy8zMzkzMTRDODcxN0QxMUVFODlFRjYyMzZDNEY5QUUwMi85RkQ4MjU4RTcx
ODExMUVFQTUzQUVDNjBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdDRjANBgkqhkiG9w0BAQsFAAOCAQEAnDIjoc49LhVzNaSs
l9ywOp4yP/Zvv2plZ/+D/m/Oa/sbx6lhIGDWWPr8ue2Fic3Zz34vKJZnQUIuOQNp
jq7j6G2t0h6gkp+DVKJP4SwYfIldkt+wYZnm3i0AzB979CBwRMCZkIO+a7XlGOcf
8R8SbUuMeq9/l+x18Cf8NRobwO+7DooH01dkjsgJKfpT1IyLE+PjnZvYTMTW6LW+
gN7uDwTCcey/eEFkb80ZvE1RtQ97x5L7frg2xOkkfBHBOZdiJRmIyiMczHO4mZX8
8gZbU7kwC+S1XxT4koWlSu2F8UUcrtP73aQz0ELjtZ/elTEE0WvEzImDDHvkeQ9m
95UfUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org