Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9184569/FE899D5E086411EAB7D4EC82C4F9AE02/98A83590D35F11ECB033D81EC4F9AE02.roa
File:                     98A83590D35F11ECB033D81EC4F9AE02.roa (raw, json)
Hash identifier:          fvqG72laqJHG7B3mS3MNAZpwStm/JA3yFYYQ/6o7qRA=
Subject key identifier:   94:FD:9E:80:2A:83:31:7E:AA:D6:12:50:9E:87:75:19:DF:B9:29:78
Certificate issuer:       /CN=A9184569/serialNumber=BC30B8A4BDD1CE28F7B2F999342F51CE1FDB86E6
Certificate serial:       0B6E
Authority key identifier: BC:30:B8:A4:BD:D1:CE:28:F7:B2:F9:99:34:2F:51:CE:1F:DB:86:E6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vDC4pL3Rzij3svmZNC9Rzh_bhuY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9184569/FE899D5E086411EAB7D4EC82C4F9AE02/98A83590D35F11ECB033D81EC4F9AE02.roa
Signing time:             Tue 26 Mar 2024 19:38:33 +0000
ROA not before:           Tue 26 Mar 2024 19:38:33 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     138614
IP address blocks:        103.134.168.0/24 maxlen: 24
                          103.134.169.0/24 maxlen: 24
                          103.134.170.0/24 maxlen: 24
                          103.134.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 Jul 2024 17:16:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2926 (0xb6e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9184569/serialNumber=BC30B8A4BDD1CE28F7B2F999342F51CE1FDB86E6
        Validity
            Not Before: Mar 26 19:38:33 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=66032439-14ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:11:2f:5b:b3:88:c2:bb:70:6c:6c:40:a6:37:
                    3f:b0:e3:71:c8:1f:f0:66:61:55:cf:a7:4f:40:fb:
                    6a:2b:16:ab:ed:7d:59:e7:fb:20:b5:ee:b6:5d:7f:
                    a0:27:09:12:91:51:0e:81:e5:5d:5a:7e:d6:fd:ba:
                    f9:90:a6:be:ff:18:4a:3a:7f:c2:f4:1d:82:62:bc:
                    88:5c:f6:99:9f:e7:de:58:88:56:db:04:45:3f:25:
                    53:b7:4b:2b:e5:ce:5e:00:3d:03:14:df:a8:0d:07:
                    af:ef:f9:69:f5:e1:73:52:3e:4d:04:8d:b0:31:f0:
                    1b:5c:12:c0:0c:ef:60:55:47:6b:64:5e:2f:23:c9:
                    67:42:5f:3d:a8:08:fb:1d:62:6d:bb:c5:08:3a:bb:
                    09:a8:61:9b:8e:a8:3e:a7:5b:4e:cc:88:80:6d:16:
                    f1:d8:2f:81:15:75:10:2a:f1:dc:74:0c:e1:5c:a1:
                    6e:cb:dd:fc:2e:e6:81:ae:1e:56:c9:7e:cf:8f:7a:
                    3a:4f:54:6d:7d:91:56:b1:2f:ed:0d:2d:3d:52:70:
                    3a:49:3d:6b:69:ce:46:45:f6:fe:63:2e:e5:e1:ee:
                    6d:3d:85:fe:2c:a5:ec:f4:d2:fe:3c:a4:6c:98:47:
                    29:01:67:b7:cd:32:9b:03:bd:18:3a:57:97:32:95:
                    30:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:FD:9E:80:2A:83:31:7E:AA:D6:12:50:9E:87:75:19:DF:B9:29:78
            X509v3 Authority Key Identifier:
                keyid:BC:30:B8:A4:BD:D1:CE:28:F7:B2:F9:99:34:2F:51:CE:1F:DB:86:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9184569/FE899D5E086411EAB7D4EC82C4F9AE02/vDC4pL3Rzij3svmZNC9Rzh_bhuY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vDC4pL3Rzij3svmZNC9Rzh_bhuY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9184569/FE899D5E086411EAB7D4EC82C4F9AE02/98A83590D35F11ECB033D81EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.134.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         74:90:16:65:25:56:2c:77:34:e5:ed:44:7d:39:60:45:25:c6:
         00:f5:79:1b:80:65:d3:af:b9:91:a0:db:a8:86:1e:25:5c:76:
         97:aa:7c:ee:0f:32:59:21:8c:00:18:5b:f2:20:54:51:90:ef:
         58:45:d4:bf:7c:85:d7:4a:83:b8:1c:04:0a:8c:6e:aa:d2:3f:
         24:1e:de:dd:83:4c:30:80:20:8f:86:3d:81:48:52:c6:8b:c8:
         a4:5a:df:59:14:d8:ba:fa:8a:5e:1a:c3:76:ba:bc:4e:7d:a1:
         b8:9a:d0:2e:ea:f2:b9:22:03:9f:bf:22:f4:92:0b:d3:9a:77:
         92:a0:f1:44:6d:49:55:40:5d:34:59:84:8f:d0:93:98:91:1f:
         76:28:1c:d9:c1:81:f5:80:82:e3:24:3c:6d:1d:11:19:0d:15:
         e7:18:f1:9e:82:01:69:40:55:21:fe:d9:22:45:37:8e:a9:0e:
         6f:08:03:c2:0e:6b:ef:d6:22:67:f1:60:cb:bb:a5:0d:89:ef:
         ba:35:cb:b5:77:42:7d:2c:e1:72:70:5d:df:bd:79:45:7c:e3:
         73:a5:53:6a:5d:8b:80:4e:89:e7:f1:3a:f6:1a:ac:01:16:ea:
         f3:1b:8b:34:8b:be:c2:4b:2c:58:5c:26:11:d1:98:94:04:6a:
         0b:d3:81:32
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC24wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ1NjkxMTAvBgNVBAUTKEJDMzBCOEE0QkREMUNFMjhGN0IyRjk5OTM0MkY1MUNF
MUZEQjg2RTYwHhcNMjQwMzI2MTkzODMzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAzMjQzOS0xNGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1BEvW7OIwrtwbGxApjc/sONxyB/wZmFVz6dPQPtqKxar7X1Z5/sgte62XX+g
JwkSkVEOgeVdWn7W/br5kKa+/xhKOn/C9B2CYryIXPaZn+feWIhW2wRFPyVTt0sr
5c5eAD0DFN+oDQev7/lp9eFzUj5NBI2wMfAbXBLADO9gVUdrZF4vI8lnQl89qAj7
HWJtu8UIOrsJqGGbjqg+p1tOzIiAbRbx2C+BFXUQKvHcdAzhXKFuy938LuaBrh5W
yX7Pj3o6T1RtfZFWsS/tDS09UnA6ST1rac5GRfb+Yy7l4e5tPYX+LKXs9NL+PKRs
mEcpAWe3zTKbA70YOleXMpUwnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJT9noAq
gzF+qtYSUJ6HdRnfuSl4MB8GA1UdIwQYMBaAFLwwuKS90c4o97L5mTQvUc4f24bm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDU2OS9GRTg5OUQ1RTA4
NjQxMUVBQjdENEVDODJDNEY5QUUwMi92REM0cEwzUnppajNzdm1aTkM5UnpoX2Jo
dVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZEQzRwTDNSemlqM3N2bVpOQzlSemhfYmh1WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ1NjkvRkU4OTlENUUwODY0MTFFQUI3RDRFQzgyQzRGOUFFMDIvOThBODM1OTBE
MzVGMTFFQ0IwMzNEODFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhqgwDQYJKoZIhvcNAQELBQADggEBAHSQFmUlVix3NOXt
RH05YEUlxgD1eRuAZdOvuZGg26iGHiVcdpeqfO4PMlkhjAAYW/IgVFGQ71hF1L98
hddKg7gcBAqMbqrSPyQe3t2DTDCAII+GPYFIUsaLyKRa31kU2Lr6il4aw3a6vE59
obia0C7q8rkiA5+/IvSSC9Oad5Kg8URtSVVAXTRZhI/Qk5iRH3YoHNnBgfWAguMk
PG0dERkNFecY8Z6CAWlAVSH+2SJFN46pDm8IA8IOa+/WImfxYMu7pQ2J77o1y7V3
Qn0s4XJwXd+9eUV843OlU2pdi4BOiefxOvYarAEW6vMbizSLvsJLLFhcJhHRmJQE
agvTgTI=
-----END CERTIFICATE-----
Generated at Wed Jul 31 19:41:23 2024 by rpki-client on console-fra.rpki-client.org