Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91872ED/ED8C96901D6C11E28A38A3AD08B02CD2/AF3FCDC0F43511E8B428D422C4F9AE02.roa
File:                     AF3FCDC0F43511E8B428D422C4F9AE02.roa (raw, json)
Hash identifier:          fnKp/Q2Q7gjSJb5XWwjQ2SaGv/CscH6iqkptS797cXc=
Subject key identifier:   45:DB:25:54:A1:E1:0D:84:7A:56:2E:F7:AC:60:91:F8:C2:EE:79:D4
Certificate issuer:       /CN=A91872ED/serialNumber=68FAF9DACE19768CAC3D4ED7BB24372BFFA6D018
Certificate serial:       2E5E
Authority key identifier: 68:FA:F9:DA:CE:19:76:8C:AC:3D:4E:D7:BB:24:37:2B:FF:A6:D0:18
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aPr52s4ZdoysPU7XuyQ3K_-m0Bg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91872ED/ED8C96901D6C11E28A38A3AD08B02CD2/AF3FCDC0F43511E8B428D422C4F9AE02.roa
Signing time:             Thu 11 Feb 2021 14:20:07 +0000
ROA not before:           Thu 11 Feb 2021 14:20:07 +0000
ROA not after:            Mon 31 Mar 2031 00:00:00 +0000
asID:                     1280
IP address blocks:        103.10.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 29 Mar 2022 07:20:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11870 (0x2e5e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91872ED/serialNumber=68FAF9DACE19768CAC3D4ED7BB24372BFFA6D018
        Validity
            Not Before: Feb 11 14:20:07 2021 GMT
            Not After : Mar 31 00:00:00 2031 GMT
        Subject: CN=60253d17-8d3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:74:ce:b9:2b:93:8d:78:18:6f:0d:7d:85:3c:
                    7a:e5:93:25:95:d1:3a:20:e9:ff:68:5f:bb:78:15:
                    65:5c:e0:38:49:f2:02:02:77:7d:3b:fc:86:d8:73:
                    f5:07:da:4d:d3:38:30:77:e8:d4:85:e3:b7:69:ff:
                    0f:85:cc:ed:1e:f4:d6:8b:6b:16:e2:8f:28:f7:60:
                    a2:8c:19:d5:72:a8:6a:c4:99:26:e5:92:bf:09:18:
                    a7:50:b8:9a:5f:79:2f:4c:48:de:7b:0d:18:8b:e5:
                    c2:8d:cc:b2:9a:cb:3e:6d:40:b0:72:3d:c3:d2:c4:
                    78:b2:09:14:de:14:96:c5:29:9f:c7:13:93:c5:e7:
                    ec:10:9e:ec:6b:a2:33:97:11:90:a6:f1:68:68:32:
                    7e:5a:d3:17:59:c2:6e:d3:7d:a2:01:ac:fd:f1:cf:
                    1c:75:7a:84:24:d8:8d:8b:c7:f1:0a:b7:7f:56:b4:
                    e5:c6:30:be:48:ff:de:f1:be:58:ce:36:c5:a6:5f:
                    37:83:fe:df:43:6c:a6:56:27:80:c3:92:f9:ca:4a:
                    f4:6a:16:29:38:00:d7:af:20:c6:d5:b2:7a:37:f9:
                    83:76:22:46:2d:9c:fc:ee:95:fa:c4:84:6d:d3:04:
                    b9:da:3c:cf:24:21:eb:71:38:dd:34:06:e2:2d:e6:
                    ce:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:DB:25:54:A1:E1:0D:84:7A:56:2E:F7:AC:60:91:F8:C2:EE:79:D4
            X509v3 Authority Key Identifier:
                keyid:68:FA:F9:DA:CE:19:76:8C:AC:3D:4E:D7:BB:24:37:2B:FF:A6:D0:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91872ED/ED8C96901D6C11E28A38A3AD08B02CD2/aPr52s4ZdoysPU7XuyQ3K_-m0Bg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aPr52s4ZdoysPU7XuyQ3K_-m0Bg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91872ED/ED8C96901D6C11E28A38A3AD08B02CD2/AF3FCDC0F43511E8B428D422C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.10.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:06:46:42:fa:22:63:50:ee:7d:71:ef:80:cd:ac:4c:6d:5b:
         e9:82:59:6d:45:77:7e:39:30:6c:1c:2b:31:2c:80:7c:f9:83:
         dc:f8:a1:62:bb:6c:0a:af:8a:e1:18:84:06:7c:0a:7f:d2:b8:
         b1:99:43:33:9f:47:b0:43:39:59:b7:9c:4f:6f:da:05:7b:66:
         8e:c8:b8:4e:23:0d:38:52:a4:b4:f5:de:24:b3:bc:e1:38:f1:
         c9:b7:43:98:7a:57:a5:90:2d:9d:fd:b4:ef:3f:5c:7f:f3:dd:
         2b:05:e9:3c:0a:41:41:83:d2:36:4e:1b:0a:55:dd:31:f4:a8:
         ac:a2:f9:ff:76:e1:34:8f:2b:91:98:a6:09:db:bc:88:af:f5:
         16:47:3c:80:fd:c7:95:ed:57:22:09:45:c7:0f:a8:e0:81:84:
         39:ae:1b:c1:1d:9d:49:7d:dd:e9:52:8b:c7:14:20:37:75:39:
         09:df:dc:83:6c:0a:fd:16:a1:59:1c:fb:a4:a4:f4:2e:57:ea:
         6c:76:c5:63:58:ad:ea:24:63:97:c4:ac:02:5c:5c:71:25:5c:
         e6:af:1a:e2:9a:73:8d:86:60:04:ee:32:db:6f:82:6f:a9:53:
         6a:6e:0f:0b:28:ef:24:41:f8:56:12:da:d5:ac:f8:11:19:b1:
         c7:f4:68:62
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICLl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODcyRUQxMTAvBgNVBAUTKDY4RkFGOURBQ0UxOTc2OENBQzNENEVEN0JCMjQzNzJC
RkZBNkQwMTgwHhcNMjEwMjExMTQyMDA3WhcNMzEwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MDI1M2QxNy04ZDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8HTOuSuTjXgYbw19hTx65ZMlldE6IOn/aF+7eBVlXOA4SfICAnd9O/yG2HP1
B9pN0zgwd+jUheO3af8PhcztHvTWi2sW4o8o92CijBnVcqhqxJkm5ZK/CRinULia
X3kvTEjeew0Yi+XCjcyymss+bUCwcj3D0sR4sgkU3hSWxSmfxxOTxefsEJ7sa6Iz
lxGQpvFoaDJ+WtMXWcJu032iAaz98c8cdXqEJNiNi8fxCrd/VrTlxjC+SP/e8b5Y
zjbFpl83g/7fQ2ymVieAw5L5ykr0ahYpOADXryDG1bJ6N/mDdiJGLZz87pX6xIRt
0wS52jzPJCHrcTjdNAbiLebOAQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEXbJVSh
4Q2EelYu96xgkfjC7nnUMB8GA1UdIwQYMBaAFGj6+drOGXaMrD1O17skNyv/ptAY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzJFRC9FRDhDOTY5MDFE
NkMxMUUyOEEzOEEzQUQwOEIwMkNEMi9hUHI1MnM0WmRveXNQVTdYdXlRM0tfLW0w
QmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FQcjUyczRaZG95c1BVN1h1eVEzS18tbTBCZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODcyRUQvRUQ4Qzk2OTAxRDZDMTFFMjhBMzhBM0FEMDhCMDJDRDIvQUYzRkNEQzBG
NDM1MTFFOEI0MjhENDIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnCugwDQYJKoZIhvcNAQELBQADggEBAF4GRkL6ImNQ7n1x
74DNrExtW+mCWW1Fd345MGwcKzEsgHz5g9z4oWK7bAqviuEYhAZ8Cn/SuLGZQzOf
R7BDOVm3nE9v2gV7Zo7IuE4jDThSpLT13iSzvOE48cm3Q5h6V6WQLZ39tO8/XH/z
3SsF6TwKQUGD0jZOGwpV3TH0qKyi+f924TSPK5GYpgnbvIiv9RZHPID9x5XtVyIJ
RccPqOCBhDmuG8EdnUl93elSi8cUIDd1OQnf3INsCv0WoVkc+6Sk9C5X6mx2xWNY
reokY5fErAJcXHElXOavGuKac42GYATuMttvgm+pU2puDwso7yRB+FYS2tWs+BEZ
scf0aGI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org