Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/D05E1E1E049111EEB7391C0AC4F9AE02.roa
File:                     D05E1E1E049111EEB7391C0AC4F9AE02.roa (raw, json)
Hash identifier:          uKC1ieMOvpa/CLFYscdYiQIBoD/kvR9Y8tZaD5RiGTo=
Subject key identifier:   55:1C:4A:51:5E:8F:C9:1F:77:70:AD:6B:14:ED:8B:AF:5A:64:21:04
Certificate issuer:       /CN=A91900BF/serialNumber=28EA1557B99E2B127551CD340C3AAF4C0A61006B
Certificate serial:       01EF
Authority key identifier: 28:EA:15:57:B9:9E:2B:12:75:51:CD:34:0C:3A:AF:4C:0A:61:00:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOoVV7meKxJ1Uc00DDqvTAphAGs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/D05E1E1E049111EEB7391C0AC4F9AE02.roa
Signing time:             Tue 06 Jun 2023 17:44:41 +0000
ROA not before:           Tue 06 Jun 2023 17:44:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     149768
IP address blocks:        103.186.6.0/24 maxlen: 24
                          2400:6be0::/32 maxlen: 36

Validation:               Failed, certificate revoked on Thu 08 Jun 2023 03:24:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 495 (0x1ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91900BF/serialNumber=28EA1557B99E2B127551CD340C3AAF4C0A61006B
        Validity
            Not Before: Jun  6 17:44:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=647f7089-bc0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:09:d1:88:b0:23:a7:cc:92:6f:5c:8b:1a:93:
                    ee:07:86:83:ac:3b:55:1d:9e:97:37:42:5e:dd:a7:
                    8d:23:07:43:bd:f5:ec:c2:29:8f:b0:a5:e4:64:16:
                    b8:17:63:0a:ca:ed:e1:9c:2b:2c:dd:88:c3:67:ce:
                    e5:21:d8:34:cd:95:dd:48:ca:9f:3c:44:38:b9:da:
                    9a:34:6e:5f:7b:e5:b3:00:57:e5:27:da:d8:cf:9e:
                    bc:6d:ba:c5:23:15:ca:ff:d2:34:8c:82:7a:42:0d:
                    08:6a:89:48:f1:60:5b:46:c0:df:b8:28:c7:c0:5d:
                    e0:0a:94:a2:b2:f4:c0:8b:93:fb:52:6b:d2:8a:a5:
                    b9:ed:1f:8f:36:34:c4:b7:ac:7a:b2:20:f0:be:4e:
                    ab:7a:f5:3f:5f:b5:08:82:46:37:53:09:8d:f0:90:
                    36:ae:05:51:a7:ba:9c:97:49:9f:b7:f3:8c:c8:f5:
                    40:d2:aa:26:e0:2d:43:3b:9b:32:25:6e:14:d7:40:
                    0a:90:7b:79:9d:13:06:d7:3f:69:3e:03:df:a0:90:
                    ba:3e:c7:06:6d:70:38:20:d1:fd:cf:2b:22:2f:69:
                    89:01:69:a1:6b:10:e7:d3:13:43:7c:79:d0:a6:19:
                    ce:b4:75:c3:94:d9:04:af:14:e4:ca:fd:60:cc:84:
                    43:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:1C:4A:51:5E:8F:C9:1F:77:70:AD:6B:14:ED:8B:AF:5A:64:21:04
            X509v3 Authority Key Identifier:
                keyid:28:EA:15:57:B9:9E:2B:12:75:51:CD:34:0C:3A:AF:4C:0A:61:00:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/KOoVV7meKxJ1Uc00DDqvTAphAGs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOoVV7meKxJ1Uc00DDqvTAphAGs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91900BF/FEA1CD68B6E311ECBE59992DC4F9AE02/D05E1E1E049111EEB7391C0AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.186.6.0/24
                IPv6:
                  2400:6be0::/32

    Signature Algorithm: sha256WithRSAEncryption
         5a:49:df:5f:93:f4:c6:7d:01:4b:e6:3c:55:ec:52:36:92:58:
         7a:be:0d:af:08:de:04:8b:ee:b0:4a:d7:d1:f6:3e:68:3b:57:
         36:23:5a:12:fb:51:ff:32:19:13:71:9d:0e:d8:55:7c:75:d6:
         23:e3:03:fa:c4:7d:0d:97:bd:73:47:95:90:3c:e6:96:3d:24:
         f0:84:c5:27:0b:51:8b:95:22:a8:9f:13:e8:fd:1b:4f:80:49:
         09:ef:2b:8a:8c:39:b0:91:01:81:e2:61:45:47:c6:b8:4d:3b:
         4a:f7:15:00:88:c0:82:2c:b1:6e:af:35:20:24:8d:69:73:7a:
         8b:39:b7:13:83:3c:50:75:a1:a0:4a:97:bf:36:41:59:bb:07:
         ab:79:03:e2:b6:81:cf:5e:ce:cd:74:2b:fd:80:c8:a0:50:af:
         00:7c:4a:cf:88:6c:2b:bd:4b:01:75:c8:ec:a3:41:d6:de:c1:
         53:66:97:e3:6a:fd:f8:9d:50:ab:47:be:14:9e:33:27:3d:3b:
         a3:fe:9d:db:02:8e:7b:08:df:53:82:e1:a3:24:b2:83:35:6f:
         0d:63:2b:27:06:8d:9b:37:16:d9:94:98:af:9f:9d:cd:90:eb:
         a5:de:20:21:97:ee:ad:89:97:58:e7:1a:7a:aa:f9:c6:63:7f:
         d4:48:3d:d8
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTAwQkYxMTAvBgNVBAUTKDI4RUExNTU3Qjk5RTJCMTI3NTUxQ0QzNDBDM0FBRjRD
MEE2MTAwNkIwHhcNMjMwNjA2MTc0NDQxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdmNzA4OS1iYzBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtQnRiLAjp8ySb1yLGpPuB4aDrDtVHZ6XN0Je3aeNIwdDvfXswimPsKXkZBa4
F2MKyu3hnCss3YjDZ87lIdg0zZXdSMqfPEQ4udqaNG5fe+WzAFflJ9rYz568bbrF
IxXK/9I0jIJ6Qg0IaolI8WBbRsDfuCjHwF3gCpSisvTAi5P7UmvSiqW57R+PNjTE
t6x6siDwvk6revU/X7UIgkY3UwmN8JA2rgVRp7qcl0mft/OMyPVA0qom4C1DO5sy
JW4U10AKkHt5nRMG1z9pPgPfoJC6PscGbXA4INH9zysiL2mJAWmhaxDn0xNDfHnQ
phnOtHXDlNkErxTkyv1gzIRDrQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFFUcSlFe
j8kfd3CtaxTti69aZCEEMB8GA1UdIwQYMBaAFCjqFVe5nisSdVHNNAw6r0wKYQBr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MDBCRi9GRUExQ0Q2OEI2
RTMxMUVDQkU1OTk5MkRDNEY5QUUwMi9LT29WVjdtZUt4SjFVYzAwRERxdlRBcGhB
R3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPb1ZWN21lS3hKMVVjMDBERHF2VEFwaEFHcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTAwQkYvRkVBMUNENjhCNkUzMTFFQ0JFNTk5OTJEQzRGOUFFMDIvRDA1RTFFMUUw
NDkxMTFFRUI3MzkxQzBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnugYwDQQCAAIwBwMFACQAa+AwDQYJKoZIhvcNAQELBQAD
ggEBAFpJ31+T9MZ9AUvmPFXsUjaSWHq+Da8I3gSL7rBK19H2Pmg7VzYjWhL7Uf8y
GRNxnQ7YVXx11iPjA/rEfQ2XvXNHlZA85pY9JPCExScLUYuVIqifE+j9G0+ASQnv
K4qMObCRAYHiYUVHxrhNO0r3FQCIwIIssW6vNSAkjWlzeos5txODPFB1oaBKl782
QVm7B6t5A+K2gc9ezs10K/2AyKBQrwB8Ss+IbCu9SwF1yOyjQdbewVNml+Nq/fid
UKtHvhSeMyc9O6P+ndsCjnsI31OC4aMksoM1bw1jKycGjZs3FtmUmK+fnc2Q66Xe
ICGX7q2Jl1jnGnqq+cZjf9RIPdg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org