Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/D94D78866E4911EE8988954AC4F9AE02.roa
File:                     D94D78866E4911EE8988954AC4F9AE02.roa (raw, json)
Hash identifier:          j2q9q5UQtgIaZYDaxiTpFFtnOsxW/vGcYVBPEPpAfOA=
Subject key identifier:   FF:2E:AA:BF:14:5E:24:1D:D2:B2:FC:67:5E:2C:2F:FC:83:54:4C:C9
Certificate issuer:       /CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41
Certificate serial:       0C81
Authority key identifier: A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/D94D78866E4911EE8988954AC4F9AE02.roa
Signing time:             Thu 14 Mar 2024 19:07:11 +0000
ROA not before:           Thu 14 Mar 2024 19:07:11 +0000
ROA not after:            Wed 28 May 2025 00:00:00 +0000
asID:                     151080
IP address blocks:        43.246.200.0/24 maxlen: 24
                          43.246.201.0/24 maxlen: 24
                          43.246.202.0/24 maxlen: 24
                          103.109.57.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 26 May 2024 15:50:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3201 (0xc81)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41
        Validity
            Not Before: Mar 14 19:07:11 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=65f34adf-9a69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:58:3b:78:5b:94:26:f5:66:1d:1c:b8:9d:3a:
                    a3:0d:f8:5a:01:b0:10:80:5a:62:33:94:c2:29:9f:
                    7c:72:88:6c:6e:2c:31:14:b7:ab:7a:2a:3d:3d:16:
                    39:34:f8:b0:3f:5d:02:c0:d9:94:f2:7e:bb:f4:08:
                    42:b5:5a:1d:ec:21:ae:a0:f7:3a:45:53:35:2a:91:
                    44:0d:65:eb:c8:a4:ef:56:05:91:75:39:cb:d3:ae:
                    bf:fa:79:c9:28:48:58:ba:c1:76:3d:b5:1d:c4:73:
                    43:1b:3d:6f:44:4a:14:66:ee:a8:10:bd:96:0e:f9:
                    61:fa:87:d5:d8:9a:62:f2:8f:15:3a:1d:a1:18:94:
                    8a:e1:98:7c:d3:82:04:a4:3b:61:16:be:2b:9c:1f:
                    49:27:ab:12:23:09:f8:fa:65:af:96:0e:97:b2:f4:
                    d2:6e:36:85:64:f1:95:32:67:55:6c:f7:67:4c:fe:
                    14:4b:15:7a:da:41:48:61:89:52:4b:f3:28:63:34:
                    71:d5:47:6e:bc:6d:c9:ce:e3:ca:a9:ba:17:71:92:
                    a7:e2:e4:db:af:e4:5e:a5:b4:bd:e6:23:7c:84:01:
                    d9:d0:5f:90:b4:c0:ff:16:36:69:ef:de:55:86:59:
                    f1:01:df:76:f8:ec:9e:d4:fd:ad:0c:0d:6f:9e:5e:
                    97:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:2E:AA:BF:14:5E:24:1D:D2:B2:FC:67:5E:2C:2F:FC:83:54:4C:C9
            X509v3 Authority Key Identifier:
                keyid:A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/D94D78866E4911EE8988954AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.246.200.0-43.246.202.255
                  103.109.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:a6:31:be:6e:48:62:76:7a:b7:92:f9:c2:e0:d3:53:70:30:
         e5:02:14:d0:3e:1a:ab:ae:c8:ef:5a:46:ef:ae:be:fa:20:5c:
         b9:0f:9c:83:65:eb:34:61:c8:d2:50:7c:12:11:77:58:f9:1c:
         54:f8:56:fb:89:2a:29:31:1b:bd:30:a5:fe:58:ad:e5:38:35:
         b2:4a:3d:6b:5d:18:cc:97:be:6a:12:96:60:c7:97:84:df:a7:
         7f:c6:82:a8:0a:72:be:f4:44:b6:9f:ec:de:36:05:ec:dc:c3:
         86:2e:29:f2:f4:16:bb:95:fd:32:61:32:31:cf:87:bf:57:bb:
         e9:6d:c6:65:f2:dd:2d:f8:c7:1e:0f:2d:8a:de:36:1e:2a:81:
         a5:ba:f6:40:6b:8e:d5:fa:8d:7d:bb:96:28:ec:e7:80:75:bd:
         49:f6:8a:f9:69:57:f1:7a:b4:cf:5c:ae:cd:55:76:df:16:29:
         af:8d:19:e2:58:63:0f:29:82:03:70:89:39:ec:44:90:20:a9:
         b6:bb:a3:06:1e:f9:60:bf:9b:fe:67:0d:08:78:14:d0:de:c9:
         8e:99:07:1a:ac:14:ad:77:b3:cf:8a:c1:15:96:2f:3b:b0:8f:
         60:50:a6:d8:84:3b:21:61:1d:51:a1:44:1b:40:13:3f:6e:17:
         60:fc:ee:90
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICDIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTg4NDcxMTAvBgNVBAUTKEE2RUYwNkI2ODk1ODE4MjFDNzhDODgyOTFCQkRGNUM1
MTJBMzNGNDEwHhcNMjQwMzE0MTkwNzExWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYzNGFkZi05YTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Fg7eFuUJvVmHRy4nTqjDfhaAbAQgFpiM5TCKZ98cohsbiwxFLereio9PRY5
NPiwP10CwNmU8n679AhCtVod7CGuoPc6RVM1KpFEDWXryKTvVgWRdTnL066/+nnJ
KEhYusF2PbUdxHNDGz1vREoUZu6oEL2WDvlh+ofV2Jpi8o8VOh2hGJSK4Zh804IE
pDthFr4rnB9JJ6sSIwn4+mWvlg6XsvTSbjaFZPGVMmdVbPdnTP4USxV62kFIYYlS
S/MoYzRx1UduvG3JzuPKqboXcZKn4uTbr+RepbS95iN8hAHZ0F+QtMD/FjZp795V
hlnxAd92+Oye1P2tDA1vnl6XcwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFP8uqr8U
XiQd0rL8Z14sL/yDVEzJMB8GA1UdIwQYMBaAFKbvBraJWBghx4yIKRu99cUSoz9B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODg0Ny9EREZCQjBCOEQ3
ODExMUU5QjQyM0FDNEJDNEY5QUUwMi9wdThHdG9sWUdDSEhqSWdwRzczMXhSS2pQ
MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3B1OEd0b2xZR0NISGpJZ3BHNzMxeFJLalAwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTg4NDcvRERGQkIwQjhENzgxMTFFOUI0MjNBQzRCQzRGOUFFMDIvRDk0RDc4ODY2
RTQ5MTFFRTg5ODg5NTRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAyv2yAMEACv2ygMEAGdtOTANBgkqhkiG9w0BAQsFAAOC
AQEAXaYxvm5IYnZ6t5L5wuDTU3Aw5QIU0D4aq67I71pG766++iBcuQ+cg2XrNGHI
0lB8EhF3WPkcVPhW+4kqKTEbvTCl/lit5Tg1sko9a10YzJe+ahKWYMeXhN+nf8aC
qApyvvREtp/s3jYF7NzDhi4p8vQWu5X9MmEyMc+Hv1e76W3GZfLdLfjHHg8tit42
HiqBpbr2QGuO1fqNfbuWKOzngHW9SfaK+WlX8Xq0z1yuzVV23xYpr40Z4lhjDymC
A3CJOexEkCCptrujBh75YL+b/mcNCHgU0N7JjpkHGqwUrXezz4rBFZYvO7CPYFCm
2IQ7IWEdUaFEG0ATP24XYPzukA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:34 2024 by rpki-client on console-fra.rpki-client.org