Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/40DE1800ED4011EE8810F02DC4F9AE02.roa
File:                     40DE1800ED4011EE8810F02DC4F9AE02.roa (raw, json)
Hash identifier:          McPQ3eceOsELMURW+rt4Sqafx2vym3DLJ+urRmT1vBg=
Subject key identifier:   E9:44:11:41:C3:13:D8:E5:C5:9C:57:DA:3E:72:CC:E4:79:A2:7E:16
Certificate issuer:       /CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B
Certificate serial:       12
Authority key identifier: 87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/40DE1800ED4011EE8810F02DC4F9AE02.roa
Signing time:             Thu 28 Mar 2024 20:17:52 +0000
ROA not before:           Thu 28 Mar 2024 20:17:52 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     138997
IP address blocks:        103.190.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Mar 2024 03:28:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18 (0x12)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B
        Validity
            Not Before: Mar 28 20:17:52 2024 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=6605d06f-485a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e6:18:39:32:cf:cf:5a:de:5b:00:9d:52:ee:
                    b6:54:9e:08:34:ed:04:a8:21:72:fa:5d:c4:52:aa:
                    4e:cf:74:fc:06:a6:95:3f:9b:ca:34:14:b4:f4:ca:
                    00:e9:90:52:ed:94:87:73:29:df:11:15:00:68:a5:
                    44:75:13:f5:93:25:ca:76:84:f4:0e:a4:c7:15:b5:
                    95:47:5c:56:03:bf:32:4d:1a:e5:33:d8:66:0c:22:
                    67:d4:a2:99:37:43:af:eb:04:8d:8f:eb:37:f3:ed:
                    72:fd:47:e0:63:ce:5e:ea:00:4e:77:6b:b7:1a:b0:
                    03:4d:2d:c7:9a:5b:1f:52:dc:4c:5b:9e:ce:e9:1d:
                    1c:ec:88:79:cd:66:6c:7f:d5:e7:7a:28:ab:8d:d9:
                    72:4c:55:14:05:05:74:9f:ff:58:1d:e9:33:7b:e0:
                    05:71:e7:4f:82:38:01:f3:3f:b4:e6:27:69:18:4b:
                    ce:63:4b:7b:d0:87:43:db:d2:c4:46:56:1a:e0:ad:
                    94:d4:ef:c0:cd:58:5b:fe:50:3d:76:48:7d:31:80:
                    bb:95:cc:62:98:e2:dc:da:f5:a3:50:af:a0:76:d4:
                    28:75:7b:39:46:74:b8:f2:3b:4b:10:f6:a1:48:a9:
                    09:cc:65:c5:29:cf:41:9c:72:e9:76:8c:c4:e7:41:
                    34:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:44:11:41:C3:13:D8:E5:C5:9C:57:DA:3E:72:CC:E4:79:A2:7E:16
            X509v3 Authority Key Identifier:
                keyid:87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/40DE1800ED4011EE8810F02DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.190.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:21:cd:34:10:42:6d:4f:01:46:31:53:54:dc:79:50:b8:cf:
         1a:8c:2a:35:a6:b2:62:d4:01:03:34:7f:9c:8c:08:2e:56:a1:
         f8:a0:f1:30:f6:eb:f5:99:74:d4:70:70:02:d1:1c:cd:e9:90:
         05:df:f7:8d:cb:5a:36:59:62:02:59:ed:31:f8:70:51:7b:7a:
         7a:14:dd:07:8a:6f:dd:cd:16:b6:db:bd:d6:6a:ad:2e:b3:05:
         45:b0:c4:39:a1:eb:15:37:a8:5a:54:4a:58:21:e3:0d:f6:cf:
         53:e9:f7:51:9b:d2:bb:d5:e1:1d:c2:51:09:2c:2e:bb:a9:a1:
         5e:42:48:4a:c7:f7:45:55:6d:05:72:13:43:42:2b:1a:8a:d9:
         99:f1:57:33:e0:ff:bf:d8:cd:a0:10:20:04:bd:c4:48:5b:31:
         54:1e:47:6d:df:62:a6:94:8c:78:a3:cf:f6:db:5a:6b:a6:4b:
         66:92:52:ab:fb:cb:04:66:8a:c1:8c:f2:d2:09:2c:58:25:df:
         ae:cb:78:0f:6d:19:75:c3:1f:94:2f:71:a2:e8:2f:e5:1b:9f:
         c0:5e:8e:3f:de:89:68:9f:5e:62:11:3d:24:78:95:b4:4c:ea:
         67:86:1a:8e:b9:b0:95:ca:5e:08:ac:99:4c:91:a7:92:1b:32:
         75:fe:01:69
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RjlBODExMC8GA1UEBRMoODdCNjJDMzRFOERDNUQ0MDIzOEMwRjZCREU5MTE1NkU1
RDA2QTQ0QjAeFw0yNDAzMjgyMDE3NTJaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MDVkMDZmLTQ4NWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCt5hg5Ms/PWt5bAJ1S7rZUngg07QSoIXL6XcRSqk7PdPwGppU/m8o0FLT0ygDp
kFLtlIdzKd8RFQBopUR1E/WTJcp2hPQOpMcVtZVHXFYDvzJNGuUz2GYMImfUopk3
Q6/rBI2P6zfz7XL9R+Bjzl7qAE53a7casANNLceaWx9S3Exbns7pHRzsiHnNZmx/
1ed6KKuN2XJMVRQFBXSf/1gd6TN74AVx50+COAHzP7TmJ2kYS85jS3vQh0Pb0sRG
VhrgrZTU78DNWFv+UD12SH0xgLuVzGKY4tza9aNQr6B21Ch1ezlGdLjyO0sQ9qFI
qQnMZcUpz0Gccul2jMTnQTRLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU6UQRQcMT
2OXFnFfaPnLM5HmifhYwHwYDVR0jBBgwFoAUh7YsNOjcXUAjjA9r3pEVbl0GpEsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlGOUE4L0I5MjMwNkZFRUI2
QTExRUU5QzAzQjcxMUM0RjlBRTAyL2g3WXNOT2pjWFVBampBOXIzcEVWYmwwR3BF
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaDdZc05PamNYVUFqakE5cjNwRVZibDBHcEVzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RjlBOC9COTIzMDZGRUVCNkExMUVFOUMwM0I3MTFDNEY5QUUwMi80MERFMTgwMEVE
NDAxMUVFODgxMEYwMkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGe+6DANBgkqhkiG9w0BAQsFAAOCAQEASyHNNBBCbU8BRjFT
VNx5ULjPGowqNaayYtQBAzR/nIwILlah+KDxMPbr9Zl01HBwAtEczemQBd/3jcta
NlliAlntMfhwUXt6ehTdB4pv3c0Wttu91mqtLrMFRbDEOaHrFTeoWlRKWCHjDfbP
U+n3UZvSu9XhHcJRCSwuu6mhXkJISsf3RVVtBXITQ0IrGorZmfFXM+D/v9jNoBAg
BL3ESFsxVB5Hbd9ippSMeKPP9ttaa6ZLZpJSq/vLBGaKwYzy0gksWCXfrst4D20Z
dcMflC9xougv5RufwF6OP96JaJ9eYhE9JHiVtEzqZ4YajrmwlcpeCKyZTJGnkhsy
df4BaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org