Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/F53A9AACEDBE11EE81831062C4F9AE02.roa
File:                     F53A9AACEDBE11EE81831062C4F9AE02.roa (raw, json)
Hash identifier:          YAP0qXi2Kuy/FazVI0jB6EFuZs4wd7rEO2VW8bRD9PQ=
Subject key identifier:   6A:3C:FA:C4:A2:24:36:3C:72:2C:E2:1C:3E:F9:39:18:8D:53:96:77
Certificate issuer:       /CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B
Certificate serial:       19
Authority key identifier: 87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/F53A9AACEDBE11EE81831062C4F9AE02.roa
Signing time:             Fri 29 Mar 2024 11:25:07 +0000
ROA not before:           Fri 29 Mar 2024 11:25:07 +0000
ROA not after:            Mon 30 Sep 2024 00:00:00 +0000
asID:                     48266
IP address blocks:        103.190.232.0/24 maxlen: 24
                          2400:9320::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 23 May 2024 07:25:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25 (0x19)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919F9A8/serialNumber=87B62C34E8DC5D40238C0F6BDE91156E5D06A44B
        Validity
            Not Before: Mar 29 11:25:07 2024 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=6606a513-281d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:80:06:0c:c9:97:58:85:c6:32:f1:1f:d9:a4:
                    7f:9b:de:24:89:9c:95:5a:2d:8c:85:1a:79:b2:0d:
                    9d:4f:80:f7:95:23:8b:cc:00:39:11:8c:38:67:0f:
                    76:13:96:ff:8b:67:9f:06:eb:e7:3c:db:4e:3f:90:
                    6e:55:8b:15:6d:ec:d2:8b:3f:a8:2f:4f:95:78:3f:
                    f1:b9:fc:3f:2d:04:e8:f5:7e:8b:59:fc:23:2b:44:
                    5b:c2:92:93:3e:d6:80:09:0d:b2:3c:e5:c0:88:b3:
                    f4:35:b3:9f:12:6c:ed:87:8f:a0:c3:81:dc:3c:2f:
                    37:fe:21:91:5d:1e:50:8e:7e:0d:5f:56:73:af:f1:
                    cd:ec:65:65:62:01:3b:71:fc:ba:a4:e8:50:02:5a:
                    74:65:cb:12:4e:c5:67:87:9d:af:b3:be:c0:9e:c0:
                    d1:92:50:59:d1:c8:0e:55:76:99:02:69:50:7f:c3:
                    d7:b6:bc:7e:a0:cd:71:05:d3:43:bd:13:55:41:93:
                    fc:ef:66:17:73:13:4b:92:ec:34:55:26:3b:5e:2e:
                    a2:31:3a:2a:9e:1d:b6:2b:cb:f3:80:3f:a2:3e:bf:
                    c5:c0:e9:64:83:27:7c:66:0b:29:b0:8e:cf:c2:eb:
                    0c:b9:08:38:f2:4d:cd:65:49:45:3e:9d:a7:25:9f:
                    bd:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:3C:FA:C4:A2:24:36:3C:72:2C:E2:1C:3E:F9:39:18:8D:53:96:77
            X509v3 Authority Key Identifier:
                keyid:87:B6:2C:34:E8:DC:5D:40:23:8C:0F:6B:DE:91:15:6E:5D:06:A4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/h7YsNOjcXUAjjA9r3pEVbl0GpEs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7YsNOjcXUAjjA9r3pEVbl0GpEs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F9A8/B92306FEEB6A11EE9C03B711C4F9AE02/F53A9AACEDBE11EE81831062C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.190.232.0/24
                IPv6:
                  2400:9320::/48

    Signature Algorithm: sha256WithRSAEncryption
         35:fb:0e:d9:60:5c:65:cc:4d:5b:34:b8:f3:3a:e1:6b:c4:cc:
         f7:2d:98:f7:e9:15:77:b4:45:ba:ac:2c:35:67:69:16:97:48:
         a7:51:06:38:82:4e:f2:e3:ab:6e:56:5d:8e:27:d9:2c:5b:a7:
         2b:c3:31:60:fa:7f:2c:07:44:2a:a0:bb:fb:fb:99:14:91:33:
         09:23:3d:f4:6f:29:a6:65:dd:80:54:7e:e7:08:98:a9:27:0b:
         c6:4b:e7:01:2e:cd:6b:e6:20:eb:0b:c2:40:71:bf:2c:2f:1f:
         4b:df:68:72:56:02:35:e1:2c:91:75:e8:99:c9:17:57:e2:8c:
         39:27:e5:2d:0c:4e:25:5c:77:e3:5b:98:b0:6b:43:0d:3c:66:
         dd:ad:ec:29:b3:9b:58:29:ac:72:26:30:82:99:ee:a3:fc:47:
         d1:87:e5:47:29:32:05:83:48:c0:5a:03:45:02:ad:e2:58:bb:
         ca:b8:34:26:75:e5:01:12:af:2a:b0:79:37:e1:a4:7c:d2:05:
         5a:d6:55:d7:ab:da:db:7c:be:58:ea:1d:ef:24:22:c6:99:f6:
         61:1d:c3:3d:9e:6b:8a:1d:35:85:15:73:52:19:73:a4:96:36:
         8b:62:ff:51:ed:f5:08:01:98:ff:0a:cb:96:7d:85:8f:78:e5:
         70:09:5c:58
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBGTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RjlBODExMC8GA1UEBRMoODdCNjJDMzRFOERDNUQ0MDIzOEMwRjZCREU5MTE1NkU1
RDA2QTQ0QjAeFw0yNDAzMjkxMTI1MDdaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MDZhNTEzLTI4MWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkgAYMyZdYhcYy8R/ZpH+b3iSJnJVaLYyFGnmyDZ1PgPeVI4vMADkRjDhnD3YT
lv+LZ58G6+c8204/kG5VixVt7NKLP6gvT5V4P/G5/D8tBOj1fotZ/CMrRFvCkpM+
1oAJDbI85cCIs/Q1s58SbO2Hj6DDgdw8Lzf+IZFdHlCOfg1fVnOv8c3sZWViATtx
/Lqk6FACWnRlyxJOxWeHna+zvsCewNGSUFnRyA5VdpkCaVB/w9e2vH6gzXEF00O9
E1VBk/zvZhdzE0uS7DRVJjteLqIxOiqeHbYry/OAP6I+v8XA6WSDJ3xmCymwjs/C
6wy5CDjyTc1lSUU+nacln71zAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUajz6xKIk
NjxyLOIcPvk5GI1TlncwHwYDVR0jBBgwFoAUh7YsNOjcXUAjjA9r3pEVbl0GpEsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlGOUE4L0I5MjMwNkZFRUI2
QTExRUU5QzAzQjcxMUM0RjlBRTAyL2g3WXNOT2pjWFVBampBOXIzcEVWYmwwR3BF
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaDdZc05PamNYVUFqakE5cjNwRVZibDBHcEVzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RjlBOC9COTIzMDZGRUVCNkExMUVFOUMwM0I3MTFDNEY5QUUwMi9GNTNBOUFBQ0VE
QkUxMUVFODE4MzEwNjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAGe+6DAPBAIAAjAJAwcAJACTIAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQA1+w7ZYFxlzE1bNLjzOuFrxMz3LZj36RV3tEW6rCw1Z2kWl0inUQY4gk7y
46tuVl2OJ9ksW6crwzFg+n8sB0QqoLv7+5kUkTMJIz30bymmZd2AVH7nCJipJwvG
S+cBLs1r5iDrC8JAcb8sLx9L32hyVgI14SyRdeiZyRdX4ow5J+UtDE4lXHfjW5iw
a0MNPGbdrewps5tYKaxyJjCCme6j/EfRh+VHKTIFg0jAWgNFAq3iWLvKuDQmdeUB
Eq8qsHk34aR80gVa1lXXq9rbfL5Y6h3vJCLGmfZhHcM9nmuKHTWFFXNSGXOkljaL
Yv9R7fUIAZj/CsuWfYWPeOVwCVxY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:50 2024 by rpki-client on console-ams.rpki-client.org