Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/787E582074A911EE8BE9B968C4F9AE02.roa
File:                     787E582074A911EE8BE9B968C4F9AE02.roa (raw, json)
Hash identifier:          TfjUoAXWb0x1UkilczblTTROGuTLJBPXV0dbHXmxIZQ=
Subject key identifier:   42:5C:DF:C4:E0:96:36:80:C8:87:BA:81:CE:A2:1B:3F:32:E8:79:B3
Certificate issuer:       /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial:       4A10
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/787E582074A911EE8BE9B968C4F9AE02.roa
Signing time:             Thu 13 Mar 2025 15:00:55 +0000
ROA not before:           Thu 13 Mar 2025 15:00:55 +0000
ROA not after:            Fri 31 Oct 2025 00:00:00 +0000
asID:                     151858
IP address blocks:        36.50.54.0/23 maxlen: 23
                          103.75.180.0/22 maxlen: 23
                          2001:df4:5740::/48 maxlen: 48
                          2001:df4:7dc0::/48 maxlen: 48
                          2401:4660::/48 maxlen: 48
Validation:               Failed, certificate revoked on Sun 23 Mar 2025 07:24:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18960 (0x4a10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A560A
        Validity
            Not Before: Mar 13 15:00:55 2025 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=67d2f327-5984
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3c:af:31:95:e0:48:00:b2:4c:a1:7c:d8:44:
                    97:8b:42:59:bc:e8:70:d8:5c:da:50:6c:12:f3:34:
                    09:8f:8f:e1:4b:5f:d2:d0:21:4f:25:b8:67:7f:6f:
                    1a:2c:68:b5:00:c8:35:46:95:43:c5:63:08:aa:db:
                    4e:a8:5c:d2:a7:7b:00:6a:74:06:91:4d:5b:8f:99:
                    10:39:ad:cd:69:6c:09:0d:e3:52:54:48:77:ca:4e:
                    7a:4b:2f:a2:7f:ad:70:f3:6d:7d:66:41:d3:b4:94:
                    5f:44:63:19:86:45:c6:31:5a:b2:74:36:aa:2d:b6:
                    39:6a:51:c7:34:8d:02:96:e7:e7:63:2c:b4:45:69:
                    f2:fd:9a:68:03:04:67:64:87:64:15:82:6a:42:ff:
                    ce:71:ab:c8:59:00:60:b7:98:46:1a:f7:bc:03:64:
                    e3:cf:be:6d:21:c6:fd:dd:7b:e5:bf:45:30:69:d9:
                    71:3e:a5:6c:0c:18:71:ef:bb:44:52:e5:50:38:5f:
                    0b:f2:78:07:40:dc:3f:73:9f:f8:dc:44:f8:6d:76:
                    66:41:f2:50:3b:35:09:a5:64:ef:22:7c:4b:91:81:
                    1d:69:98:cc:bf:4c:5f:d4:ce:23:fd:57:0b:10:f5:
                    66:ed:0e:21:e9:fc:4f:68:81:27:45:00:3a:44:4e:
                    e6:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:5C:DF:C4:E0:96:36:80:C8:87:BA:81:CE:A2:1B:3F:32:E8:79:B3
            X509v3 Authority Key Identifier:
                keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/787E582074A911EE8BE9B968C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.50.54.0/23
                  103.75.180.0/22
                IPv6:
                  2001:df4:5740::/48
                  2001:df4:7dc0::/48
                  2401:4660::/48

    Signature Algorithm: sha256WithRSAEncryption
         87:5c:2d:fe:56:10:07:35:c0:78:c8:93:69:c4:0e:a4:66:57:
         51:db:df:87:bc:c9:1b:19:72:15:f7:18:8d:e8:82:4e:47:a0:
         f7:fe:f8:93:37:3a:18:63:e6:9a:ea:a9:6f:97:dd:d3:b7:89:
         24:df:3a:d8:22:8f:9c:b2:8a:dd:c8:0e:0d:a8:06:d4:8d:d9:
         8d:d9:b1:49:9d:1a:de:64:b7:02:d4:d7:7e:47:a2:fd:6e:ce:
         19:c2:9f:13:e9:98:72:75:2a:2e:78:31:d2:36:e2:b6:91:08:
         f6:ce:93:9d:37:83:0f:56:f2:27:87:db:e2:2d:7d:48:2b:9f:
         ee:42:83:28:c3:5f:86:5e:15:b8:96:bc:e0:4a:14:d9:f6:d5:
         23:7d:97:ce:19:81:1f:ce:7b:fd:28:f5:33:4f:f6:02:c2:ff:
         b1:e1:a3:9a:28:06:c0:4e:57:85:9f:1f:bd:77:da:cf:e1:f0:
         3f:20:7d:a3:de:0f:4b:19:45:86:ab:f9:cf:f9:d7:10:1d:6d:
         0b:a6:fc:6d:d7:8f:fa:a9:d6:e6:9e:8a:f1:b2:e4:25:a7:e7:
         34:b8:65:e1:d6:30:74:03:04:5b:69:2b:e1:0b:c4:83:6e:d9:
         08:6d:7b:70:3c:43:2a:5c:98:50:8c:93:28:83:1e:d0:11:fd:
         3d:9c:ae:e7
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICShAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwMzEzMTUwMDU1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2QyZjMyNy01OTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtjyvMZXgSACyTKF82ESXi0JZvOhw2FzaUGwS8zQJj4/hS1/S0CFPJbhnf28a
LGi1AMg1RpVDxWMIqttOqFzSp3sAanQGkU1bj5kQOa3NaWwJDeNSVEh3yk56Sy+i
f61w8219ZkHTtJRfRGMZhkXGMVqydDaqLbY5alHHNI0ClufnYyy0RWny/ZpoAwRn
ZIdkFYJqQv/OcavIWQBgt5hGGve8A2Tjz75tIcb93Xvlv0UwadlxPqVsDBhx77tE
UuVQOF8L8ngHQNw/c5/43ET4bXZmQfJQOzUJpWTvInxLkYEdaZjMv0xf1M4j/VcL
EPVm7Q4h6fxPaIEnRQA6RE7mAQIDAQABo4ICvjCCArowHQYDVR0OBBYEFEJc38Tg
ljaAyIe6gc6iGz8y6HmzMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNzg3RTU4MjA3
NEE5MTFFRThCRTlCOTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MBIEAgABMAwDBAEkMjYDBAJnS7QwIQQCAAIwGwMHACABDfRXQAMHACABDfR9
wAMHACQBRmAAADANBgkqhkiG9w0BAQsFAAOCAQEAh1wt/lYQBzXAeMiTacQOpGZX
Udvfh7zJGxlyFfcYjeiCTkeg9/74kzc6GGPmmuqpb5fd07eJJN862CKPnLKK3cgO
DagG1I3ZjdmxSZ0a3mS3AtTXfkei/W7OGcKfE+mYcnUqLngx0jbitpEI9s6TnTeD
D1byJ4fb4i19SCuf7kKDKMNfhl4VuJa84EoU2fbVI32XzhmBH857/Sj1M0/2AsL/
seGjmigGwE5XhZ8fvXfaz+HwPyB9o94PSxlFhqv5z/nXEB1tC6b8bdeP+qnW5p6K
8bLkJafnNLhl4dYwdAMEW2kr4QvEg27ZCG17cDxDKlyYUIyTKIMe0BH9PZyu5w==
-----END CERTIFICATE-----