Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/49B938E0046D11EEB336B513C4F9AE02.roa
File:                     49B938E0046D11EEB336B513C4F9AE02.roa (raw, json)
Hash identifier:          2vxclTQAI1w0vhTh7LZ8hLwSMjtjLKnIga3J6EHByzI=
Subject key identifier:   9D:CA:54:84:D1:C9:DE:E0:63:BD:69:E9:1A:06:A7:58:C3:40:03:31
Certificate issuer:       /CN=A91A6353/serialNumber=AAAEC71CA34DEF08D88EE77BD91C157175CC3C09
Certificate serial:       0501
Authority key identifier: AA:AE:C7:1C:A3:4D:EF:08:D8:8E:E7:7B:D9:1C:15:71:75:CC:3C:09
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qq7HHKNN7wjYjud72RwVcXXMPAk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/49B938E0046D11EEB336B513C4F9AE02.roa
Signing time:             Tue 06 Jun 2023 13:23:13 +0000
ROA not before:           Tue 06 Jun 2023 13:23:13 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     9318
IP address blocks:        103.151.4.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 07 Jun 2023 06:53:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1281 (0x501)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A6353/serialNumber=AAAEC71CA34DEF08D88EE77BD91C157175CC3C09
        Validity
            Not Before: Jun  6 13:23:13 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=647f3341-8ca8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:d8:38:be:44:7b:31:1c:76:9f:ff:1d:af:78:
                    24:5d:a9:a0:27:1c:d9:61:6c:33:89:4c:81:85:d2:
                    38:9d:51:e5:19:b0:b8:09:6a:e5:ee:4d:68:3d:85:
                    13:d2:2d:ce:0d:59:9f:07:73:5d:b2:8a:0e:b9:72:
                    ed:1c:27:e4:72:f1:76:83:bd:cd:cc:f7:42:81:71:
                    10:a5:ca:05:0c:ac:43:08:81:94:97:d9:05:47:bf:
                    05:bf:ec:51:ec:4b:48:55:eb:6e:aa:5a:1b:6c:be:
                    dc:a7:53:da:b7:80:bf:a2:77:a9:38:d2:a4:9b:2d:
                    cf:61:af:da:1c:06:21:83:cd:de:ac:c1:11:54:1b:
                    36:08:c0:63:69:3c:2e:41:2d:10:96:3e:4f:c4:2d:
                    ee:f1:ff:d7:4d:7e:90:9d:e6:27:ad:e5:b0:b3:f8:
                    22:0a:52:96:3f:3e:76:1f:d1:64:9a:b5:29:19:1c:
                    5a:01:6a:c1:98:c4:ac:f0:77:9c:7c:e3:bc:34:a0:
                    b3:23:ad:c1:79:39:72:79:f2:9e:3b:d3:86:59:00:
                    ad:fd:27:29:16:fc:65:ca:92:2e:b1:06:7d:a7:cd:
                    d3:e4:ca:07:a0:6a:2e:e5:b6:e8:4b:1f:62:d9:6b:
                    4e:34:00:c5:2a:d0:84:51:87:3f:89:90:76:2e:5e:
                    a7:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:CA:54:84:D1:C9:DE:E0:63:BD:69:E9:1A:06:A7:58:C3:40:03:31
            X509v3 Authority Key Identifier:
                keyid:AA:AE:C7:1C:A3:4D:EF:08:D8:8E:E7:7B:D9:1C:15:71:75:CC:3C:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/qq7HHKNN7wjYjud72RwVcXXMPAk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qq7HHKNN7wjYjud72RwVcXXMPAk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6353/3BFDED6486BA11EBBCC39875C4F9AE02/49B938E0046D11EEB336B513C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.151.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:22:bf:ae:d0:3e:02:46:ce:a1:4e:52:66:3e:8a:9e:13:ce:
         19:5f:c1:72:d7:78:03:5b:c1:42:bc:0f:98:45:0f:fd:77:86:
         7f:55:46:d0:99:3b:a4:e0:cb:0a:a7:13:c0:44:77:86:60:fe:
         a1:b9:1c:8c:67:1c:b8:45:72:61:05:cf:19:c7:60:04:fe:b1:
         b7:3f:16:32:97:f7:93:f8:ec:ae:bc:72:26:e6:85:ce:22:2c:
         09:4b:c4:0f:4d:44:a6:f7:fd:a1:95:ea:04:b2:0c:7a:d3:d4:
         29:fe:26:de:b5:36:16:f4:1b:ad:fd:09:99:cc:66:b1:2c:c0:
         24:96:d8:16:ef:c9:34:52:c3:3a:ed:ed:97:e4:6b:68:23:d2:
         92:70:22:07:38:84:16:e2:21:c1:e4:ad:60:df:37:57:66:ca:
         41:39:5a:5e:12:2c:c3:71:9c:2a:7f:fd:5a:3c:e0:22:29:35:
         65:4b:95:0c:57:60:a0:30:c0:6d:34:c2:34:f0:61:1b:cf:da:
         10:b2:04:e1:1c:36:5f:32:1e:fc:7b:64:2e:4a:3b:5d:e0:6e:
         12:5a:cb:12:cf:1c:14:e6:16:b6:88:5a:8b:ea:43:5d:32:d8:
         8f:eb:24:2c:43:66:67:26:74:23:cf:12:91:4a:38:98:45:e3:
         f4:24:3d:da
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBQEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTYzNTMxMTAvBgNVBAUTKEFBQUVDNzFDQTM0REVGMDhEODhFRTc3QkQ5MUMxNTcx
NzVDQzNDMDkwHhcNMjMwNjA2MTMyMzEzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDdmMzM0MS04Y2E4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtNg4vkR7MRx2n/8dr3gkXamgJxzZYWwziUyBhdI4nVHlGbC4CWrl7k1oPYUT
0i3ODVmfB3NdsooOuXLtHCfkcvF2g73NzPdCgXEQpcoFDKxDCIGUl9kFR78Fv+xR
7EtIVetuqlobbL7cp1Pat4C/onepONKkmy3PYa/aHAYhg83erMERVBs2CMBjaTwu
QS0Qlj5PxC3u8f/XTX6QneYnreWws/giClKWPz52H9FkmrUpGRxaAWrBmMSs8Hec
fOO8NKCzI63BeTlyefKeO9OGWQCt/ScpFvxlypIusQZ9p83T5MoHoGou5bboSx9i
2WtONADFKtCEUYc/iZB2Ll6nkwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ3KVITR
yd7gY71p6RoGp1jDQAMxMB8GA1UdIwQYMBaAFKquxxyjTe8I2I7ne9kcFXF1zDwJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNjM1My8zQkZERUQ2NDg2
QkExMUVCQkNDMzk4NzVDNEY5QUUwMi9xcTdISEtOTjd3allqdWQ3MlJ3VmNYWE1Q
QWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FxN0hIS05ON3dqWWp1ZDcyUndWY1hYTVBBay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTYzNTMvM0JGREVENjQ4NkJBMTFFQkJDQzM5ODc1QzRGOUFFMDIvNDlCOTM4RTAw
NDZEMTFFRUIzMzZCNTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlwQwDQYJKoZIhvcNAQELBQADggEBAD8iv67QPgJGzqFO
UmY+ip4TzhlfwXLXeANbwUK8D5hFD/13hn9VRtCZO6TgywqnE8BEd4Zg/qG5HIxn
HLhFcmEFzxnHYAT+sbc/FjKX95P47K68cibmhc4iLAlLxA9NRKb3/aGV6gSyDHrT
1Cn+Jt61Nhb0G639CZnMZrEswCSW2BbvyTRSwzrt7Zfka2gj0pJwIgc4hBbiIcHk
rWDfN1dmykE5Wl4SLMNxnCp//Vo84CIpNWVLlQxXYKAwwG00wjTwYRvP2hCyBOEc
Nl8yHvx7ZC5KO13gbhJayxLPHBTmFraIWovqQ10y2I/rJCxDZmcmdCPPEpFKOJhF
4/QkPdo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:54 2024 by rpki-client on console-ams.rpki-client.org