Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/AA271EF85C6B11EEA7026578C4F9AE02.roa
File:                     AA271EF85C6B11EEA7026578C4F9AE02.roa (raw, json)
Hash identifier:          rfVbspdGsnWyxcmqUgQVNygHOoSXPzmsd6djfSyjd18=
Subject key identifier:   33:A1:6F:FC:CE:16:89:2B:58:0F:25:C1:ED:7B:B9:88:1B:24:74:E2
Certificate issuer:       /CN=A91AD09B/serialNumber=1AF3C89CF147F2FEB51DAAE8957DB99D387263B8
Certificate serial:       02
Authority key identifier: 1A:F3:C8:9C:F1:47:F2:FE:B5:1D:AA:E8:95:7D:B9:9D:38:72:63:B8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GvPInPFH8v61HarolX25nThyY7g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/AA271EF85C6B11EEA7026578C4F9AE02.roa
Signing time:             Tue 26 Sep 2023 12:53:18 +0000
ROA not before:           Tue 26 Sep 2023 12:53:18 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     139254
IP address blocks:        103.7.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Dec 2023 07:24:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AD09B/serialNumber=1AF3C89CF147F2FEB51DAAE8957DB99D387263B8
        Validity
            Not Before: Sep 26 12:53:18 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=6512d43e-48b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:03:72:27:26:d9:bd:5c:7d:32:c9:ca:65:95:
                    d1:51:06:f9:a1:d1:d8:c6:15:d0:50:aa:4b:f4:4b:
                    6f:2f:f5:1e:ca:21:d3:de:13:4f:08:ad:e0:5c:89:
                    23:cc:be:c6:df:2b:d0:3f:a5:6a:0a:c9:73:9b:9c:
                    16:eb:73:21:5b:97:8d:4b:3f:9f:dd:e0:8c:e9:8e:
                    99:02:77:33:56:2a:3a:c0:ae:02:54:0c:fb:43:f9:
                    a4:9b:77:60:97:b7:60:e9:8e:1e:2d:9a:37:5d:5b:
                    6b:7b:dd:2c:62:26:40:f2:8c:42:d2:2f:f7:55:5a:
                    22:91:a3:9a:4d:80:36:ce:15:92:55:e1:b0:be:b1:
                    29:59:0e:e4:b6:0b:67:30:42:d6:ba:9b:65:f5:df:
                    33:80:69:98:fa:ab:dd:43:f2:63:26:52:6c:34:d1:
                    71:5f:67:2d:79:a7:08:f3:29:77:9f:a6:9d:e8:71:
                    65:42:f3:19:0c:a4:b3:aa:3a:9f:01:99:7b:b0:40:
                    76:2b:58:73:86:75:73:80:33:ba:be:ce:a4:39:b0:
                    24:0d:05:6e:2e:a5:e1:a2:1b:1c:f4:87:e2:7c:68:
                    87:5c:d9:82:74:7c:d3:9c:0b:5b:b8:f3:62:72:63:
                    2a:36:34:d9:92:6f:a7:26:47:c7:9a:79:c5:43:da:
                    df:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:A1:6F:FC:CE:16:89:2B:58:0F:25:C1:ED:7B:B9:88:1B:24:74:E2
            X509v3 Authority Key Identifier:
                keyid:1A:F3:C8:9C:F1:47:F2:FE:B5:1D:AA:E8:95:7D:B9:9D:38:72:63:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/GvPInPFH8v61HarolX25nThyY7g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GvPInPFH8v61HarolX25nThyY7g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/AA271EF85C6B11EEA7026578C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.7.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:02:67:e8:ac:42:97:0c:a4:91:d6:c3:66:65:92:73:b4:93:
         7e:2d:82:75:92:04:95:0e:4f:ff:ce:d3:06:1f:f8:7f:3d:60:
         2f:fb:32:42:58:3a:60:90:53:a4:e8:35:4c:23:04:38:dc:0e:
         84:23:45:39:41:d2:02:de:0b:92:aa:85:2b:5e:2b:61:d2:8c:
         39:ad:05:82:ed:8f:f3:7d:ed:c7:81:d9:6f:fe:f0:91:5a:73:
         a7:f2:f1:40:32:1e:66:ce:1b:64:6b:51:73:6f:57:d5:ce:40:
         dd:20:93:dc:7c:b8:ec:e8:41:4e:0b:4d:c0:3e:9a:b0:40:37:
         81:d7:ff:12:cc:ca:ca:5a:55:15:8d:ca:f9:d3:37:e3:ff:64:
         be:61:e2:4a:7a:c6:50:2d:49:6f:df:0f:e8:5f:7b:ba:ef:40:
         98:17:ec:e6:8e:fb:55:31:ef:b1:31:c0:1b:f7:47:8c:99:77:
         91:af:b8:54:34:59:9c:f1:a7:ab:99:11:b2:8d:ab:db:a1:ae:
         71:c9:f8:04:61:bf:16:06:f6:b6:fa:52:38:c7:32:4a:18:97:
         ca:40:ba:2c:b4:7d:19:05:a0:82:52:e2:80:07:a9:2b:78:d9:
         71:f3:c6:dc:73:2b:b5:f2:c7:cf:69:d0:ba:56:d1:f7:9d:af:
         7e:2f:ce:32
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RDA5QjExMC8GA1UEBRMoMUFGM0M4OUNGMTQ3RjJGRUI1MURBQUU4OTU3REI5OUQz
ODcyNjNCODAeFw0yMzA5MjYxMjUzMThaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1MTJkNDNlLTQ4YjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDaA3InJtm9XH0yycplldFRBvmh0djGFdBQqkv0S28v9R7KIdPeE08IreBciSPM
vsbfK9A/pWoKyXObnBbrcyFbl41LP5/d4IzpjpkCdzNWKjrArgJUDPtD+aSbd2CX
t2Dpjh4tmjddW2t73SxiJkDyjELSL/dVWiKRo5pNgDbOFZJV4bC+sSlZDuS2C2cw
Qta6m2X13zOAaZj6q91D8mMmUmw00XFfZy15pwjzKXefpp3ocWVC8xkMpLOqOp8B
mXuwQHYrWHOGdXOAM7q+zqQ5sCQNBW4upeGiGxz0h+J8aIdc2YJ0fNOcC1u482Jy
Yyo2NNmSb6cmR8eaecVD2t/7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUM6Fv/M4W
iStYDyXB7Xu5iBskdOIwHwYDVR0jBBgwFoAUGvPInPFH8v61HarolX25nThyY7gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFEMDlCLzFFMkZCRUQ0NUM2
NDExRUVBNTlBODIxRUM0RjlBRTAyL0d2UEluUEZIOHY2MUhhcm9sWDI1blRoeVk3
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR3ZQSW5QRkg4djYxSGFyb2xYMjVuVGh5WTdnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RDA5Qi8xRTJGQkVENDVDNjQxMUVFQTU5QTgyMUVDNEY5QUUwMi9BQTI3MUVGODVD
NkIxMUVFQTcwMjY1NzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcHeDANBgkqhkiG9w0BAQsFAAOCAQEAowJn6KxClwykkdbD
ZmWSc7STfi2CdZIElQ5P/87TBh/4fz1gL/syQlg6YJBTpOg1TCMEONwOhCNFOUHS
At4LkqqFK14rYdKMOa0Fgu2P833tx4HZb/7wkVpzp/LxQDIeZs4bZGtRc29X1c5A
3SCT3Hy47OhBTgtNwD6asEA3gdf/EszKylpVFY3K+dM34/9kvmHiSnrGUC1Jb98P
6F97uu9AmBfs5o77VTHvsTHAG/dHjJl3ka+4VDRZnPGnq5kRso2r26Guccn4BGG/
Fgb2tvpSOMcyShiXykC6LLR9GQWgglLigAepK3jZcfPG3HMrtfLHz2nQulbR952v
fi/OMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:37 2024 by rpki-client on console-fra.rpki-client.org