Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/D7F12438736711EEAE303809C4F9AE02.roa
File:                     D7F12438736711EEAE303809C4F9AE02.roa (raw, json)
Hash identifier:          h80Nn57nmP9JcmSXKpNecaQW4thbapI5wt0KqdcjbiE=
Subject key identifier:   BE:C8:59:E0:A9:7A:65:5B:6C:A3:86:08:34:7B:BE:87:C6:69:40:A6
Certificate issuer:       /CN=A91AD09B/serialNumber=1AF3C89CF147F2FEB51DAAE8957DB99D387263B8
Certificate serial:       18
Authority key identifier: 1A:F3:C8:9C:F1:47:F2:FE:B5:1D:AA:E8:95:7D:B9:9D:38:72:63:B8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GvPInPFH8v61HarolX25nThyY7g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/D7F12438736711EEAE303809C4F9AE02.roa
Signing time:             Wed 25 Oct 2023 18:53:54 +0000
ROA not before:           Wed 25 Oct 2023 18:53:54 +0000
ROA not after:            Thu 31 Oct 2024 00:00:00 +0000
asID:                     137453
IP address blocks:        103.7.121.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 30 Oct 2023 17:47:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24 (0x18)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AD09B/serialNumber=1AF3C89CF147F2FEB51DAAE8957DB99D387263B8
        Validity
            Not Before: Oct 25 18:53:54 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=65396441-8fed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:b6:15:35:2f:46:c0:31:ca:74:a6:7e:b9:60:
                    5d:2b:5e:6d:75:69:39:72:8b:8f:96:8e:1f:bd:47:
                    39:5a:3e:8d:96:75:95:e3:a3:c5:f9:52:5b:b7:10:
                    88:69:e6:4d:5f:e5:1b:74:ba:d8:a9:35:7d:b5:b9:
                    2f:29:bf:b1:e8:a1:c5:5d:15:b7:38:c2:f1:41:e5:
                    21:9f:9e:88:3a:be:fb:c5:2c:33:64:94:e8:63:2e:
                    0b:6a:83:49:07:17:25:f5:83:b1:f4:ff:b8:11:10:
                    88:ea:92:48:a5:8b:1c:12:3c:52:44:90:d7:10:48:
                    d1:77:50:39:14:cb:f2:c1:d4:80:37:46:a4:04:4f:
                    d1:da:ff:9f:42:5a:06:7d:e5:1e:22:09:a8:88:ec:
                    3c:3c:dc:4f:fe:0b:b7:3d:5c:c3:3d:6b:f7:22:32:
                    35:9b:0c:10:30:cb:72:c8:2f:da:95:da:dc:d8:b7:
                    c6:36:cf:1e:42:e1:0a:f8:02:c5:ef:6c:cc:cb:dc:
                    ed:25:96:57:67:c3:b0:e4:bc:58:4d:9d:61:cc:1a:
                    e3:15:c7:c2:db:77:0c:67:09:79:57:0b:13:26:8d:
                    50:38:8e:83:16:84:d4:87:a2:16:29:36:29:1b:bd:
                    1c:cd:f2:ea:dc:00:54:ad:be:75:ee:e6:4f:1c:37:
                    0f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:C8:59:E0:A9:7A:65:5B:6C:A3:86:08:34:7B:BE:87:C6:69:40:A6
            X509v3 Authority Key Identifier:
                keyid:1A:F3:C8:9C:F1:47:F2:FE:B5:1D:AA:E8:95:7D:B9:9D:38:72:63:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/GvPInPFH8v61HarolX25nThyY7g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GvPInPFH8v61HarolX25nThyY7g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AD09B/1E2FBED45C6411EEA59A821EC4F9AE02/D7F12438736711EEAE303809C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.7.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:c6:27:e6:ca:77:4c:49:e2:95:f5:a0:0b:81:5b:85:6d:ee:
         93:76:6f:50:34:ff:e9:6b:17:9f:52:48:85:d3:c1:cb:9b:8c:
         ba:a6:f6:7f:1b:49:88:e9:b6:bc:69:89:58:e1:c5:0f:69:1b:
         e4:09:f5:11:6a:f2:a1:68:fa:70:2d:f0:48:12:03:8d:a3:74:
         9b:29:15:dd:90:82:84:78:58:4b:3d:b9:50:2e:11:56:a1:27:
         b7:79:60:54:63:32:71:b1:70:6e:1b:5e:7f:47:a2:ea:19:7e:
         3a:4b:6b:76:ac:ee:2a:1c:68:8d:0d:c4:db:de:d9:ac:74:e0:
         94:52:42:6a:97:91:1f:75:95:c3:db:fb:bf:5f:eb:ee:3b:a3:
         b1:1c:fc:97:fa:68:ff:18:9c:f9:53:b5:9f:eb:ae:18:e9:eb:
         21:74:33:bf:d4:39:6d:d3:d1:3f:8b:be:97:63:6d:cf:d8:ea:
         00:1f:e8:97:8c:fe:81:5f:b1:ed:ec:c1:da:29:63:4a:2e:ce:
         a4:c7:49:a3:fd:75:22:2d:07:8e:92:e9:74:3d:d6:c4:76:1b:
         7b:6f:3b:d9:96:67:3a:16:f8:bf:20:ca:a4:8c:5f:2f:8e:5d:
         ee:4e:0a:4e:4b:ef:49:7f:81:a9:bf:9e:8c:05:da:d4:fd:37:
         51:de:41:91
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBGDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
RDA5QjExMC8GA1UEBRMoMUFGM0M4OUNGMTQ3RjJGRUI1MURBQUU4OTU3REI5OUQz
ODcyNjNCODAeFw0yMzEwMjUxODUzNTRaFw0yNDEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1Mzk2NDQxLThmZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDpthU1L0bAMcp0pn65YF0rXm11aTlyi4+Wjh+9RzlaPo2WdZXjo8X5Ulu3EIhp
5k1f5Rt0utipNX21uS8pv7HoocVdFbc4wvFB5SGfnog6vvvFLDNklOhjLgtqg0kH
FyX1g7H0/7gREIjqkkilixwSPFJEkNcQSNF3UDkUy/LB1IA3RqQET9Ha/59CWgZ9
5R4iCaiI7Dw83E/+C7c9XMM9a/ciMjWbDBAwy3LIL9qV2tzYt8Y2zx5C4Qr4AsXv
bMzL3O0llldnw7DkvFhNnWHMGuMVx8LbdwxnCXlXCxMmjVA4joMWhNSHohYpNikb
vRzN8urcAFStvnXu5k8cNw//AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUvshZ4Kl6
ZVtso4YINHu+h8ZpQKYwHwYDVR0jBBgwFoAUGvPInPFH8v61HarolX25nThyY7gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFEMDlCLzFFMkZCRUQ0NUM2
NDExRUVBNTlBODIxRUM0RjlBRTAyL0d2UEluUEZIOHY2MUhhcm9sWDI1blRoeVk3
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR3ZQSW5QRkg4djYxSGFyb2xYMjVuVGh5WTdnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RDA5Qi8xRTJGQkVENDVDNjQxMUVFQTU5QTgyMUVDNEY5QUUwMi9EN0YxMjQzODcz
NjcxMUVFQUUzMDM4MDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGcHeTANBgkqhkiG9w0BAQsFAAOCAQEAj8Yn5sp3TEnilfWg
C4FbhW3uk3ZvUDT/6WsXn1JIhdPBy5uMuqb2fxtJiOm2vGmJWOHFD2kb5An1EWry
oWj6cC3wSBIDjaN0mykV3ZCChHhYSz25UC4RVqEnt3lgVGMycbFwbhtef0ei6hl+
OktrdqzuKhxojQ3E297ZrHTglFJCapeRH3WVw9v7v1/r7jujsRz8l/po/xic+VO1
n+uuGOnrIXQzv9Q5bdPRP4u+l2Ntz9jqAB/ol4z+gV+x7ezB2iljSi7OpMdJo/11
Ii0HjpLpdD3WxHYbe2872ZZnOhb4vyDKpIxfL45d7k4KTkvvSX+Bqb+ejAXa1P03
Ud5BkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:55 2024 by rpki-client on console-ams.rpki-client.org